Check Point Remote Access VPN Reviews

I like the fact that Remote Access allows the administrator to control and manage things. It makes things smoother, and it has been an excellent experience. 

We started with 50 users, but our numbers are increasing. Now it's difficult for us to maintain a steady internet connection and remote access, so we want to upgrade. We are considering a switch to FortiGate. I think they may have better service than Check Point offers. 

Scalability is where we're having problems now. Generally, Check Point has been working fine, but we need something that can accommodate many users and provide a steadier internet connection. Our remote users need to access the VPN without any issues. Of course, this could also have something to do with our internet connection at the organization.

We've been using Check Point to manage sites we need to block. It gives us the option to totally disable things, but it does not let the administrator create exceptions to allow specific users to access certain websites. Check Point could enable the administrator to permit users to access particular sites. I think the VPN we're using may have exceeded its lifespan. For example, if you check Instagram on Check Point, you might not even see it showing up, and it's difficult to restrict access to specific applications. 

We started using Remote Access VPN sometime in the past five years.

The connection has gotten less smooth as the number of users increases. The issue is that the logs fill up quickly. Too many users are connecting remotely. It worked great when we only had a few remote connections. Now, it is disconnecting people and dropping the internet connection.

It fills the logs and cuts off our connection when it gets full. It stops working. It's time-consuming to reset the device and reload the backups. It takes us about two hours because we would need to reconfigure those routes and integrate them with the IP addresses we have set up.

The setup was straightforward. Everything was populated on Check Point, so it was easy to select what we wouldn't allow. We deployed on-premise because we have the space and infrastructure to support it. 

The deployment didn't take long. Two IT people are responsible for the deployment and maintenance. The online documentation will walk you through the process. When you do a manual reset by pressing the button, it guides you through the setup process. You only need to follow the steps. 

After that, we import our backup file, and it populates. Next, we run the updates and check we forgot to configure anything else. Some backups are older and might not align with what we have running on the ground. 

I haven't seen an ROI.

The cost varies. I believe the price ranges roughly from about 3000 to 4,000 ZWD. I don't think it gets any lower than that. The initial cost is high because you need to buy the hardware, and you incur some setup costs, but the expense drops in the long run.

So far, I have not tried any other solutions. I'm doing the research now. I'm still shopping around, trying to understand what's on the market before deciding.

I rate Check Point Remote Access VPN eight out of 10. Aside from our current performance issues, it was smooth and flawless. I'm still shopping around. I was content with Check Point, but I want to see what's out there. I'm interested in knowing more about other available solutions. My primary goal is to avoid going through this process again two years from now. I'm hoping the next product will be a long-term solution, and it will be a while before we consider upgrading to something different.

We came to need a solution that would allow us to connect quickly and easily from our homes or from anywhere, and it was at this point that we integrated and enabled the Check Point Remote Access VPN. With it, our employees could log in from anywhere at any time. 

This solution allowed them to have the same experience that they had in the office, and they could access all the resources that were necessary for their work. 

This solution helped us mainly with the shift to remote work. Before the pandemic, everyone worked from the office. Today, more employees have become digital nomads. 

In terms of infrastructure, we can say that we have benefited since employees are happier being able to work from home. They make better use of their time and have become more productive. 

In the case of the organization, the impact is in being able to have to rent fewer square meters. This helps with annual returns since those operating costs have been reduced.

Everyone has told me that it is simple and easy to use. 

One of the most outstanding features is the ability to deliver third-party services and achieve double authenticity with integrated identities. We have SSO (Single Sign-On). It is a 'unified' or 'single authentication' which can be integrated to improve security in startup services. This is an advantage due to the fact that you can use the integrated services or the third-party services that you already have, and you will not incur more costs. 

I would like this service to be easier to manage when you integrate it with third parties. 

Although it is complex to configure, I cannot complain that it is complete and it is worth being able to use and integrate it. However, any administrator would welcome any changes that made configuration simpler. 

We would like the ability to perform remote access with the VPN in the future with any type of device. Lately, Android applications tend to have more errors. I hope that this will be solved in the future. 

I've used the solution for one year.

The solution is primarily used for secure access for remote users. It's deployed as a SaaS over the cloud. 

The solution offers great security features, including zero-day protection, malware protection, anti-phishing, et cetera.

If you are new to deploying the solution, the initial setup might be difficult the first time around. I had trouble setting the policies and then resetting the device. 

I joined my company eight or nine months ago and have been dealing with the solution since then.

I don't have much information on the stability aspect of the product. I haven't spoken to customers about their experience. 

I haven't discussed scalability with customers to get their take on how easy it is. 

We haven't referred to the technical support of Check Point just yet. We did have a replacement engineer assist us in deployment, and they handled it quite well. 

Positive

There was complexity in the initial setup. With one client, once we installed it and then tried to set the policies, the firewall was not responding very well. I was doing it for the first time, so we were unable to do it. The customer was not pleased with that, so we had to send another engineer to deploy that device. That's not to say it's overly hard - it was just my first attempt at an installation.

We had three engineers handling the initial setup. We deployed it over two days. 

I'm hoping that the next time I'm deploying it, it should be done perfectly, without any support from any other engineer.

We do the implementation for our clients. 

I'm not aware of the exact licensing costs associated with the product. 

We are in the business of selling firewalls. We're resellers and Check Point partners. 

I personally have sold just the Check Point solution to only one customer. We are also selling data storage solutions, data backup, and cyber security solutions.

We are dealing with the latest version of the solution.

The solution is available both on-premises and in the cloud. 

I'd rate the solution nine out of ten. I'd recommend it to other users and companies. 

Check Point Remote Access VPN is used to allow our employees to use the corporate resources or remote access to the corporation and lightweight on resources.

The most important feature of Check Point Remote Access VPN is the multiple factor authentication.

Sometimes we have some small problems with Check Point Remote Access VPN. For example, problems with authentication.

I have been using Check Point Remote Access VPN for approximately three years.

We have approximately 1,000 users using this solution. We do not have plans to increase usage at this time.

The initial setup of Check Point Remote Access VPN is simple. The deployment took us approximately two weeks.

Check Point Remote Access VPN is not expensive and the cost is annual.

I rate Check Point Remote Access VPN a nine out of ten.

Since SARS-COV2, most users went to work from their home office, so we needed to have an robust, secure, and stable VPN connection. We implemented Check Point VPN and we have had no problems with it. We are almost 50 users working from home securely. Also, the access rules based on VLANs have helped many users get access depending on which connection they have. For example, some users with VPN connections can only access some specific servers and ports, however, when they are on an internal LAN, they have access to the entire network.

We have more control over the activity that users have on the internal network, thanks to the monitoring offered by Check Point and the security provided by the gateway. 

I'm the IT manager for the company, and my work has been improved due to the fact that, in conjunction with VPN, we implemented the Endpoint Security client so we can manage our client's computers even if they are not physically in the office. When we need to remove some users from a VPN connection we just need to lock the account and use the assets console to disable the feature from the client's computer.

The combination of the user accounts for the VPN with the access rules provided by the security gateway gives you more control and specificity about who has access to what. For external users, we can offer a solution based on the internet needs and we are able to share information on a secure channel. We can specifically point to the desired resources in the organization without the need to install any additional software on external client machines.

It needs to improve the capability of the Secure browser VPN connections. Some in-house applications didn't work due to the use of JScript and the backend and front end technology for the applications. In the case of URL translation of the VPN Web portal, the requests made from the front end to the back end weren't valid (due to the use of dynamic subdomains). In the case of host translations, the request was made to the same host, however, we cannot specify the ports, which, in our case, are used to redirect to different servers.

I've used the solution for over two years.

It's very stable, however, I recommend some scheduled restarts for cleaning connections and processes.

It is very easy to manage the solution and also the integration.

I have had a good experience with the support tickets that I have dealt with.

Positive

Previous to Check Point, we didn't have any gateway security.

The initial setup was a little complex as it was the first time working with Check Point.

The implementation was handled by an in-house team.

We expect that investments is recovered in two years.

The pricing is fair and the support team is good.

We were evaluating Fortinet as well.

Check Point is very reliable and secure.

Our company works in the area of developing and delivering online gambling platforms. The Check Point Next-Generation Firewalls are the core security solution we use for the protection of our DataCenter environment, located in Asia (Taiwan).

In addition, there are about 30 Google Cloud projects of different sizes ranging from 10 to 250 virtual machines, and they are used for development, staging, production, etc. For every project, there is one dedicated scalable instance group of the Check Point CloudGuard IaaS gateways.

We user the Check Point Remote Access VPN to provide access for our employees to connect to the specified environments.

We use the Check Point Endpoint Remote Access VPN client to allow our remote employees to connect to our company's offices in a secure and reliable way.

We use the clients for Windows and macOS, with the current software version E82.30. The Endpoint Remote Access VPN clients are fully compatible with the Check Point NGFWs Mobile Access VPN blade, and there are no problems connecting to it.

The clients have additional functions, like Firewall and Compliance blades, which we consider as a strong benefit for using the pure clients.

Several remote sites are supported in the client configuration, which allows us to have the redundancy for the case when one of the Offices becomes unavailable due to ISP problems.

1. It is easy to install the Endpoint Remote Access VPN client to different platforms. Within the company, we use it for Windows and macOS.
   
2. Built-in, centrally-managed Firewall blade, which allows filtering traffic on the client-side.
3. Built-in, centrally-managed Compliance blade. We check the client OS on the presence of the latest security updates and that the corporate antivirus software is up and running, and do not allow the client to connect to the office site in the case where these rules are not satisfied. That prevents the infected computers from connecting to the company's location and spreading the threats.
4. Stable VPN connection.

1. The Compliance software blade is available only for the Windows operating systems family, so no macOS security checks are implemented and performed. This is valid for at least software version E82.30, which we currently use.
2. In addition, there is no full client of the Check Point Remote Access VPN available for the Linux operating systems families. That is important since some of our administrators prefer to use this OS even on their home PCs. We hope that Check Point would develop a client for Linux in the future.

I have been using the Check Point Remote Access VPN for about two years.

The Check Point Remote Access VPN clients are stable on both Windows and macOS.

The Gateway side part of the software scales well.

We have had several support cases opened, but none of them were connected with the Check Point Remote Access VPN. Some of the issues were resolved by installing the latest recommended JumoHotfix, whereas some required additional configuration at the OS kernel level.

Prior to this product, we didn't use any centralized VPN software before.

The setup was straightforward and simple.

Our deployment was completed by our in-house team. We have a Check Point Certified engineer working in the engineering team.

We did not evaluate other options because we already use the products from the CheckPoint ecosystem.

The Check Point Endpoint Remote Access VPN for MacOs and Windows are reliable solutions for remote access VPN, and fully compatible with the Check Point security ecosystem.

The primary use case of this solution is to connect to our internal network for accessing servers and clusters using Check Point VPN. End-users are, for example, students accessing computer labs and licensed software that can check academic licenses only within the campus network; further, our ERP folks could make good use of the VPN solution by remotely working on the Institute Management System infrastructure and can work efficiently without any hindrance. We also use its capsule app on smartphones to connect further.

Using Check Point Remote Access VPN has increased the overall productivity for users staying outside the campus and working remotely during this Covid-19 period. Faculty, students, staff, and research fellows as well as a lot of other eligible users have been benefited by securing the VPN license in order to run login remotely and access the project workstations, clusters, run simulations and submit their research work for the final thesis defense. It also allows for publishing in high-impact factor journals.

Once we install and connect the VPN service, it keeps on running until we disconnect. Moreover, the best outcome is when the end-users are able to check out software licenses through the tunnel and keep on working remotely from their home without any interruption. 

The VPN service works seamlessly in Windows and Mac. Only in the case of Linux or Ubuntu have we had to struggle a bit by understanding the SNX Batch file to get installed and run it. Moreover, in Windows and Apple systems the app is running on the system tray whereas in Linux we have to keep the Terminal Window Open.

The Linux version may have an app (similar to Windows) instead of a shell script. We have seen that in Windows and Apple systems the app is running on the system tray whereas in Linux we have to keep the Linux Terminal Window open otherwise the connection drops. Sometimes, we have noticed that the owing to installation of various antivirus and running of inbuilt firewalls (applicable to all operating systems); the connection for VPN sporadically drops and tries to reconnect. When this happens, we have to manually either disable the firewall/antivirus or reconnect the VPN again.

We've used the solution since 2015 or 2016.

We were using Cyberoam.

Users must pursue Proof of Concept as the functional requirements can vary.

We also looked into Palo Alto and Fortinet.

In our environment, we have many users working remotely. It's important to control the flow of traffic coming and going to these remote employees, and isolate traffic when used for business purposes. We have to allow our remote users to access services from home as though they were in the office. However, at the same time, we need to control that traffic and make sure it conforms to our policy. Our environment is complex and requires advanced policies to look at traffic in very unique ways from different users. Check Point's policy management has allowed us to do that.

At the beginning of the pandemic, everyone rushed to get their employees working from home. Luckily for us, we already had a strong structure around how remote access would work and had it set up for many employees. 

With the groundwork in place, the transition to remote work was made easy by simply adjusting the policy (configuration). In part, this is because we were already prepared for a remote workforce, and that preparation came from within our organization, however, if it weren't for Check Point enabling us to adjust rapidly, then it would not have been an easy transition.

The unified platform view is great. Being able to manage NGFW alongside our Remote Access Policies allows us to control traffic in one way. Be it if our users are at home or in the office the same policy applies to them allowing us to have one corporate view on the traffic within our organization.

Being able to integrate the policy with things like Active Directory groups, Azure cloud objects, RADIUS integration, and load balancing capabilities is wonderful. All of these things are built into their NGFW policy which we leverage to implement on our Remote Access policy.

The ability to allow split-tunneling while still following our corporate policy needs to be on the table. Right now, in order to allow the same policy to apply, the users' traffic must be routed up to our NGFW before going out to the internet. Having a method to apply the same policy to the client for outbound traffic while connected to the VPN would be huge.

Some things like the compliance aspect of the VPN Client can be updated to bring it a little more modern. It's very useful for checking things like Windows Updates levels before connecting, however, it could use a facelift since it's still quite old-looking.

I've been managing Check Point's Remote Access VPN for five years at my current employment, and had used it before at a previous employer.

The solution has been solid for me for over five years.

I get the impression this could scale up to whatever you need. Scaling issues might only be moving to clustered resources and setting up load balancing on gateways. Once you get big enough you should be able to scale up to your needs.

Support has been great 98% of the time. There's always one bad experience, yet, overall I wouldn't rate them based on that. If they need to get their experts online to help solve a problem, they have plenty and are willing to work through really deep subjects. I never worry with their support.

Positive

At our organization, we did not use another solution before this. That said, I have used other products in the past. It's been many years, so I'm sure those other vendors have had time to update their products too, however, since I've been managing Remote Access with Check Point, I've always been really impressed.

Setting up the VPN Clients is simple once you've already got the gateway in place. If you have to setup the Gateway, it will take a bit of knowledge and expertise.

Our in-house team set it up. That said, I have been working with network devices for a long time.

ROI on the VPN User license itself returns within a couple of months of you using it. However, if you have to make the investment into buying gateways for the product, then the ROI could be one year (if your whole organization is working from home), or up to three years if you barely use it.

You need to be an NGFW customer already. Otherwise, you'll need to purchase the gateways in order to terminate the VPN. That much should be obvious to anyone. Once you have the gateway in place, there is a VPN User license you need to purchase, however, it is very minimal in cost compared to other infrastructure.

We inherited the Check Point when we took over. Then, when the topic of remote access came up, it made sense to use what we had and just buy additional licensing rather than buy a whole new product.

Check Point products are typically not cheap, however, I've found it's often due to the fact that you can do a lot with it. 

I recommend Check Point products to anyone who is going to have the time and expertise to administer them. You're going to be able to do what you want to do, engineer a design that works for you. If you want to just plug it in and forget about it, then this might not be the product for you. That said, for those who do just want to plug something in and forget about it, I warn you to be cautious. When it comes to Remote Access, you don't want to ignore this. You want to be looking at it and you want to monitor it, otherwise attackers will take advantage of that weakness. This is where Check Point allows you to monitor the edge, while granularly controlling it.