Check Point Security Management Reviews

Our use cases are protection infrastructure in a financial corporate environment.

Check Point firewalls meet all the PCI guidelines that regulate players in the financial market.

The support is pretty incredible.

There is room for improvement in reliability. 

I have been using this solution for ten years. I worked from version 840 to 8120.

I would rate the stability a six out of ten.

It is very scalable. I would rate the scalability for this solution a ten out of ten.

I initially took Cisco training for routers, switches, and firewalls. I did actually work up the Cisco firewalls long enough to convert them to Check Point.

The initial setup was complex. But that was really the fault of Check Point just because we deployed it into the Google Cloud environment, and their environment is a little different.

We have security management deployed on-premises and on the cloud.

The pricing is about par for the enterprise-class firewalls.

Palo Alto and Cisco. And the reason for going with this solution was the price.  So, with Cisco, it was priced. We actually checked the overall price of the cost of ownership. When you talk about support costs and everything else, was cheaper than Cisco. And with Palo Alto, also had reliability issues that could not be overcome by their support.

I definitely recommend it, but unless you're fully trained and experienced on Check Point, you should get the better support program. 

Check Point has support rep programs that go all the way up to putting one of their own people in your business to help you. Then, they have support programs. If you're an expert, you just need to be able to download updated files and stuff. They have support programs like that, too. The worst possible situation is if somebody isn't really skilled with the thing and they cheap out on the support program, and they'll just flounder.

Overall, I would rate the solution an eight out of ten.

We use the product as a primary gateway firewall for all offices at different locations. 

We have deployed their high-end firewall UTMs to medium business grade devices 1400 series. They are easy to manage either centrally or as separate devices. We are using them for Network security including firewall rules, NATTing, Web application access, IPSec VPN tunneling between offices and cloud services, user VPN clients for access from home, data encryption, anti-malware/anti-virus solutions, and as network gateway devices for routing and DNS.

We have seen tremendous improvement in the overall security of the organization's IT assets. We performed Pen Tests and External vulnerability audits on our network and we always scored top-rated thanks to Check Point. 

Their management portal and firmware are very stable and don't require frequent maintenance. Their IPSec tunneling is very stable, especially with Azure and AWS networks. 

Access to detailed network logs in real time helps us decide and take prompt action to block/fix threats. 

The most valuable aspects of the solution include:

• IPSec VPN Tunneling: they are easy to configure and offer multiple options to set them up with Cloud services and other vendor firewall products over certificates, shared keys etc.
• DDoS Protection: Firewall cleverly handles such attacks without compromising on performance.
• HA and Clustering: Seamless load management and High Availability between nodes of firewall clusters.
• Firewall Rules: You have access to set up rules at a very granular level and all are accessible through the GUI platform as well as over CMDLET.

We didn't find any major feature missing or lacking in Check Point products that we used. We'd just like them to continue to improve their products with new features and updates. 

We'd like to see more and more integration possibilities between Checkpoint and other vendor security solutions such as Malwarebytes, SIEM solution providers, and standalone vulnerability scanners.

The Check Point SandBlast platform could also be merged with the Check Point GAIA platform for a central management console and easier controls.

I've used the solution for more than ten years.

The solution is very stable compared to peers.

The solution is highly scalable.

Technical support is satisfactory, however, it takes some time to escalate your ticket.

Positive

We did use Sophos and Cisco ASA, however, they were either complicated products to manage or lacked features.

The initial setup wasn't difficult after you attended free platform support sessions by Check Point.

We handled the initial setup in-house.

We evaluated Sophos, Cisco ASA, SonicWall, and FortiGate.

We use the product as a perimeter and core firewall for multiple clients at different locations.

We have physical Smart-1 appliances and virtual appliances in our environment. We merged all of the old managers into these managers and managed to centralize the management of firewalls and see the logs altogether.

We are using management API for large configs, and clear rules, blocking malicious IP addresses with SAM rules, and migrating the VLANs with it.

We have deployed Check Point high-end firewall UTMs to medium business-grade devices with different models. We also have a cloud-based Check Point firewall for one of our clients. It's easy to manage either centrally or as separate devices. We use them for network security including firewall rules, NATTing, Web application access, IPSec VPN tunneling between offices and cloud services, user VPN clients for access from home, data encryption, anti-malware/anti-virus solutions, and as network gateway devices for routing and DNS.

Check Point's management portal and firmware are very stable and don't require frequent maintenance. Their IPSec tunneling is very stable, especially with Azure and AWS networks.

Access to detailed network logs in real time helps us decide and take prompt action to block and fix threats.

Centralized management is great. With this, we manage all of Check Point products from one central management, we can apply rules, and NATS and manage app and URL Policies, threat prevention, and IPS protection rules.

Secondly, centralized log and report management is important. We can distribute logs to our log appliances with centralized management and view logs without logging additional devices.

HA Structure provides good coverage and works fine. With the HA structure, we can manage two data centers as one, and this is helping much.

We can keep old revisions, and with that, we can check or revert to one when needed.

The most valuable aspects of the solution include:

• IPSec VPN Tunneling, 
• DDoS Protection, 
• HÀ and Clustering, 
• Firewall Rules, 
• Proxy support, 
• Revision history
• Detailed audit log, 
• Smart Event
• Filter syntax.

These features are easy to configure and offer multiple options to set them up with cloud services and other vendor firewall products.

We can always feel secure if some things go wrong, I'm sure that we can restore to the old one.

We can apply centralized proxy settings to get additional databases when we need them.

We can get a graphical view of the traffic and provide history when we need it.

We didn't find any major feature missing or lacking in Check Point products that we used. We'd just like them to continue to improve their products with new features and updates.

However, license update and upgrade processes can be made a little easier.

Also, I'd like to see more integration possibilities between Check Point and other vendor security solutions.

The Check Point SandBlast platform could also be merged with the Check Point GAIA platform for a central management console and easier controls.

I have been using Check Point for more than 10 years for different clients.

The solution is highly scalable.

Check Point's knowledge base is very vast and provides lots of information if we need some help. The community is very helpful as well.

Positive

We have multiple clients and use different technologies, so we work on other vendor products also.

We have a professional service team that we work together for setup-related work to Check Point appliances.

We handle the initial setup in-house.

We have multiple clients and use different technologies, so we work on other vendor products also like Cisco ASA, FTD, Palo Alto, FortiGate etc.

Overall I am fully satisfied with Check Point

One of the recent use cases for this solution has been related to a power company, which was facing issues but was able to get its infrastructure secured and get back its business continuity and growth. In addition, its management was able to get back its confidence with solutions or services provided by Check Point.

The client was able to quantify its security elements. As a result, a strong defensive framework was developed. Deployment of Check Point's solution resulted in the evasion of any existing and potential threats.

Check Point is not just a firewall. They deliver everything including IPS, application control, threat emulation and extraction, identity awareness, and more. In line with the quantum security gateways, other elements and services as provided by Check Point have also proven to be very helpful and reliable in keeping the company environment secured. The organization has also gone a great mile to tag itself as a proactive threat elimination expert in the industry viz a viz its competitors.

Harmony Endpoint is one of the great solutions by Check Point; it ensures compliance with policies and minimizes the risk of threats entering through endpoints. 

It's a great complete endpoint security solution that prevents the most imminent threats to the endpoint such as ransomware, phishing, or malware. 

It has proved to be very successful in identifying ransomware behaviors such as file encryption or attempts to compromise operating system backups and safely restore ransomware-encrypted files automatically. 

While the console and administration work well, they have to work on performance since it consumes a lot of CPU and memory. There is also latency in the administrative panel when entering. There has been a problem with updating licenses as well. There is ground-level feedback based on interaction with the relevant stakeholders that states implementing it would make a major difference in the overall experience.

I've used the solution for two years.

The solution has not caused major deviations and the historical experience has been quite good. The stability and reliability of the solution is pretty much appreciated

The overall impression of the scalability is good and impressive.

Technical support has been pretty good.

Positive

I have been involved with a lot of other partners in parallel, depending on the requirements of the customers.

I am not directly involved in the setup and deployment of the product.

The implementation was handled by an in-house team.

I've witnessed an ROI of 25% to 30%.

Users should actively evaluate the existing options available in the market and finalize the one that matches their requirements, budget, and priorities. Check Point can definitely be considered based on my personal experience.

The choice to evaluate would not be my personal decision but the requirement raised by the customers.

We use Check Point Security Management for firewall management.

The solution is easy to use and comes with few vulnerabilities. You don't have to worry about release upgrades. Life cycle management is very easy. 

Check Point Security Management lacks some of the competitor features. 

I have been using the solution for six years. 

Check Point Security Management is stable. 

We have around 4,500 users for the product.  

Check Point Security Management doesn't have good support since it is difficult to get the right person. 

Neutral

The solution is expensive. 

We use the solution mostly for policy pushing to other gateways.

We deployed the tool for a customer. They faced an attack, but Check Point did not allow it. Check Point does not allow unauthorized access to the network. It just sends a message to the person saying they are not authorized to access the network. The exceptions work very well. Most of the attacks go through the web path. The tool does a good job of securing the web path.

We can easily push the policies to any of our gateways. The solution manages the gateways. It works well with other products. It integrates well with Cisco products, too.

The tool is expensive.

I have been using the solution for the last two years.

The tool is very stable. The equipment is never down.

We have more than ten customers.

The support is very good. We get a response immediately whenever we enter a support request on the website. We do not have to wait for one or two hours. The team also offers remote support. The support provided by Check Point is one of the best in the market.

We have most of the products on-premise. We have only one client on a VM. Check Point offers training for their products. They usually send us a link every time they launch a new feature. Unless we go through the tutorials, it will be difficult for us to deploy the solution. However, it is easy to deploy when you know how to do it. It is easy to navigate if we have read about the gadget.

The tool is expensive. However, if we buy Check Point Security Management, we do not have to buy anything else. We get all the features we need in a single solution. We get value for our money.

If we want to troubleshoot, we just have to log in to the SMS. Everything is listed there. We just have to log in to the gateway we have an issue with. We need not go to the server rooms. I see no improvements needed in the product. The other gateways and SD-WAN could be improved. If someone wishes to use the product, they have chosen the best option. It provides security, reliability, and support. Though it is expensive, it is the best. It has all the features we need. The product is absolutely excellent. Overall, I rate the tool a ten out of ten.

The Check Point Security Management is designed with a strong focus on cybersecurity, providing customers with detailed information on attacks and high-visibility threats. This is a major benefit, as it allows customers to stay informed on a daily basis. 

The most valuable feature of Check Point Security Management is the high level of visibility

Check Point could improve by enhancing the networking in their solution in order to align it with the existing network architecture.  

To perform a service cutover, such as migrating from one firewall to another or bringing up a new firewall, it is essential to thoroughly study and understand the customer's network architecture. This is a complex and challenging process that requires careful deployment and configuration. However, once the firewall is successfully connected to the environment, it becomes very robust and provides comprehensive cybersecurity that meets the needs of the customer.

I have been using Check Point Security Management for approximately 10 years.

The solution is stable.

Due to its complexity and the distributed nature of its solution, Check Point Security Management still faces significant challenges in terms of scalability. The networking port weakness previously mentioned also has an impact in this area. In order to address these gaps, enhancements need to be made to the product's scalability. For example, when performing software upgrades, the distributed solution can make even minor upgrades challenging due to the many components involved, such as servers, gateways, and management servers. It is crucial to make improvements in scalability to ensure that Check Point Security Management can meet the needs of customers who may require a larger or more complex solution.

They are selling multiple solutions that need to have their software maintained and their scalability at the same time with the advantage of the centralized consolidated unit, reflects poorly on the scalability. It's not only one solution. There are a lot of factors to consider in order to upgrade or add a new firewall to the lineup.

Their support could improve.

I rate the support from Check Point Security Management a six out of ten.

I have used Fortinet and other competitors.

The solution can be somewhat complex. It can be challenging to use, particularly during deployment. This is due to its use of distributed deployment, which requires the purchase of several components including security gateways, SMS servers, and a management server. While this may seem complex, the benefit is greater visibility.

The solution is expensive and there is an annual license.

Top companies in the firewall and software market include Check Point, which recently entered the hardware manufacturing sector. However, this move did not significantly impact its market share as other competitors were already offering more powerful hardware. As a result, the product became more complex, requiring separate handling of hardware and firewall components within the product. This adds additional layers, including network settings, connectivity, and firewall, which can make deployment and configuration more challenging for network engineers. Despite these challenges, Check Point is known for its stability and advanced threat prevention techniques, making it a valuable choice for cybersecurity.

We recommend smaller businesses explore alternative security partners, such as Fortineteen. Fortinet offers an affordable solution with all the necessary security features that customers need, making it a cost-effective option. For larger-sized companies we recommend Check Point Security Management to have visibility of their infrastructure.

I rate Check Point Security Management a seven out of ten.

When having multiple branches, there is the need to be able to manage several branches centrally to meet internal and external regulatory standards that become part of important criteria to manage security. 

Due to the number of branches that we must protect and safeguard, we were looking for a solution that would allow us to centralize simple and fast management that is as scalable as possible.

The Check Point R80 service has allowed us to unify and centralize the security policy. This makes us faster and more flexible when making a change in any of our branches. It's one of the friendliest services that can be managed and remains important in nature to our bottom line. It allows all administrators to understand and manage the communication between different sites, for example. Additionally, we have integrated these features with others that could also be used as security measures or MFA services.

One of the most important features, and one that I see as having organizational value, is the ability to enable services or communications that can be integrated with third parties. We can add additional layers of security to logins or configuration startups that we did not have before. 

It provides for capabilities and has allowed us to be more scalable. We now have greater management flexibility and the possibility to configure and connect to different branches. It has given us better centralization with greater features and security benefits.

In the future, I would like the platform to be able to integrate or manage appliances or third-party equipment. That would give us a management solution that is able to adapt to the technological changes that we have today. 

Maybe we could see if the brand or the services become commercial allies of other brands. I know that it is something that is requested a lot, however, better integration could be beneficial for the market and for users when purchasing a service in the market.

I've used the solution for three years.