We just raised a $30M Series A: Read our story

Check Point Security Management OverviewUNIXBusinessApplication

Check Point Security Management is the #5 ranked solution in our list of Log Management Software. It is most often compared to Fortinet FortiAnalyzer: Check Point Security Management vs Fortinet FortiAnalyzer

What is Check Point Security Management?

R80.30 Cyber Security Management features centralized management control across all networks and cloud environments, increasing operational efficiency and lowering the complexity of managing your security. Learn more about Security Management.

Check Point Security Management is also known as R80.10, R80, R77.30, R77, Check Point R80.10 Security Management, R80 Security Management.

Check Point Security Management Buyer's Guide

Download the Check Point Security Management Buyer's Guide including reviews and more. Updated: October 2021

Check Point Security Management Customers

Hedgetec, Geiger

Check Point Security Management Video

Check Point Security Management Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
ITCS user
Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees
Real User
Top 5Leaderboard
Helps our security team create policies in a centralized way

Pros and Cons

  • "The features we like and find the most valuable are the ways we can manage the policy, create objects, and drag and drop objects in our daily operation. It makes our daily operation on the firewall management much easier than going, for example, to one firewall, then going to the other."
  • "The migration from R77 Manager to R80 is a major upgrade. It's not very easy to do. There should be some kind of Wizard for a direct upgrade from the R77 to the R80. There should be an easy way for the customers to do the upgrade."

What is our primary use case?

Our primary use case is to have a centralized server to manage all of our Check Point firewalls, which are around 30 clusters of firewalls. We also use it to have a place where we can see, call, and centralize the logs.

How has it helped my organization?

Every day we have new projects and new applications that need to be delivered. We need to open flows on the firewall from one point to the other. Check Point helps our security team to create the policies in a centralized way, where we can even copy policies from one firewall to the other.

It saves us a lot of time, and it's very easy to use. We can clone objects and drag and drop. It's much easier than a few years ago where we used to have Cisco firewalls and we needed to do it on the command line. Check Point is much easier. We can very quickly place trainees to work in policy creation.

What is most valuable?

The features we like and find the most valuable are the ways we can manage the policy, create objects, and drag and drop objects in our daily operation. It makes our daily operation on the firewall management much easier than going, for example, to one firewall, then going to the other. We have a centralized point of managing the firewall in terms of firewall policy and in terms of threat prevention policy where we can easily review the antivirus policy. It has a good description of which protection we are applying to the IPS on the antivirus. It's very clear and easy to use.

The SmartConsole chooses which application communicates with the manager and allows us to create the policies and also look at the log of the traffic that is crossing all the firewalls. We can manage and also see the logs of what is happening on the firewalls.

What needs improvement?

I would like for Check Point to add some features like the Smart Monitor on the R77 that are available on the SmartConsole of the R80. Now, we need to open a different application to have access to it. There are some applications that worked in the past but were not too integrated with a new application that communicates with the manager. There are some applications that should be integrated into the SmartConsole. I don't know if they will be, but everything should be on the SmartConsole and we shouldn't need to open another application.

The migration from R77 Manager to R80 is a major upgrade. It's not very easy to do. There should be some kind of Wizard for a direct upgrade from the R77 to the R80. There should be an easy way for the customers to do the upgrade.

For how long have I used the solution?

We have been using Check Point Security Management for three years. 

What do I think about the stability of the solution?

It has been very stable. We don't have many complaints about stability. Once every three months or so, there are some processes on the management server that we get stuck on and we need to restart the services. After we restart, we get back to normal.

What do I think about the scalability of the solution?

It's very scalable for our use case. We have two security managers. We have one primary and one backup to manage all of our firewall infrastructure, and we have no problem with it. We always have a new firewall. 

There are around eight people who work with this solution in my company. They're network engineers. 

My colleague and I are responsible for the maintenance. 

We have a 100% adoption rate for all of the Check Point Firewalls. We all use this manager to manage the Check Point infrastructure.

How are customer service and technical support?

We don't have any issues with support. The support is very good, especially if you work with the Israel group, but on this specific product, as this is a core product of Check Point, I would say all of the groups work fairly well.

Which solution did I use previously and why did I switch?

We also have experience with Fortinet but it's like comparing apples to oranges. 

How was the initial setup?

The initial migration from R77 to the R80 was a bit complex. We had the help of a third-party company for the migration phase. We needed to export from the old manager and import it to the new one. There were some modifications we needed to do. It's not very straightforward. They had more experience in those kinds of migrations. 

We have already done some upgrades and they are very easy and straightforward. For this migration, we needed to prepare the servers side by side to the old one, and we needed to do the initial configuration. It took like at least one week to prepare and to migrate it that way.

What was our ROI?

We do see ROI because we save a lot of time and we can have new team members working with the firewall very quickly. We save at least eight hours a week.

What's my experience with pricing, setup cost, and licensing?

The pricing is in line with its competition, like Fortinet. 

Sometimes applying licensing in products gets a bit messy. We will apply for a license on the manager, specifically for the firewall, but you still see the firewall complaining it doesn't have any rights. In this case, we need vendor support to fix this kind of situation.

We need to devise whether we need to have remote sessions with regard to why the firewall is complaining. There must be some kind of protection for the people not to flip licenses that they shouldn't. Sometimes when you buy a new firewall, the licensing is not straightforward to apply. After we fix it, we never have issues again.

What other advice do I have?

This solution is overall our favorite Check Point product. It's a product that you need to have if you have a Check Point Firewall. If you have a Check Point Firewall, you need to have to Check Point Security Management. You cannot manage the firewalls directly, you need to have the manager.

I think it's the best product Check Point has and is the one that makes the difference. When you compare it to, for example, Fortinet, which has a manager that is web-based, it's not as easy to use and easy to drag and drop objects. The way to see the logs is not as good. It works better than web-based FortiManager, for example.

Palo Alto is also web-based, but me and my team, all of us prefer the SmartConsole over the way we have to manage FortiGate. It's very easy to search for rules on the policy, Check Point is much easier than the competition.

The competitors work well but Check Point works better.

If you refresh the page, you will lose what you did. Even the screen resolution is dependent on the browser. Drag and drop is not as good as with Check Point. It's by far the best product we have to manage firewalls. I think the thing that makes the difference on the other Check Point firewalls.

My advice would be to try the SmartConsole before deciding if you want to go ahead with buying Check Point Firewalls and the manager. You can install the application in any Windows, computer, or Windows server and try the SmartConsole in demo mode.

I would rate Check Point Security Management a nine out of ten. 

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
CM
Senior Infrastructure Services Specialist at St.George Bank Limited
User
Top 10
Easy to set up with great support and good central management

Pros and Cons

  • "The solution is ideal for use and deployment in a large infrastructure environment."
  • "If the SmartView monitor can be integrated in the R80.40 and R81 versions, that would be ideal in understanding the trends and graphs of how traffic is observed hitting the different Check Point Firewall Gateways that the Security Management controls."

What is our primary use case?

As part of the Bank's Network Security Infrastructure team, it is our responsibility to manage different security products and devices that lay the foundation of the Bank's Security infrastructure network. Part of that responsibility also includes the implementation and policy update request arising from different business and support teams to make sure that application services comply with the security standards to protect all services of the bank and maintain reliability of the services across environment.

With a centralized Check Point Security Management solution, it makes it easier for our day-to-day operations to manage all Security Gateway Firewalls across the bank.

How has it helped my organization?

The Check Point Security Management has improved the management of all our Security Check Point Gateway Firewalls across the bank. 

With Security Management we are able to simplify our response and support for all our security network devices, which, compared to other products that need to be managed individually, the Check Point solution is far better and less daunting. 

The Security Management also includes the management of logs that is far more efficient, as it provides all the needed information required to investigate and understand how the gateways are accepting or blocking traffic from the gateways.

What is most valuable?

The Main Domain Log Management Server is what I find to be the most valuable feature for the Security Management of our environment. 

With the Main Domain Log Management Server, support teams are able to check and verify the information required in order to determine if any traffic is getting blocked or denied due to specific policy rule implementation, or even identify any traffic getting spoof or any other related events on the gateways. 

It has a central management log server that helps us to easily identify faults and issues in the environment, especially during outages and incidents during the implementation of policy rules.

What needs improvement?

It would be great if the SmartView Monitor could become integrated into the SmartView Console Platform. As it stands, performing a smart view monitor will still open the old R77 SmartView monitor session, which is a bit flaky and slow. If the SmartView monitor can be integrated in the R80.40 and R81 versions, that would be ideal in understanding the trends and graphs of how traffic is observed hitting the different Check Point Firewall Gateways that the Security Management controls. It will also help support teams to identify capacity limitations and have a foresight of what's happening in the environment at any given point in time.

For how long have I used the solution?

I've been using the solution for 4 Years.

What do I think about the stability of the solution?

The solution is ideal for use and deployment in a large infrastructure environment.

What do I think about the scalability of the solution?

The solution is very efficient. You can add more gateways in the environment and manage on the same management server as it has a centralized design.

How are customer service and technical support?

We have diamond support and they are very helpful and detailed during explanations for any issues we are facing. The diamond support that we get definitely provides full life cycle support. It brings reliability to the product when you have great support from Check Point.

Which solution did I use previously and why did I switch?

At the moment, we have a co-existing infrastructure with other security network devices, and we can definitely see the benefit of having the Check Point Security Management application in our infrastructure.

How was the initial setup?

The setup was straightforward as the SmartConsole associated with the Security Management is GUI-friendly and anyone can easily access and manage it.

What about the implementation team?

One of the Professional Service members we work with is very attentive to detail and ready to support our team during difficult times - including the implementation and consultation of the Check Point Products. The professional service on offer is really great as you do not often get someone from a vendor that knows the inside and out of the product dedicated to your own infrastructure.

What's my experience with pricing, setup cost, and licensing?

I would advise others that it's definitely a great investment to have Security Management across your infrastructure.

Which other solutions did I evaluate?

We have other options with other vendors such as Juniper, with their Security Director, and JSpace, but nothing can compare with how the Check Point Security Management performs.

What other advice do I have?

If you have a manageable security infrastructure, the cost, pricing, or licensing will be far outweighed by the reliability and stability of how a properly managed environment is.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Learn what your peers think about Check Point Security Management. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
542,029 professionals have used our research since 2012.
CM
Senior Infrastructure Services Specialist at St.George Bank Limited
User
Top 10
Great for security monitoring with easy central management and good scalability

Pros and Cons

  • "It has a central management log server that helps us to easily identify faults and issues in the environment, especially during outages and incidents during the implementation of policy rules."
  • "It would be great if the SmartView Monitor could become integrated into the SmartView Console Platform."

What is our primary use case?

As part of the Bank's Network Security Infrastructure team, it is our responsibility to manage different security products and devices that lay the foundation of the Bank's Security Infrastructure Network. Part of that responsibility also includes the implementation and policy update requests arising from different business and support teams to make sure that application services comply with the security standards to protect all services of the bank and maintain the reliability of the services across an environment.

With a centralized Check Point Security Management solution, it makes it easier for our day-to-day operations to manage all Security Gateway Firewalls across the bank. 

How has it helped my organization?

The Check Point Security Management has improved the management of all our Security Check Point Gateway Firewalls across the bank. 

With Security Management we are able to simplify our response and support for all our security network devices, which, compared to other products that need to be managed individually, the Check Point solution is far better and less daunting. 

The Security Management also includes the management of logs far that are more efficient, as it provides all the needed information required to investigate and understand how the gateways are accepting or blocking traffic. 

What is most valuable?

The Main Domain Log Management Server is what I find to be the most valuable feature for the Security Management of our environment. With the Main Domain Log Management Server, support teams are able to check and verify the information required to determine if any traffic is getting blocked or denied due to specific policy rule implementation. It can even identify any traffic getting spoofed or any other related events on the gateways. It has a central management log server that helps us to easily identify faults and issues in the environment, especially during outages and incidents during the implementation of policy rules.

What needs improvement?

It would be great if the SmartView Monitor could become integrated into the SmartView Console Platform. As it stands, it will still open the old R77 SmartView monitor session, which is a bit flaky and slow. If the SmartView monitor could be integrated into the R80.40 and R81 versions, that would be great. It would help us in unpacking the trends and graphs and see how traffic is observed when hitting the different Check Point Firewall Gateways that the Security Management controls. It will help support teams to identify capacity limitations and have oversight into what's happening in the environment at any given point in time.

For how long have I used the solution?

I've been using the solution for one year.

What do I think about the stability of the solution?

The solution is very stable and manageable as there's a centralized management server that takes care of the rest of the Check Point Gateways across our infrastructure.

What do I think about the scalability of the solution?

The solution is very scalable since you can increase the number of gateways in your infrastructure and still manage them in just one centralized SmartView Console.

How are customer service and technical support?

The technical support team is very knowledgeable and supportive of all our issues and incidents in the bank. Their expertise and reliability are what bring the products of Check Point under complete lifecycle support, which aims to maintain our infrastructure reliability and stability.

Which solution did I use previously and why did I switch?

At the moment, we have a co-existing infrastructure with other security network devices, and we can definitely see the benefit of having the Check Point Security Management application in our infrastructure.

How was the initial setup?

The setup and operational management of Security Management is very easy. This helps us to train people quickly in terms of managing our bank infrastructure in order to maintain reliability and stability in the network.

What about the implementation team?

We have a professional service provider that implements the solution and he is very knowledgeable in terms of his expertise of the product. I would rate our professional service provider to be a 9 out of 10.

What's my experience with pricing, setup cost, and licensing?

I would advise others that it's definitely a great investment to have. It's great to have Security Management across your infrastructure. 

Which other solutions did I evaluate?

We have other options with other vendors such as Juniper, with their Security Director, and JSpace, but nothing can compare with how Check Point Security Management performs.

What other advice do I have?

If you have a manageable security infrastructure, the cost, pricing, or licensing will be far outweighed by the reliability and stability. It's great in terms of what a properly managed environment can bring.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Oleg P.
Senior Network and Security Engineer at a computer software company with 201-500 employees
Real User
Top 5
Everything is configured in one place in the unified SmartConsole, which helps me save working time

Pros and Cons

  • "As the security administrator, who is responsible for the day-to-day tasks (e.g. creating new firewall rules, monitoring the security alerts and incidents etc.) and the maintenance (e.g. installing the new Jumbo Hotfixes), I find the Check Point Security Management R80.10 to be the great solution."
  • "I like that the Compliance software blade is available for free with the Security Management server purchase, but it is free for only one year - after that you have to buy an additional license to continue using it. I think such an important feature is vital for the management server, and should not be licensed separately."

What is our primary use case?

Our company works in developing and delivering online gambling platforms. The Check Point Gateways are the core security solution we use to protect our DataCenter environment located in Asia (Taiwan). The environment has about ~50 physical servers as virtualization hosts, and we have two Check Point HA Clusters consist of 2x5400 hardware appliances, managed by an OpenServer Security Management server on a Virtual Machine (KVM), all running on R80.10 with the latest Jumbo Hotfix Accumulators installed (Take 275). The Security Management server has the following blades activated - Network Policy Management, Logging & Status, User Directory, Compliance, SmartEvent Server, Provisioning.

How has it helped my organization?

The overall security of the environment has been greatly improved by the Check Point solution. Before implementing that, we have to rely on the Cisco ACLs and Zone-Based firewall that we had configured on the switches and routers, which in fact was just a simple stateful firewall, and all the devices had to be managed locally via SSH. Now, with the Check Point Security Management server in place, we have a central endpoint to manage all the security aspects for the environment - the SmartConsole. That helped to decrease the management overhead, as well as to improve the usability and feasibility of the security.

What is most valuable?

As the security administrator, who is responsible for the day-to-day tasks (e.g. creating new firewall rules, monitoring the security alerts and incidents etc.) and the maintenance (e.g. installing the new Jumbo Hotfixes), I find the Check Point Security Management R80.10 to be the great solution. 

Now everything is configured in one place - the unified SmartConsole, which helps me in saving the working time and not jumping from one console or dashboard to another constantly. The interface is cozy and modern. I especially like built-in searching capabilities - you may not just find the objects, but also see where exactly it is used across the whole security policy. Also, now the latest logs may be seen in the security policy as well, per matched rule. 

What needs improvement?

I like that the Compliance software blade is available for free with the Security Management server purchase, but it is free for only one year - after that, you have to buy an additional license to continue using it. I think such an important feature is vital for the management server, and should not be licensed separately. 

Also, the SmartConsole application used for management is currently available only for Microsoft Windows OSes. I think many administrators use macOS and Linux, so it would be nice to have native apps for these platforms as well.

For how long have I used the solution?

My current company has been using the Check Point Security Management for about three years, starting late 2017.

What do I think about the stability of the solution?

The Check Point Security Management server version R80.10 we use is stable and mature solution.

What do I think about the scalability of the solution?

One virtual machine we use for the Security Management is enough for managing 2 clusters, and there is a huge "space" if we decide to scale the DataCenter up.

How are customer service and technical support?

We have had several support cases opened with the Check Point, but none of them was connected with the Security Management. In. general, I think some cases took to long to be resolved by the Check Point support team - up to one month.

Which solution did I use previously and why did I switch?

We used local ACLs and Zone-Based firewall on Cisco switches and routers, that's incompatible with the centralized management solution like Check Point Security Management.

How was the initial setup?

The setup was straightforward, and the configuration part was easy and understandable - we didn't use any consulting services for that.

What about the implementation team?

The solution has been implemented by in-house team, since we have the Check Point Certified engineer among the technical team.

What's my experience with pricing, setup cost, and licensing?

The Check Point solutions in general are not cheap, so your company should have a dedicated budget for security.

Which other solutions did I evaluate?

We didn't evaluate other vendors.

What other advice do I have?

There's a demo of the Security Management available for free - just download and install the SmartConsole application, and you could see the interface and most of the features available.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
GC
Senior Infrastructure Service Specialist at a financial services firm with 10,001+ employees
User
Top 10
Stable with good technical support and an intuitive interface

Pros and Cons

  • "The intuitive interface also allows new team members to adapt to the technology if they are not familiar with it initially. It doesn't take much for one to familiarize themselves with the product."
  • "Even though the platform is simple, and creating security policies is a fairly quick task, creating a bulk of policies at once (ie. for a migration) could be a useful tool. This is probably possible through scripting, however, having an easy-to-use "import CSV" button would be beneficial."

What is our primary use case?

I work for one of the biggest Australian banks that rely on Check Point firewalls for security enforcement across several points in the infrastructure environment.

The Security Management platform is a key component for our operation, in that it enables efficient central management for configuration and security troubleshooting. This centralised component facilitates and adds value to our daily operations, creating a single place for configurations and a platform that can present security logs that are used for the troubleshooting of security issues.

How has it helped my organization?

Check Point Security Management improved the speed at which security access permissions are granted across our environment through its centralized and easy-to-use nature. The possibility of re-using objects across different policies and also having the drag and drop capabilities are great. 

Moreover, having one single platform managing multiple firewalls reduces the time (and cost) of the provisioning of infrastructure services. This boosts the productivity and efficiency of teams across the board.

What is most valuable?

The Check Point Security Management platform provides a central location for the management of domains and firewalls in the environment. The nature of the product brings valuable returns to the operation, increasing efficiency when configuring and troubleshooting.

The intuitive interface also allows new team members to adapt to the technology if they are not familiar with it initially. It doesn't take much for one to familiarize themselves with the product.

Another great feature is to have available logs in a central location, enabling the troubleshooting of security issues anywhere in the environment.

What needs improvement?

One possible improvement for the platform would be the import of security policies via CSV or CLI. Even though the platform is simple, and creating security policies is a fairly quick task, creating a bulk of policies at once (ie. for a migration) could be a useful tool. This is probably possible through scripting, however, having an easy-to-use "import CSV" button would be beneficial.

Another feature that could be improved is the export of configurations to CSV. This is often useful to map current firewall policies or NATs. I understand that this feature is available currently, but would CSV bring objects with names (but not IPs) and groups (but not the members). The improvement of this feature would surely be welcomed.

For how long have I used the solution?

I have been using Check Point Security Management for around 4 years.

What do I think about the stability of the solution?

The most recent software versions are very stable and trouble-free.

What do I think about the scalability of the solution?

We have a very good impression of it so far. The possibility of adding firewalls to the fleet and keep a central management point makes it simple to grow the operation.

How are customer service and technical support?

The experience with the Check Point Professional Services team, and TAC, couldn't be better. The team that works with my organization is extremely knowledgeable and is always willing to go the extra mile in order to find the best possible solution for any kind of goal we need to achieve. The TAC team is also always helpful and provides us with many valuable inputs in hard times. 

Which solution did I use previously and why did I switch?

I have used different solutions from other vendors, but not on the exact same places. The Check Point Security Management platform was mostly used alongside others.

How was the initial setup?

Perhaps because I lack experience setting it up from scratch, the initial setup seemed quite complex.

What about the implementation team?

We had a vendor team assist with the setup.

What was our ROI?

Overall, the ROI is great. It is a solid and easy-to-use platform that adds a huge value that justifies every penny.

What's my experience with pricing, setup cost, and licensing?

I most definitely recommend this platform when it comes to cost. The available list of add-ons creates great flexibility to the technology and is also easy on the budget - since you only pay for the features you use.

Which other solutions did I evaluate?

This is not applicable to my role.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PRAPHULLA  DESHPANDE
Associate Consult at Atos
Real User
Top 5Leaderboard
Great Log monitoring and alert configuration with helpful technical support

Pros and Cons

  • "The SSL VPN monitoring based on users and tunnel monitoring are great value-added features present in the management console."
  • "SD-WAN functionality could be added."

What is our primary use case?

We use the solution for a distributed lean IT environment where there's a need to monitor logs, threats, and events, or requires configuring security policies within a single dashboard.

It's great for customers who are searching for an upgraded top to bottom yet simple and improved log management solution. In such cases, Check Point Management works perfectly.

Wherever we have provided such a solution, it has become very easy for IT administrators to manage not only a single location but also geographically distributed workplaces.

It works similarly to other management software in the industry, but Check Point is far beyond all others due to its management log monitoring functionality.

How has it helped my organization?

After integration with the R80 series, Check Point has made most organizations become relatively secure as configuration with security policies, IPS, and log management extend to the maximum ability.

Previously, we needed to monitor all logs related to network traffic and threats and had to audit logs in different dashboards which sometimes felt time and memory consuming.

With the R80 management consoles, all tasks become very easy - starting from gateway management, log monitoring, IPS configuration, global properties configuration, etc.

What is most valuable?

Some of the great aspects of the solution include:

1. Smart Event is a great feature of the Check Point management console. It gives a complete graphical view of more than a year of traffic flow including botnet traffic, malicious host present in-network, compromised hosts, and many more.

2. Object (based on IP, hostname, domain name) configuration.

3. Application and URL filtering configuration.

4. Log monitoring and alert configuration.

5. IPS configuration with improved performance.

6. Applying filters based on source, destination, port, application, etc. which is easy compared to all other vendors in the market.

7. Managing clustering for gateways - including their live health check performance - can be done on the dashboard itself.

8. The SSL VPN monitoring based on users and tunnel monitoring are great value-added features present in the management console.

What needs improvement?

The solution could be improved in these ways:

1. In order to work the management console properly we're required to have more memory and CPU on the system where we need to install a setup.

2. Due to the large size of logs generated for daily traffic, even when old logs purging is enabled, we need to delete old logs manually or else it causes errors while publishing policies which slow down the process.

3. SD-WAN functionality could be added.

4. The required license addition for every blade is a bit of a complicated task for normal IT admins to understand.

For how long have I used the solution?

I've used the solution for more than four years.

What do I think about the stability of the solution?

Stability is always improving day by day with Hotfixes they are releasing.

What do I think about the scalability of the solution?

We can scale up to a maximum limit.

How are customer service and technical support?

The technical support is very knowledgeable.

Which solution did I use previously and why did I switch?

We have good relations with Check Point. This is the main reason we have always preferred it. The technical support offered by Check Point is always a top priority.

Customer from Sophos to Check Point and ASA to Check Point has migrated to our centralized management from Check Point.

How was the initial setup?

The initial setup is straightforward, however, it can get a little complex for migration from another vendor to Check Point.

What about the implementation team?

We had the assistance of vendor support during the implementation.

What's my experience with pricing, setup cost, and licensing?

Check Point licenses work very differently compared to other vendors. We need to purchase each blade in order to make it work, but we can easily obtain a trial (evaluation) license from Check Point to get visibility for the blade.

Check Point tries to maintain relationships with customers and they try to match their price with customer expectations.

Which other solutions did I evaluate?

Palo Alto is most preferred NGFW compared to Check Point, due to having a large market share.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
GD
Global IT Network and Security Service Senior Specialist at a manufacturing company with 1,001-5,000 employees
Real User
Top 20
Allows for easy troubleshooting and configuration using a single pane of glass but is unstable

Pros and Cons

  • "The unique management using Smart Console for all firewalls is very useful."
  • "I've found the solution was a bit unstable."

What is our primary use case?

We are using it on the cloud for cloud segmentation and as a VPN for users. We have been implementing Checkpoint on Azure's cloud for configuring scale sets for internal and external firewalls and as a gateway group active/standby for the VPN. The solution is implemented using a Multiple Entry Point feature. This allows us to use the same URL deplyed for all users and let them connect to the nearest node. We use other features like IPS, Threat Control, and Antivirus/Antibot for protecting our servers. We wanted to implement the SCV feature but it's not working. We've been working with support for months without a resolution.

How has it helped my organization?

It has allowed global worldwide access to our cloud infrastructure. It gives us the possibility to improve security on the Azure cloud as well. 

It features NGFW provided by checkpoint with all of the capabilities that are required to protect for Next Generation protection from attacks at perimeter level The module and security features that are provided as part of the base license with Checkpoint include the VPN, IPS, Application Control, and Content Awareness which offers strong protection for the organization. The main problem is that the support in terms of solving any issue is not very good.

What is most valuable?

The unique management using Smart Console for all Firewalls is very useful. Also, the management of policies and the log page allows for easy troubleshooting and configuration using a single pane of glass. The new release R81 allows a very fast installation of policies on the firewalls.

The MEP feature had a lot of problems during the implementation, needing configuration of TXT file via the CLI, however, at the end of the implementation, it is working well and has given us a very good advantage on the VPN solution in our company. I hope to see other useful features in the next release.

What needs improvement?

I've found the solution was a bit unstable. It would be better to improve the stability of the service. Another thing that needs to be improved is the Checkpoint support. Very often they were not able to solve the problems that we had. Sometimes to solve problems you need to install a new Hotfix or Custom release - and that can generate some side effects that can create instability problems. It's necessary to improve the support - especially the one that is provided in India.

For how long have I used the solution?

We had done an upgrade 2 months ago.

What do I think about the stability of the solution?

It's improving with new releases.

What do I think about the scalability of the solution?

It's very scalable.

How are customer service and technical support?

The experience has not been very good.

Which solution did I use previously and why did I switch?

Yes, we were using on-prem products with Cisco Anyconnect VPN solutions. We switched to Checkpoint and moved the VPN solution to the cloud.

How was the initial setup?

Yes, it was a bit complex.

What about the implementation team?

We had a good level of expertise, and we also used Checkpoint professional services directly.

What was our ROI?

We hope to have ROI in 3 years.

What's my experience with pricing, setup cost, and licensing?

Licensing is very granular. You can easily select the best solution and feature that fits to you.

Which other solutions did I evaluate?

We did not evaluate other options.

What other advice do I have?

They should improve the support and the stability of the system. When there are issues, it is not very easy to solve problems using the support they offer. Other vendors like Cisco have better support. This is very important for Enterprise companies - even more than new features.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
MB
Presales engineer cybersecurity expert en ElevenPaths at Telefónica
Vendor
Top 20
Good blade functionality with easy integration capabilities and a unified management console

Pros and Cons

  • "The fact that everything starts from the same unified management console makes it very easy to integrate new equipment or functionalities once the operator has become familiar with it, as everything will follow similar management or operation mechanisms."
  • "In my experience, the place they can improve the most is in the technical support where I have had some serious problems that could not be solved in time due to a lack of knowledge of the assigned engineer."

What is our primary use case?

Throughout my professional career I have operated, implemented, and designed solutions with Checkpoint's NGFW for clients of all kinds - public and private, small and large.

For all scenarios, there is a suitable solution with this manufacturer. Its decades of experience make it one of the undisputed leaders in the industry.

In recent times, the platform has evolved significantly to meet the latest threats. I would recommend at least valuing it as an option whenever an opportunity arises to cover cybersecurity needs.

How has it helped my organization?

Having a central point to manage all its capabilities makes it much easier to react quickly and accurately to a threat, which is essential in this day and age where attacks can be lethal to our network if not dealt with quickly.

I have actively participated in the defense of very important customers who were able to overcome the challenge thanks to the great visibility that the console offered them. The other additional capabilities that we can integrate into the platform are also a very important added value.

What is most valuable?

One of the features that attract me the most is being able to activate different functionalities through its blades, having centralized point access to all of them, and being able to activate and deactivate them as needed.

In addition, the fact that everything starts from the same unified management console makes it very easy to integrate new equipment or functionalities once the operator has become familiar with it, as everything will follow similar management or operation mechanisms.

This is one of the aspects I value the most.

What needs improvement?

In my experience, the place they can improve the most is in the technical support where I have had some serious problems that could not be solved in time due to a lack of knowledge of the assigned engineer.

It would be a good policy to try to assign senior engineers when it has been verified that an incident is critical and urgent for a client and not to resort to less-experienced technicians that can put at risk the recovery of the attacked assets.

Apart from that, at the architectural level, it is a very competent and versatile solution.

For how long have I used the solution?

I've used the solution for more than 15 years.

What do I think about the stability of the solution?

Overall, it is a very mature and stable solution.

What do I think about the scalability of the solution?

With the arrival of Quantum Maestro, the platform's expansion capabilities have increased tremendously. Its new architecture is promising.

How are customer service and technical support?

In general, they work very well, however, it should be prioritized and they need to assign senior technicians when the issue has been verified that it is very critical for the customer.

Which solution did I use previously and why did I switch?

Due to working in an international MSSP, I have worked and continue to work with all manufacturers.

What about the implementation team?

We always try to do the implementation work with our own SOC of experts.

What was our ROI?

It depends a lot on each case and on the customer's needs and capabilities.

What's my experience with pricing, setup cost, and licensing?

It's not the cheapest solution, but one of the most advanced and competent.

Which other solutions did I evaluate?

We always evaluate alternatives and try to see what fits the client best. Fortinet, PaloAlto, Checkpoint, Cisco, et cetera.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate