We changed our name from IT Central Station: Here's why
2020-03-04T08:49:35Z

What is your primary use case for Check Point IPS?


How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

ITCS user
Guest
1010 Answers

author avatar
Top 20User

The product protects our environment from specific threats; we 'approve' signatures manually (or automatically) based on the applications/appliances in use in our company. We are a logistics company hosting several websites/order management. The company is about 1000 FTE across several locations (in the Netherlands & Belgium). We have been using this for the last 10 years at least (since I have worked at the company). It's easy to use. The reporting is good. Usually, when threats emerge on the internet, there are signatures for this within a few hours.

2021-11-17T16:45:00Z
author avatar
Top 5LeaderboardUser

We have a hybrid infrastructure with an on-premise data center, cloud data center, and multiple branch offices. All of these firewalls are managed via Check Point Multi Domain Management as well as Smart Event to see security events across our environment. IPS is set primarily to prevent and only some signatures are set to detect (only after some false positives) so we still see them and get notifications via the Smart Event reports. IPS is updated automatically and pushed to all gateways every two hours.

2021-09-30T07:31:00Z
author avatar
Top 5LeaderboardReal User

Intrusion prevention and detection are the most valuable pillars in the security system, which detects and prevents exploits or weaknesses in vulnerable systems or in applications and protect against threats not only based on signatures but also based on anomalies, behavioral analysis, etc. IPS is already integrated and comes as a security license in Check Point NG Firewalls and NGTX Firewalls. Every defense system must have a feature set that provides complete security for Network IPS and Check Point has very powerful high throughput - almost at terabyte speed - with the help of a hyper-scale approach.

2021-09-02T16:34:00Z
author avatar
Top 5LeaderboardReal User

The Check Point IPS module is applied to both internal and external traffic. Many times, we only think about protecting ourselves from what comes from the Internet but it is also good to analyze what passes inside between one network and another and what goes out to the Internet. I'll never forget the first backdoor report. We immediately activated email alerts for the most important reports and it was an email that indicated the compromised server. There were three of us and it took two hours to discover that through the image upload form, there had been an attempt to upload a backdoor. This IPS module had blocked this attempt.

2021-05-08T14:17:00Z
author avatar
Top 5Real User

We make use of Check Point IPS to protect our corporate network against incoming threats of all varieties. We have a very minimal intranet/network and this is installed and configured on our firewall that monitors all incoming/outgoing traffic. We felt it was necessary to have this in place as part of our security hardening in preparation for a third-party penetration test of our corporate network. Their goal was to access our network undetected and exfiltrate information. They were unsuccessful.

2021-05-06T20:08:00Z
author avatar
Top 5LeaderboardReal User

We use this solution to secure the organization against any attack coming into the network via the internet, a third party, or any other connected network. It is used to detect and prevent identified threats at the perimeter level so attacks do not penetrate the network. With so many access points present on a typical business network, it is essential that we have a way to monitor for signs of potential violations, incidents, and imminent threats. We also use it to provide flexibility for the SOC admin to identify any suspicious activity and either detect and allow (IDS) or prevent (IPS) the threat. It logs and reports any such incident to the centralized logger so the required action can be taken by the SOC team.

2021-03-30T14:29:00Z
author avatar
Top 5LeaderboardReal User

We use Check Point IPS to protect our infrastructure against threats. It internalizes different attack buttons. We started by deploying it only on the on-prem firewalls, but now we are also rolling out to the internal firewalls, the ones that segregate environments, the production, and the corporate environment.

2020-09-23T06:10:00Z
author avatar
Top 5LeaderboardReal User

I work in MNC company and we have 6 GEO locations in India and all of our locations are using Check Point as a perimeter firewall. I sit in our HO Office and I am maintaining all the location firewalls with my team, except for 1 location. We regularly monitor the security alerts on our perimeter and based on that we will align our location IT to check and update us. IPS is our core blade for network security, it is provide the details that some suspicious activities happen on our network as per the IPS signature database, and based on that we will work on that. As our primary use case with IPS blade we are daily receiving non-compliant IKE alert, and we know if we prevented it then what impact will happen, our all site to site tunnel will stop working which is running with noncompliant IKE and we are not forcing our client to update that noncompliant IKE protocol.

2020-08-07T03:01:00Z
author avatar
Top 5Real User

Our company works in developing and delivering online gambling platforms. The Check Point NGFWs are the core security solution we use to protect our DataCenter environment located in Asia (Taiwan). The environment has about ~50 physical servers as virtualization hosts, and we have two HA Clusters consist of 2x5400 hardware appliances, managed by an OpenServer Security Management Server on a Virtual Machine (KVM), all running on R80.10 with the latest JumboHotfix. The Clusters serve as the firewalls for both inter-VLAN and external traffic. We have the Intrusion Prevention System (IPS) blade activated on both Check Point HA Clusters as the counter-measure against advanced threats and malware. The IPS blade mostly used for ingress traffic from the Internet to the DMZ VLAN.

2020-07-23T18:41:00Z
author avatar
Top 20Real User

We are using Check Point IPS for securing our internal networks and our website, as well as all of the traffic that goes through us. The traffic is analyzed by the IPS, which checks for things like malicious files and different attack patterns. We are using the virtualized version.

2020-03-04T08:49:35Z
Learn what your peers think about Check Point IPS. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
564,643 professionals have used our research since 2012.