If you were talking to someone whose organization is considering Check Point Remote Access VPN, what would you say?
How would you rate it and why? Any other tips or advice?
Check Point products are typically not cheap, however, I've found it's often due to the fact that you can do a lot with it. I recommend Check Point products to anyone who is going to have the time and expertise to administer them. You're going to be able to do what you want to do, engineer a design that works for you. If you want to just plug it in and forget about it, then this might not be the product for you. That said, for those who do just want to plug something in and forget about it, I warn you to be cautious. When it comes to Remote Access, you don't want to ignore this. You want to be looking at it and you want to monitor it, otherwise attackers will take advantage of that weakness. This is where Check Point allows you to monitor the edge, while granularly controlling it.
We would like them to add a 2MFA feature in the future. This is our direct request.
Get this software installed as soon as possible. It's a smart move.
We are customers and end-users. We don't have a business relationship with the company. I'd advise new users that, when it comes to deploying with an authentication provider, I would advise that you use a Microsoft authenticator. We tried using their authenticator at first, but that is not good. That did not work. I'd rate the solution at an eight out of ten.
So far, I have not found any negative characteristics to complain about, since in general, the software works in an excellent way and it has never failed us.
It's not hard to deploy the solution. Remote Access VPN is easier to deploy than some other solutions like Pulse Secure. If you already have a Check Point firewall, this remote solution is a win-win because you don't need to buy, manage, or do a hardware refresh when you enter the end of life. You will have centralized logs on the same tools. If you have a Check Point firewall, this solution is the best for you. I would rate Check Point Remote Access VPN a nine out of ten. It works very well. I would say it's almost the perfect solution. As far as I'm aware, it's one of the oldest solutions from Check Point. So it's very, very stable. They have a lot of years of working with it.
The Check Point Endpoint Remote Access VPN for MacOs and Windows are reliable solutions for remote access VPN, and fully compatible with the Check Point security ecosystem.
My advice would be to have patience. Make sure you get a Tier 3 support person. Setting up the servers and everything is easy, but deploying the Endpoint VPN client is not easy. They need to have someone walk them through the process of creating the Trac file that contains the settings for the client. That is hard. There is the endpoint server, which is on-prem, and easy to set up like any other appliance that any network engineer or systems administrator should know how to do. That is easy. But if you want to deploy the client, which most people want to deploy the client, and have any type of configured settings on it, then know that it is not just a generic client. That's the hard part. My advice would be to reach out to support and have them help you with it. I remember not knowing how to deploy the Trac file and struggling immensely. I was unable to deploy the client and get people working, which is my job and what I'm supposed to do. Learning how to do that, being familiar with the process, and actually doing what I'm expected to do at work, which is let people be connected to the firewall, that was my biggest lesson. I would rate it a seven and a half out of 10.
I don't have any advice yet. On a scale of one to ten, I'd give Check Point Remote Access VPN a seven.
We all know it's really hard to get good pricing and cost information.
Please share what you can so you can help your peers.