What do you like most about Check Point NGFW?
Thanks for sharing your thoughts with the community!
Centralised dashboard for all checkpoints gateway with options of copying policy from 1 gateway to another
Providing control at single point for enabling different module for NGFW e.g. IPS/SSL/Web Filtering
The central management console has helped with segregation, where planned interventions with management consoles do not have any impact on production or critical business traffic.
It creates granular security policies based on users or groups to identify, block or limit the usage of web applications.
Remote access with a secure workspace provides a clear separation between the client and corporate network.
One of the most valuable features is performance improvement, wherewith ClusterXL and CoreXL, you can improve performance.
The way in which a computer is immediately isolated if it starts behaving badly and I get a notification of an infected computer is also extremely nice and a great feature.
The threat emulation blade and user identity awareness feature has helped us a lot in terms of perimeter security and have given us granular visibility of user access.
It provides access to the Internet for corporate resources in a secure manner.
I think that the most valuable feature is the prevention of known and zero-day threats because they are constantly trying to access your company and compromise its data.
There are many useful features including the Office VPN, which provides us with a seamless connection for users who are working remotely.
One of the benefits that we have realized from using this product is that the user interface makes it easier to operate, compared to using the CLI.
The packet inspection capabilities are great.
Check Point provides dedicated blades to monitor network traffic, which helps while troubleshooting network and packet-related issues.
It is easy to control from the central management system. For example, if we have 10 firewalls, and we want to push that same configuration among them, we can use this solution's central management system to do that simultaneously. So, there is time saving in that way. The time savings does depend on the situation. For example, if I am running half an hour of work on each firewall, that will take around 300 minutes. However, if I do this work from the central management system, then it will only take 30 minutes to push the same configuration to those same 10 devices.
We have between five and ten firewalls on-premises, and if we want to configure or push the same configuration to all of the firewalls, then the centralized management system is very helpful.
I think the VSX has been the most valuable feature for us.
There are also additional features, compared to a Layer 4 or Layer 3 firewall, such as AV signatures and devices, which are very helpful for securing the company's network.
The features that are important include: IPS, sandbox, SandBlast, Anti-Bot, and URL filtering.
The Threat Management feature makes it very easy to detect the vulnerabilities and other factors. We can make new policy according to it. Policy creation is very simple in Check Point. Because the logs are very good in Check Point Firewall, this reduces our work with the reports that we are getting from the Threat Management. It is very convenient for us to use the reports to make new policies for security and other things.
It has various features, like Threat Prevention and Antivirus. It is easier to use and have knowledge of a single device rather than multiple devices/technologies when doing an installation. It is also easy to use because of having Antivirus and Threat Prevention features within the same firewall.
The packet inspections have been a strong point. Our identity collectors have also been helpful. In many ways, Check Point has been a step up from our SonicWalls that we had in-house before that. There's a lot of additional flexibility that we didn't have before.
The Next Generation Firewalls, the 64000 and 44000 series, provide us with support for large data centers and telco environments. They're quite reliable and provide great performance.
The most valuable feature is the central management system through the Security Management Server. Apart from that, the graphical user interface helps us to do things easily.
I love the interface of R.80.30. The R.80 interface is very nicely thought out with everything in one place, which makes Check Point easier to use.
They have very good support. In critical scenarios, they provide us very quick solutions, are very well-trained, and have a good knowledge about the product. That is what we expect from them.
The most valuable feature is the centralized management, which gives us control over all of the Check Point gateways.
My favorite feature is the UTM piece and that was the main reason we bought it. It helps us to fine tune the network.
Check Point definitely has a great architecture, where you can just enable the software blades and deploy a secure service. Overall, it provides ease of deployment and ease of use.
The firewall feature and DDoS Protector, when turned on, keep away attacks from the outside. They also prevent users from accessing things on the Internet that they are not supposed to access.
The application authentication feature of Check Point is the most valuable as it helps us keep users secure.
The biggest thing is the central management. It is quite good and allows us to manage the different firewalls from it. We can implement and configure many firewalls and push our policies to them as well.
One of the most valuable features is the data center object integration with Azure. We are using Azure a lot and there is very nice synchronization between the objects in Azure, and it's very easy to implement rules using this feature.
The most valuable features are the security blades and the ease of managing the policies, searching log for events, and correlating them.
The most valuable feature of the firewall is the packet inspection. That is an amazing feature from Check Point.
The most valuable feature for us is the VSX, the virtualization.
It provides a central station where it is very easy to deploy our firewall policy in one click to many firewalls. This is one of the leading perks. It saves time by having one central station because I can deploy the same kind of policy to many firewalls at once.
The feature I like the most is their central management, the Smart controller which you can use to manage all the firewalls from one location... Being able to access almost everything in one location — manage all your gateways and get all your logs — for me, is the best feature to work with.
The Anti-Spoofing has the ability to monitor the interfaces. Suppose any spoofed IP addresses are coming from an external interface, it won't allow them. It will drop that traffic. You have two options with the Anti-Spoofing: prevent or detect. If any kind of spoof traffic is coming through the external interface, we can prevent that.
In R80.10 and above, you can view logs in SmartConsole. You don't have to open another smart tracker to view logs. That is the improvement Check Point has done which makes it better because it is much easier to find logs. This saves time, approximately 40 to 50 a day in one shift.
It also gives us a single console for everything. Rather than having one device for URL filtering and a different device as a firewall, this gives us everything in one place.
The simplicity of the access control is the most valuable feature for us. It gives us the ability to easily identify traffic that is either being allowed or denied to our network.
The central management makes it easier, and is a time-saver, when implementing changes.
Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention. Apart from that, there is central management through which we can integrate all the firewalls and support them. It makes it easy to manage all the firewalls.
We like the centralized management for configuring multiple firewalls. It also gives us the Antivirus, threat prevention, and vulnerability tests. These four features protect the environment with security checks. Vulnerability tests allow us to configure changes that can protect the environment.
It gives us centralized management for multiple firewalls. For example, if I want to push the same configuration in 10 firewalls, I can push it all at once with the help of the centralized management system.
The management platform and the dashboard, the graphical user interface, is one of the best, if not the best, in the business. It's the most intuitive and it's really user-friendly in day-to-day operations.
The Check Point API let me make 100 net rules in just 10 minutes, which saved us time.
AV, IPS, AntiSpam, Sandbox. That's gentlemen set for any basic security, and it was implemented very well. In our reports, the most exciting results belong to AV and IPS. It can be explained by using ThreatCloud - a global knowledge base, which accumulates signatures for all existing and new coming malware, and all the Check Point solutions are always up to date with potential threats.
It secures my organization. With the application blade, I can make security as application based and the custom application is also very useful. With identity awareness blades we get insights on our local users who are accessing/passing through the respective rule as users. We also use the DLP, IPS, and VPN features.
Advanced logging capabilities: Check Point generates extensive logs which may be very useful to figure out the issues. Its logs also contain too much information which can be used to modify the policy as per user need and organizational security environment. The same can be used to figure out probable attack surface or necessary steps for mitigation.
Check Point is able to satisfy almost any security tool for enterprise clients. This allows us to deploy complex changes from a single management interface, get better visibility, and significantly reduce operational complexity.
Now we can add application signature in the same rule base & don't have to create a different policy for that.
Apart from it having very good features, I personally like the vulnerability assistance via report management which detects host and network vulnerability.
Check Point Next-Gen firewall provides security to Internal IT infrastructure with its high-performance hardware & throughput we can use redundancy.
The overall security of the environment has been greatly improved by the Check Point NGFWs. Before implementing this solution we have to rely on the Cisco ACLs and Zone-Based firewall that we had configured on switches and routers, which in fact a simple stateful firewall, and currently not an efficient for protecting from advanced threats.
The interface and the IPS intrusion prevention are the most valuable features of this solution.
Everything can be managed from a single dashboard nowadays.
It is easy to deploy or upgrade. There is no need to do this manually with commands. This solution can be set up online.
The scalability is very good.
The most valuable features for us are identity awareness, IDS and IPS, and application control.
The most valuable features are application control, regulation, and threat prevention.
The most valuable feature is the Stateful Inspection, which was developed by Check Point.
Check Point is very administrator-friendly and the SmartDashboard is easy to use.
SmartCenter and SmartLog are the best platforms to manage firewall rules. SandBlast Zero-Day is very useful when encountering any security leaks.
With the new SmartTask offered in R80.40, we will be happy to configure some automatic control-functions.
The best feature is the ability to increase the capacity of the solution by exactly what you add, not losing anything for High Availability.
The rules are very easy to deploy and can be optimized pretty quickly.
The most valuable feature is that we are protected against zero-day threats.
The solution is easy to use. I like the monitoring the most.
We use Check Point to complete the network compliance rules.
The initial setup was very straightforward. You can customize it and change it as you need.
We never had an outage of the appliances or the consoles. Stability is very strong. I never had a problem related to stability.
It is easy to configure and it is a valuable antivirus protection. I especially like the IPS feature of this product.
It filters unwanted traffic.
The most valuable feature is the IPsec VPN.