Check Point Application Control Software Blade for High Availability - subs
Mfg # CPSB-APCL-L-HA
CDW # 2390697
Know your gear
The Check Point Application Control Software Blade provides the industry's strongest application security and identity control to organizations of all sizes. It enables IT teams to easily create granular policies - based on users or groups - to identify, block or limit usage of over 240,000 Web 2.0 applications and widgets.
AppWiki enables application scanning and detection of more than 4,500 distinct applications and over 240,000 Web 2.0 widgets including instant messaging, social networking, video streaming, VoIP, games and more. UserCheck technology alerts employees in real-time about their application access limitations, while educating them on Internet risk and corporate usage policies.
AppWiki enables application scanning and detection of more than 4,500 distinct applications and over 240,000 Web 2.0 widgets including instant messaging, social networking, video streaming, VoIP, games and more. UserCheck technology alerts employees in real-time about their application access limitations, while educating them on Internet risk and corporate usage policies.
Enhance your purchase
Check Point Application Control Software Blade for High Availability - subs is rated
4.60 out of
5 by
31.
Rated 5 out of
5 by
reviewer1986 from
Enables us to block employees from downloading illegal content that would harm the company image
What is our primary use case?
Our primary use case of Check Point Application Control is to filter which application categories we want to allow our organization members to have access to so that they are secured. For example, we don't allow access to malicious applications and some categories that could be threats. We only allow organization members to access secure applications and applications that are aligned with the company's strategy.
It also enables us to save internet bandwidth by filtering applications that are not work-related.
How has it helped my organization?
Check Point enables us to save internet bandwidth. The administration offers good guidance. We don't want the employees to access social networking on work computers because it will distract them from their jobs, so we can block that. It also helps us to implement changes very quickly and to get people to be more focused on the job.
We can block employees from downloading illegal content that would harm the company image with our IPS. If an employee downloads torrents with movies that should be paid for, they can detect that it's our company's IP. We could be fined and it could be good damage to the company image. So we block those kinds of applications.
What is most valuable?
The features are very granular. You can block Facebook Chat but allow Facebook itself. The big database and the easy configuration are also valuable features.
What needs improvement?
I think Check Point Application Control is one of Check Point's most complete solutions. It has had a lot of years for improvement. I don't see anything that we need to be improved. It does everything that we would need. It always applies new applications. It does what we need it to do. We don't need to select a specific application if we don't need it, it can be selected by category. The solution is very complete.
For how long have I used the solution?
I have been using Check Point Application Control for eight years.
What do I think about the stability of the solution?
The solution is stable. We didn't have any specific issues.
What do I think about the scalability of the solution?
It's scalable in a way that you can use the same application and filter objects on all the gateways that you have under managers. You can define one profile applied to all firewalls.
There are around 1,000 users in our company who are affected by Application Control.
Four network security engineers are responsible for the maintenance.
We deployed only on the perimeter firewalls. If we need to add some more perimeter firewalls, we will deploy to that as well.
Which solution did I use previously and why did I switch?
We specifically chose Check Point because we needed to filter internet access. It was already in place in some firewalls when I came to my company. My colleague implemented it on some other firewalls. It was already placed in one or two firewalls.
How was the initial setup?
The initial setup was straightforward. We generally use the blacklist method for Application Control. That is where you select which application categories and specific applications you don't want to be accessed and then you allow everything else. This method is easier than what we did in the past where we tried to do it the other way. We would only allow specific applications for a specific project and then deny everything else. But then there was always something missing because the machine would need to update and we would need to have a new application. There was always something being blocked that shouldn't.
It took us about one week to define the strategy and then two to go through the list of categories that were available to define which we would deny. We would also discuss with the GRC team and get guidance from the administration.
What was our ROI?
Our ROI Speaker is that it adds another security measure that doesn't allow employees to access websites and applications that can harm our company, and by keeping the company's IPS reputation clean. It also blocks categories like social networking and gambling. Those kinds of categories also increase productivity and decrease internet link usage for things that don't interest the business.
What's my experience with pricing, setup cost, and licensing?
Pricing is in line with the competition. Licensing is not complicated. The license application is straightforward and it functions well. There are no additional costs that I'm aware of.
What other advice do I have?
My advice would be to deploy Application Control with a blacklist approach. In which you select which application categories to block and accept others. Otherwise, from our experience, it's a mess. It's much more easy and efficient than doing the whitelist approach, in which you would select what you would allow and block off the rest. It can forget to add a category or an application that is needed and so you will always need to be adding them on a request basis.
The whitelisting approach should only be on very specific applications. In which only a server should access a certain application and nothing else. If you miss something, you will have to always be investigating why it doesn't have access or why an application is not working.
We tried to do a whitelist approach on a specific environment, but we gave up because it was starting to get to be a bit messy. Some servers only need it to go to the internet to do some updates on some applications. They shouldn't access any other categories. That was always something that was not working because some application was categorized as technology and it was also categorized as, for example, social networking.
The biggest lesson is that it's very important to have Application Control on the company's internet access. A previous company I worked at, got a court letter saying that our IP downloaded two movies from torrents. The company got a final warning that if our IP would be caught downloading illegal stuff again we would have problems and so the company implemented Application Control. It's very important for the company's IP reputation and also for employees to be focused on their job. You can block malicious applications which gives you another level of protection and also reduces internet link usage.
I would rate Check Point Application Control a ten out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclaimer: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Date published: 2020-10-07T00:00:00-04:00
Rated 5 out of
5 by
Manuel Briones from
Easy to set up with a good ROI and helpful technical support
What is our primary use case?
It is one of the main solutions that we have applied in our offices for the administrative control of access to specific services social networks within the corporation, viewing of videos or services that in some way distract the worker from their activities. It's also facilitated us with the ability to separate the databases by a gateway which makes the administration and the permissions granted to the end-users much easier.
How has it helped my organization?
One of the ways it's helped us improve was in the administration and the permissions for specific services. This was very useful to us when making a database per gateway and configuring them through layers to have better visualization, control, and administration of the rules, which allows new administrators to have a better scope and understanding of the organization. This has undoubtedly been the newest thing for us as gateways administrators.
What is most valuable?
One of the aspects of the solution that has given us more value is the integration of a domain controller with the firewall through the dashboard which allows that through inline layers, LDAP.
The visualization of users, the administration, and the permissions that we can grant to users makes our configuration a more dynamic environment since, as organizational units of an active directory, we can grant permissions to users to specific applications allowed through the URL filtering or application control within the dashboard.
What needs improvement?
With Check Point we are more protected, however, one of the issues is the cost. They are expensive products due to the fact that we have to buy blades for each solution that we want to integrate into our corporate. Without a doubt, it is worth it, however, it is an important point that could be considered.
Likewise, nowadays a 2MFA solution could be integrated to Check Point since nowadays remote connections made with remote workers are required to protect the extension from the office to your home through a VPN connection.
For how long have I used the solution?
I've used the solution for about three years.
What do I think about the stability of the solution?
The Check Point solution is very stable, however, the installation of JHF at least once a month is somewhat annoying since that could be interpreted as not being a stable solution.
What do I think about the scalability of the solution?
In terms of scalability, my impressions have always been good since there is a lot of scalability in this service. For example, you can integrate several solutions to a centralized administration.
How are customer service and support?
They have an excellent support team. They are fast and it is easy to escalate any situation.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We did not previously use a different solution.
How was the initial setup?
The setup was straightforward.
What about the implementation team?
We handle the implementation in-house.
What was our ROI?
We've seen a 40% ROI.
What's my experience with pricing, setup cost, and licensing?
Despite the somewhat high cost, based on the blades, it is a reliable solution.
Which other solutions did I evaluate?
We didn't evaluate other solutions.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2021-11-23T00:00:00-05:00
Rated 5 out of
5 by
reviewer1838814 from
Reliable, reduces management requirements, and lessens manual interventions
What is our primary use case?
Our K-12 school district is currently leveraging the Check Point 6800 Gateway hardware appliance, which is running version R80.30.
The management station runs as a virtual machine in our VMWare environment with Cisco UCS & EMC (storage) hardware and Cisco networking architecture. In addition to the exceptional performance of the hardware and extensive Firewall abilities, we manage end-user traffic related to the applications. We use the solution primarily in the social media and entertainment arenas. This feature allows us to reduce unnecessary use of our already limited bandwidth.
How has it helped my organization?
Prior to the newer Application Control tools, from Check Point, we didn't have nearly as much in-depth access to manage traffic in the port 80 and 443 pathways.
As a result, we were regularly pushing the high end of our already limited bandwidth. Though we did have web/URL filtering technologies deployed, our users still had quite a bit more access to media resources that presented a distraction in our environment. The Application Control, allows us to better manage bandwidth at a more granular level.
What is most valuable?
Being able to choose specific applications in our policy rule base in order to better manage access and bandwidth utilization has had a significantly positive impact on our environment and saved a lot of management time. This feature allows us to apply all the relevant protocols from a single application "package."
In years past, we used to have to spend a lot of management time manually diagnosing the end-user traffic in an *attempt* to determine what sites, protocols, and ports were being used by the resource. Then, we would have to create specific rules to affect that traffic, before we could regularly monitor the traffic for any unexpected rouge behavior.
What needs improvement?
One of our continued challenges is having a more accurate, real-time view of how our bandwidth is actually being used at any given moment. A feature that could really offer a lot of insight into the live traffic would be a high-quality, real-time traffic graphical monitoring module. Administrators could then "mouse-over" any point on the graph to reveal additional information at a very granular level. The information that could be presented would include data such as the service/app used, the specific network or IP, the date/time, etc.
For how long have I used the solution?
I've used Check Point since the late 1990s. I've used this solution for several years.
What do I think about the stability of the solution?
We've had zero issues. It's a solid product.
What do I think about the scalability of the solution?
My impression is that with all the recent features and abilities added to the application control section, it should be able to scale very nicely. I would anticipate that managing traffic at the application level would be far more efficient than in the past, with the option of creating fewer rules to accomplish the same goal. Being able to group or, "package," together a number of similar applications that contain all the relevant protocols, will be a big benefit over time.
How are customer service and support?
As the product has performed well, we have had little interaction with Check Point's customer support. We have been reasonably satisfied, during the limited times of engagement.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We have been using the Check Point firewall suite of products, since the floppy disk installation days.
How was the initial setup?
We had the guidance and aid of a partner vendor and it was not overly complicated.
What about the implementation team?
We have worked with a vendor for years and have been very pleased.
What was our ROI?
ROI is difficult to quantify in terms of money. However,, we can easily say that our management time has decreased and end-user activities have been more on-task.
What's my experience with pricing, setup cost, and licensing?
Pricing is a bit high for our K12 organization. The setup is not painful. That said, planning is crucial - as well as a thorough understanding of your network architecture and desired outcomes.
Which other solutions did I evaluate?
We did not evaluate other options.
What other advice do I have?
I'd advise users to go with Check Point.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-04-25T00:00:00-04:00
Rated 5 out of
5 by
JamesYa from
Great for access control with helpful support and good performance
What is our primary use case?
The product is standard software in our organization.
With this solution, you can actually control approved software for use by particular individuals in your company. You can offer it to certain users and disallow it for others.
What is most valuable?
The product is great for allowing access to certain users for certain software.
The stability has been good overall.
The scalability is good.
Its initial setup is very simple and straightforward.
Technical support has been helpful.
What needs improvement?
We haven't had any issues with the product. There aren't really any features missing.
We would like the product to be a bit more user-friendly in general.
For how long have I used the solution?
We've been using the solution for one year. It hasn't been that long.
What do I think about the stability of the solution?
The stability is good. thee are no bugs or glitches and it doesn't crash or freeze. Its performance is reliable.
What do I think about the scalability of the solution?
You can scale the solution as needed.
We have 2,000 users on the product currently.
We do plan to increase usage and will add more of it as we add more employees to the organization.
How are customer service and support?
Technical support is knowledgeable and quite good when it comes to helping out its user base. We are very satisfied with their level of support.
How was the initial setup?
The implementation process is straightforward and very easy. It's a central department controlled by the console, the main console, which makes it straightforward once you populate it to all of the endpoints.
What's my experience with pricing, setup cost, and licensing?
We do need to pay a yearly subscription in order to access the product.
What other advice do I have?
We are internally using this product in our company. We are not offering it to customers.
It's deployed directly on our laptops.
I'd rate the solution an eight out of ten.
I would recommend the product to other users and organizations.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-04-15T00:00:00-04:00
Rated 5 out of
5 by
Dalvarado from
Easy to make groups and segment policy and offers a granular application of security
What is our primary use case?
I use the product to provide accessibility and security to my networks and also in the VPN part. In this way, I can have more granular control that gives me the opportunity to segment departments or teams that have different rules. In this way, it does not affect different departments with some policies more restrictive than others as in the case of management and any other department. I can also facilitate nautical policies that allow me to expose certain services through management. Check Point management is one of the best options.
How has it helped my organization?
It has helped us to have greater control and security in the organization. This has encouraged us to look for better policies or regulations that help us protect all the information of our services. The ease that this blade offers us is impressive in comparison to other brands. Check Point has been polished in giving us a very powerful tool to be able to manage security in the best way, in addition to being able to integrate it with our gateways and providing separate policies so as not to have high consumption in them.
What is most valuable?
The features that have helped me the most with control is the ease of being able to make groups of departments to which I can apply certain policies segmentally. For example, access policies to some services are denied for some departments, while not for others. Traffic between them is allowed. It has also worked well in terms of the VPN. I indicate which are the accesses to which networks and from where. In this way, I have managed to provide a fairly granular level of security.
What needs improvement?
We would like to see a greater facility or some corrector that, if we apply a change that affects any other policy, it is in constant review and notifies you before applying the changes. This would be extremely impressive and useful for administrators since it would save us time in the publication and installation of the changes on the Check Point gateways. It would also be good to find more documentation for implementations in the cloud - in my case Microsoft Azure. When looking for specific documentation, it has been quite difficult for me.
For how long have I used the solution?
I have used this solution for at least two years, along with my GWs to provide security to my company.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-04-20T00:00:00-04:00
Rated 5 out of
5 by
Dalvarado from
The ease that this blade offers us is impressive in comparison with other brands
What is our primary use case?
I use it to provide accessibility and security to my networks, also in the VPN part, since this enables me to have more granular controls that give me the opportunity to segment departments or teams that have different rules. In this way, it does not affect different departments with more restrictive policies than others like in the cases of management and any other department. I can also facilitate nautical policies that allow me to expose certain services through management.
Checkpoint management is one of the best options.
How has it helped my organization?
It has helped us have greater control and security in the organization. This has encouraged us to look for better policies or regulations that help us protect all the information of our services.
The ease that this blade offers us is impressive in comparison with other brands. Check Point has been polished in giving us a very powerful tool to be able to manage security in the best way, in addition to being able to integrate it with our gateways and provide us with separate policies so as not to have high consumption in them.
What is most valuable?
The features that have helped me the most with control is the ease of being able to make groups of departments to which I segmentally apply certain policies. For example, access policies to some services that are denied for some departments, while not for others for which traffic between them is allowed. It has also worked a lot for me for the VPN where I indicated which are the accesses to which networks and from where, in this way, I have managed to provide a fairly granular level of security.
What needs improvement?
We would like to see a greater facility or some corrector that if we apply a change that affects any other policy, it is in constant review and notifies you before applying the changes. This would be extremely impressive and useful for administrators since it would save us time for the publication and installation of the changes on the Check Point Gateways.
It would also be good to find more documentation for implementations in the cloud - in my case Microsoft Azure. It has been quite difficult when looking for specific documentation.
For how long have I used the solution?
I have used this solution for at least 2 years, along with my GWs to provide security to my company.
What's my experience with pricing, setup cost, and licensing?
Licenses are expensive, but it is a good option for everything it delivers.
Which other solutions did I evaluate?
do not use other options, based on comments.
What other advice do I have?
It is an excellent option, a very good Check Point tool.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-04-20T00:00:00-04:00
Rated 5 out of
5 by
reviewer1670154 from
Configurable, easy to administer, and offers a variety of applications
What is our primary use case?
We have main and branch offices as well as on-premise and cloud data centers. Using Application Control we control the necessary applications instead of creating one or several rules for one application.
With the AppWiki from Check Point, we can even show users that don't have a log in what applications there are and even see the risks involved at a single glance.
If you use Microsoft services, there are a lot of different applications that the firewall can differentiate and this shows also in the logs.
How has it helped my organization?
Using Application Control instead of normal rules and ports helps with ever-changing product versions. In the past, each version could add/remove certain ports which have to be added or removed by the administrators. With automatically updated applications, you don't have to do that continuously.
Enabling Application Control is unbelievably easy as once it is enabled you can use all relevant applications within the rule base.
Seeing applications within the logs also makes troubleshooting easier as you can see if the firewall recognizes the relevant application.
What is most valuable?
Check Point Application Control offers a wide selection of applications, and even within those, you can configure uploads, downloads, et cetera, on a very granular level. That way, users can use a single application for viewing data but are unable to upload potentially unwanted files. Basic functionality can be provided without decreasing security. In addition, using Check Point Logs we can also see what is allowed/blocked and can act accordingly.
Using APCL within the normal rule base also makes administration easier.
What needs improvement?
If you want to use Application Control over your whole environment you have to license it for all gateways. Otherwise, you can only work with a subset of it. Therefore, pricing can be quite an issue.
We saw that sometimes APCL stops working and can cause an impact on the rest of the rule base. Therefore, it's advisable to check that the gateway can always update itself with the newest applications.
Sometimes applications are not recognized. This may be due to HTTPS Inspection settings. It's also advisable to fully inspect traffic.
For how long have I used the solution?
I've used the solution for over two years.
Disclaimer: My company has a business relationship with this vendor other than being a customer:Our company is a Check Point partner but we also use their products for your own environment
Date published: 2021-10-04T00:00:00-04:00
Rated 5 out of
5 by
Nagendra Nekkala from
Helps to control VPN and bandwidth but needs to incorporate better documentation and regular security patches
What is our primary use case?
We use Check Point Application Control to control VPN and bandwidth.
What is most valuable?
The tool's most valuable features are VPN access, website defense, and maintenance.
What needs improvement?
Check Point Application Control needs to ensure that they release up-to-date security patches regularly. It should release better documentation so end-users can use the product without depending on the support team.
For how long have I used the solution?
I have been working with the product for three years.
What do I think about the stability of the solution?
Check Point Application Control's stability is good.
What do I think about the scalability of the solution?
The tool is scalable. My company has 1000 users.
How are customer service and support?
The tool's support is good.
How would you rate customer service and support?
Positive
How was the initial setup?
You need guidance to do the product's deployment. It cannot be done directly. You need two people to handle the deployment.
What's my experience with pricing, setup cost, and licensing?
Check Point Application Control is expensive. The tool's licensing costs are yearly.
What other advice do I have?
I rate the product an eight out of ten.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-11-13T00:00:00-05:00
Rated 5 out of
5 by
AshleyMorales from
Great features, good compliance, and helps create visibility
What is our primary use case?
The companies have implemented this security tool, due to several factors. The companies develop or buy applications for different functions or needs and this is where Check Point Application Control comes in.
The tool has allowed us to be able to identify and classify all those applications that are being used within the network, which simplifies the work of managing bandwidth, and also helps us to have better control over security since it allows us to allows you to block or allow access to our network.
How has it helped my organization?
It has helped us a lot in being able to have more unified and managed control over the entire infrastructure of the companies since with this we have better control in the applications of how we can limit each access or exit to the Internet. Without this tool, it would be a little more complicated since we would be very limited in defining policies based on characteristics such as IP addresses and port numbers. In addition, it has helped improve productivity in the IT area since we have reduced the time dedicated to each of the applications.
What is most valuable?
The tool fulfills the function for which it was designed. It has many important features that have greatly helped the company and the IT department. For example, it presents visibility of all traffic on the network, which helps us have better management to take measures necessary to optimize performance and security.
It also presents a strong point which is the use of policies. Compliance helps the company a lot and it is something that the tool does very well.
What needs improvement?
They need to improve the graphical interface.
They should also improve the latency when entering the GUI.
The application should not be so closed when it comes to integrations with third-party tools.
They have become a bit expensive to be able to purchase them for smaller companies.
For how long have I used the solution?
I have been using this application for one year in this company, however, I had previously used it for two years in a previous company.
What do I think about the stability of the solution?
The tool to the extent that I have used it these years has been very stable and safe.
What do I think about the scalability of the solution?
The tool is my scalable and adapts to our security infrastructure very well.
How are customer service and support?
Support should improve service times and be faster in providing solutions.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
There was no type of tool that fulfilled this function previously.
How was the initial setup?
The installation of the tool at first is somewhat complicated since it has a fairly high learning curve. After getting to know it and how to configure it, that curve becomes easy.
What about the implementation team?
At first, the installation and configuration were done with the supplier. They provided us with training and we proceeded to make the necessary configurations.
What was our ROI?
Making an investment is always complicated. Doubts that can arise. However, it is never bad to invest in a security tool. It brings peace of mind to the company and the financial side.
What's my experience with pricing, setup cost, and licensing?
You must evaluate the needs that the company requires, then request quotes according to the needs of different suppliers.
Which other solutions did I evaluate?
Several options were analyzed, such as Palo Alto Networks App-ID, Fortinet FortiGate Application Control, and SonicWall Application Firewall, among others.
What other advice do I have?
You must have a culture of updating the tool every time you can, always choosing a tool with stability that is scalable since companies change day by day.
Which deployment model are you using for this solution?
Private Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-11-01T00:00:00-04:00
Rated 5 out of
5 by
Hazel Zuñiga Rojas from
Good granularity and integration capabilities with better control
What is our primary use case?
With the growing technological advances that the organization is having and the data that the company needs to protect is no longer just at the perimeter area. We also need to protect the applications that are being developed, and we need to develop, grow, and deliver tailored services for different companies. We have looked for a line of security that could contemplate establishing and securing each of the lines of fire that could possibly be attacked at the moment that we made available a new application and a new service for each user or customer. They have come to have great importance in our company.
How has it helped my organization?
Check Point Application Control has allowed us to integrate more capabilities by limiting the use of applications. Categories can classify things so we can segment each of the features to control granularity and integrate next-generation firewall security. This allows us to consolidate security controls by reducing the costs that the company will have to invest in when it comes to having Next Generation security. This is one of the best reasons why we have invested in solutions of this type because they give us the ability to have less expense with greater security, having first-world innovation and security.
What is most valuable?
Among the features that we have used, we like being able to identify the identity of the user who is doing transactions. Thanks to that, we have greater control, and management, and have the possibility of establishing limits and controlling each of the actions that the user will establish in the application. Based on the control and capabilities of the solution, we can say today that the added value and capabilities of its features make it the ideal security solution for any company.
What needs improvement?
Seeing the capabilities and features that we are using today, we can say that we could expect an additional feature that could allow us to integrate this management and even security with APIs. Establishing passwords, communicating, and all the traffic of command data services could be established through this type of connection, and we could take advantage of secure and stable connections. This gives us the possibility to establish, place and secure the data in a safer way.
For how long have I used the solution?
The company has been around for about a year. For a few months, we have been implementing the solution to protect and control the issue of applications in the Next Generation firewalls.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-11-17T00:00:00-05:00
Rated 5 out of
5 by
Hugo Alexis Espinoza Naranjo from
Good blocking and filtering but needs more of a knowledge base for users
What is our primary use case?
We needed a solution that would allow us to protect the applications that we were constantly developing. Those applications needed to be classified by categories, including integrity, risk level, and productivity issues, as well as identity per user. We needed all these characteristics to safeguard a library, repository, or platform that could allow us to manage it in a secure, fast, and scalable way. We tried more than one solution that would allow us the required granularity in the teams and management so that we could implement it according to the regulations that we had internally.
How has it helped my organization?
At the time of implementation, we had a great feeling of satisfaction with the solution as it allowed us to have granularity across types of applications - by the network, identity, social networks, the function of the application, et cetera. We were able to do more than what we really needed, and this gave us that feeling that we now had the internal compliance that we did not have before. The libraries are much larger and grouped by application in categories to protect us from attacks or threats.
What is most valuable?
The most outstanding feature is the Check Point APK wiki, which is a product that is incorporated into the solution that allows us to naturally and dynamically apply internal applications to the application database. It is continuously updated, which allows us to have constant detection capabilities and more than 8000 different applications at different sites. It allows us to be more dynamic and have greater control. Additionally, it has blocking via content filtering or HTTPS inspection, which we can combine with identity. That gives us a more centralized correlation and management for more granular policies and more expeditious control over each activity from the users.
What needs improvement?
The blocking characteristics for filtering content currently are not so customizable. I would like to be able to modify them a bit. I hope that customization will be incorporated in the future. Right now, we must educate the users who are constantly violating or in fear of violating an issue. We would like to be able to incorporate filtering with notifications in a learning portal so users can be educated and will no longer have a lack of experience. A portal will help make better, more educated, and knowledgeable users.
For how long have I used the solution?
I've used the solution for two years.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-11-21T00:00:00-05:00
Rated 5 out of
5 by
reviewer2008410 from
Mitigates security risks, has workflow tracking capacity and offers increased workflow performance
What is our primary use case?
The company-based applications have benefited from this software in the enhancement of security and performance acceleration.
Check Point Application Control monitors all tools' performance and operations in all enterprise activities.
The reported performance metrics help us allocate resources and unlock hidden business potentials. Over the past year, this product has boosted the end output of all applications and promoted efficient teamwork. Each tool can easily link and integrate with others with set task objectives.
How has it helped my organization?
Check Point Application Control has highly improved business operations with modern data control systems.
It ensures that the health of each application can handle the set tasks and projects without any challenges.
We have increased workflow performance and improved the service delivery to our clients.
Data transfer with preferable security measures has enhanced better collaboration among teams. The connection of applications has enabled members to understand the data flow and set goals with real-time reports.
What is most valuable?
The set security measures integrated with applications help us to identify and set policies that can support our programs.
It mitigates the security risks that can affect business tools and their implications on the overall production capacity.
The workflow tracking capacity provides data on all employees working with certain tools and their contributions.
Check Point Application Control can monitor the operations of many applications at the same time without low-performance experiences. There is increased revenue from the reduced cost of consolidating required security tools.
What needs improvement?
The set security features have increased the production efficiency of all applications. The new IT team monitoring this system requires proper training in order to execute the targeted goals effectively without failure.
The set performance monitoring systems are complex to interpret and scale down their operations.
The customer service team works tirelessly to ensure our teams are satisfied. Cloud network security has kept our assets secure since we deployed with a smooth continuation of other enterprise activities.
For how long have I used the solution?
I've used the solution for one year and four months.
What do I think about the stability of the solution?
This product is stable and with high-performance capabilities.
What do I think about the scalability of the solution?
I like the persistence of improving security across the organization from this application.
How are customer service and support?
I have no words for the support team; I really congratulate them on the excellent job!
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have previously worked with AppDynamics - although the security models did not meet our targets.
How was the initial setup?
It is easy to setup and learn how the product works.
What about the implementation team?
The vendor team did the implementation.
What was our ROI?
The set targeted ROI has been achieved.
What's my experience with pricing, setup cost, and licensing?
The setup procedure is good and the cost is suitable for most enterprises.
Which other solutions did I evaluate?
I evaluated operations and performance of AppDynamics.
What other advice do I have?
Check Point Application Control is the best solution for security and performance controls.
Which deployment model are you using for this solution?
Private Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-12-12T00:00:00-05:00
Rated 5 out of
5 by
reviewer1858884 from
Great rate-limiting their uploads with helpful application control and is easy to expand
What is our primary use case?
The primary use case for application control in our organization is to provide the ability to restrict users from using unapproved applications and applications that fall under categories that are deemed malicious.
Application control is enabled on all of our HA firewall clusters globally. Leveraging identity awareness, we can restrict remote access applications from the rest of the organization, allowing it for specific teams that require it, i.e., IT Helpdesk and Technical Support teams.
How has it helped my organization?
Application Control has improved our organization by enabling other network administrators and me to restrict non-corporate applications for specific departments.
Combined with Check Points URL filtering, this blade provides more granular restriction as if the firewall engine does not detect the application, administrators have the ability to use regular expressions to block URLs that are critical for the application to function. For example, the Windows Quick Assist tool needed URL filtering as it was not being detected and categorized as "Remote Assistance"
What is most valuable?
The ability to be able to do dynamic rate limiting on specific applications has been a valuable feature.
This has allowed us to prevent our graphics team from saturating our link to the internet by rate-limiting their uploads to third-party cloud providers (i.e., Dropbox, OneDrive, Google Drive, etc.).
The fact that application control also can stop browser-based extensions/widgets has also been very valuable as it has provided insight to employees installing VPN extensions on their browsers.
What needs improvement?
This blade is very valuable to any organization, and it is great that it is included in the base firewall licensing bundle.
It is very easy to set up and configure. The one feature that could be improved would be the ability to see implicit rules that are defaulted on the policy. For example, if the cleanup rule is removed, there is still another toggle in the settings that (in the event the traffic does not match any of the rules) you can either choose to block the traffic or allow it. By default, this setting is configured to drop, which caused issues the first time we configured the policy as this was not shown.
For how long have I used the solution?
I've used the solution for five years.
What do I think about the stability of the solution?
The solution is stable and hasn't increased the load drastically.
What do I think about the scalability of the solution?
Scalability is excellent and is easy to add new sites.
How are customer service and support?
Technical support is hit or miss. L1 and L2 never seem to be able to solve my issues. We always need to go to L3 support.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We did not previously use a different solution.
How was the initial setup?
The solution should be configured by default with an allow rule that can be changed to drop once implemented to avoid massive disruptions to users.
What about the implementation team?
We handled the solution in-house.
What was our ROI?
The ROI we see is in the added security to block specific applications or categories.
What's my experience with pricing, setup cost, and licensing?
The setup is easy. However if first implemented, it's a good idea to add a "clean up" rule at the bottom rather than denying. This will allow the traffic and you can further tweak rules without impacting users.
Which other solutions did I evaluate?
We did not evaluate other options.
What other advice do I have?
The product is great.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-12-06T00:00:00-05:00
Rated 5 out of
5 by
Adrian Cambronero ACosta from
Good database with helpful updates and good reliability
What is our primary use case?
Our company is dedicated to the area of technology and providing services in the Azure cloud. For these reasons, we must have all our services under a centralized security platform since we work with companies and sensitive information.
In addition, many of our engineers or vendors work in different areas. Different parties access the information of the company. For this reason, we acquired this tool to improve the security and detection of vulnerabilities in order to have robust security and generate trust for our customers.
How has it helped my organization?
Check Point Application Control is an excellent tool that stands out in the security market since it provides many features and functionalities with the rules and security policies that can be carried out in an easy and fast way. That said, they should improve the viewing part.
In terms of the implicit rules that are predetermined in the policy, currently, the tool complies, providing us with excellent security and stability in the organization, which makes us feel safe from the vulnerabilities that arise every day.
What is most valuable?
With Check Point Application Control, one of the characteristics that stand out is the database. It manages to always be updated with the latest. The implementation of each of the characteristics that the tool possesses is easy to deploy, configure and manage. It records and monitors all event traffic in the network and applications, providing better visibility of what is happening on each one of them. Other features allow for updates that can be scheduled for the devices.
What needs improvement?
One of the things that Check Point should think about is being able to have a package small enough to allow all large or small companies that do not have investment capital to use it.
Since the tool is expensive, it is not available to all industries. It would be the only area where they should really take time to improve the tool.
They should improve the support they provide since they are a bit bad there. We have already had several setbacks in solving problems that have taken a long time to solve.
What do I think about the stability of the solution?
The stability of the tool is excellent and robust. Stability provides us with peace of mind.
What do I think about the scalability of the solution?
The solution maintains excellent scalability and is very functional.
How are customer service and support?
Technical support should be improved since we have had several problems with delivery time and the successful resolution of cases.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
There is no other solution that we used previously.
How was the initial setup?
The configuration of the tool was very easy since it is very user-friendly.
What about the implementation team?
The implementation was done internally and accompanied in the first phase by an engineer from the provider.
What was our ROI?
It is always good to make an investment in security. This will always be profitable in the future.
What's my experience with pricing, setup cost, and licensing?
Usually, all security tools are expensive yet worth the cost. Check Point usually keeps a competitive price in the market.
Which other solutions did I evaluate?
We looked at information from different providers, such as Cisco and Paolo Alto, among others.
What other advice do I have?
I'd advise new users that, whenever they are going to acquire a tool of this type, they need to look for the greatest amount of information to uncover which solution offers the most benefits.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-12-19T00:00:00-05:00
Rated 5 out of
5 by
reviewer2000274 from
Great support, good security, and helps with monitoring
What is our primary use case?
This software monitors the performance of applications across the company. It provides comprehensive security for all the tools contributing to the company's growth.
Check Point Application Control has created reliable data management policies that guide employees on how to interact effectively with applications. The software assigns each sector the most suitable working tools to easily implement projects and tasks.
We were able to customize it and make efficient configurations with data models.
How has it helped my organization?
This platform has fully secured our applications with very powerful firewall security upgrades.
It has taught employees how to protect their work tools from external security threats. The system has a secure database that keeps information on applications in a secure environment.
It interconnects easily any network platform that faces challenges restoring normalcy. It updates applications for compliance. It unlocks hidden security barriers that affect workflows.
What is most valuable?
All the features collaborate in the management of application security. Granular control monitors the models that create a given application.
It tracks down the performance of all the given tools in the system to ensure there is reliable performance.
Application groupings simplify the work of monitoring operations and checking the security situation of the entire production chain. Next-Generation Firewalls identify any malware attacks that could harm data and slow down operations.
The Network Security monitoring system has enhanced the safety of the company's cloud-based servers.
What needs improvement?
The learning curve for new users is challenging since the integrated data models are complicated.
The system slows down when the company has a lot of applications.
New versions that are upgraded rarely come with new market updates.
The cost and deployment capacity is based on the size of the company. The overall performance is excellent when the system administrators from the company work closely with the vendor-customer support team.
It has enhanced a secure work environment and enabled employees to focus on more productive tasks.
For how long have I used the solution?
I've used the solution for 12 months.
What do I think about the stability of the solution?
It is stable and highly productive.
What do I think about the scalability of the solution?
It is highly scalable with perfect performance.
How are customer service and support?
The customer support staff is dedicated to their work, and I will always cherish their great support.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have no experience with a similar solution.
How was the initial setup?
We did not experience complications during the setup process.
What about the implementation team?
It was implemented through the vendor, and they provided the required support and guidelines.
What was our ROI?
The ROI has been positive with increased performance.
What's my experience with pricing, setup cost, and licensing?
The cost is good and flexible for any organization.
Which other solutions did I evaluate?
We settled on this product the first time.
What other advice do I have?
I highly recommend this software for comprehensive application security enhancement.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-10-28T00:00:00-04:00
Rated 5 out of
5 by
Swetha Yadhav from
Good application control, useful notifications, and a straightforward setup
What is our primary use case?
Our primary use case of Check Point Application Control is to filter which application categories we want to allow our organization members to have access to so that they are secured.
For example, we don't allow access to malicious applications and some categories that could be threats. We only allow organization members to access secure applications and applications that are aligned with the company's strategy.
The user interface is easy and dynamic. You can drag objects around the screen to facilitate their use. Besides, it is quite easy to understand and apply changes.
How has it helped my organization?
It also enables us to save internet bandwidth by filtering applications that are not work-related and helps us to easily create granular policies based on users to identify the usage of applications.
We can easily switch from a classical firewall to a next-gen firewall using application security.
We implemented application control at MDM global security policies, which helps us set general security standards for all managed devices.
Identity awareness module integration is to be used for user/group-based controls.
What is most valuable?
Application control and having features like completeness and validity, identification, authentication, and granularity with unified layers is awesome. The most important aspect is that it allows users to define policies based on source IP and user role, quickly identifying traffic flow with SAML.
You can allow or block traffic coming or going out to the internet for specific applications or websites.
It offers user notifications for blocked access, time-defined policies, and bulk categorization of malicious applications.
What needs improvement?
Sometimes, documentation is not accurate and with the support issue we have to wait a long time for an engineer to understand the errors. I would like to see if they can help with the issue of service and more qualified staff. They need to have good service with Check Point products.
The load balancer functionality for application traffic might be a better option.
Configuration and deployment are a little bit difficult.
This product works only when the user is in traffic flow through NGFW.
Sometimes there are more than one category tag to an application which can be tricky.
For how long have I used the solution?
We have been using the product for more than 12.5 years.
What do I think about the stability of the solution?
We are satisfied with the stability.
What do I think about the scalability of the solution?
We are satisfied with the scalability.
How are customer service and support?
The product provides the largest database about application control and we can create granular policies to identify the usage. Overall it's been a very good experience, working with this product.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We didn't use any solutions previously. Check Point Application Control is easy and user-friendly. We're able to control and manage all applications with it.
How was the initial setup?
The initial setup is straightforward.
What about the implementation team?
The help we had was excellent.
What's my experience with pricing, setup cost, and licensing?
The pricing has to be more economical.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-08-04T00:00:00-04:00
Rated 5 out of
5 by
reviewer1895619 from
Offers secure access, allows for rule writing, and is easily optimized
What is our primary use case?
Not all of the company's web traffic goes through Check Point, however, on the significant web traffic side, we solve security needs with Check Point.
Especially if you are going to give broad permissions, you need to block dangerous applications at the very beginning of your rule set. In this context, we use Check Point to block on an application basis. Sometimes there are general accesses. Like Azure, we can only give access by selecting the relevant applications. Check Point is a very good solution because these applications are constantly updating the IP lists on the backend.
How has it helped my organization?
It does not require a lot of work to be activated and used. It is quite simple to open the application layer blade and activating it means you are ready to use it.
The concept of NGFW is actually used exactly for this feature and I can say that it does justice. Once you are ready to use it, you can optimize your rule set by selecting the desired application name in the rule. Since the objects used are updatable, the need for you to return and update is very rare. This structure really saves you time.
What is most valuable?
First of all, to use this layer, you don't need to struggle and make changes to your structure. It is enough to have a firewall with NGFW support and turn on the application layer filtering blade. Apart from that, the objects in the rules you wrote have very little margin of error. In other words, the accesses of the application you put are passed or blocked as necessary. In fact, some applications have separate objects for download and installation, so you can write the rule set you have in mind more easily.
What needs improvement?
The objects found now have large applications or general category definitions that are completely determined and organized by Check Point. It would be nice if there was a platform and small application owners could come and send their own applications' name and IP information from there. If we could use application objects directly in our rule sets in Check Point in those small companies, that would be ideal. A few more layered objects could be created for Azure in large applications. It would be nice if firewall administrators could see parser information such as IP behind these objects.
For how long have I used the solution?
I've been using it for the past six years in different companies.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-08-04T00:00:00-04:00
Rated 5 out of
5 by
Jonathan Ramos G. from
Great for control and management with good granularity
What is our primary use case?
We had the need to control and be able to manage rules in a granular way for maintaining the security and control of the data, management by teams, identity, and applications grouping them by category and thus being able to defend ourselves from threats and malware that wants to enter our infrastructure while reducing the operating cost.
Something that we need and want is an inspection of the data. We must see what the different users and applications of our network are sharing, and that is where the control solution brings us that administration value.
How has it helped my organization?
As our need is great, and we not only have a single organization yet also have several subsidiaries. It is there where we are integrating a centralization under well-managed control. It is where application control gives us the possibility of generating rules, and policies that are adjusted and flexible. We need the solution to be able to be adapted to the business and to be modified and scalable according to the need and evolution of our organization. It offers a powerful administration and a great catalog.
What is most valuable?
The best value we have is their actionable reports on user analytics, events, and activity that are extracted from their database. This technology allows us to present reports on the control and management of event policies against applications, locations, IoT, and Identity. Having all this data available generates a control layer that strengthens a security posture. Its best feature will forever be the generation of tangible reports of every actionable activity found and stopped by the solution.
What needs improvement?
I would like this layer to be faster to install in the future. The evolution of its equipment and appliances where the solution is executed has improved a lot, however, it is necessary to increase that capacity. Some competitors do it just as well and in that layer, are faster to apply their changes. These would give greater value and would be a differentiator. Among other things, I would like this integrated solution to manage from mobile devices in an optimized way and be able to administer from anywhere in the world.
For how long have I used the solution?
I've used the solution for two years.
What do I think about the stability of the solution?
The solution is very stable and has regular updates.
What do I think about the scalability of the solution?
It is fast and easy to scale and manage.
What's my experience with pricing, setup cost, and licensing?
Their cost is based on their appliances, and they offer equipment with the highest licensing.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-09-07T00:00:00-04:00
Rated 5 out of
5 by
reviewer1956864 from
Granular, powerful, and easy to implement
What is our primary use case?
Application control is part of the administration of Check Point management. We use it to provide protection and access to applications and sites in a safe way on the computers that are protected by our gateways.
The use of this feature has been very important for perimeter protection through our gateways, it is fairly simple to use for the protection of specific applications and sites. This is in addition to the fact that these controls can be applied in a granular way from a network to a specific host which is incredible for the security administration of any company.
Check Point Application Control is a powerful tool and has given us the protection that we needed for our business. We are now able to secure ourselves internally.
How has it helped my organization?
Without the use of this tool, we had suffered from the use of applications not allowed within the company. This generated the loss of effective time for our employees, in addition to generating major security problems due to the use of applications that generated cyber threats that affected the operation of the company.
Thanks to Check Point Application Control we are able to control these vulnerabilities and provide both greater employee productivity and greater perimeter security.
What is most valuable?
We loved Check Point Application Control for its granular control and ability to apply policies between groups, hosts and networks depending on the need.
On the other hand, the integration of our AppWiki with a large number of preloaded applications in segments helps to apply policies more easily and effectively.
The integration with Check Point Security Management and Check Point Security Gateway potentiates the company's perimeter security. This is a truly powerful feature and it is easy to implement.
What needs improvement?
Check Point is a fairly complete security vendor, however, we would like to have a better SLA for technical support issues, sometimes they take a long time to resolve customer issues.
On the other hand, the documentation is not always as clear as we would like it to be, it takes a long time to review it and implement solutions with the best practices of the manufacturer.
Finally, their costs are high, I think they could improve and make it more competitive against the competition, even if they are better protection tool.
Which solution did I use previously and why did I switch?
Previously, we had only used applications that generated this protection as a test, however, they did not meet our expectations like Check Point.
What's my experience with pricing, setup cost, and licensing?
Our recommendation to other clients is to have a partner that helps them with the company's requirements in addition to the costs.
Which other solutions did I evaluate?
We did validate proofs of concept from other manufacturers, but we liked the Check Point's protection more.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-09-18T00:00:00-04:00
Rated 5 out of
5 by
SHRINKHALA SINGH from
Great for blocking and malware protection with improved productivity
What is our primary use case?
Check Point Application Control is a one-stop shop for providing the strongest security to an organization's business verticals in the most efficient and effective manner.
It eases the business working as it enables smooth flow of information and helps businesses to create micro-managed accurate, granular policies, and helps in strengthening the organization's security by blocking and restricting the unknown and unsecured phishing widgets and applications across multiple integrations.
It limits the usage and utilization of any unknown malware attempts from any application
How has it helped my organization?
Check Point Application Control improved the productivity of our workforce by reducing the coordination time and efforts involved in strengthening the system's security through a traditional manual way or path.
It improved the performance outcome for all our verticals due to more automation in system security, which helped in the identification and blockage of malware-affected applications and widgets.
It helps in categorizing the basis of the application, its types, security level, the usability of resources, and its implications on productivity as a whole.
What is most valuable?
The solution is great at blocking and stopping unidentified and malware-affected applications.
The next-gen firewall system is inbuilt and is highly efficient in restricting terminated and unsecure applications.
It ensures smooth and secure API integrations with other system firewalls and applications due to advanced next-gen identification of malware-affected applications.
Unauthorized and unsecured applications would not pose any risk to the organization's effectiveness if carried out efficiently by application control security.
What needs improvement?
In my view, more efforts are required with the business development and customer service team to create more and more awareness across businesses of all sizes on the benefits of deploying the Check Point application control security across all business verticals and improving the performance outcomes for the organization.
More and more product specifications should be infused with new incumbent features in the market to stay relevant and concurrent with the organization's needs.
They need more and more secure integration features should be included with less cost so that the adoption rate can be increased multifold amongst new business users.
For how long have I used the solution?
I've been using the solution for over six months now.
What do I think about the stability of the solution?
The product is stable and highly recommended.
What do I think about the scalability of the solution?
The solution is highly scalable and replicable across multiple platforms and systems.
How are customer service and support?
We get great support and services from business and corporate customer service teams.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
An in-house solution was utilized for application security previously.
How was the initial setup?
The product is easy to comprehend and deploy.
What about the implementation team?
We implemented the product through the vendor only.
What was our ROI?
We've seen an ROI of over 80%.
What's my experience with pricing, setup cost, and licensing?
To every business out there, I strongly recommend trying Check Point Application Security and analyzing the utilities independently. It's one of the best security application software with advanced features to strengthen security with integrated applications and other platforms.
Which other solutions did I evaluate?
We evaluated McAfee and Trend security applications before making a final selection.
What other advice do I have?
I'd advise users to go for its mandatory trial and explore the gamut of facilities on their own.
Which deployment model are you using for this solution?
Private Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-08-31T00:00:00-04:00
Rated 5 out of
5 by
Linh M. Nguyen from
Great features that can run on a single gateway and helpful technical support
What is our primary use case?
Check Point's Application Control blade is a very powerful and useful tool. To use this tool we need to purchase a subscription for it or purchase a threat prevention package.
Our primary use case is using Application Control with Identity Awareness feature to create granular policies for users, and groups. Hence, we can control access to applications according to our internet regulations and apply them to users/groups. With the combination, even wherever users/groups are in the organization, whenever they access, they are always under control
How has it helped my organization?
With Application Control, we can:
1. Block the applications with critical risks like proxies, malicious VPN tools, hidden IPs, hotspots, et cetera.
2. Save network bandwidth by blocking the downloading tools, P2P sharing, or limiting access to entertainment/IPTV/Social Networking (et cetera) that consume the bandwidth.
3. Increase work productivity by only allowing access to legal destinations while blocking unnecessary accesses like gambling, games, et cetera.
4. Control data loss risk through popular channels: Facebook upload, Instagram upload, public email services (Gmail, Yahoo, et cetera), file storage, and sharing.
5. Limit the usage of the application flexibly (like allowing users to log in to Facebook, and chat but cannot upload data, video, et cetera).
6. Create more granular policies.
What is most valuable?
We can combine Application Control with Identity Awareness and URL Filtering to create security policies for users/groups based on characteristics about security, productivity and network bandwidth. The most important thing is applying internet access regulations to the firewall system is easier than ever.
The Check Point database of Application Control is the largest library and is updated periodically.
Application categories in the SmartConsole are very clear and easy to search.
The application database is public in AppWiki. This helps to search the application information. This helps people that are considering what Check Point Application Control has before deciding to purchase.
All Check Point security features can run in a single gateway or gateway cluster.
What needs improvement?
It is expensive. The application control is a subscription type, not a perpetual license. Thus, to use this feature year-by-year, customers must purchase a renewal.
To use it effectively, you must turn on the HTTPS Inspection feature. Almost all the applications are running on encrypted connections. Without HTTPS Inspection, Check Point Gateway cannot detect the behaviors of the application. This leads to the gateway's CPU usage being degraded. In an environment of high connectivity growth or using multiple security features on the same appliance, having to handle more encrypted connections will be very stressful for the CPU.
For how long have I used the solution?
We've used the solution for more than five years.
What do I think about the stability of the solution?
It is very exact in application detection.
What do I think about the scalability of the solution?
The scalability of Application Control is based on Check Point Gateway. Check Point Gateway has ClusterXL that supports up to five appliances. With the developing Maestro technology, it's very easy to scale up on demand. Using this technology allows us to maximize hardware investment and appliance capacity.
How are customer service and support?
The support team is very professional.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I used Fortinet before, however, Check Point Application Control is the best. Check Point has the largest database that no other vendor can compare. Besides, the Check Point appliance is very stable.
How was the initial setup?
It's a bit complicated in terms of the setup if you are combining it with Identity Awareness and HTTPS Inspection.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-06-06T00:00:00-04:00
Rated 5 out of
5 by
Luis A Diaz from
Offers easy access and granular security improvements with good log reports available
What is our primary use case?
In our company, when acquiring Check Point products to be able to have perimeter protection for our teams, both cloud and on-premise, we are able to carry out greater protection with Check Point's gateway, integrated with access control. It is a great help, in generating granularity policies and blocking specific applications for different internal departments in our company. It's easy to use, included in our gateway, and intuitive. You can also search for a lot of information from the manufacturer to carry out the implementation with best practices.
How has it helped my organization?
Check Point Application Control has been of great help in being able to provide access and granular security improvements for different departments with different profiles within the company. It is important to be able to do this in environments that deserve greater control in different areas.
We gained a lot in control, however, also through the reports it was possible to determine what was happening, and subsequently, make security improvements in the application control blade. Its use is really simple and intuitive, and when we have had doubts we have relied on the public documentation.
What is most valuable?
One of the advantages of Check Point Application Control is the large number of profiles included within the tool to be able to generate granular policies, in addition to permissions between servers or even web access.
Its implementation is simple. It is another great advantage. In our case, we use it with our R81 Check Point Gateway. It was implemented in Microsoft Azure, being a virtual device.
On the other hand, the log reports are very good for making validations and decisions.
What needs improvement?
Something important to mention is the improvement at the support level. It could be more advanced. Sometimes the responses are somewhat slow or based on a schedule that is not always the same as the companies. It's difficult to generate a session with them to better explain your needs.
We would also like the costs to be more comfortable. Although they are not different from other security tools, they could have improvements to provide greater interest to customers who are interested or loyal to Check Point's products.
For how long have I used the solution?
In the company, we have made security improvements in recent years to be able to solve technological gaps in which vulnerabilities could greatly damage work continuity. Application control is a great help for our gateways.
Which solution did I use previously and why did I switch?
Previously we had used Fortinet Gateways, however we liked what Check Point offered better at the level of modern security tools.
What's my experience with pricing, setup cost, and licensing?
It is very important before implementing security improvements to have a test environment to evaluate correctly. I recommend taking previous implementations into account.
Which other solutions did I evaluate?
Before opting for Check Point, we validated and verified several demos with other manufacturers, however, we liked it better and it was better adapted to our internal needs.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-06-29T00:00:00-04:00
Rated 5 out of
5 by
reviewer1393122 from
Extensive application database, helps to secure our users, limits undesirable bandwidth usage
What is our primary use case?
We use Check Point in our internal network, as well as on the perimeter & we have used the Application control-blade on the internal firewall. All of our user traffic will be terminated at the internal firewall, hence we have done primary filtering of traffic on the internal firewall only.
Basically, on the internal firewall, we are blocking all social networking sites, remote meeting applications, adult content, & torrent applications. This restriction helps us to save our bandwidth as well to ensure that users follow & maintain work ethics at the office premises.
How has it helped my organization?
Application control blades help us in two ways. The first is to allow specific applications, where earlier we have to find out all of the URLs needed for each application & then allow them one by one. Now, we now just find the application. The second way is to restrict the user from browsing unwanted websites.
Together, these improved security & help to maintain discipline & focus at work.
The application control-blade also helps us by providing visibility. We have an overview of application traffic & depending upon the content, we can decide to allow or deny the application.
What is most valuable?
Check Point has its own application database where more than 7,300 applications are known. I am able to see them using the smart console, along with details for each one. Each and every application has an accompanying category, some knowledge about the application, the protocol it uses, & the risk factor associate with it.
Implementing application control is very simple & it is designed in such a way that we can introduce it with access policy. Also, to reduce complexity, we can create an altogether different layer.
This product logs & monitors event traffic for each application, giving us better visibility. Updating the application database is very easy; we just have to schedule the update & the device will automatically fetch it on a regular schedule, such as every two hours.
What needs improvement?
We expect applications to be updated regularly.
For how long have I used the solution?
I have been using Check Point Application Control for more than three years.
What do I think about the stability of the solution?
This is one of the stable modules in Check Point.
What do I think about the scalability of the solution?
Scalability for application control in the Check Point gateways is good & does not take need much processing power.
How are customer service and technical support?
Check Point TAC is always helpful, although particularly for application control, we have not yet raised any tickets. For the help that they have given us with other products, I appreciate the effort from the support team, as they always help us when we ask.
Which solution did I use previously and why did I switch?
Prior to this, we used FortiGate but the Check Point database is far better.
How was the initial setup?
The initial setup is very simple.
What about the implementation team?
We completed the implementation in-house.
What's my experience with pricing, setup cost, and licensing?
I think application control has become a basic feature and it should be enabled automatically, without having to purchase a separate license for it. Alternatively, it should be available at a minimal cost.
Which other solutions did I evaluate?
We have not evaluated any other options.
What other advice do I have?
The only thing we expect from a Check Point is to regularly update their database with the new applications. Other than this, specific to the application control-blade, I have not seen any issues or problems.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclaimer: My company has a business relationship with this vendor other than being a customer:
Date published: 2021-03-23T00:00:00-04:00
Rated 5 out of
5 by
reviewer1626546 from
Stable with good automatic updating and effective filtering capabilities
What is our primary use case?
Before using this solution, I needed to have other network components that would allow me to block or restrict access to unauthorized sites, which generated a very high cost in terms of licensing and maintenance. Now, I can control authorized and unauthorized access to my end-users, and I can control bandwidth and assign a defined bandwidth to guarantee the operation of my company.
With this solution, I was able to establish and guarantee the security of my end-users using the categories and definitions within the solution. I'm able to easily identify high-risk sites, as well as sites not allowed for explicit content.
How has it helped my organization?
In the beginning, I did not have control of the content that my users had access to, which put the integrity of my company at risk. With this solution, I was able to create explicit policies that would adhere to the rules that we established for access to applications.
Previously, I had 2 appliances from another brand to control the traffic of applications and to control bandwidth. It is a very simple product to administer with amazing potential endowed within a large database of applications and is constantly updated.
What is most valuable?
The automatic updates of new applications and signatures guarantee protection at all times without the need to apply a change manually. This has been largely beneficial to my organization and only on a couple of occasions have I had a problem with legacy applications being applied to a filter incorrectly. We've solved this by documenting them in the Check Point portal to ensure they are not listed as a malicious application or IP. There is a large database of applications that have been incorporated together with the traffic control tool assigning a defined bandwidth for certain applications.
What needs improvement?
It's important that there is the option to validate the policies before applying them since it is very annoying and causes a waste of time to apply a new policy or rule and afterward receive an error that the policy has failed.
It is important that, if you are being notified of the modifications in the automatic policies that were updated, it's clear in terms of the content that is included as well as the applications that have been modified for being malicious or not.
Without a doubt, these would be contributions that would greatly benefit the solution's operation within my company.
For how long have I used the solution?
I've worked with the solution for 5 years.
What do I think about the scalability of the solution?
In some equipment, the scaling is very good, however, it depends on the equipment that is purchased and if there is correct sizing.
Which solution did I use previously and why did I switch?
Yes, I made the change because I tried a demo and it seemed like a great product.
What was our ROI?
It is a very safe and stable product.
What's my experience with pricing, setup cost, and licensing?
The licensing is very good. We always rely on an authorized dealer to ensure proper operation and sizing.
Which other solutions did I evaluate?
Yes, I evaluated Cisco, Palo Alto, and Fortinet.
What other advice do I have?
Not at this time.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2021-07-19T00:00:00-04:00
Rated 5 out of
5 by
reviewer1572915 from
Straightforward to set up, good support, and provides a granular level of control
What is our primary use case?
The Check Point Application Control solution is used by us on two firewall clusters. It is used both on the inside and on the outside.
Analyzing internal traffic helps us to understand which applications are used within our network. It does more than simply allowing or blocking traffic. It provides a report on how much these applications consume on the network and where they are used.
On the foreign side, we only allow applications considered safe and we always use the report to identify external attacks or improper use from the inside out.
How has it helped my organization?
Check Point Application Control application I would define it as oxygen: you notice it when it is missing and I say this because we now think it is natural to have this module incorporated in a firewall.
In the beginning, without this module, we were in the dark about everything. We were forced to open internal or external traffic by trusting (sorry for the nonsense) who was doing the traffic: unthinkable today!
Now we know who does what and can give specific permissions based on the user or the group to which the user belongs. The same user can have maximum permits on the professional side but be protected himself from ending up on sites that are improper for his work activity, such as porn sites.
What is most valuable?
The most important feature, in my opinion, regarding Check Point Application Control is the granularity and the great variety of applications and sub-applications recognized.
Consider that I can make multiple rules for the same user or group of users by detailing what it can do perfectly. The applications are not trivially listed but well-specified. To give an example: the Facebook application is not simple but its features are listed so that I can allow the use of Facebook but not the uploading of a file.
What needs improvement?
It is hard to say what has to be improved in Check Point Application Control.
Occasionally, we have to identify an application that is not registered. I would like to have a periodic update of the applications, perhaps based on a predefined calendar.
We would like to have the ability to submit new applications for registration, as well as request the recategorization of URLs.
For how long have I used the solution?
We have been using Check Point Application Control for twenty years.
What do I think about the stability of the solution?
I have not found any particular malfunctions so I can say that it is well implemented.
What do I think about the scalability of the solution?
Through a firewall cluster, I can increase the power and reliability of the system, and avoid buying a superior model.
How are customer service and technical support?
Customer service is very competent.
Which solution did I use previously and why did I switch?
We did not use another similar solution prior to this one.
How was the initial setup?
The initial setup was straightforward.
Setup is made easy by using logs. As a first rule, I put the blocking of applications that come to mind, then a rule of allowed applications specifying all applications. By looking at the logs, I will be able to refine the rule by populating that of blocked applications and creating one of the allowed applications.
For maximum security (but maximum limitation), I can put at the end a rule that blocks everything but will block both applications not previously specified and those not recognized. This rule requires having a team that looks at the logs a lot, otherwise, it is better to put it on permission and analyze it periodically.
What about the implementation team?
We implemented it through a team that lived up to the solution.
What's my experience with pricing, setup cost, and licensing?
The blade has its cost but you can take advantage of the license package to pay less for it.
Which other solutions did I evaluate?
We did not evaluate other options.
What other advice do I have?
It does not require excessive resources but if you intend to use it massively, do not underestimate the size of the firewall.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2021-05-13T00:00:00-04:00
Rated 5 out of
5 by
reviewer192341 from
Good granularity, helpful blocking capabilities, and helps with segmentation
What is our primary use case?
Check Point has provided us with a Check Point management server tool where we manage our Gateways. It helped us limit the applications, sites, and different actions that are part of the users' daily lives. We can limit with granularly the applications that users access.
Segmentation is key. We managed to divide everything by department to be able to generate the security that each one requires. Now, managers have greater flexibility.
How has it helped my organization?
This product or feature included in our security admin has helped us a lot to be able to control our users. It helps us with effectiveness since users can use laptops correctly, being more productive.
It has also been possible to avoid modern threats that can enter and attack user equipment, servers, and the business network. These attacks would affect work continuity in addition to company data that could be affected.
What is most valuable?
The most important characteristic is granularity, which allows our teams to have different security profiles depending on the department to be protected.
There is also a list of applications pre-loaded in the systems to be able to have blocks or permissions to use different applications.
Finally, the licensing of our Check Point gateways, which are not licensed separately, provides an advantage.
What needs improvement?
Check Point licenses are somewhat expensive, in addition to the fact that it is difficult to validate their costs without a Check Point partner - which is why it is difficult to validate them.
Support is only available in the English language, which affects some regions where Check Point products will be used.
The SLAs of checkpoint products are sometimes not met since the cases created are sometimes attended to very late after opening them.
For how long have I used the solution?
We have used this solution for at least five years in its different versions. It has helped us a lot with business security.
Which solution did I use previously and why did I switch?
We have not previously used any product like this.
What's my experience with pricing, setup cost, and licensing?
The costs should be reviewed with a partner of Check Point. As for the implementation, it is really simple.
Which other solutions did I evaluate?
Several proofs of concepts were carried out, and Check Point was the best.
What other advice do I have?
This is an excellent product.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-03-02T00:00:00-05:00
Rated 5 out of
5 by
reviewer2104284 from
Reliable support, great performance, and offers efficient protection of data
What is our primary use case?
Check Point Application Control enables my team to customize websites to fit our daily needs. It provides security measures that can be set in place to safeguard our content and internal information.
It provides reliable tools for setting up HTTPS security policies that prevent security risks related to SSL protocol. The product provides real-time insights into the data traffic from the applications and their performance.
The security protocols have enabled my team to set restrictions for accessing confidential information.
How has it helped my organization?
There is efficient protection of data and workflows from external interferences. This platform provides basic tools for protecting applications from cyber attacks and building strong websites.
The SmartView tracker enables my members to monitor data traffic across the applications. It has provided a great opportunity for us to set up basic rules for interacting with applications.
This product provides reliable data controls that monitor the performance and operational capability of all the applications within the company's networking infrastructure.
What is most valuable?
The central management system provides a reliable platform for application control and URL filtering.
The security gateways have set comprehensive security tools for protecting data from malware attacks.
The application library can run many apps and websites at the same time without functional complications.
The application control system blocks internet sites and cyber attacks that can affect daily operations.
SmartEvent Analysis provides capabilities for understanding application performance with charts and reporting analytics.
What needs improvement?
The most set features have enhanced the effective management of workflows.
Malware threats can advance attacks when there are no timely measures to curb online phishing attacks.
The solution needs an efficient monitoring platform that provides individual employee data, and performance will boost productivity in the organization.
Most features perform well since there are few complaints. The security tools should be empowered more to fit daily demands and prevent our systems from advanced threats.
I recommend the use of this platform to other organizations for reliable application performance.
For how long have I used the solution?
I've used the solution for two years.
What do I think about the stability of the solution?
The application security controls and monitoring tools are powerful.
What do I think about the scalability of the solution?
I am impressed by its great performance.
How are customer service and support?
The customer support staff has been reliable and committed to great service delivery.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have not worked with a similar solution.
How was the initial setup?
The initial setup was straightforward.
What about the implementation team?
The implementation was done by the vendor team, and their level of expertise is excellent.
What was our ROI?
The recorded ROI has improved from 40% to 65% currently.
What's my experience with pricing, setup cost, and licensing?
The setup cost and licensing terms are efficient.
Which other solutions did I evaluate?
I evaluated other application control products, however, Check Point Application Control was the best.
What other advice do I have?
This is great system for monitoring application performance and I recommend to others.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-02-16T00:00:00-05:00
Rated 5 out of
5 by
reviewer2115711 from
Good security and policy management with helpful excellent customization capabilities
What is our primary use case?
It helps us to discover applications that run across the organization network and admin accounts that are generated within the ecosystem.
Monitoring the performance of applications has been easy since we deployed this platform.
Check Point Application Control gives the IT team permission to deploy and assign tasks to various apps.
It gives us the authority to eliminate unnecessary admin accounts and blacklist applications that are not required anymore. It protects apps from malware attacks with powerful security tools.
How has it helped my organization?
Setting up new applications and testing the suitability of deployed tools has been efficient since we deployed this platform.
It blocks ransomware attacks that can affect performance-enhancing secure work environments with zero-day attacks.
We are able to manage workstations and servers across remote offices with a unified control system. Setting up a default system for allowing applications that are useful and blocking untrusted platforms has saved time and cost.
This product has enabled my web development team to set reliable control policies for managing applications.
What is most valuable?
Policy management features have enabled the organization to set up achievable goals and programs that can be implemented successfully.
The security systems prevent external attacks from affecting workflows and compromising data.
Customization has enabled us to create policies that can easily meet our requirements with flexible features.
The overall cost of deployment and maintenance has been efficient and affordable. Application blacklisting helps us to filter our tedious apps that can negatively affect operations.
What needs improvement?
The current features have great performance capabilities and have highly boosted production in the organization. I recommend network upgrades in the next release to meet most company demands and daily changes.
The performance has been stable, and we really appreciate the great results. The security tools and policy enhancement tools perform effectively. The overall productivity of the current features is excellent, and I recommend the use of this product to other companies.
We have longed for a reliable Application Control platform for a long time, and finally, we have received the best solution.
For how long have I used the solution?
I've used the solution for two years.
What do I think about the stability of the solution?
This tool is highly stable.
What do I think about the scalability of the solution?
I am impressed by the product's great performance.
How are customer service and support?
The customer support staff responds effectively.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have not worked with any other similar solution before.
How was the initial setup?
The setup was straightforward.
What about the implementation team?
Implementation took place through the vendor.
What was our ROI?
ROI has grown from 40% to 65% from the previous year.
What's my experience with pricing, setup cost, and licensing?
The cost and licensing terms have been reliable.
Which other solutions did I evaluate?
I settled on this product due to its stable performance after evaluating several products.
What other advice do I have?
I highly recommend the use of this product to other organizations for reliable application control services.
Which deployment model are you using for this solution?
Public Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-03-15T00:00:00-04:00
Rated 5 out of
5 by
LuisNeves from
Useful VPN, high performance, and beneficial report monitoring
What is our primary use case?
I am using Check Point Application Control for controlling streaming, social media, and video sites. Additionally, we control VPNs and peer-to-peer sites. We use it to control sites that use a lot of bandwidth.
How has it helped my organization?
Check Point Application Control has resulted in fewer outside attacks, increased bandwidth for communication to the outside, more control for the CPA and users, and improved remote access management. We have numerous external collaborators working with our organization, and we have strict protocols for them to follow, which Check Point Application Control has helped us enforce. The VPN feature is also very helpful for remote users. Overall, Check Point has provided our organization with increased security, better performance, improved network response, and fewer issues.
What is most valuable?
The most valuable feature of Check Point Application Control is VPN access and the ability to lock out sites we do not want users to have access. The reporting monitoring software in Check Point Application Control is fantastic. For example, log filtering is beneficial.
What needs improvement?
There are many aspects we do not like about the solution and there are a lot of alternatives available on the market. Some of the settings are buried deep within the solution making it a challenge to navigate. It would be helpful if it was more intuitive. Additionally, there can be some settings that are in multiple places, this leaves the user not knowing what settings are needed to be modified for the wanted result. I have lost confidence because I do not know if I change a setting or if it is going to have the desired result I intended it to do.
I have used other solutions, such as Palo Alto and I did not experience these types of problems.
When we apply a change in Check Point Application Control there can be some time for the changes to take effect. The time is too long, and we have experienced approximately five minutes on occasion for modifying some rules or filtering.
When there are outside-of-the-network threats, such as DoS attacks, Check Point Application Control should have more integrated ways to deal with the attacks. We should not have to purchase add-ons or secondary solutions or patches.
There is some functionality that is not working anymore as it once did, such as HTTP filtering. The complexity of application usage is increasing day by day, and it seems that at some point, we will need to initiate specific projects to tackle the issue of application filtering. Check Point Application Control has been instrumental in addressing this challenge, but with the continued growth in complexity, more advanced features would be necessary to make the solution even more effective.
For how long have I used the solution?
I have used Check Point Application Control within the last 12 months.
What do I think about the stability of the solution?
Perhaps due to inadequate planning during the initial installation, we encountered numerous issues that persisted over the years. For instance, we faced challenges with VPN connectivity in certain locations, and at times, multiple CPU calls occurred while SharePoint failed to utilize all available machine resources. These problems led to daily performance issues and crashes, causing considerable headaches.
It seems that the lack of careful planning during the installation phase was the root cause of these problems. With better planning and attention to detail, we could have avoided these issues altogether.
I rate the stability of Check Point Application Control a seven out of ten.
What do I think about the scalability of the solution?
We have approximately 2,000 simultaneous VPN access. We have a total of approximately 4,000 users using the solution.
I rate the scalability of Check Point Application Control an eight out of ten.
How are customer service and support?
The support we received was very good.
I rate the technical support from Check Point Application Control a nine out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have used other solutions.
How was the initial setup?
The first deployment of Check Point Application Control posed significant complexity challenges in our large-scale operation. With numerous employees and diverse needs, attempting a self-setup proved to be a daunting task. However, despite the initial ease of implementation, performance degradation gradually surfaced over time, whether after several weeks, months, or even a year or two.
The root cause of the problem lay in inadequate planning and suboptimal configuration at the outset. Our policies failed to work correctly, and we encountered multiple issues that necessitated reaching out to the vendor for assistance. While the system provided many customization options to cater to our specific requirements, uncovering the hidden settings proved to be a stumbling block. Ultimately, we struggled to identify the optimal configuration that would best serve our organization. The default settings are easy to find but the advanced settings are not easy to find and use.
I rate the initial setup Check Point Application Control an eight out of ten.
What about the implementation team?
We use consultants and integrators to install Check Point Application Control. Additionally, we had an external course to improve our knowledge. The solution is complex and we were not able to do the implementation with the knowledge we had. We are discovering more options as we continue using the solution.
What's my experience with pricing, setup cost, and licensing?
The price of Check Point Application Control is high. The support and ecosystem around the solution are expensive.
I rate the price of Check Point Application Control a seven out of ten.
What other advice do I have?
I would advise others before choosing any solution to look at many of the solutions on the market and compare them. It would be helpful to do a proof of concept and test the solutions before purchasing. What the Gartner Magic Quadrant research site advertises sometimes does not translate into the actual performance of the solution. It is important to test the solutions.
Check Point Application Control is a sophisticated powerful solution that makes it difficult to customize. The price and the complexity of the solution might not be the best choice. Planning is a very important aspect of having the smooth operation of the solution if one chooses to use it.
I rate Check Point Application Control an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-03-18T00:00:00-04:00
Rated 5 out of
5 by
Edwin Solano Salmeron from
Helps define policies, integrates with third-parties, and offers good threat detection
What is our primary use case?
We needed to allow, control, block, and access specific applications based on the policies that the institution has as a baseline. Given this need, we have tried, analyzed, and tested various solutions that could comply with said internal directive. We have sought solutions that allow us greater visibility and control over applications on the network, improving the protection of applications and the security of the organization in general. We've validated the software's great potential at detecting malicious events on unauthorized applications or resources.
How has it helped my organization?
Check Point Application Control has offered us the possibility of achieving several important organizational pillars that were required to cover. We had application identification, application control, and protection based on known or unknown threats.
These capabilities have allowed us to discover known or unknown threats by detecting them under the identity of users. We managed to include a malware intrusion detection index based on the identity of the users in order to protect them.
What is most valuable?
One of the greatest capacities and the benefits it gives us is the ability to control applications based on defining access or denial policies in specific applications, groups, or category profiles. Compared to other products, it has offered us a unique combination by allowing the integration of third-party services or brand-owned services, which gives us a chance to insure, protect ourselves, and generate scalable, comprehensive protection.
What needs improvement?
One of the improvements that we need is in the manual services. The guides used today are a bit complex, and we need efficient and simple access to them so that any administrative or technical person can solve, analyze, and configure each of the rules and identities seamlessly. We need clear directions to help us configure effectively. It's important to be able to have this documentation available to make the many available features easy to configure and allow us to promote defense tactics in depth against all available threats.
For how long have I used the solution?
I've used the solution for two years.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-02-09T00:00:00-05:00
Rated 5 out of
5 by
AnkurSharma3 from
A cloud solution to block and protect networks with excellent support
What is our primary use case?
We use Check Point Application Control to block and protect our website which are not required for user access.
What is most valuable?
Check Point provide excellent support. It is easy to operate and handle with the recent GUI.
What needs improvement?
If someone wants to review the configuration for the proxy, they would need to look elsewhere, as this tool is not designed to assess the performance of security policies.
For how long have I used the solution?
I have been using Check Point Application Control for three years.
What do I think about the stability of the solution?
The product is stable.
What do I think about the scalability of the solution?
The solution’s scalability is good.
How are customer service and support?
When we open a ticket for a critical issue, we are immediately connected with a Level 3 support engineer via phone call within two minutes. There is no waiting list. The support is very swift and efficient, and they assign the best available engineer for critical issues, bypassing the L1, L2 and then L3.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We have moved the Check Point Application Control from AppSense, the epoxy solution, because of several issues. Users experienced latency while accessing the internet through the AppSense. Additionally, the AppSense client software installed on user machines frequently crashed, and it was not compatible with MacBooks.
How was the initial setup?
The initial setup is straightforward and takes around three months to complete.
What's my experience with pricing, setup cost, and licensing?
The product is expensive but it is worth the money.
What other advice do I have?
Overall, I rate the solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-12-11T00:00:00-05:00