Check Point IPS-1 Sensor 200 Copper - security appliance
Mfg # CPIS-IPS-M200C-US
CDW # 1554914
Know your gear
IPS-1 Sensors leverage multiple detection and analysis techniques to deliver proven network protection against a wide variety of threats. Each sensor is capable of operating in passive intrusion-detection or inline passive or inline active IPS modes. IPS-1 Sensors come preconfigured in a variety of models, depending on organization needs and network location.
Enhance your purchase
Check Point IPS-1 Sensor 200 Copper - security appliance is rated
4.60 out of
5 by
39.
Rated 5 out of
5 by
Saranjit Kainth from
Offers secure network and acts as a security guard
What is our primary use case?
I have been using the product as an antivirus. It acts like a security guard, stopping bad things from getting in and ensuring only the right stuff gets through.
What is most valuable?
The tool's most valuable feature is its detection panel. Managing and updating policies within Check Point IPS is easy and without issues. It provides a secure network.
What needs improvement?
The tool's pricing could be better.
What do I think about the stability of the solution?
I rate the tool's stability a ten out of ten.
What do I think about the scalability of the solution?
The solution is 100 percent scalable. My company has 150-200 users, and we plan to add 100 more users in the future.
How are customer service and support?
The tool's technical support is good.
How was the initial setup?
The setup process itself is straightforward, but configuring it can be complex due to the complexity of our network. It can be completed in two days.
What about the implementation team?
The tool's deployment can be done in-house.
What was our ROI?
We can get 100 percent ROI from using the product.
What's my experience with pricing, setup cost, and licensing?
The tool's licensing model is good. The licensing costs are yearly. I rate it an eight out of ten.
What other advice do I have?
The solution exceeded our expectations. The Check Point IPS works with other security solutions, such as Ubiquiti and Bitdefender. Each product has its role in securing our network, devices, and users. We also use Microsoft Active Directory. I rate the tool a ten out of ten. You need to spend time and understand the product's capabilities.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2024-04-08T00:00:00-04:00
Rated 5 out of
5 by
reviewer1718724 from
Updates signatures quickly, offers good reports, and is straightforward to set up
What is our primary use case?
The product protects our environment from specific threats; we 'approve' signatures manually (or automatically) based on the applications/appliances in use in our company. We are a logistics company hosting several websites/order management. The company is about 1000 FTE across several locations (in the Netherlands & Belgium). We have been using this for the last 10 years at least (since I have worked at the company). It's easy to use. The reporting is good. Usually, when threats emerge on the internet, there are signatures for this within a few hours.
How has it helped my organization?
We manually approve the signatures daily, for the software/appliances that we use. Based on the experience of the administrator, we prevent threats if they are present in our network; and we sometimes use the signatures in detect mode to gather intelligence (for instance to detect TLS1.0/TLS1.1 usage through the firewall).
This has helped us to identify several key webservers that would be vulnerable to 'downgrade attacks'. We could easily identify the vulnerable servers and remediate the issue based on the information we got from the reports we can generate.
What is most valuable?
The quick updates of the signatures when a new threat is identified are great. For instance, when Microsoft releases patches, we usually see new signatures for those issues that have to be patched in a day. This gives us time to test/deploy the patches while already being protected from the threats.
Also, it's very good with reporting. I can generate reports for management automatically based on the threats of the last day/week/whatever is needed.
It also clearly states the performance impact of a signature and the 'confidence' of a signature so you can quickly evaluate if you need to start panicking or not.
What needs improvement?
Sometimes protections are 'aggregated' into a single threat name when you look at the logs. I would prefer to see all protections named individually (for example, right now, 'web enforcement' is a category that contains several signatures).
I also wish there was an option to run reports of the individual signature 'usage'; it's not easy to generate views based on the number of 'hits' a signature has generated. (it is possible, however, there could be an easier option). For example, if you have a signature activated, for instance, a MS issue then patch your environment, it's 'hard' to identify if the individual signature has been 'hit'.
For how long have I used the solution?
I personally have used the solution since December 2012 - almost 10 years.
What do I think about the stability of the solution?
It's very stable. I haven't seen issues with signatures, downloading, or implementing the signatures, or the 'hits' that it generates.
What do I think about the scalability of the solution?
The product is very scalable; if you size your requirements properly when buying and don't 'prevent all signatures' and customize it for your environment.
How are customer service and support?
Customer support is fine. We have a vendor we use, and, if needed, can fall back on Check Point (I had a few very good remote sessions when we had issues with our firewall; no issues were seen with IDS/IPS).
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
The company I work for has used it since I've worked there; no switching was needed. We are happy with the solution.
How was the initial setup?
When implementing the solution, you must activate the blade on your firewall and decide if you want to do it manually or automatically and then (when doing it manually) approve/detect/ignore the relevant signatures. It is pretty straightforward.
What about the implementation team?
We had a vendor team install the firewall and handle the basic configuration, then we went on training. In terms of implementation, I can do it myself now. The vendor team was very good and had a high level of expertise.
What was our ROI?
I'm a network admin; not involved in the money.
What's my experience with pricing, setup cost, and licensing?
I'd advise users to bundle the things they want; so they get a cheaper offer.
Which other solutions did I evaluate?
We've had the same solution since I've worked there.
What other advice do I have?
I am happy with the solution and have been using it since i started working for the company (10 years now). I dont want to be without it.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2021-11-19T00:00:00-05:00
Rated 5 out of
5 by
reviewer1855911 from
Details vulnerability data, protects against malicious attacks well, and easy search capabilities
What is our primary use case?
We use the Check Point IPS module on various firewall gateways. Specifically, we use the IPS on our DMZ firewall gateway to protect our DMZ servers from the inbound Internet traffic.
For our user outbound Internet traffic, we use the IPS and the anti-virus anti-bot modules, in addition to the base IPS module to protect the network traffic.
We also apply the product to our guest firewall gateway to monitor outbound internet traffic, with a focus to avoid any malicious guest users using our guest internet services to launch attacks.
How has it helped my organization?
The Check Point IPS module offers protection against malicious inbound Internet traffic to our DMZ network and inspects and blocks outbound Internet traffic to sites that could be a danger to our internal users.
We have configured the Check Point IPS modules so all the downloaded updates would turn to monitor-only mode. Once the updates have been in use for a couple of weeks, then we would review the IPS signature, and turn them into prevent mode based on factors such as the severity of the vulnerability, the performance hit to the firewall gateway, the chance of false positives, and the relevance to our environment. This allows us to easily maintain up-to-date network protection with a lower chance of unexpected business interruption.
What is most valuable?
The mechanism where you can let the system automatically turn the IPS signature to a different mode (prevent / monitor / inactive) is a nice feature that allows us to easily adjust the balance between security protection and the risk of business impact.
It is also worth noting that many IPS signature comes with detailed background about the vulnerability, and potentially how the vulnerability would affect the network security.
Also, you can easily search through thousands of IPS signatures using various keywords is another feature worth noting.
What needs improvement?
Out of the box, the number of built-in reporting and dashboards related to the IPS logs and events has room for improvement. The dashboard reports can be easier to generate and customize.
It would also be nice if the system would allow some form of alerting when specific signatures have been triggered X number of times within Y amount of time. This would allow us to be better notified when there is a security attack going on, without too much of false-positive alerts.
Another would-be-nice request is to have more details information about how the signatures would detect the specific security vulnerability. This allows us to make a judgment about how useful a particular signature is in our specific environment.
For how long have I used the solution?
I've used the product for over ten years.
What do I think about the stability of the solution?
The stability should be high as we don't have many issues with the IPS solution. In the last couple of years; we only had one issue due to a bad signature.
What do I think about the scalability of the solution?
We have not observed any major performance hit to the firewall gateway by enabling the IPS module. Of course, some signatures did indicate a high-performance hit to the gateway, in which we typically won't turn on those signatures unless there is a strong need.
How are customer service and support?
Good technical support is by chance/luck. Sometimes you run into good tech support. Other times you may run into someone that doesn't know much more than yourself.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We also have extensive experience with the Cisco Firepower solution. We actually use both solutions in our environment.
How was the initial setup?
The initial setup is pretty simple so long you just follow the default steps, without too much worry about going through the thousands of signatures manually.
What about the implementation team?
We did a self-install.
What's my experience with pricing, setup cost, and licensing?
With Check Point, the IPS license could be bundled with the firewall product and so the license cost is not huge.
It does take time to get familiar with the UI and understand the "workflow" that Check Point has in mind when designing the solution. A good understanding of this would allow an easier adoption.
Which other solutions did I evaluate?
We use both Check Point's and Firepower's solutions in our data center.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-05-11T00:00:00-04:00
Rated 5 out of
5 by
Dalvarado from
Excellent reports, good visibility, and protects from vulnerabilities
What is our primary use case?
Our objective was to carry out an evaluation first with the activation of IPS in detection mode to evaluate possible vulnerabilities before making possible blockades or changes that could affect users. After a while, the decision was made to use security templates that came by de facto to be able to solve some vulnerabilities and evaluate the impact, and later some custom ones were added.
How has it helped my organization?
Check Point and its Intrusion Prevention System (IPS) have helped us to have a greater vision of vulnerabilities that were in our environment but had not been detected in a timely manner.
What is most valuable?
The entire implementation helped to have a greater vision of our infrastructure.
The help of the partner was quite important to be able to implement this feature.
Thanks to the use together with the Check Point Gateway, it is possible to have all these characteristics in the same license.
Finally, the reports that are generated are quite important for our objectives, giving visibility to security flaws and making decisions, an excellent complement for our purpose.
What needs improvement?
The Check Point tools or features are quite complete and secure; they are at the forefront in addition to having thousands of reports worldwide where they are highlighted.
However, they are also among the most expensive. For many, it is worth the cost for their functionalities, and for some companies they prefer to sacrifice a little to obtain a more licensing cost.
In general, the case system is a bit slow. Sometimes it is difficult to resolve quickly. It's not really a problem that stands out, however.
For how long have I used the solution?
We used this solution as a blade added to our GW checkpoint as validation of the solution and to see the behavior it had in our infrastructure. The results were very good.
It was used for about a year.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-05-10T00:00:00-04:00
Rated 5 out of
5 by
PRAPHULLA DESHPANDE from
Great updates, good out-of-the-box configuration and very good reporting
What is our primary use case?
Intrusion prevention and detection are the most valuable pillars in the security system, which detects and prevents exploits or weaknesses in vulnerable systems or in applications and protect against threats not only based on signatures but also based on anomalies, behavioral analysis, etc.
IPS is already integrated and comes as a security license in Check Point NG Firewalls and NGTX Firewalls.
Every defense system must have a feature set that provides complete security for Network IPS and Check Point has very powerful high throughput - almost at terabyte speed - with the help of a hyper-scale approach.
How has it helped my organization?
Organizations can scan for vulnerabilities know as VAPT, which many prefer as one-step closure for maximum security for the entire network. Check Point IPS plays a leading role in patching those vulnerabilities based on CVE IDS.
Based on updates received from the Check Point Threat Cloud, CVE IDs get updated or we can manually add those signatures.
It helps organizations to get a complete report for vulnerabilities in applications, the host running in the network (which helps to fixed to vulnerabilities based on CVE IDs), and gives reports for the compromised host, C&C host, DNS tunneling attempts, and protects against vulnerability in SNMTP HTTP POP, etc.
What is most valuable?
There's a good out-of-the-box configuration for recommended security based on severity levels, confidence levels, and network impact - also known as an IPS Profile.
For better security, we can edit options based on requirements and we can keep actions as detect-only which gives us alerts but allows traffic to flow without stopping anything.
There's an automatic update after every 2 hours which makes sure that the database is up to date and providing zero-day vulnerability protection.
Check Point IPS provides reports for running vulnerabilities which help enable SOC teams to respond to the highest-priority events first to patch them.
What needs improvement?
After the R80 release, there are almost all feature sets available under IPS Configuration. However, further to this, adding a direct vulnerability scan based on ports and protocol for every zone (LAN, DMZ, or Outside) will make Check Point very different compared to other vendors on the market.
Most customers take an IPS license but they don't take a SmartEvent license and when this happens, they will not be aware of the report parts such as current threats in the network open ports/protocol, vulnerabilities in a system, or detected/prevented attacks. For such cases, Check Point should provide a bundled license with IPS.
For how long have I used the solution?
I've been using the solution for more than four years.
What do I think about the stability of the solution?
The solution is highly stable for this particular blade.
What do I think about the scalability of the solution?
Scalability can depend on throughput and if we use Maestro Hyperscale, we can distribute load across multiple Check Point Firewalls to get the maximum (in TPS) throughput.
How are customer service and technical support?
Most of the time there is no need to take support for this, but the CVE closure technical support team helps lot.
Which solution did I use previously and why did I switch?
Customers may have had different NGFW solutions, however, after, they migrated over to Check Point NGFW.
How was the initial setup?
The installation was straightforward in terms of configuration and onboarding.
What about the implementation team?
We are service providers and provide services to customers.
What was our ROI?
Attacks are getting prevented and detected based on severity which helps our organization to get rid of compromising attacks.
What's my experience with pricing, setup cost, and licensing?
Check Point IPS license is a must-have, and users need to make sure the database gets updated on daily basis after every 2 hours as per the defined configuration (which helps to get maximum protection).
The configuration is very simple and effective if you refer to the configuration guide properly.
Which other solutions did I evaluate?
We did not look at any other solution.
What other advice do I have?
The solution is best in class.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2021-09-05T00:00:00-04:00
Rated 5 out of
5 by
Greg Tate from
Great for detection and access with the capabilities of defining specific rules
What is our primary use case?
We wanted a more robust solution for controlling access to our cloud environments (AWS and Azure). In addition, we wanted our control to be cloud-based.
Our thought was to find a solution to aid us in being proactive as well as reactive. We have multiple environments in multiple clouds with some areas having delegated administration. The solution we needed was one to reduce the need for administrative headcount to continuously review any misconfiguration. Beyond that we were looking to find a solution for SASE.
How has it helped my organization?
The product has allowed us to proactively mitigate any network access misconfiguration resulting from delegation.
We didn't have to hire an additional network administration resource to focus on detecting any misconfigurations. Dome 9 has assisted through the pre-canned compliance templates.
We are able to define our own rules for detection.
In addition to the Harmony Connect Endpoint bundled VPN, the Harmony Connect SASE is continuing to reduce reliance on traditional VPN to the point we will likely discontinue the use of the bundled VPN.
What is most valuable?
In terms of valuable features, it's hard to choose one. Dome9 and Harmony Connect have both been great in detecting and solving access issues.
As mentioned elsewhere in this review, the Harmony Connect SASE has been extremely valuable in improving our security posture and moving us to a zero-trust mindset (organizationally speaking).
Also, as mentioned, Dome9 has paid for itself through the cost savings of additional headcount. If we didn't have Dome 9, we would keep an additional headcount for the single purpose of detecting network changes within the environment.
What needs improvement?
Support is the biggest area for improvement. Check Point is responsive, however, their support agents seem to be very siloed in their ability and/or product knowledge. It takes time and escalation to get through most tickets as they are passed from one group to another and then back again. We are able to navigate our support issues with the aid of our account team, so I want to underscore that support is indeed responsive. However, the processes support techs have to follow seem to be the root cause of the support response issues.
For how long have I used the solution?
I've used the solution for two years.
What do I think about the stability of the solution?
This is where Check Point needs to get operations ironed out. Stable Check Point products are items that haven't been acquired recently. Recent acquisitions seem to lack cohesive functionality.
What do I think about the scalability of the solution?
From what we've encountered, scalability isn't an issue.
How are customer service and support?
Support seems siloed in knowledge, As a result, most support requests require additional management.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We previously used a different solution, however, it was costly and didn't provide the same functionality.
How was the initial setup?
The setup was difficult given the number of products and the lack of a cohesive user experience.
What about the implementation team?
We implemented the product in-house with the aid of support as part of a POC.
What was our ROI?
We noted ROI after one year.
What's my experience with pricing, setup cost, and licensing?
It seems, as with other services of this nature, opting-in on the bundled licensing is the best bet. I'd suggest looking at the Infinity Plan.
Which other solutions did I evaluate?
We evaluated Cisco, Juniper, and Palo Alto.
What other advice do I have?
Make sure you have a good vibe from your sales team. They tend to support you in the long run.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-02-02T00:00:00-05:00
Rated 5 out of
5 by
reviewer1670154 from
Scalable with convenient pre-defined profiles and an easy setup
What is our primary use case?
We have a hybrid infrastructure with an on-premise data center, cloud data center, and multiple branch offices. All of these firewalls are managed via Check Point Multi Domain Management as well as Smart Event to see security events across our environment.
IPS is set primarily to prevent and only some signatures are set to detect (only after some false positives) so we still see them and get notifications via the Smart Event reports.
IPS is updated automatically and pushed to all gateways every two hours.
How has it helped my organization?
Check Point's IPS simply works and is continuously kept up-to-date on all gateways. Via the management, it's possible to let the gateway update the IPS signatures itself, instead of letting the management update itself and then push the updates to the gateways.
If there's a new data center or branch office and everything is still in the test phase, it's possible to set the IPS policy to detect only so you can gather data and create a baseline without completely disabling IPS. That way, you can still see log entries.
What is most valuable?
Automatic updates can be done either via management or the Gateway itself, without any user interaction. The gateway is up-to-date with the newest signatures.
If you're unsure which profile to use, Check Point has some pre-defined profiles according to its best practices. Each one adds a different load to the relevant gateway, so you have to first check the current load and then decide on the right profile.
IPS signatures can be set quite granularly depending on your environment. You can filter on performance impact, severity, and confidence which makes sizing and adapting easier.
What needs improvement?
You can't turn off IPS completely as there are some signatures that are set even without activated IPS. If you know that, you can act accordingly. But sometimes you have to do a general exception instead of a granular one.
There are always some false positives with non-RFC traffic. This is good for security, however, it will cause some effort in day-to-day business as there will have to be exceptions for certain applications.
Threat Prevention policies are not very easily manageable as there are several profiles/policies/etc. Therefore, there are several ways to add exceptions and check the configuration.
For how long have I used the solution?
I've used the solution for over ten years.
What do I think about the stability of the solution?
The solution is very stable.
What do I think about the scalability of the solution?
The scalability is quite good, depending on which IPS profile you're using.
How was the initial setup?
The solution is easy to set up.
Disclaimer: My company has a business relationship with this vendor other than being a customer:We're a Check Point partner and use their products as well for our own environment.
Date published: 2021-10-04T00:00:00-04:00
Rated 5 out of
5 by
Manuel Briones from
Easy to configure and setup with good scalability
What is our primary use case?
The Check Point Intrusion Prevention System can block traffic from any source workstation inside our local network and facilitates the analysis of outbound traffic to check if there is any risk in the internal network in order to protect our clients and servers. With this product, we're creating a secure zone. We currently are using this blade in our hybrid environment and it's integrated with our secure gateway. Most of the time, our NOC team continuously monitors traffic in order to find any suspicious activity.
How has it helped my organization?
Now that the Check Point Intrusion Prevention System has improved our environment, we feel that we are more protected in our network. By implementing the recommendations that Check Point has given us, we have an optimal security environment now that provides almost real-time detection and prevention. We are protected by the Intrusion Prevention System and can go back and select any period or severity in order to display the latest statistics.
What is most valuable?
Check Point Intrusion Prevention System has great profiles, and we can continuously create, modify, activate, deactivate or configure any specific setting to allow the profile to focus on just one thing or for certain attacks. I also like that profiles can be applied to groups of workstations that need to be more protected from possible attacks. Each profile that we create has activated protections and some instructions of what the IPS should do with the traffic.
What needs improvement?
At the moment, I do not see what else can be added to this service. In my experience, I've seen that it has what we need without something additional being required.
It is easy to use, easy to configure, and practically updates itself without the need to intervene as an administrator of the appliance. We are happy with this platform since it allows us to have security and control over the connections almost in real-time. There are many different services that Check Point Intrusion Prevention System has that are quite useful.
For how long have I used the solution?
I've been using the solution for about four years.
What do I think about the stability of the solution?
I've found the stability to be good.
What do I think about the scalability of the solution?
The scalability is great.
How are customer service and support?
Technical support has been great,
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I did not previously use a different solution.
How was the initial setup?
The initial setup was not complex.
What about the implementation team?
We handled the implementation process in-house.
What was our ROI?
I've witnessed a 40% ROI.
What's my experience with pricing, setup cost, and licensing?
The cost is a bit high but it is worth it.
Which other solutions did I evaluate?
I did evaluate other options before choosing Check Point.
What other advice do I have?
So far, I have no regrets about choosing this solution.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2021-10-17T00:00:00-04:00
Rated 5 out of
5 by
reviewer1692975 from
Easy to use, stable, and allows flagging if patterns are detected
What is our primary use case?
IPS is part of our Check Point Firewall Solution and a key function in securing our infrastructure. It is good to have an instance already on the gateway that protects specific services from attacks.
Very often, patch installations and downtimes cannot be implemented immediately in the case of critical security vulnerabilities.
IPS helps to secure short-term security vulnerabilities with its regular signature updates. The variety of products being covered is always impressive.
IPS is a key instance to secure services behind our Gateway.
How has it helped my organization?
Online attacks and malware have been evolving, using sophisticated and even evasive attack methods. Check Point addresses the changing threat landscape while meeting several key operational requirements for Intrusion Prevention Systems. Check Point IPS protections include checks for protocol and behavioral anomalies which means they detect vulnerabilities in well-known protocols such as HTTP, SMTP, POP, and IMAP before an exploit is found.
If you have any doubt if an update might interfere with any of your services, you can just mark it as "detect only" and observe how it behaves.
What is most valuable?
IPS easily allows follow-up flags on recently updated patterns. If, in rare cases, a false positive does occur, it is quickly detected and an exception can be easily created.
Basically, it is easy to use and offers a wide variety of protections through all kinds of software, services, appliances, and IoT-Devices. Updates are available regularly and can be easily downloaded and deployed through all the infrastructure. Rollback is easy to perform if ever something happens. It is a must-have on each gateway.
What needs improvement?
Usually, new signatures for known vulnerabilities come very quickly. In some cases, I would have liked the updates to be faster.
I am not aware of a preview channel or some repository to have a preview on upcoming signatures, however, this would be nice to have.
There is not too much else I am missing on Check Point Intrusion Prevention.
For how long have I used the solution?
We've used the solution for years now.
What do I think about the stability of the solution?
We have no concerns at all when it comes to stability.
What do I think about the scalability of the solution?
We've never reached a performance limit.
How are customer service and support?
Technical support is responsive and helpful.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I've worked with Check Point for years now.
How was the initial setup?
The setup process is straightforward. I'd recommend others join a CCSA training to cover the required knowledge.
What about the implementation team?
We implemented through our vendor and they were very experienced.
Which other solutions did I evaluate?
I've worked with other vendors before - however, of those that I've used, I found they didn't offer the whole package under one admin console.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2021-10-14T00:00:00-04:00
Rated 5 out of
5 by
Geraldo Freitas from
Helps to detect attacks and prevent them
What needs improvement?
I would like the product to provide us with intelligence to understand what we really have in our environment.
For how long have I used the solution?
The solution helps us to detect attacks and prevent them.
What do I think about the scalability of the solution?
The solution does not scale well.
How are customer service and support?
We have had problems with the management.
How would you rate customer service and support?
Neutral
How was the initial setup?
The product's initial setup is easy.
What other advice do I have?
I would rate the product an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-06-14T00:00:00-04:00
Rated 5 out of
5 by
Grace Kuo from
Has valuable integration, stability, and scalability
What is most valuable?
The integration is a valuable feature.
What needs improvement?
The solution’s deployment could be easier.
For how long have I used the solution?
I have been using Check Point IPS for three years.
What do I think about the stability of the solution?
There was no issue with the solution’s stability.
What do I think about the scalability of the solution?
The solution is scalable.
How are customer service and support?
We ask about issues with the technical support.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
How was the initial setup?
The initial setup is not easy. You have to configure the same type of menu for each channel and send it to the portal. You can verify the name from your website.
What other advice do I have?
Check Point IPS is a brand and solution for protection.
Overall, I rate the solution a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclaimer: My company has a business relationship with this vendor other than being a customer:reseller
Date published: 2023-10-30T00:00:00-04:00
Rated 5 out of
5 by
reviewer1591110 from
Customizable with good alerts and controls traffic well
What is our primary use case?
We use this product to control incoming and outgoing traffic to the company and to control the internal traffic between the various company subnets.
We have many departments and have segregated the traffic via subnets controlled by the Check Point firewall.
We also have some services exposed on the internet for which it is necessary to have control over intrusions.
Our reality is made up of a series of Check Point firewalls in which we have activated the intrusion prevention system functionality.
How has it helped my organization?
With the introduction of this Check Point solution our company has significantly increased the level of perimeter security, once this was done we proceeded to configure the service also for internal networks where there was a need to control traffic.
With the introduction of Check Point, our company has significantly increased the level of perimeter security, once this was done we proceeded to configure the service for internal networks where there was a need to control traffic.
We are quite satisfied with the product.
What is most valuable?
The possibility of customizing the rules is great. Sometimes it appears a bit rigid yet it is still easy to use. There is an easy application of policies once the basic configuration has been done with the possibility of copying profiles to make them better meet all the needs of the companies.
There's also the possibility to set alerts only in order to check whether a signature can cause problems or not before blocking traffic and causing damage to users.
Overall, it seems like a good product even if sometimes a little unintuitive. That said, it is no worse than others.
What needs improvement?
The product could be improved in its configuration interface. I have seen that there are more points where exceptions can be made but it is not always intuitive to find the right point where to make them.
Sometimes we had false positives where packages that were legitimate for us were blocked and we had to unblock them through exceptions.
I don't see any other big problems and I hope not to find others in the future
For how long have I used the solution?
I've used the solution for five years.
Which solution did I use previously and why did I switch?
We did not previously use another solution.
Which other solutions did I evaluate?
We did not evaluate other options.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-10-25T00:00:00-04:00
Rated 5 out of
5 by
Jay Philip from
It protects against a the latest threats, but the setup is too complex for the average customer
What is our primary use case?
Check Point IPS is focused on prevention rather than strictly detection capabilities.
How has it helped my organization?
IPS enables us to secure our clients against the latest cyber threats.
What is most valuable?
Check Point offers DDoS and endpoint protection called EDR or XDR, so it provides a holistic security architecture for any organization.
For how long have I used the solution?
I have been working with Check Point IPS for around five years.
What do I think about the stability of the solution?
Check Point IPS is stable.
What do I think about the scalability of the solution?
I rate Check Point IPS seven out of 10 for scalability.
How was the initial setup?
Setting up Check Point IPS isn't easy, but it's not too complex, either. I rate it seven out of 10 for ease of setup. Generally, customers cannot do it themselves. They need an integrator.
Pre-planning is necessary. You need to clearly define the use case and the specific policies the customer wants. IPS doesn't require any maintenance after deployment.
What was our ROI?
My customers see a return in about three months' time.
What other advice do I have?
I rate Check Point IPS seven out of 10. Check Point is doing some ongoing consolidation. They are trying to unify the look and feel of the on-premise and cloud. That's in the roadmap, so that's why I'm giving it a seven. Once that is unified, maybe I will bump it up to 10.
If you are an SMB customer, Check Point has prepackaged suites that are cost-effective and best for the total cost of ownership. If a customer is asking for something specific I will probably recommend Palo Alto. It depends on use case scenarios. This was a perfect fit for my current customer's use case scenarios.
Which deployment model are you using for this solution?
On-premises
Disclaimer: My company has a business relationship with this vendor other than being a customer:Integrator
Date published: 2022-12-20T00:00:00-05:00
Rated 5 out of
5 by
Paola Zúñiga Rojas from
Great predefined visualizations, good integrations, and helpful alert capabilities
What is our primary use case?
One of the needs that we had within our organization was the need to solve and support the prevention of zero-day attacks or vulnerability attacks within the network. We needed to be as proactive as possible to focus on solving any incident or gap that could be opened in the future within our organization. With this product, we were able to implement IPS solutions. IPS gives us the ability to detect and be proactive against many attacks - even if they are very new. The solution can detect old and new signatures.
How has it helped my organization?
Check Point IPS services give our organization peace of mind. We know that the solution will be running and constantly updated thanks to the integrated Check Point services. It ensures stability. We have a solution that covers us all the time, day and night. In the configuration process, the solution has provided us with detection regarding what is stable. It is scalable and will allow us to grow according to the demand and the need. The service is well-maintained and functional.
What is most valuable?
The solution with the most organizational value is its 360° view, which has allowed us to integrate it well and speed up the view of records. It is dedicated 24/7 to detecting any attack. Vulnerabilities or incidents be flagged. It has the capability to give us alerts and offers good productivity to ensure that the services and data of our organization are always secured.
Some of the features for views and visualization are already predefined as default files. This helps us to be proactive and not have to define any search or specialty of the services.
What needs improvement?
The service that we want to see in the future is a capacity to segment the IPS services by equipment. We'd like to see the integration of the communication of the services in the next-generation firewall and the other solutions that it has, such as Harmony. It would be great if they could start creating interoperability with both technologies. Integrating these solutions with the lighthouses could generate more complex and complete interoperability. That said, we'd want the solutions to be acquired and administered as one solution.
For how long have I used the solution?
We have been using the service for about two months.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-11-03T00:00:00-04:00
Rated 5 out of
5 by
Jonathan Ramos G. from
Integrates well with other solutions, give broad visibility and offers good detection capabilities
What is our primary use case?
They are one of the blades that we get to try or use more when we start using Check Point Firewall products. They give us the power of protection and security accompanied by other characteristics and solutions that together become the best in the market. It's uniting all that computing power with the cloud and thus giving organizations greater peace of mind and closing our security gaps in applications or services. Something that we love is that it can be enabled in any gateway, and therefore that saves us implementation time.
How has it helped my organization?
It came to help us in many ways. The most outstanding was being able to have broad visibility and being able to make threats visible in real time. We are able to integrate it with smart events, which allows us at the SOC level to have a complete and reliable panel that saves time for security in visualizing and responding to events of this nature.
Among its great features is the ability to detect outgoing malware or extraction of compromised data and stop it, thus safeguarding us by isolating the network, the equipment, or the identity of the affected users.
What is most valuable?
The IPS feature is available in all appliances that we are going to use as a firewall, and that is how we have a blade that helps at all times. We have both a firewall and also a complete solution with multiple new-generation features that can be physical or virtual and where more advanced analytics can be integrated, for example, in the Infinity Check Point cloud. Among those characteristics is its coverage of updates in real-time and constantly. This is done without an administrator's intervention.
What needs improvement?
What I want as a new feature is to be able to bring these solutions to public clouds. However, today, we can do this. We are taking our datacenters, these next-generation places. These technologies evolve at an unparalleled pace. This solution will soon be in mobile services, and it is here that the new equipment management lines will be managed in the future. We want the solution to continue to move towards cloud-based and portability focused for telecommuting users.
For how long have I used the solution?
I've used the solution for about two years.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-10-31T00:00:00-04:00
Rated 5 out of
5 by
Adrian Cambronero ACosta from
Automatically updates, offers a good centralized environment and is easy to manage
What is our primary use case?
Check Point IPS provides us with an analysis of all external and internal traffic. For us, it is quite important to monitor everything that happens within our company due to the fact that we moved a large part of our infrastructure to the Microsoft Azure cloud and the rest remained on-premises. Some applications connect and go abroad.
Due to this hybrid system, we needed a tool that would protect us against threats that may enter or even threats that are generated within.
How has it helped my organization?
Check Point IPS has given us a greater overview of all the company's security and vulnerabilities.
In addition, it sends us a detailed report of each of the failures the organization has as well as recommendations. This helps us monitor the traffic and have all the servers aligned.
The database is constantly updated to be aware of all the viruses or vulnerabilities that are generated. It has helped us a lot since this helps the organization to close any new loopholes.
What is most valuable?
The tool has many great features.
Check Point IPS provides reports to run vulnerabilities to help SOC teams be more effective.
It has automatic updates that ensure that the database is up to date and provides protection against zero-day vulnerabilities.
Signatures are constantly updated. It also provides virtual patch protection.
It has a centralized environment and is easy to manage. You can also generate backups of the system so that, in case something happens, you have the latest update.
What needs improvement?
Check Point must take into account several improvements for the next updates of the tool.
They should improve the cost so that it is more accessible and more companies can acquire it.
Optimizing the resources requested and sending more specific alerts regarding blockages would be useful.
They need to improve integration with SIEM. VMs should not be used as information bridges.
The documentation should be accessible. They need to improve the knowledge database and ensure everything is unified.
They need to improve technical support and customer service.
For how long have I used the solution?
The solution has been in use for about one year.
What do I think about the stability of the solution?
As of today, no problem has occurred. It maintains very good stability.
What do I think about the scalability of the solution?
The product presents great scalability.
How are customer service and support?
The experience with support has not been good. We have already had several escalations since it does not resolve quickly.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
There was no solution implemented previously.
How was the initial setup?
The first setup was done with a platform engineer and was very easy.
What about the implementation team?
We had help, and the experience was positive. The Check Point engineer was good, and the installation was smooth.
What was our ROI?
It is always good to make an investment in security.
What's my experience with pricing, setup cost, and licensing?
The cost is accessible yet not for many. It is an excellent tool. The installation is easy to do as it is very interactive.
Which other solutions did I evaluate?
Other options were not evaluated since we already had other Check Point tools within the organization.
What other advice do I have?
The tool is an excellent security solution.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-01-01T00:00:00-05:00
Rated 5 out of
5 by
reviewer1164006 from
Helpful alerting, provides valuable network insights, and the pricing is negotiable
What is our primary use case?
We primarily use Check Point to provide visibility into our network. It lets us see the east-west traffic, and it gives us a lot of information to work on as far as what kind of traffic was passing through.
How has it helped my organization?
Overall, it give me a lot of insight into my network that I didn't have before.
What is most valuable?
It lets us know about anomalous behavior and it provides alerts regarding activity on certain ports. It lets me decide, for example, whether something is a valid connection, or causes me to question why a certain port is open.
What needs improvement?
The pain point that I have with this solution is contacting technical support.
For how long have I used the solution?
I have been working with Check Point IPS for more than a year.
What do I think about the stability of the solution?
Stability-wise, this product is great.
What do I think about the scalability of the solution?
The scalability comes from the fact that this is an on-premises device that ties into a cloud service. It's a hybrid application. Once you have it installed, it's collecting information. You put it right there in front of your input into the network, and it picks up all of the traffic.
How are customer service and support?
Sometimes, technical support takes a long time to get back to you.
Which solution did I use previously and why did I switch?
I used Check Point Endpoint Security, as well as the Network Detect and Response (NDR) appliance.
I am currently using Darktrace and Vectra in addition to Check Point. I've been using all three and I find that Check Point is the one where I get the most information from. I will stop using Vectra this year but I will retain Darktrace, as long as they keep it at a certain price.
Darktrace takes a lot more configuration; unlike Check Point, there are a lot more changes that need to be made. When it's fully integrated, it requires a lot of time and it may end up being as useful as the Check Point.
The reason I keep all three is because they all give me a different kind of view. They all give me different information. If they gave the same information, it'd be useless to keep them.
With respect to similar security products, I have demoed CrowdStrike, worked with Symantec, and am also using Check Point.
How was the initial setup?
Check Point was fairly usable out of the box.
I am using an on-premises appliance that ties into a cloud service.
What's my experience with pricing, setup cost, and licensing?
Pricing for this solution is negotiable and I'm happy with our pricing.
I suggest negotiating either at the end of their fiscal year or at the end of every quarter. At the end of the quarter, they have an incentive to lower the prices to sell as many units as possible in order to meet their end-of-quarter quota.
What other advice do I have?
If I could only keep one of my security solutions, it would be Check Point. To me, it provides the most valuable information.
I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-07-12T00:00:00-04:00
Rated 5 out of
5 by
Fabian Miranda from
Great monitoring, less admin burden, and protects well against malware
What is our primary use case?
The company needed to improve its compliance with traffic risk management before all the company employees went full WFH.
This has turned into a more efficient operational control of internal traffic, where numerous threats had been identified while working in the office as most malware is somehow admitted by someone with access to the company network, either unintentionally or not. This actually drove revenue growth as fewer resources had to be spent from the IT department to fight cyber threats.
How has it helped my organization?
We've seen how this firewall has operated on real-time threats to both cloud and physical servers by detecting, neutralizing, eliminating, and then patching against malware.
We can test these patches post-deployment in less than one day. We'll then generate reports that include the activity for the time we desire and gauge the performance of the software.
From all this data, the IT department can determine future precautions, what kind of traffic will be blocked, and what users will be restricted.
What is most valuable?
We've been able to monitor all the devices in the network after activating and configuring the software blades. This shows us who's connected and who's not and how many disconnections there have been.
The firewall picks up malware traces that may have affected other users and networks and notifies when a particular site has been the source of infection.
There's less admin burden to detect these threats as Check Point IPS will do it all for you and suggest the best preventive actions to protect the network.
What needs improvement?
When exceptions need to be done for certain profiles, it is easy to get them done, however, implementation on some general ones may cause some extra work as the IPS is not easy to overwrite.
There are updates that have been scheduled that have been delayed more than expected, which impacts the performance of the firewall when the traffic is high. This can cause false positives and release alerts for harmless traffic, which results in a deviation of the attention from the security administrator when it's not relevant.
For how long have I used the solution?
We've used Check Point's complete protection package for our network for more than two years.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-08-04T00:00:00-04:00
Rated 5 out of
5 by
L A D from
Good security, excellent performance, and easy to implement
What is our primary use case?
The main use of this security tool of the Check Point brand was acquired to be able to solve the exploitation of cyber attackers for violating our perimeter security and finding holes to be able to violate us.
At a business level, the absence of an application that could help us with both old and modern threats was seen. We now currently manage Check Point. The opportunity to use this tool was provided due to its ease of implementation within our NGFW security environment. The solution has been very good and the tool has a low rate of false positives, which makes it safer and more accurate.
How has it helped my organization?
Check Point is one of the best security brands worldwide. This IPS tool is integrated with our gateways and is managed from our management environment. It has been very useful. It has given us protection to find any vulnerability, detect it, and improve it. It also validates threats reliably through its monitoring panel. The reports and logs help us to deal with decision-making to improve security conditions.
The option of security patches has been better protected to manage the servers' updates in a reliable way.
What is most valuable?
We have really liked practically all the product's features - from the easy implementation through Check Point's gateway to its reduction in licensing costs. That especially really positively impacts the company's finances.
The low number of false positives for vulnerabilities builds additional confidence in the brand.
The constant updating of vulnerability signatures gives the tool protection against new and old threats.
Its monitoring and reports generate extra help to be able to fight against vulnerabilities.
What needs improvement?
Generally, a point that should be improved at the manufacturer level is the help it provides with its support staff. It is somewhat slow in its resolution of problems, even if the problem is with one of its new tools.
It would be good to update the public documentation of Check Point so that we can generate improvements and best practices based on the documentation. However, sometimes it is not so easy to implement.
For how long have I used the solution?
This is a great security application. We've used it in our Check Point gateways and management environment for more than three years. We've enjoyed excellent performance.
Which solution did I use previously and why did I switch?
Previously we did not have a tool that would solve our security problems.
What's my experience with pricing, setup cost, and licensing?
It is essential to validate the costs before implementation and also to test before setting up the environment in production.
Which other solutions did I evaluate?
We value some tools. However, nevertheless, Check Point met the conditions to implement it correctly and comply with what was necessary.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-08-01T00:00:00-04:00
Rated 5 out of
5 by
Orlando Dos Santos Junior from
Great and easy to work with firewall, and prevents important attacks
What is our primary use case?
My primary use case for Check Point IPS is very simple: I first identify some signature behaviors and secure levels and then I apply some signatures. I usually do not deploy IPS from CheckPoint. Overall, I manage signatures.
What is most valuable?
The Check Point IPS feature I find the most valuable is the firewall. It is great and easy to work with.
What needs improvement?
I'm not sure what I really like in IPS because it's automated. You read the permit and you try to apply the signature and read the behavior of the solution and find how to fix it. So I don't think Check Point IPS is a great solution.
I don't I like working with it very much because there's other stuff you can do to have more information. However, Check Point IPS does prevent important attacks easily.
What I would like to improve in IPS would be the capacity of the hardware. I would also like to be able to sort signatures by severity. This would greatly impact how well I can manage my environment.
In the next release, I would like to see automatic signature deployment.
For how long have I used the solution?
I have been using Check Point IPS for nearly a year now.
What's my experience with pricing, setup cost, and licensing?
On a scale of one to ten, with one being the worst and ten being the best, I would rate Check Point IPS an eight.
Which deployment model are you using for this solution?
On-premises
Disclaimer: My company has a business relationship with this vendor other than being a customer:
Date published: 2022-08-15T00:00:00-04:00
Rated 5 out of
5 by
Zdenek Zeithaml from
High availability, helpful support, and effective management of devices and policies
What is our primary use case?
We are using Check Point IPS for the detection and prevention of threats for our PCI firewalls where it's mandatory to use it.
What is most valuable?
The most valuable feature of Check Point IPS is the management of devices and policies.
What needs improvement?
Check Point IPS' main problem is it is mostly software based. The performance is dependent on the CPU power, and the limited number of patterns.
For how long have I used the solution?
I have been using Check Point IPS for over five years.
What do I think about the stability of the solution?
Check Point IPS is stable.
What do I think about the scalability of the solution?
The stability of Check Point IPS depends on too many factors. It always depends on the usage and the traffic. However, we did not have any issues with scalability.
We have approximately 40 to 50 people involved in using Check Point IPS, such as the firewall and IPS managing teams.
How are customer service and support?
We have onsite engineers from the Check Point IPS directly on our site.
I rate the support from Check Point IPS a four out of five.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup of Check Point IPS is straightforward because there are security profiles with default recommended configuration. However, these were beneficial at the time when produced but they are not that helpful anymore.
It can take some time to do verification because there are some protocols where you know that there could be problems. For example, for some of the sharing features, you have to be careful. Those there are the profiles you can use for the setup, you do have to do a lot of manual work to have everything work correctly.
I rate the setup of Check Point IPS a two out of five.
What about the implementation team?
We did the implementation of Check Point IPS in-house.
What's my experience with pricing, setup cost, and licensing?
There is a license needed to use the Check Point IPS which is not expensive. However, the Check Point IPS device is expensive.
What other advice do I have?
We are replacing the IPS from Check Point with a different solution, which is related to the IPS functionality. The reason for the replacement is because Check Point IPS are at their end of life and are not creating or not using the security policy for the traffic, it mostly acts as an IPS.
We are planning on using Trend Micro. It will be better because there will be a dedicated device that is doing only the IPS. The performance will be better and it has a larger number of patterns updated weekly.
I have a very long and extensive experience with the Check Point ISP. It is a good solution, but sometimes it's causing issues, but it's a general problem for all the networks and security devices.
I rate Check Point IPS a nine out of ten.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-08-17T00:00:00-04:00
Rated 5 out of
5 by
reviewer1956864 from
A complete tool in a centralized environment but needs better documentation
What is our primary use case?
We needed a security tool with features like:
* Exploit detection
* Vulnerable Protocol Validations
* Malware communication blocking
* Easy administration
We found these features in the Check Point Intrusion Prevention System. It's the exact protection required for our infrastructure.
We managed to increase the level of business security thanks to this blade provisioned within our Check Point gateways.
Thanks to the use of this tool, we could avoid malware that might be installed in our infrastructure. It offers prompt detection.
We also needed to be able to have protection against emerging threats during Microsoft updates on our Windows servers.
How has it helped my organization?
This tool gave us much more protection for areas that are not covered with the use of the gateways.
One of our great concerns is the patching of servers where Internet access is opened and where we may have vulnerabilities. Thanks to Check Point's Intrusion Prevention System (IPS), we could keep our environment safe.
It provides a centralized environment by being unified with the administration of our gateway environments with management through Check Point Security Management. It is easy to use and has large dashboards that help us make decisions that help us continue to improve security.
What is most valuable?
Check Point's Intrusion Prevention System (IPS) provides us with many important features such as:
1- A centralized environment, managed by the security management portal.
2- Real-time protection against threats, generating security so that we can act immediately when we have a threat.
3- Protection backed with thousands of signatures of prevention and malicious behavior.
4- The reports are useful in helping to verify the threats where we can see the level of severity in order to be able to take action.
It really is a complete tool.
What needs improvement?
Check Point's Intrusion Prevention System (IPS) may improve in the following fields:
- They should have a cost improvement. Despite being a blade, this is expensive.
- They do not have a separate console.
- The documentation accessible by the manufacturer is generally for versions R80 or less. Some features or configurations have changed, which makes a more efficient and faster implementation difficult.
- The costs are only visible through a partner who provides you with the details. We would like them to be public so that we do not only have to view the costs through them.
For how long have I used the solution?
We use this blade for a branch in our cloud environment. We have it in order to be able to support against intrusions for at least three years now.
What do I think about the stability of the solution?
We have cluster environments and we have found its stability to be quite good.
What do I think about the scalability of the solution?
In cluster and VSS environments in Azure, the scalability is robust.
Which solution did I use previously and why did I switch?
Previously we did not use an IPS tool. It wasn't until the business need was realized when that we started the validations of which tool to implement.
What's my experience with pricing, setup cost, and licensing?
It is always important to validate the costs and characteristics of the available tools. I recommend finding a partner that can provide that support to correctly deploy what is necessary.
Which other solutions did I evaluate?
It is very important to always look for documentation, and characteristics and be able to compare them to make an informed decision based on security needs. In our case, we already have tools within our GWs environment, so it was easy to add this product.
What other advice do I have?
It is a good tool. However, you must have a GWs environment in use to be able to add it.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-09-28T00:00:00-04:00
Rated 5 out of
5 by
reviewer1854018 from
Autonomous threat prevention, APIs, and SmartConsole features work well and are easy to use
What is our primary use case?
I implement this solution for customers.
What is most valuable?
The autonomous threat prevention is very easy to use. The APIs and SmartConsole tool also work well.
What needs improvement?
There are a lot of false positives. I would like to see integration with some kind of network detection and response in order to make some automation on IPS configuration.
For how long have I used the solution?
I have been using this solution for about 12 years.
What other advice do I have?
I would rate this solution 10 out of 10.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2022-05-20T00:00:00-04:00
Rated 5 out of
5 by
Mamadou Fallou Diagne from
Efficiently protects workstation, but some lacks automation features
What is our primary use case?
Our primary use case is to protect the workstation. The IPS blade is integrated into our Check Point environment. We have many blades in Check Point IPS representation, each with a specific function.
What is most valuable?
The most valuable feature is very good and easy to use. Configuration is straightforward, and support is fast, usually within one hour. The IPS blade is integrated into our Check Point environment and is used for intrusion prevention.
What needs improvement?
There is room for improvement in the pricing model, and it can be more competitive.
Moreover, another area of improvement is in the maintenance of the solution because it requires a lot of people to maintain the solution. Some tasks can be automated, and I would like to see a feature where we can automate the tasks.
For how long have I used the solution?
The company has been using Check Point for around 20 years, and I have been with the company for two years. The IPS blade is integrated with Check Point, and we use R81.20.
How was the initial setup?
The initial setup is straightforward. It is easy to configure.
What about the implementation team?
The solution requires proper maintenance because there are several tasks to check for updates and more. We have five people on the maintenance team. Our company has many firewalls since it is big, and the number of endpoints is more than 5000. Moreover, we have various roles like engineers, system administrators, or network administrators.
What other advice do I have?
I would give Check Point IPS a seven out of ten. We started using this product a year ago, and it has worked well for us.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-04-06T00:00:00-04:00
Rated 5 out of
5 by
reviewer1474608 from
Stable, scales well, and provides good security
What is most valuable?
The most valuable feature is security.
What needs improvement?
There are several technological points that could use improvement.
We have a lot of false positives and the list of IPs are not up to date in terms of their location. For example, we recently blocked traffic from both North and South Korea because we have no relationship with these countries. The problem is that the list of IPs is not up to date, and we had a problem where regular traffic was blocked but malicious traffic was not.
The proxy should be improved.
The documentation should be easier to read.
When you want to block according to the signature, you have to do them one by one. You cannot create a group.
For how long have I used the solution?
I have been working with Check Point IPS in this role for several months.
In the past, I was an employee of a company that was a Check Point partner for 11 years.
What do I think about the stability of the solution?
This is a very stable product.
What do I think about the scalability of the solution?
The scalability is good, provided your machine is powerful enough. The product works with a variety of equipment from low-powered to high-powered.
What's my experience with pricing, setup cost, and licensing?
The price of this product should be reduced.
What other advice do I have?
For the most part, we don't have any problems with this product.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
Private Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2021-01-31T00:00:00-05:00
Rated 5 out of
5 by
reviewer1572915 from
Helpful alerts and reporting, granular rule options, and the update schedule is flexible
What is our primary use case?
The Check Point IPS module is applied to both internal and external traffic.
Many times, we only think about protecting ourselves from what comes from the Internet but it is also good to analyze what passes inside between one network and another and what goes out to the Internet.
I'll never forget the first backdoor report. We immediately activated email alerts for the most important reports and it was an email that indicated the compromised server. There were three of us and it took two hours to discover that through the image upload form, there had been an attempt to upload a backdoor. This IPS module had blocked this attempt.
How has it helped my organization?
The Check Point IPS module certainly is of great support in ensuring the security of every organization. You cannot say that users only surf the internet and you do not need this type of protection because the danger does not come only from the internet, but also from within.
We immediately implemented the module on internal traffic and if there is any server or user that does something that should not be done, it is immediately identified.
Valid support also comes from applying, before their official publication, the protections inherent to server and application updates. In this way, we are not forced to install updates on the servers as soon as they are published. Rather, we can also schedule updates and incorporate a delay. This protects us from the possible publication of incorrect updates that are withdrawn immediately afterward.
What is most valuable?
The Check Point IPS module allows me granularity in creating rules. I can specify which definition to apply and to which scope or network.
I can create multiple profiles, which is helpful. Profiles are the set of rules and I can choose which one to apply. Having more profiles and more options, we have not always moved in a guaranteed way with respect to internal traffic, and rigorously with respect to external traffic.
From the outside, we block directly without waiting to look at the logs. If anything, then we will allow this traffic. From the inside, we allow traffic by default and maybe we will block it after looking at the logs.
These decisions were also supported by the degree of reliability declared by Check Point itself. If we are talking about a high degree of reliability combined with a dangerous vulnerability then you can immediately block traffic with greater confidence in not having false positives
The logs and related functionality are done very well.
What needs improvement?
To use the Check Point IPS module, you need a dedicated team who must know both the business reality and be sensitive to the dangers coming from the Internet. You can't leave everything to the application to run automatically.
If you leave it on automatic then you run two fundamental risks; the first is the blocking of the firewall due to excessive use of resources, and the second is the sudden halt of your services due to the blocking of a malicious application. By optimizing the resources requested by this module and sending more specific alerts regarding blocks, you can certainly obtain an improvement in performance and usability.
Having additional reports available would be helpful.
For how long have I used the solution?
I have been using Check Point IPS for twenty years.
What do I think about the stability of the solution?
This has always scared me because it is known that activating this module in an inconsiderate way causes malfunctions of the firewall. However, Check Point tells you to apply only the IPS definitions that are useful in your environment and warns with specific pop-ups when you want to activate a definition that requires a lot of resources.
What do I think about the scalability of the solution?
In case of high volumes of traffic, it is possible to balance the same by adding other nodes to the cluster.
How are customer service and technical support?
It was certainly a good experience, a daily challenge to overcome oneself and compete with the world.
Which solution did I use previously and why did I switch?
Prior to this product, we did not use a similar solution.
How was the initial setup?
The initial setup is complex and must be done by a team, necessarily also made up of internal staff, who are highly skilled.
In the beginning, it is good to evaluate the single definitions in order to reduce the false positives and to avoid a waste of firewall resources. Subsequently, the new definitions released must be reviewed daily.
What about the implementation team?
We implemented it with the support of an external team that proved to be up to the task entrusted to it.
What's my experience with pricing, setup cost, and licensing?
The module has a considerable cost but you can save by purchasing a package with several modules instead of making a single purchase.
The implementation has a high initial and management cost.
Which other solutions did I evaluate?
We did not evaluate other options.
What other advice do I have?
In summary, this is a well-made product and I don't feel like I would suggest improvements other than having more reports. I recommend its adoption to those who have the availability of a team, internal or external, that has the ability to manage it and the knowledge of the company.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2021-05-14T00:00:00-04:00
Rated 5 out of
5 by
reviewer1573887 from
Easy to configure, helpful notifications, and provides good value for the money
What is our primary use case?
We make use of Check Point IPS to protect our corporate network against incoming threats of all varieties. We have a very minimal intranet/network and this is installed and configured on our firewall that monitors all incoming/outgoing traffic.
We felt it was necessary to have this in place as part of our security hardening in preparation for a third-party penetration test of our corporate network. Their goal was to access our network undetected and exfiltrate information. They were unsuccessful.
How has it helped my organization?
Once we installed our Check Point firewall and activated and configured the various software blades and services, we successfully locked down our network with a near 100% success rate in preventing security threats.
I can easily monitor all of our connected devices and I get instant notification of reconnections and new connections, which removes some of the monitoring burden.
The biggest improvement is that it protects us against many different potential attacks like ransomware and malware coming from malicious IPs.
What is most valuable?
The most valuable features of Check Point IPS are the protection it provides against the various attack vectors out there with ransomware and other malware. Once we had Check Point IPS up and running, which was really quite easy and straightforward to do, we noticed a surprising number of times that it was getting triggered.
It was a little scary thinking back to how vulnerable we were prior to having Check Point IPS in place and simply relying on our users, albeit not that many, to be safe and responsible.
What needs improvement?
Really, the only thing we noticed once it was running in prevention mode (we started out in detection mode just to get a feel for how it worked and how often protections were getting triggered) was that there was a little bit of a slowdown in performance. It is generally good, but improving the performance would be the one thing I'd take a look at right now.
For how long have I used the solution?
We have been using Check Point IPS for two years.
What do I think about the stability of the solution?
This solution has been extremely stable with no issues.
What do I think about the scalability of the solution?
We're small and haven't had to deal with scaling, but I would think it should scale fine.
Which solution did I use previously and why did I switch?
We did not use another similar solution prior to Check Point.
How was the initial setup?
The initial setup and configuration was easy and straightforward.
What was our ROI?
Our return, in terms of peace of mind that our network is protected, is well worth the cost of implementation.
What's my experience with pricing, setup cost, and licensing?
The pricing for Check Point IPS is competitive and brings good value for the money.
What other advice do I have?
In summary, since we have installed Check Point IPS, we really have not had any major complaints or requests for improvement. It was pretty easy to get up and running and configured to protect our environment.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2021-05-11T00:00:00-04:00
Rated 5 out of
5 by
Basil Dange from
Good visibility and reporting, helpful support, but it can lead to performance degradation
What is our primary use case?
We use this solution to secure the organization against any attack coming into the network via the internet, a third party, or any other connected network. It is used to detect and prevent identified threats at the perimeter level so attacks do not penetrate the network.
With so many access points present on a typical business network, it is essential that we have a way to monitor for signs of potential violations, incidents, and imminent threats.
We also use it to provide flexibility for the SOC admin to identify any suspicious activity and either detect and allow (IDS) or prevent (IPS) the threat. It logs and reports any such incident to the centralized logger so the required action can be taken by the SOC team.
How has it helped my organization?
This IPS device is protecting the organization's assets from any know vulnerability or threats that are coming from the network and vice versa.
It protects against specific known exploits but also, with SandBlast integration, it is able to protect against unknown or zero-day attacks at the perimeter level. An example of this is C&C communication, which is getting trigger by compromised systems.
It's able to detect and prevent any tunneling attempt that is happening via compromised systems, thereby avoiding data leakage.
It provides the capability to enable security policy based on templates, which can be enabled by the organization, depending upon their need. For example, enabling the highest security with the lowest performance impact is a matter of selecting templates accordingly.
What is most valuable?
IPS can be enabled on the same security gateway and does not require any additional hardware purchase or additional network connectivity.
It provides complete visibility and reporting on a single dashboard for the entire NG firewall, including the IPS blade on the Smart Console.
Signatures are constantly updated and it also provides virtual patching protection up to a certain extent.
It provides a detect-only mode for IPS Security policy that the admin can enable on a required segment for monitoring, giving an opportunity to observe prior to blocking.
What needs improvement?
There is a performance impact on the NGFW post-enabling the IPS blade/Module, which can even lead to downtime if IPS starts to monitor or block high-volume traffic.
There is no separate, dedicated appliance for IPS.
In the case of the IPS blade enabled on the NG firewall, it does not provide flexibility to monitor specific segments as easily as the IPS policies that are applied on the security gateway. There is lots of configuration and exclusion policy that need to be configured to bypass traffic from IPS Policy.
IPS gets bypass in case performance goes above certain limit. This is the default setting that is provided.
For how long have I used the solution?
I have been using Check Point IPS for more than six years.
What do I think about the stability of the solution?
This is a stable product.
What do I think about the scalability of the solution?
Most of the organization is deployed on the NGFW and it has scaled accordingly, with most devices in HA mode.
How are customer service and technical support?
Technical support is excellent.
Which solution did I use previously and why did I switch?
We did not use another solution prior to this one.
How was the initial setup?
This is a blade/module that needs to be enabled, selected, and applied across the security gateway.
What about the implementation team?
Our in-house team was responsible for deployment.
What's my experience with pricing, setup cost, and licensing?
Enabling IPS does not require any additional license purchase from OEM, as it comes by default with the NGFW bundle. This blade/module can be enabled based on the requirement and can be pushed to the security gateway.
Which other solutions did I evaluate?
We did not evaluate other options.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2021-05-11T00:00:00-04:00
Rated 5 out of
5 by
reviewer2235303 from
A security solution that protects against the latest attacks with easy setup
What is most valuable?
The solution protects against the latest attacks. It is essential because collaborative tools and networks are necessary. The attacks are increasing, and we need protection in real time.
What needs improvement?
The support could be improved. We need quality information on the new products and solutions. We are implementing new solutions for Check Point, but these solutions are not thoroughly tested, which might lead to problems. If we had a lot of information and knowledge about the solution, it would be easier for us to implement it.
What do I think about the scalability of the solution?
The solution’s scalability is fine. When I escalate an issue, I appreciate their efforts and their support.
How are customer service and support?
The technical support is good. The engineers responsible for this area are expert people. The documentation in the knowledge base allows us to resolve issues. The blocks or columns help me understand what kind of issues they have.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We have worked only with Check Point. We were a partner of Check Point in my last company. We provided solutions to customers and encountered different challenges because of other solutions. Fortinet was much cheaper than Check Point. The competition is based on price, whereas Check Point is superior in quality and security.
How was the initial setup?
The initial setup is easy and intuitive.
What's my experience with pricing, setup cost, and licensing?
The solution has a high cost, but the relation between price and quality is okay.
What other advice do I have?
Overall, I rate the solution a nine out of ten.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-10-19T00:00:00-04:00
Rated 5 out of
5 by
Jeroen Devroede from
A stable tool that provides its users with intrusion protection functionalities
What is our primary use case?
In my company, we use Check Point IPS for its intrusion protection functionalities. The product is the core of our security infrastructure that we use to filter and block attempts for connection into resources, which usually you want to happen only for specific administrative roles.
What is most valuable?
The most valuable features of the solution are that the product's stability has been very good. The product's uptime has been massive, and there has not been any downtime, making it a very good product. Our company has had a six-year uptime record with Check Point IPS. The firewall has not caused a single second of outage while functioning to protect access to our data center.
What needs improvement?
Based on what I hear from my full-time firewall administrators, the upgrade process or the maintenance of the devices for each firmware upgrade requires one to break the cluster and run a specific moment at a time, a single node concept. I hear from my admin that the firmware upgrade process is quite cumbersome. Our company has made Check Point very well aware of the cumbersome firmware upgrade process, including the other customers as well. The aforementioned details can be considered for improvement.
The price of the product needs to be improved since it is an expensive solution. All the components of Check Point IPS are expensive, while licenses of the product exceed all its other expenses. If you have a data center without infrastructure, you will suffer from losses on a monthly and yearly basis due to DDoS attacks, which we know about since we have the data for ourselves. It is up to each customer to determine how long he can lose his data center, and then you count if it is possible to lose it for that amount of time, and if you don't, then pay the price for the firewall.
For how long have I used the solution?
I have experience with Check Point IPS.
What do I think about the stability of the solution?
Stability-wise, it is a good solution since we haven't faced any outages in our company.
What do I think about the scalability of the solution?
With MCO solution, Check Point IPS is super scalable since we can spawn virtual firewalls and provide additional CPUs to one particular firewall. Check Point IPS is a SUSE firewall solution where you can launch virtual firewalls within the SUSE, making the product very flexible and versatile.
There are thousands of end users of the solution in my company, which is a major airline company.
My company plans to increase the solution's usage since we have thousands of users.
For the deployment and maintenance, there is a need to provide twenty-four hours and seven days a week coverage. Per cluster, you would need three people for maintenance. If you have twelve nodes split across six clusters, you need six persons and one manager for maintenance.
How are customer service and support?
I have contacted the solution's technical support for solutions like Check Point IPS since it provides two ways to make a change in infrastructure, which you can find in its GUI. If it is not there in the GUI and doesn't work from the moment you need CLI, then you create a technical case to have the vendor watch your actions while you do it, which applies to Cisco controller-based networking. It either works via the GUI, and if it does not, you almost always create a tech case in the case of Cisco or a technical support case in the case of Check Point to have somebody from the technical support assist you. Cisco or Check Point products are no longer meant to be run without support.
How was the initial setup?
The initial setup of Check Point IPS was complex. The nature of the product is such that the setup phase is complex since one needs to insert a firewall into all the connections. One cannot implement a firewall partially since that is completely useless. When one implements Check Point IPS, it is necessary to ensure that all of the traffic goes through it, making the implementation complex, but that's not Check Point's fault since it is the nature of the IT landscape.
The deployment process takes at least three months.
Regarding the deployment process, you install the boxes in a lab environment or a DMZ. In the second step, you upgrade the firmware to the last version you want to have the firewall because you wouldn't want to do that after it has been put in your network. From the moment you have the base setup, you separate the cluster again and distribute it across your data centers, after which you can start activating the firewalls. Basically, what you do is that you install them, cluster them, and in the final stage, you implement or migrate from an existing rule set from another firewall onto the new firewalls. The rule set is super crucial because you cannot start with a blank rule set in a production environment, and you cannot build it up from scratch. Either you get a rule set from somewhere else or build it up manually, which will require massive work.
What about the implementation team?
The implementation process is always done with the help of a third party.
What was our ROI?
If my data center goes down for more than 15 minutes, we lose one million euros in operational costs, meaning our company's return on investment is immediate. If you do not have a firewall infrastructure that protects your data center today, you will suffer outages due to attacks. If you consider one million euros per fifteen minutes, it is clear that my company experiences a clear ROI using the solution.
What's my experience with pricing, setup cost, and licensing?
My company pays for the yearly licensing of Check Point IPS. It is a very expensive tool. Anything that falls under the security-related aspect, including Cisco products, is very expensive.
What other advice do I have?
Our company has been expanding the use of Check Point IPS. We currently have twelve nodes, and we are considering expanding them. We continue to have Check Point IPS in our company, and we even changed from physical devices to virtual devices, including MCO solutions.
Considering how Check Point has evolved as a company, I would definitely recommend the solution to those planning to use it. Now, we are investigating the competitors of Check Point to have a better position when we negotiate prices. We also work with FortiGate in our company. If you look at FortiGate or Check Point, they are the top-line products in the firewall industry at the moment. Check Point is like a top-level provider of firewall solutions.
Overall, I rate the solution a nine out of ten.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-08-03T00:00:00-04:00
Rated 5 out of
5 by
Hugo Alexis Espinoza Naranjo from
Great protection from cyber attacks and DDoS with reduced downtime
What is our primary use case?
It has allowed us to provide protection that we did not have before. We have tested and reviewed different solutions throughout the year to establish the best solution that would allow us to meet internal demands based on the products our organization sells and makes available from third parties. We need to protect information from those catalogs the database users who are willing to purchase services with us and at the same time we need to keep them protected. We need a safeguard from cyber threats to reduce downtime in costs associated with attacks and a potential loss of communication against our services in the data center.
How has it helped my organization?
Check Point helps reduce downtime and costs associated with detected cyberattacks and can block those threats to ensure protection from any significant damage that may be caused within the organization. We get an environment with protected data centers where there is no interruption of services and no significant loss (including reputational loss) to our company.
What is most valuable?
By having a solution that allows us to protect systems and data from cyber attacks or unauthorized instructions (including malware and DDoS attacks), we can protect our system from all kinds of threats. Check Point reduces downtime and costs associated with attacks that cause communication losses and guarantees compliance with security. It also ensures the privacy of all the data that we have stored, which helps us maintain a high level of reputation when it comes to careful administration and data segmentation. Now, there is a formalization of data protection. Check Point is really compatible with the internal needs of our organization, and its features offer us a great advantage.
What needs improvement?
There is an issue with precision. There is room for improvement based on the type of threats that are constantly evolving. They need to ensure they are managing to keep up with threat changes and generate some new approaches.
Another feature that I would like to see as a substantial improvement is the expansion of support in cloud environments. We need to ensure we can have access to public and private clouds and need to be able to include integrations with different popular providers.
They need to offer IoT as device support.
For how long have I used the solution?
I've used the solution for one year.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-02-19T00:00:00-05:00
Rated 5 out of
5 by
Kristaps Krauklis from
User-friendly, stable, and scalable
What is our primary use case?
Check Point IPS is an IT security solution that offers insight into potential attacks and helps to prevent them from occurring. This solution gathers various signatures and receives new updates when a new vulnerability is identified, thus safeguarding us from potential threats.
How has it helped my organization?
The solution has helped improve our security by blocking threats.
What is most valuable?
The solution is user-friendly and the interface is easy to configure.
What needs improvement?
The price has room for improvement. The solution's firewalls are quite expensive.
For how long have I used the solution?
I have been using the solution for five years.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
The scaling of our system depends on the type of hardware we are using. If we are using a virtual environment, it is easier to scale as we can just add more virtual machines. However, if we are using a hardware appliance, we will need to purchase additional hardware to scale it.
Which solution did I use previously and why did I switch?
Previously we used an IBM solution but it was expensive and hard to configure compared to Check Point IPS which was a common sense model, and easy to implement with our firewall.
How was the initial setup?
The initial setup is straightforward. I give the ease of setup an eight out of ten.
We first deployed the license and configured the rules in test mode. After making sure there were no false positives, we switched the rules to prevent mode to block any incoming attacks. The last part of the process was to configure a certificate for HTTPS inspection.
The deployment took one month to complete.
What about the implementation team?
The implementation was completed with the help of consultants. Two people were required to complete the work.
What was our ROI?
Calculating a return on investment for cybersecurity products can be difficult. However, we have not experienced any concerning cyber incidents in the past five years; this is likely due to our strong firewall and comprehensive production system. All in all, this is a positive outcome.
What's my experience with pricing, setup cost, and licensing?
We pay for a bundle subscription that includes additional solutions.
I give the price of the solution a five out of ten.
What other advice do I have?
I give the solution a nine out of ten.
For maintenance, we need to review the log, identify any new signatures, and configure them accordingly.
The solution is used to protect 250 users.
We could potentially cause disruptions to our infrastructure if we do not use a good consultant to guide us through the implementation process.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-02-15T00:00:00-05:00
Rated 5 out of
5 by
reviewer192341 from
Good functionality, real-time protection and reduction in costs
What is our primary use case?
We first saw that this blade was available to use in our Check Point gateway. Later, we understood that there are advanced threats that are in charge of exposing weaknesses. We did not have our perimeter completely covered, which is why we decided to use this technology.
This technology helps us to detect and prevent attempts at exploiting vulnerabilities. It also helps a lot as the tool poses very few false positives, giving the tool good credibility.
How has it helped my organization?
Check Point IPS has helped us to have greater perimeter security through our Check Point Gateway. It offers us an easy implementation and has great protection across our infrastructure.
By means of Smart Events, we can carry out very advanced monitoring of the threats that have tried to enter our infrastructure.
It is a great tool. It is totally recommended by us. It really covers many areas of security, such as anti-malware, data loss, improper use of protocols, and preventing known exploits.
What is most valuable?
One of the characteristics that we liked the most is the functionality and easy implementation via the Check Point Gateway.
The cost is reduced to being a blade. That is a good detail of the product in terms of licensing.
Protection in real-time is very good. It helps us detect things on time and make decisions to improve perimeter security.
Also, a very good feature is the optional mode of putting it only in detection mode. They are ensuring in that sense that they are not so intrusive at the beginning of the implementation in production environments.
What needs improvement?
Sometimes Check Point documentation is not always updated, which is why when some implementations change, it generates confusion about details. In addition to extending some implementations, it would be good for Check Point to keep its documentation public and updated.
This product, as a blade, does not include the license with the Check Point gateway.
Some errors are generated in the implementation of the Smart Cloud in the Infinity Check Point Portal. When that happens, cases of withdrawal must be carried out without embargo for a long time in response.
For how long have I used the solution?
We have been using this solution for about two years and have received the expected results. We are satisfied with the product.
Which solution did I use previously and why did I switch?
Previously we did not use another brand or tool. This is our primary solution now.
Which other solutions did I evaluate?
We did evaluate other options. It is always important to evaluate various options to see how they adapt to the client's system and infrastructure.
What other advice do I have?
We recommend the product. It is highly safe and easy to use.
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-03-05T00:00:00-05:00
Rated 5 out of
5 by
SURAJ SHARMA from
It prevents attacks and has a log feature; stable and has a straightforward setup
What is our primary use case?
I use Check Point IPS to prevent attacks, such as malware, spyware, and any other malicious activity.
What is most valuable?
What I like best about Check Point IPS is that it can prevent attacks. I also like that it has a log feature.
What needs improvement?
The hardware-based version of Check Point IPS could be more scalable. Right now, it's not scalable.
For how long have I used the solution?
I've been working with Check Point IPS for two to three years.
What do I think about the stability of the solution?
Stability-wise, Check Point IPS is eight out of ten.
What do I think about the scalability of the solution?
Check Point IPS is a scalable solution if it's cloud-based, but if it's hardware-based, it isn't scalable. Scalability-wise, it's a six out of ten.
How are customer service and support?
The Check Point IPS technical support is excellent portal-wise and callback-wise, so it's a nine out of ten.
How would you rate customer service and support?
Positive
How was the initial setup?
Setting up Check Point IPS is straightforward.
Before I deploy Check Point IPS, I'll put it on IDS mode, and then I'll see the current user activity, any malicious activity, and the logs. I then switch to the IPS mode.
What's my experience with pricing, setup cost, and licensing?
You can pay for Check Point IPS yearly, or you can go with a three-year license. There's no extra cost apart from the standard licensing fee.
What other advice do I have?
My company has two hundred users of Check Point IPS.
I recommend Check Point IPS to others because it's scalable, reliable, and easily managed by all users.
My rating for Check Point IPS is eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclaimer: My company has a business relationship with this vendor other than being a customer:Partner
Date published: 2023-02-14T00:00:00-05:00
Rated 5 out of
5 by
Ajenthan Aiyathurai from
Good notification, stable, and scalable
What is our primary use case?
We use the solution as a firewall to monitor and prevent intrusion into our system.
What is most valuable?
The notifications are the most valuable feature of the solution.
What needs improvement?
The solution is expensive and the cost has room for improvement.
The installation documentation has room for improvement. We can use more detailed information because sometimes it is difficult to understand.
For how long have I used the solution?
I have been using the solution for two years.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
The solution is highly scalable.
We have 100 people using the solution in our organization.
How are customer service and support?
I have had issues with the technical support not contacting me back.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup is straightforward. The configuration is completed with a few clicks. After the configuration, we can access the portal and start using the firewall.
What about the implementation team?
We used a vendor for the implementation.
What other advice do I have?
I give the solution a nine out of ten.
The maintenance is easy.
Check Point IPS has zero-day detection and next-generation servers which make it a good solution and I recommend it.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-03-15T00:00:00-04:00
Rated 5 out of
5 by
reviewer2029350 from
Great unified system with impressive protection and helpful support
What is our primary use case?
This tool seals any loopholes that could be detected by ransomware attackers and may lead to data loss. It has protected the organization from potential vulnerabilities affecting operations and the slowdown of workflows. It ensures that the applications are performing efficiently based on the set objectives. It delivers many signatures that enable teams to ascertain the security situations in various departments. It saves the organization a lot of costs since it is less costly and more powerful than many versions in the market.
How has it helped my organization?
Digital transformation has been efficient and productive thanks to the operation of this great product. After the implementation of IPS, there is increased production, and teams can easily focus on more productive tasks without fear of being attacked by cybercriminals. We have accelerated operations with the modern data management models that come with this application. It is easy to detect threats in advance and plan effectively how to eliminate them. Our organization has been secure since we deployed this tool without cases of external attacks.
What is most valuable?
Most features in this platform have been of great importance in the organization. The unified system controls the security situation in any system, reducing the total cost of ownership. Real-time protection has blocked most threats that could affect system operations. It can detect and prevent the entry of known and unknown data vulnerabilities.
The customer support services are efficient and have always helped us achieve most goals. The platform provides continuous cyber security reports that enable us to plan and make informed decisions.
What needs improvement?
The set features have played important roles in transforming the organization to meet the basic security standards.
The cost is high. That said, depending on the company's size, there can be a mutual agreement for efficient licensing terms. We are satisfied with the set performance parameters that have enhanced the smooth running of workflows.
The team should focus more on timely updates and configuration processes that sometimes may fail. I like the performance of this product and the achievements we've made so far.
For how long have I used the solution?
I've used the solution for eight months.
What do I think about the stability of the solution?
It is stable, and I recommend it.
What do I think about the scalability of the solution?
I am impressed by the performance.
How are customer service and support?
The customer support staff is always supportive.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have not used a different solution.
How was the initial setup?
The initial set up was not complex.
What about the implementation team?
Implementation was done through the vendor.
What was our ROI?
There is increased ROI.
What's my experience with pricing, setup cost, and licensing?
The setup cost is good.
Which other solutions did I evaluate?
I have not evaluated other options.
What other advice do I have?
The security measures are effective and I'd recommend the product to companies seeking great performance.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Google
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-02-07T00:00:00-05:00
Rated 5 out of
5 by
Edwin Solano Salmeron from
Great visualizations with helpful event analysis and centralization features
What is our primary use case?
This solution allows us to achieve a healthy network and good security within our organization given its functions, management, and control. The level of detection and intelligent algorithms that protect against distributed attacks have helped us to secure ourselves and provide protection in real time. These capacities and needs complement our security based on a scheme that our fund or financial distribution can achieve under annual or quarterly protection measures (or every three years).
How has it helped my organization?
Check Point offers us good protection. It has also allowed us to acquire services and products under a scheme that allows us to put together, as if it were, an offering of different functions or characteristics, giving added value to each one of them when they connect to each other. It is a solution that we can constantly build with each of the blades that we add. This makes it possible for us to have savings based on the security structure that we need for the organization. Thus it is a solution that has saved us significantly in additional investment when dealing with security.
What is most valuable?
Speaking of the IPS solution, it is important to understand that each of these features is based on real-time detection, analysis, and centralization of events. We were able to interpret that the solution is a total complement to each of the needs that any organization may have. Its event analysis and centralization features are very important for any organization. Those allow you to generate a general visualization, making a complete panorama of each of the events that you have inside your security system.
What needs improvement?
I would like to have the possibility of adding features to this IPS solution in the future. It allows us to reach and integrate with other solutions that we have in the same portfolio of this security provider. It has the possibility of achieving and integrating the detection and analysis of this equipment against the integration and analysis that is done in the final devices, generating a correlation and installation of agent propagation from an internal security center.
For how long have I used the solution?
I've used the solution for four years.
Which deployment model are you using for this solution?
Public Cloud
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-02-05T00:00:00-05:00
Rated 5 out of
5 by
AnkurSharma3 from
A complete solution for intrusion prevention and identify the traffic behavior but lacks scalability
What is our primary use case?
We use the Check Point IPS for intrusion prevention. It was installed inline. This solution enabled us to stop all threats and intrusion activities across the data center. The IPS uses a signature-based approach to control traffic, allowing only authorized traffic to flow outside. However, it can also identify the traffic behavior and enforce the policy based on that behavior, protecting against even new and unknown threats.
What is most valuable?
The docking of the IPS engine can be improved.
For how long have I used the solution?
I have been using Check Point IPS for three years.
What do I think about the stability of the solution?
The product is stable.
I rate the solution’s stability an eight out of ten.
What do I think about the scalability of the solution?
I rate the solution’s scalability a five or six out of ten.
How are customer service and support?
Technical support is awesome.
Which solution did I use previously and why did I switch?
I’ve used Cisco. It is very hard to configure and manage the day-to-day operation. It was entirely controlled by the CLI, like the command line interface. Compared to Check Point, it was wholly managed using the GUI. We can finetune and customize the signature. This feature is available in the Check Point.
How was the initial setup?
The initial setup is not so difficult. It takes two and a half months to complete.
I rate the initial setup a six out of ten, where one is difficult, and ten is easy.
What other advice do I have?
I recommend using the out-of-path installation of this tool. Then, find the desired signature and fine-tune the exception based on your specific environment, including the port involved. Once done, bring the tool line into the traffic. Finally, enable the signatures one by one instead of relying on a single group containing older signatures.
The solution has the inherent complexity of managing IT infrastructure and configuring Check Point IPS. The Signature Management requires manual customization to adapt to your network traffic conditions. Building and customizing signatures is a complex and demanding task.
Overall, I rate the solution a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-12-08T00:00:00-05:00
Rated 5 out of
5 by
Tshidiso Sehloho from
Robust network security with comprehensive protection, and continuous improvement, offering advanced features like signature-based detection, behavioral analysis, and mobile solutions
What is our primary use case?
The primary use cases include application security control, comprehensive security management, and proactive protection against a wide range of threats. It serves as a crucial component for safeguarding applications and ensuring overall security effectiveness. It contributes to proactive protection and plays a pivotal role in firewall protection strategies.
How has it helped my organization?
The focus is on safeguarding the departmental environment, and it is effectively fulfilling its role in environmental protection.
What is most valuable?
It offers robust protection with features such as Next Generation firewall capabilities, mobile solutions, and proactive threat prevention.
What needs improvement?
Enhancements are necessary for the proficiency of notifications in the event of a Social Security incident, whether through email or alternative channels such as SMS.
For how long have I used the solution?
I have been working with it for ten years.
What do I think about the stability of the solution?
It offers excellent stability. I would rate it ten out of ten.
What do I think about the scalability of the solution?
I would rate its scalability abilities nine out of ten. Currently, 1,800 users within our organization actively use it.
How are customer service and support?
I would rate its customer service and support nine out of ten.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup can be somewhat intricate, involving coordination with the OEM and service provider. I would rate it a six out of ten.
What about the implementation team?
For the deployment, we conducted a refresh last year, which took approximately two to three weeks to complete. It is essential to have at least two individuals involved in the process, with one requiring additional expertise. This team typically consists of a Check Point specialist, an expert, and an administrator.
What's my experience with pricing, setup cost, and licensing?
The pricing is quite reasonable.
What other advice do I have?
It is highly efficient and it provides a mobile solution for various devices, including cell phones and iPads, catering to mobile workflows. The system is not only efficient but continually improving. I would certainly recommend it. Overall, I would rate it eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2023-12-22T00:00:00-05:00