The Check Point Quantum Security Gateway Next Generation Firewall is a tiered firewall product. The base model includes the core firewall services, and can be upgraded to include anti-bot/virus/spam and sandboxing capabilities.
Check Point Quantum Firewalls and Security Gateways
DNSFilter
Likelihood to Recommend
Check Point Software Technologies
1) For huge DC environments and complex networks 2) Where clients were consistent up-time like FSI and healthcare 3) Application-aware client req. and preventing day 0 cyber attacks. 4) Securing East-West traffic, hyper-scaling capabilities 5)Some advantages - Best Security meets Ultimate Hardware and SandBlast Zero Day Protection out of the box, Modular hardware 6) High Performance CPUs
I like how easy it is to manage the filtering software from the web portal. It's super straightforward to set up my networking equipment with clear instructions. I like that it automatically blocks threats without me having to do anything. It also lets me remotely manage both of our locations and networks from the same portal with the same policies. Very useful for saving time setting up content filtering.
HTTPS Inspection -- The firewall has troubles re-packaging the packet in a way that some websites are able to interpret correctly
Support -- Even getting support directly from Check Point isn't the easiest of experiences. They are more concerned about how fast they can close a ticket out, rather than fixing the problem.
Custom reports -- Custom reporting is extremely limited
Improved scalability: As an organization's needs grow and evolve, the software should be able to scale up and handle an increasing number of users and devices.
More granular controls: The ability to set more detailed and specific policies, such as the ability to block certain types of content for specific groups of users, would give organizations more flexibility and control over their internet usage.
Advanced threat protection: Increasing the software's ability to detect and protect against advanced threats such as zero-day exploits and APTs would provide a more comprehensive security solution.
Check Point has a variety of support options that can be used to optimize your investment in the product. Companies with a larger information security and certified checkpoint engineer employee base can benefit from a standard SLA, while companies with a smaller security engineering footprint or more critical implementations can opt for premium, elite or diamond packages that even include the ability to provide on-site engineers for major security incidents. Check Point PRO support also provides the ability to outsource maintenance concerns by automating case creation and follow up when application components fail.
In a heterogeneous environment, we wanted to keep multiple vendors for multiple purposes. CP was found very good in handling basic Next generation firewalls features along with handling of VPNs.
When compared to Kerio Control we found Central Management of filtering to be much easier, it also allowed us to apply filtering to remote devices like laptops and had better logging. We found DNSFilter to be much easier to deploy then Webroot DNS Protection because Webroot required the Anti Virus to be installed before deployment was even possible, and reporting features were very lacking.
Although there are better alternatives out there, Check Point delivers results for the price we paid for the system.
Since implementation, we have not have any major issues with the product, minor issues were resolved in a timely fashion.
Check Point currently fulfills our need for an outside facing firewall, when our organization grows larger, we will be looking at higher level enterprise solutions.
We used to deploy Cisco Umbrella before switching to DNSFilter. I feel like you need an advanced degree to set up and manage Cisco Umbrella. Not the case with DNSFilter. You will save time and money by leveraging a very easy to use product.