TrustRadius: an HG Insights company

Quantum Firewalls and Security Gateways

Score9.6 out of 10

35 Reviews and Ratings

What is Quantum Firewalls and Security Gateways?

The Check Point Quantum Security Gateway Next Generation Firewall is a tiered firewall product. The base model includes the core firewall services, and can be upgraded to include anti-bot/virus/spam and sandboxing capabilities.

Top Performing Features

  • Visualization Tools

    Visualization tools present administrators with data on applications traversing the network, who is using them, and the potential security impact.

    Category average: 8

  • Policy-based Controls

    Firewall policy controls enable administrators to create firewall policies controlling what data is allowed to traverse the firewall

    Category average: 8.9

  • VPN

    VPN's implement encryption and anonymize IP addresses

    Category average: 9.1

Areas for Improvement

  • Content Inspection

    Inspecting permitted application traffic by means of threat prevention, URL filtering and data filtering

    Category average: 8.5

  • Proxy Server

    A proxy server changes your IP address and masks the origin of your network traffic

    Category average: 8.5

  • Active Directory and LDAP

    Integration with Active Directory and LDAP directories

    Category average: 8.4

Check Point advance security gateway.

Use Cases and Deployment Scope

Check Point Quantum firewalls and Security Gateways provide prime-level security at the perimeter level with Multiple blades and features like VPN, Content Filter, Application filter, etc. All this is managed by a smart console, and we can add firewalls in HA. With Distribution deployment, we can add firewalls at different locations or at a single location.

Pros

  • Provides prime level security at perimeter with 99% Accuracy.
  • NGTP blade can provide features with maximum benefit.
  • Check Point all in one evaluation blade provide access to evaluate the features.

Cons

  • In the smart console, all options should be visible as new, so that Check Point can find the option very easily.

Return on Investment

  • I was not involved in financial decision.

Usability

Other Software Used

Palo Alto Networks Next-Generation Firewalls - PA Series, Cisco Firepower 4100 Series

Acing Cyber Threats detection for our clients - CheckPoint is the way to go!

Pros

  • Stopping and detecting Day 0 attacks
  • Easy troubleshooting/ GUI
  • Scalability and speed
  • After sales support, NGFW capabilities

Cons

  • Modular capabilities
  • Integration with VMware and NSX products per client requirement
  • 3rd Party support product

Most Important Features

  • Application-aware boxes
  • Threat detection capabilities
  • Hyperscaling

Return on Investment

  • We saved an approx USD $ 750k minimum in a span of only 3 months due to long term planning and migrating from old /legacy platform to Newer CheckPoint Quantum Security Gateways
  • Long term plan - To purchase licenses for next 2-3 years planning = expected Savings = 500k - 1000k USD min
  • Super easy after sales support / Diamond level equivalent

Alternatives Considered

Check Point CloudGuard Posture Management (formerly Dome9)

Other Software Used

Check Point CloudGuard Posture Management (formerly Dome9), Stonesoft Next Generation Firewall (Discontinued), Trend Micro Cloud One - Application Security, Forcepoint Data Guard

Checkpoint firewall with nice VPN and NGFW features with tricky configuration

Pros

  • Internal Network Protection from outside network
  • VPN connectivity for secure data transmission across multiple vendors
  • File download antivirus security
  • URL Filtering
  • Malicious domains blocking

Cons

  • Fine tune required in the malicious domains blocking
  • Antivirus signatures should be updated in real time
  • Network latency can be reduced during high utilization time window

Most Important Features

  • Perimeter security
  • URL Filtering
  • Virtual Private Network

Return on Investment

  • Reduced attacks on DMZ servers
  • Blocked access of malicious destinations hit by internal users
  • Complete visibility about what is going and what is coming via internet

Alternatives Considered

Cisco ASA 5500-X with FirePOWER Services and Palo Alto Networks Next-Generation Firewalls - PA Series

Other Software Used

Cisco ASA 5500-X with FirePOWER Services, Palo Alto Networks Next-Generation Firewalls - PA Series, Fortinet FortiGate

Check Point's robust and unique feature set proves why it's the industry leader

Pros

  • SSL inspection provides more effective mitigation of threat and data leakage with the ability to inspect and analyze encrypted traffic.
  • Threat emulation and extraction provides protection against zero-day threats without compromising the data of infected files.
  • 'Office mode' VPN provides a seamless connected experience for remotely connected individuals.
  • Application control features provide granular restrictions to the type of application traffic than can pass through the network.

Cons

  • Pricing is not as competitive as the alternatives.
  • Perimeter antivirus is not as effective as its competitors
  • Steep learning curve and expensive certification paths may impair training paths

Return on Investment

  • Lower maintenance and information security management efforts thanks to the centralized console and dashboards
  • Improved mitigation of data loss/data leakage thanks to dedicated DLP blades
  • Improved productivity thanks to VPN/remote work capabilities
  • Improved internet access speeds and prioritization of services through the implementation of the application control blade
  • Improved employee productivity thanks to stringent URL filtering controls

Alternatives Considered

Palo Alto Networks Next-Generation Firewalls - PA Series

Other Software Used

Microsoft SQL Server, MySQL, NGINX, Apache Web Server, Microsoft Power BI

Check Point Firewall Review

Pros

  • The management console is very easy to use. There is a lot of information on it which can seem overwhelming, but everything is right there in one page.
  • You have the ability to manage certain websites or IP addresses based on web content that is predefined or track individual end users.
  • The support for Check Point is excellent. If you are having trouble with the appliance, help is not far away. Techs will stay with you for hours if need be, to resolve any issues.

Cons

  • Check Point has a complex range of reporting tools, some of which can take time to learn and be comfortable with.
  • The firewall is solid and needs to have someone with training to manage it which means any little mistake can bring down the network and have you on the phone with Check Point support.
  • They are pricey for some of the hardware and reporting tools.

Return on Investment

  • Although there are better alternatives out there, Check Point delivers results for the price we paid for the system.
  • Since implementation, we have not have any major issues with the product, minor issues were resolved in a timely fashion.
  • Check Point currently fulfills our need for an outside facing firewall, when our organization grows larger, we will be looking at higher level enterprise solutions.

Other Software Used

Symantec Endpoint Protection, Malwarebytes, Barracuda Web Filter