We have main offices in Brazil and branch offices in each of our state capitals. So, we have 26 branch offices in total. Each branch office used to have a small Check Point appliance. We're moving away from that model; they won't access the internet directly anymore. Instead, they'll pass through a central kind of star network.

We use two levels of firewalls: an external firewall and an internal firewall. We have a DMZ between these two firewall clusters with high availability. Each firewall has IPS, web content filtering, bot protection, and antivirus enabled. We'll contract some of those features as part of an MSSP service. We don't buy products or appliances directly.

Our procurement requirements allow other manufacturers to participate. The decision isn't ours or the integrator's – it's how we buy in Brazil. The vendor offering the lowest price for a product that meets the requirements wins. We cannot choose a specific brand or product name.

Before contracting the MSSP, we had an IPS (I don't remember if it was Check Point). However, we only detected signatures; we weren't confident enough to block them due to false positives. For the past 10 years, we have had a procedure where we get new signatures weekly, test for false positives, and set exclusions. Most relevant signatures are now in use, so the IPS is an important layer of protection for us. So, Check Point Infinity's threat prevention capabilities benefitted our organization.

We haven't had any problems with integration, but we don't need many integrations. The main one is with SIEM. The bigger issue is that we use ArcSight as our SIEM. It's very difficult to migrate from one SIEM solution to another.

We are on the journey of moving to the cloud right now. We had on-premises services, but we are going to move to a cloud environment where we have Azure and AWS Cloud. Because of this, the new solution will have virtual firewalls at the edge of each cloud.

I like all the features because within the suite we use, it's sometimes hard to know exactly which features are being used and where they come from. 

But, the main feature is the integration with Active Directory, where you can allow or deny traffic based on users or groups of users from Active Directory.

We have had some performance issues. Because of this, we had to redirect traffic to be analyzed by other appliances. I'm not sure if higher-end appliances would still have this problem. 

We also experienced issues with deploying new configuration versions to all branch appliances, but we won't be using this setup anymore. We don't know exactly how the virtual appliances will work to protect the cloud. It's a new thing for us.

I have been using it for 14 years now.

I would rate the stability an eight out of ten. We've had some problems in the past.

We had an issue with scalability before. We think the technology changes caused by mobile traffic impacted our appliances. Since we're buying a bigger solution now, I think we won't have this problem this time. 

Check Point engineers were involved, and they suggested we use a virtual appliance to remove this traffic from our physical appliance.

We've had some difficult experiences sometimes, such as we have to send again files and information.  

Neutral

We had another solution a long time ago. It was a small, free solution, very difficult to compare. We've used Check Point for a long time, so it's impossible to make a fair comparison.

We also use Azure Sentinel, but we do not receive logs from security solutions. It's possible we'll migrate to Azure Sentinel in the future. Nowadays, it's difficult to use a SIEM that is local and not cloud-based.

The initial setup will be done by the MSSP provider, not us. They'll handle the appliances, configuration, and integration. When we pay, everything must be working perfectly, and the documentation must be delivered to us.

The first deployment took about nine months because we changed the active tool. The second deployment was a bit different and took about six months. This timeline includes everything: equipment and features, but it also has solutions that aren't exactly Check Point firewalls, like the WAF (Web Application Firewall) or integration with SIEMs—also, the implementation of use cases in the SIEM.

There are two teams involved in the deployment: our team and the supplier's team. Usually, there are three or four people from the supplier and the same number from us.

It's maintained by the supplier. We have an SLA (Service Level Agreement) in place. They install, maintain, and manage the entire solution. We are a user of the solution; we open tickets to them, and they make the configurations. They're also responsible for availability and other aspects.

I would recommend it. However, Check Point could improve its tech support systems. If they had more engineers in Brazil, I think it would be good.

Overall, I would rate the solution a nine out of ten.

We use the solution for testing and conducting. For instance, we test this product using open-source samples containing different ransomware tools and another element.

The detection rate is good. It also has personal management that provides all the details on one dashboard. Depending upon the requirements, you can customize the dashboard. The visibility part is also very good. It can customised. The reaction rate is good.

There is an issue with high agent size, which impacts performance. The EDR part should provide more features.

I have been using Check Point Infinity for 6 months.

The solution’s scalability is good but complex to maintain. They need to provide technical training to the partners. Expanding the team to get expertise and hands-on solutions will be easy.

Support is not that much good. Response time is very high. Some issues take a few days to resolve.

The initial setup is neither easy nor complex. Any technical user can quickly deploy it. You need two to three resources to monitor and support the solution for a thousand assets. We use email deployment and data deployment. You don't use manual deployment. It is challenging for multiple users.

Check Point is a universal solution with multiple features that customers expect in one product to meet all the requirements.

The product has moderate pricing depending on the devices. The OEM's services are quite high.

We are a cybersecurity company providing solutions for our customers. We tested the Check Point solution, not just as a solution provider but also to assess cybersecurity for Check Point. We tested various products and have found that the Check Point endpoint protection offers multiple capabilities. It covers postal management, DDR capabilities, and many other features, such as cloud assessment and sandboxing in the cloud.

They should have a dedicated team or take services from third-party sources to maintain the solution. They can have this solution for endpoint protection and mobile protection.

We can customize the dashboard to meet our needs. We can tailor the dashboard to display the information we need depending on our requirements.

Overall, I rate the solution a seven out of ten.

The tool's most valuable feature for threat prevention is the encryption alarm. 
I find the centralized management console, including the log analyzer and reports in Check Point Infinity, extremely beneficial for enhancing security and operations efficiency in our enterprise. I would rate it a perfect ten out of ten, as it effectively helps us analyze logs,  and detect potential attacks. 

The tool's technical support lags. 

I have been using the product for six to seven months. 

I rate the solution's stability a nine out of ten. 

I rate the tool's scalability an eight point five out of ten. 

We used Trend Mico before Check Point Infinity.We currently have approximately 500 endpoints deployed. So far, the system is working seamlessly, and we haven't encountered any security issues. I'm confident in the product's security features. We are currently the documentation, and the support portal has been reliable, providing us with ample resources to troubleshoot any issues.

When it comes to price, the paramount consideration is the strength of the security. If the security measures provided by the product, such as Check Point Infinity, are robust and meet our requirements, price becomes a secondary concern.

For those considering Check Point Infinity, my advice is to gain hands-on experience and acquire a foundational understanding of the product before diving into the implementation process. I rate it a nine out of ten. 

The use case involves managing various aspects, including endpoint security, SaaS interface, and firewall management within the Check Point Infinity architecture. The Infinity portal serves as a centralized hub for overseeing all components of the Check Point security suite. The architecture incorporates XDR and MDR, enabling automatic correlation of information. In scenarios where a security issue arises, the system can automatically analyze data from diverse platforms, such as endpoints, firewalls, and Office 365. T

It offers significant benefits as a cybersecurity leader, known for pioneering the logical firewall and excelling with its Infinity suite. The expertise of Check Point professionals ensures efficient handling of challenges.

I have a positive history with Check Point, having worked with their firewall models since the nineties. A notable aspect that I appreciate is their ongoing effort to redesign the portal, giving it a fresh and centralized appearance. This is particularly significant as the transition from Check Point on-premises solutions to the cloud.

I've observed some challenges in terms of usability and performance, particularly since the shift to a service-oriented model like Infinity. It seems that the performance varies, likely influenced by the client's size and the provisioning of resources.

We have been using it for several years, and since it was released we have become partners.

The stability is influenced by the specific configuration and the capabilities of the machine itself. Currently, I can confidently rate the stability at eight out of ten.

The scalability and power seem to impact the interface quality; larger clients with more resources receive a better interface experience. In cases where clients initially buy licenses for a certain number of machines and later realize they need more, Check Point offers flexibility. Clients can purchase additional licenses even if it's mid-year, without the need to synchronize license renewal dates.

My experiences with Check Point's tech support have been positive. They responded promptly to issues, even conducting a video call for clarification. A licensing complication was swiftly addressed, showing their commitment to resolving bugs.

The initial setup was straightforward.

The deployment time varies depending on the specific machine and its configuration, however, in general, the implementation and installation processes are relatively quick. The deployment process is contingent on the specific configuration and the underlying infrastructure. However, due to our familiarity with the products, deployment is straightforward and typically doesn't extend over days. Instead, it can be accomplished in a matter of hours or even minutes, particularly in smaller cases. The process begins with obtaining the necessary licenses through a purchase order. Once acquired, we seamlessly integrate them into the Check Point dashboard, either through a physical conversion or by utilizing the Infinity portal. Subsequently, if configuration is required, we create the tenant and apply the license to it. From this point onward, the deployment process is quite straightforward and efficient.

The price is justified by the security it provides. In a world where security breaches can lead to significant financial losses, the investment in robust cybersecurity solutions is seen as essential. Moreover, the ongoing improvements in the dashboard experience further enhance the overall value proposition of Check Point Infinity, making it a comprehensive and worthwhile security solution for businesses in Portugal.

In Portugal, pricing for security solutions, particularly Check Point, is not a fixed rate. It's determined by factors like the brand's prominence and whether the product is flagged. The flexibility in pricing is advantageous, and being a special partner allows for negotiating special rates based on the project requirements. Unlike services like Office 365, Check Point licenses are not based on users but rather on machines. Clients are required to pay when submitting a purchase order. However, for those interested in trying the product, whether for a Proof of Concept or other purposes, we can facilitate trials. As partners, we have the ability to request trials from Check Point or conduct trials ourselves for one to three months. While trial versions can't be extended, we can release a new license with an additional thirty days, allowing clients to continue testing the product. After the trial period, we can convert the tenants and apply for a full license, enabling clients to choose the desired products for implementation.

Overall, I would rate it nine out of ten.

We required a first line of defense to protect, monitor, and ensure that no confidential information leaves the internal network. We also required a device that can segment our network so that different subnets like the DMZ, Production network, and testing environments. Threat prevention that required AI and ML capabilities was another reason to acquire the Check Point Quantum Spark NGFW. Finally, it offers an all-in-one solution that was a necessity where the same instance could manage and monitor VPNs, application control, web filtering, intrusion detection, and email security.

With Check Point Quantum Spark, we have a first line of defense in our environment, seated just after the router that connects to the ISP's endpoint, all traffic entering and leaving the network is monitored, and filtered depending on the different rules created. 

The functionality of AI helps further in the threat detection field. This NGFW is able to support a large number of VPN connections and at the same time monitor these connections for any anomaly. 

Finally, for any flagged threats, a sandbox functionality is also provided making it even more robust in detecting zero-day attacks.

The sandblast threat emulation is great. We are able to visualize the extent of specific threats without necessarily having them deployed in our environment. The Sandbox feature is able to virtualize an environment that can mirror what we have in the internal environment.

The quality of Service for different traffic types is excellent. We are able to prioritize business-critical traffic over other types of traffic like streaming.

Artificial intelligence threat profiling has helped a lot in detecting and protecting the internal network from zero-day, DNS, and DDoS attacks. 

We'd like to see support for fiber connections. With the growth of the network, we would expect that more and more traffic is going through this device and soon enough, the bottleneck will be the type of connection being used to transfer data to the router and further to the ISP. A throughput of 1GBPS will hinder performance on the network.

Configuring fault tolerance for specific features, for example, power sources would ensure that the chances of the system shutting down due to a power surge are highly limited. This can further increase the SLA to 99.99%

We've used the solution for three years and we just recently upgraded to the 1535 series.

The system is stable and able to perform with the advised load without fail. 

Quantum Spark is designed for small to medium businesses. With this in mind, the scalability is perfect and will support up to a firewall throughput of 1GBPS which is favorable for an SMB.

The Check Point customer service is prompt and with their knowledge base, the majority of the issues incurred are already cleared noted with a list of multiple solutions. 

Positive

Previously we used the Sophos XGS series. The Sophos XGS firewall no longer met the business' growing needs as it further led to a slowness in the performance of the network hence the search for a new system that would fix this.

The initial setup was straightforward. Check Point's GUI interfaces are user-friendly, and it also provides a lot of information on setting up their devices.

This was an in-house deployment. 

With the increased internal network performance and a decrease in the threats being exposed to the network; the return on investment for this is roughly in the range of 40% to 60%.

Quantum Spark has different subscription models where you can add more functionality as required. For a constrained budget, you can specifically pick out the functionalities you want, and pay for that.

We also considered:

• Cisco ASA 5500 series
• Cisco FirePower 1000s

My company's clients use Check Point Infinity to protect their data.

The most valuable features of the solution stem from factors like ease of use, visibility, and cost to the enterprise.

Endpoints are an area of concern when it comes to Check Point Infinity. There are some issues around the marketing of the endpoint solution, because of which it is not as prominent as other players in the market. The endpoint solutions offered by Check Point are not prominent enough in the market due to Check Point's poor marketing efforts. If the marketing for the endpoint solutions offered by Check Point is done properly, then Check Point can get a more thorough positioning in the marketplace.

I have been using Check Point Infinity for two years. My company is a reseller of products from Check Point and Palo Alto. I have experience with the solution's latest version.

Stability-wise, I rate the solution a nine out of ten.

Scalability-wise, I rate the solution an eight out of ten.

My company's clients who use Check Point Infinity are mostly enterprise-sized companies.

I rate the technical support a nine out of ten.

Positive

The deployment process of the tool can be completed in a few hours.

The solution is deployed on the cloud and on-premises.

I rate the product's price a six on a scale of one to ten, where one is cheap, and ten is expensive.

A payment of 15,000 USD needs to be made towards the licensing costs attached to the solution. There are no costs in addition to the standard licensing costs attached to the solution.

I recommend the solution to those who plan to use it.

I rate the overall solution an eight out of ten.

It is a good tool. If we plan to change the password, we don't have to change the MX Points or SPF settings, as it works with Microsoft 365. It helps us prevent losing emails.

Check Point Infinity is not compatible with Windows 8.

We have been using Check Point Infinity for two months. We did a POC for it.

It is a stable product. 

It is a scalable product.

The technical support services are good. We reach them regarding technical errors. They reply with the solutions in a few hours.

Positive

The initial setup process is complex.

The product has good pricing considering the features and a global approach. I rate its pricing an eight out of ten.

I rate Check Point Infinity a nine out of ten.

At the end of 2020, the company was growing its staff. In addition, the pandemic was beginning, and as a result of these two factors, the company needed to protect the organization. It was there that the Check Point Infinity tool was used. 

It is characterized as a great tool against the latest generation of cyber attacks all these attacks are found on mobile devices, endpoints, etc. Always in the security part, companies must be aware of technologies since it is an essential part of organizations, and Check Point Infinity is an excellent tool for these functions.

The Check Point Infinity tool came in to reinforce security in the organization since a basic security had been implemented that put our data at risk. Using these new technologies, it has also focused on zero-trust and is able to generate complexity and security gaps in the platform of the organization so we can avoid future attacks and errors and be able to provide a quick solution. 

Infinity contains all the modern Check Point components like DLP, IPS, VPN, etc. We currently use R80.10 and it helped us a lot with security and implementations.

It has come to reinforce the security architecture of the organization since it covers all the necessary pieces of security, those characteristics that it has that different cover devices regardless of the brand, also to help us maintain full control of our employees' devices and thus be able to monitor and ensure more and more security breaches. Infinity helped us a lot in real-time threat prevention, and with continuous updates, it is one of the most important points of all Check Point solutions.

One of the main improvements that can be made is the latency in the portal. It is one of the most common errors of the Check Point tools, another of the improvements is that the unlimited licenses are based on the number of users. This confuses larger organizations, where not all users need all services. 

Finally, they must improve the technical support they provide to users since we have opened several cases and they take time to attend to them or contact us, and in certain cases, they do not provide a quick solution. They take a long time to solve the error problem in question, which is worrying since, due to this inefficiency, they could attack the organization since there may be a gap in the infrastructure of the organization.

The tool was implemented four years ago..

In recent years, the stabilized one has done very well. The only thing is the latency to the portal, however, in general, it has behaved very well.

Regarding the scalability of the tool, it is very scalable depending on your implementation.

The experience with support has not been very good since we have had problems with support. It took a long time to answer or solve a problem.

Positive

We did not have any professional security tools.

The implementation was very simple and fast. All you have to do is meet the primary requirements.

The implementation was done in conjunction with the supplier and an internal engineer. The experience was very good; he knew how to do his job.

The director of the company will be continuity since if it were not safe there would have been losses.

Check Point maintains competitive prices in the market. It must be taken into account that for the security of an organization is very important to invest in.

Check Point Infinity was one of the first options we had in mind due to its great reach in the security market.

The only thing would be to improve the latency in the graphical interface and technical support.