8 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 6.7 out of 100
Top Rated
96 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 9.3 out of 100

Likelihood to Recommend

Check Point 4000 Appliances

Well suited for small to medium business with less than 1000 users. Good edge device, NAT is easy to work with. The anti-malware, anti-spyware are worthwhile paid add-ons. Anti-spoofing is built in, and required to be put in. The split of management between Gaia and secure platform applications is painful, but nothing that can't be gotten around.
Anonymous | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

The Palo Alto device is well suited for a direct replacement for any traditional or other firewall. There is little room for error on this device, it will do exactly what you have it configured for. Between security zones, security policies, nat policies, policy based forwarding, and everything in between, you have to keep your head on straight when making big or small changes.
The Palo Alto does have one overall issue our users report more than anything. The Palo Alto is a strict NAT device, so unless you have the ability to 1 to 1 map IP addresses for your users who need something beside strict NAT limitations, the Palo Alto will cause you grief.
Anonymous | TrustRadius Reviewer

Feature Rating Comparison

Firewall

Check Point 4000 Appliances
Next-Generation Firewalls - PA Series
8.7
Identification Technologies
Check Point 4000 Appliances
Next-Generation Firewalls - PA Series
8.8
Visualization Tools
Check Point 4000 Appliances
Next-Generation Firewalls - PA Series
8.0
Content Inspection
Check Point 4000 Appliances
Next-Generation Firewalls - PA Series
9.0
Policy-based Controls
Check Point 4000 Appliances
Next-Generation Firewalls - PA Series
9.0
Active Directory and LDAP
Check Point 4000 Appliances
Next-Generation Firewalls - PA Series
8.8
Firewall Management Console
Check Point 4000 Appliances
Next-Generation Firewalls - PA Series
8.3
Reporting and Logging
Check Point 4000 Appliances
Next-Generation Firewalls - PA Series
8.4
VPN
Check Point 4000 Appliances
Next-Generation Firewalls - PA Series
8.1
High Availability
Check Point 4000 Appliances
Next-Generation Firewalls - PA Series
9.3
Stateful Inspection
Check Point 4000 Appliances
Next-Generation Firewalls - PA Series
9.3
Proxy Server
Check Point 4000 Appliances
Next-Generation Firewalls - PA Series
8.6

Pros

Check Point 4000 Appliances

  • Management access is difficult to get to and requires a specific client, plus sourcing from a permitted IP address.
  • Anti-malware, anti-spyware, and anti-bot engines do a great job at protecting from malicious content.
  • Anti-spoofing makes certain exploits like the LAND attack vector as null and void.
Anonymous | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

  • AppID is able to see what the actual internet traffic is. For instance instead of port 443 just being "Internet traffic" we can define access to Facebook-base or all the other facets of facebook.
  • UserID allows us to define policies based on group or user access and integrates with our Active Directory. This helps to configure a least access privilege and if we find misuse of the network we can tighten specific users to a stricter policy.
  • GlobalProtect VPN connection helps our employee's connect from home remotely. This provides a very secure connection with minimal configuration.
  • Wildfire provides very up-to-date information regarding global attack mitigations and stopping techniques.
Christopher St.Amand | TrustRadius Reviewer

Cons

Check Point 4000 Appliances

  • Steep learning curve for admins
  • No packet tracer application like the ASA to test flows prior to putting in new rules, etc.
  • Policy packages are all or nothing. I cannot uninstall or turn off a piece of the overall policy, it's all or nothing.
Anonymous | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

  • The CLI is a bit confusing, and it's difficult to find what you're looking for. Takes a lot of practice. Definitely not as good as the Cisco CLI.
  • Updating the firmware is often a very dangerous process, especially when jumping minor or major releases. More QA should be done to validate and ensure no issues during upgrades. I'll admit it's gotten better over time, but there is still room for improvement.
Anonymous | TrustRadius Reviewer

Likelihood to Renew

Check Point 4000 Appliances

No score
No answers yet
No answers on this topic

Next-Generation Firewalls - PA Series

Next-Generation Firewalls - PA Series 10.0
Based on 1 answer
The PA5220s have far exceeded what we have expected out of them. It was a bit of a learning curve coming from another vendor, but everything falls into place now with ease. The capabilities of the solution still surprise us, allowing us to remove other costly hardware and providing a single point of management needed
Anonymous | TrustRadius Reviewer

Usability

Check Point 4000 Appliances

No score
No answers yet
No answers on this topic

Next-Generation Firewalls - PA Series

Next-Generation Firewalls - PA Series 10.0
Based on 2 answers
In my opinion, the Palo Alto Firewall is the simplest firewall in terms of management interfaces; though it has more advanced options that apply to more advanced use cases. Configuring basic features on the firewall is nearly self-explanatory; configuring more advanced features can be met with very thorough vendor documentation.
Anonymous | TrustRadius Reviewer

Support Rating

Check Point 4000 Appliances

No score
No answers yet
No answers on this topic

Next-Generation Firewalls - PA Series

Next-Generation Firewalls - PA Series 8.5
Based on 12 answers
We've run into a couple undocumented bugs, but that seems to happen with every brand and technology. Any time we've had to engage Palo Alto support they've always been professional, knowledgeable and prompt. In almost all cases we've been able to resolve our issues without having to escalate our tickets.
Paul Luchini | TrustRadius Reviewer

Alternatives Considered

Check Point 4000 Appliances

WatchGuard was a little more like a Sonicwall, and we felt the Soho-type interface wasn't what we wanted out of a security product. The anti-malware and spyware products were not nearly as good or pronounced as the checkpoint products. Secondly, we have to have the checkpoint for access to our parent company's networks.
Anonymous | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

I have used Cisco & Sonicwall primarily in most of my 23+ years of network security experience. Over the years all of these platforms have matured, but Palo Alto beats them all in terms of user interface.

The ability to run reports, get access to data immediately, and have the data be extremely accurate and granular is what sets Palo Alto apart from the others. Deployment of the VPN client(s) on multiple platforms is simple to manage and doesn't break other applications like many other VPN client software does. The performance of the firewall from a throughput and monitoring standpoint is second to none.
Anonymous | TrustRadius Reviewer

Return on Investment

Check Point 4000 Appliances

  • We have not seen a zero-day exploit since implementing the anti-spyware, anti-malware, and URL filtering functionality
  • We have not seen a successful intrusion into our systems since the implementation of our checkpoint 4000
  • We have had this firewall for 5+ years, and it still has much life left in it.
Anonymous | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

  • Utilizing Panorama to manage all of our Firewalls Policies by creating device groups is a real time saver. We only need to configure policies once and push them to the appropriate firewalls saving a lot of time.
  • Having the added security feature protection is good peace of mind in an ever-increasing threat landscape.
  • Monitoring traffic by IP, URL or username provides excellent insight into our traffic.
Anonymous | TrustRadius Reviewer

Pricing Details

Check Point 4000 Appliances

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Next-Generation Firewalls - PA Series

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Rating Summary

Likelihood to Recommend

Check Point 4000 Appliances
9.0
Next-Generation Firewalls - PA Series
9.4

Likelihood to Renew

Check Point 4000 Appliances
Next-Generation Firewalls - PA Series
10.0

Usability

Check Point 4000 Appliances
Next-Generation Firewalls - PA Series
10.0

Support Rating

Check Point 4000 Appliances
Next-Generation Firewalls - PA Series
8.5

Add comparison