The Check Point Quantum Security Gateway Next Generation Firewall is a tiered firewall product. The base model includes the core firewall services, and can be upgraded to include anti-bot/virus/spam and sandboxing capabilities.
N/A
Forcepoint SWG
Score 7.1 out of 10
N/A
The Forcepoint ONE Secure Web Gateway (SWG) is one of the three foundational gateways of the Forcepoint ONE all-in-one cloud platform. Forcepoint ONE SWG monitors and controlsany interaction with any website, including blocking access to websites based on category and risk score, blocking download of malware, blocking upload of sensitive data to personal filesharing accounts, detecting shadow IT, and optionally providingRemote Browser Isolation (RBI) with Content Disarm andReconstruction (CDR).
N/A
Pricing
Check Point Quantum Firewalls and Security Gateways
Forcepoint Secure Web Gateway
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Quantum Firewalls and Security Gateways
Forcepoint SWG
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
Yes
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Check Point Quantum Firewalls and Security Gateways
Check Point Quantum Firewalls and Security Gateways
Forcepoint Secure Web Gateway
Likelihood to Recommend
Check Point Software Technologies
1) For huge DC environments and complex networks 2) Where clients were consistent up-time like FSI and healthcare 3) Application-aware client req. and preventing day 0 cyber attacks. 4) Securing East-West traffic, hyper-scaling capabilities 5)Some advantages - Best Security meets Ultimate Hardware and SandBlast Zero Day Protection out of the box, Modular hardware 6) High Performance CPUs
Over the years, [in our experience], the maintenance of the Forcepoint Web Security solution proved to be more cumbersome and troublesome with each version upgrade. In addition, it did not transition well to support the large increase of remote workers. We also experienced weird incompatibilities with the client. We have since replaced this solution with Zscaler Internet Access, a cloud-based secure web gateway solution with a client that behaves as expected, is more flexible, and requires significantly less administration.
HTTPS Inspection -- The firewall has troubles re-packaging the packet in a way that some websites are able to interpret correctly
Support -- Even getting support directly from Check Point isn't the easiest of experiences. They are more concerned about how fast they can close a ticket out, rather than fixing the problem.
Custom reports -- Custom reporting is extremely limited
The user access logs contain a lot of useless information. I understand this is very hard to tackle as I've seen this across any product that logs web activity.
I would like to see more customization options of website block pages.
It is very stable, the organisation has "locked in" the product and has no plans to change or try another product. We have already renewed our 2019-2020 licenses. It is user friendly and people catch on easily when they first use it. The only downtime is when we install Microsoft updates! It has excellent reporting which help in determining how the organisation's Internet is used and also during both internal and external IT audits.
Despite the intimidating Linux CLI when you use the appliance for troubleshooting, the web security usability compensates as most of the Administration of the system is done there. It is GUI based and has an easy to use UI where one can navigate around rather easily like getting reports, checking alerts, looking the whole setup under deployment to check if all services are running in one place though there are other parts to the system.
Check Point has a variety of support options that can be used to optimize your investment in the product. Companies with a larger information security and certified checkpoint engineer employee base can benefit from a standard SLA, while companies with a smaller security engineering footprint or more critical implementations can opt for premium, elite or diamond packages that even include the ability to provide on-site engineers for major security incidents. Check Point PRO support also provides the ability to outsource maintenance concerns by automating case creation and follow up when application components fail.
The is a quick first response to acknowledge your issue and the Engineers never take more than two hours to fix an issue and we hardly get issues looking at the fact that the system is pretty stable. There is also a robust Knowledge Base in the site for known problems.
Research known issues with upgrading from the Support Knowledge base, this will enable you avoid road blocks along the way and reduce your dependence on Forcepoint Support
In a heterogeneous environment, we wanted to keep multiple vendors for multiple purposes. CP was found very good in handling basic Next generation firewalls features along with handling of VPNs.
To be honest, once using Forcepoint for our Web Security, I have not wanted to look anywhere else. The dashboard gives me quick insight of threats, productivity, and bandwidth usage. Again, this is a layer in my security and it fills many holes. I feel safe and I do like I can just let it do its thing
Although there are better alternatives out there, Check Point delivers results for the price we paid for the system.
Since implementation, we have not have any major issues with the product, minor issues were resolved in a timely fashion.
Check Point currently fulfills our need for an outside facing firewall, when our organization grows larger, we will be looking at higher level enterprise solutions.
Being a non-profit the cost is a bit higher than some competitors so our ROI takes a bit longer to recoup. I would really like to see better non-profit pricing.
The ease of doing a report on someone cuts down on the IT man-hours to do website tracking for managers as we can do it from a central point whereas in the past (prior to Forcepoint/Websense) we would have to ghost their machine to look for activity as well as their local servers.
