Checkpoint 4000 series, still running like a champ!
December 27, 2018
Checkpoint 4000 series, still running like a champ!
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Check Point 4000 Appliances
Check Point is our current corporate standard. Access to our parent company networks requires a heterogenous checkpoint to checkpoint VPN. This is being used by most of the satellite companies, as our company grows via many acquisitions per year. The product is fantastic for blocking incoming threats, managing online content access, and has done a great job at keeping our companies safe.
- Management access is difficult to get to and requires a specific client, plus sourcing from a permitted IP address.
- Anti-malware, anti-spyware, and anti-bot engines do a great job at protecting from malicious content.
- Anti-spoofing makes certain exploits like the LAND attack vector as null and void.
- Steep learning curve for admins
- No packet tracer application like the ASA to test flows prior to putting in new rules, etc.
- Policy packages are all or nothing. I cannot uninstall or turn off a piece of the overall policy, it's all or nothing.
- We have not seen a zero-day exploit since implementing the anti-spyware, anti-malware, and URL filtering functionality
- We have not seen a successful intrusion into our systems since the implementation of our checkpoint 4000
- We have had this firewall for 5+ years, and it still has much life left in it.
WatchGuard was a little more like a Sonicwall, and we felt the Soho-type interface wasn't what we wanted out of a security product. The anti-malware and spyware products were not nearly as good or pronounced as the checkpoint products. Secondly, we have to have the checkpoint for access to our parent company's networks.