Check Point Multi-Domain Security Management Reviews & Product Details

The multi-domain server solution allowed us to logically separate our customers, attesting them on separate domains. Each domain has a dedicated database, which allows us to have unique objects/policies for each domain and therefore for each client, without having to deploy different security management servers. Review collected by and hosted on G2.com.

actually nothing, compared to a security management server there are only advantages Review collected by and hosted on G2.com.

One of the most remarkable things is creating multiple domains based on regions, departments or areas according to the geographical location. This helps us a lot because having various devices that are more expensive at each site is unnecessary making a money-saving on this type of solution. Review collected by and hosted on G2.com.

At this point, I don't have anything to dislike about these features or solutions; I can say the price, but it is worth it because of this solution's scalability. Review collected by and hosted on G2.com.

multi-user connectivity and configuration allowance

manage all devices via one console

can see the logs from the application, you don't need any other app

one device for all configuration and db. Review collected by and hosted on G2.com.

sometimes responds very slowly, especially for big environments

it requires a lot of resources some occasions.

It can be difficult to get used to the working logic for some users. Review collected by and hosted on G2.com.

I like this product because we can have several and separate security management in a same server. Review collected by and hosted on G2.com.

in r80 and r81 the logs are not as good as in earlier versions Review collected by and hosted on G2.com.

Checkpoint had initially constructed the infrastructure with security management and security gateways. If you had a single security management (SMS or CMA), several gateways and a few security policy it’s working. However when you have different set of policies with large number of security gateways, single CMA is not sufficient. You can’t handle the logs or monitoring in just on single CMA. MDM overcomes these resource based limitations. MDS enable the virtualization of CMAs with dedicated resources each of their own. MDS has also a global policy which can be assigned to all CMAs and gateways. Global policy is generally used for common security rules allowing DNS, Active directory, management, backup etc. as well as common blocking rules like malicious IP addresses. Global policy can also be used for threat prevention policies like applying common IPS policies to the CMAs. It’s a very powerful in terms of assuring consistent security policies throughout the organization. Another advantage of the MDS is the granular/role based assignment of administrators to the CMAs whereas you control the administrative accounts from one single pane like adding, deleting, assigning administrators. Even you can delegate the CMA to the 3rd party companies to operate. Then comes the MLM and SmartEvent. MLM and SmartEvent and Compliance is also managed through the MDS. Upgrades with the MDS is much easier than upgrading many CMAs. High Availability is also supported by installing another MDS. Synchronization of primary and secondary MDS is automatic. Integration with 3rd party tools through the MDS is another advantage. You can update, add, delete 3rd party tools through the MDS and it’s very easy. Review collected by and hosted on G2.com.

The initial purchase of the security gateway and its management is free of charge. You need to pay money to MDS even you have dedicated Security management licenses. After deploying MDS in case you see performance issues on the MDS site than you need to divide log server which means purchasing additional Hardware. DR/HA implementation is additional cost. MDS Global policy assignment has some limitations; you cannot overwrite the global policy on the CMA. On the TP side, global policy and local policy usage is cumbersome. Unified policy migration on the gateways directly links the global policy type unified vs simplified. Support cases related to MDS generally take time to solve, Checkpoint TAC demands the MDS backup, and it’s huge. Many times we encounter cases where the TAC recommends upgrading the latest version. Migrating to new version needs a dedicated lab environment to test the whole migration process. If you don’t test it with the verifier, it fails. We see many times the verifier gives error and we produce a lab environment to simulate the problems. Migration to MDS needs partner support in big environments. There was a workflow blade working at the MDS level now it’s abandoned. There’s no direct integration with MDS and cloud-based smart center (smart-1 cloud). Review collected by and hosted on G2.com.

As MDS management is a centralized solution, it has several advantages, such as unification, categorization, and scalability. It can help large businesses in their expansion. Review collected by and hosted on G2.com.

There is nothing much to be disliked on our side, except maybe the price that can be high with licensing. Some specific issues can be encountered, depending on the features in action. Review collected by and hosted on G2.com.

Three distinct features MDM has 1. Centralized management to have full control of Checkpoint gateway products. 2. Product categorization based on geographical locations, business unit & 3. Scalability - When the business grows, it's so much easier to scale. These are the reason why I would recommend this product to my friends and colleagues. Review collected by and hosted on G2.com.

The initial setup may be a bit complexs. Review collected by and hosted on G2.com.

Multi-Domain Security Management eases managing Check Point devices, especially in an enterprise network. Review collected by and hosted on G2.com.

You have to use an additional dashboard for multi-domain security management. Review collected by and hosted on G2.com.

Check Point Multi Domain Security Management allows us to create multiple domains based on networks/regions/firewalls/departments or which ever reason there might be in order to ease management while not needing multiple devices which needs resources such as time/money/help and space to install.

Provides a feature to provide access to individuals based on their roles and responsibilities rather than each admin getting the access to domains which are not administered by them or their team. Review collected by and hosted on G2.com.

Feature to create domain based backup lacks because of which if something breaks, the whole MDS server is needed to be restored hence affecting every domain. Review collected by and hosted on G2.com.

Good Management interface with a scalable solution for managing different environments/clients. Review collected by and hosted on G2.com.

The cost associated with the product and licensing is pretty high Review collected by and hosted on G2.com.