We performed a comparison between Check Point IPS and Darktrace based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The Check Point IPS feature I find the most valuable is the firewall. It is great and easy to work with."
"Its event analysis and centralization features are very important for any organization."
"The number of the IPS protections is amazing - after the latest update I see more than 11000 in the SmartConsole."
"IPS easily allows follow-up flags on recently updated patterns. If, in rare cases, a false positive does occur, it is quickly detected and an exception can be easily created."
"The most valuable feature of the solution is called tunneling. Tunneling is one of the major security features that hackers cannot penetrate through."
"Check Point offers DDoS and endpoint protection called EDR or XDR, so it provides a holistic security architecture for any organization."
"The most valuable feature of Check Point IPS is the management of devices and policies."
"Among its great features is the ability to detect outgoing malware or extraction of compromised data and stop it, thus safeguarding us by isolating the network, the equipment, or the identity of the affected users."
"The initial setup is simple."
"We have found the product to be stable and issue-free."
"Technical support is helpful and responsive."
"Darktrace is very flexible."
"We are able to detect a lot of things, actually, and see what is happening in our network."
"A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet traffic in real time."
"I find the complete portfolio to be excellent."
"The most valuable feature of Darktrace and the most valuable feature is the artificial intelligence module because that is the tool that determines automatically if there is any risk or not in the network."
"The only thing they could maybe improve is that we notice right away that the performance decreases when we enable the IPS, especially beyond the CPU and memory usage. If you want to enable the IPS and you have a lot of traffic, it can have an impact. The performance could be improved."
"The hardware-based version of Check Point IPS could be more scalable. Right now, it's not scalable."
"Sometimes Check Point documentation is not always updated, which is why when some implementations change, it generates confusion about details."
"The service that we want to see in the future is a capacity to segment the IPS services by equipment."
"Enhancements are necessary for the proficiency of notifications in the event of a Social Security incident, whether through email or alternative channels such as SMS."
"There is a performance impact on the NGFW post-enabling the IPS blade/Module, which can even lead to downtime if IPS starts to monitor or block high-volume traffic."
"It is generally good, but improving the performance would be the one thing I'd take a look at right now."
"When exceptions need to be done for certain profiles, it is easy to get them done, however, implementation on some general ones may cause some extra work as the IPS is not easy to overwrite."
"One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent."
"One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network."
"Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides."
"Darktrace does not have any capabilities to configure."
"This product needs more in terms of prevention. The detection capabilities work well but once a threat has been detected, Darktrace should work to prevent it from doing anything malicious."
"A reporting portal could be a great addition to help customize reports."
"The main portal needs improvement as it is difficult to use."
"The pricing is a bit high for the region."
Check Point IPS is ranked 3rd in Intrusion Detection and Prevention Software (IDPS) with 46 reviews while Darktrace is ranked 1st in Intrusion Detection and Prevention Software (IDPS) with 65 reviews. Check Point IPS is rated 8.6, while Darktrace is rated 8.2. The top reviewer of Check Point IPS writes "Great for detection and access with the capabilities of defining specific rules". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Check Point IPS is most compared with Palo Alto Networks URL Filtering with PAN-DB, Palo Alto Networks Advanced Threat Prevention, Trend Micro TippingPoint Threat Protection System, Cisco NGIPS and Fortinet FortiGate IPS, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Corelight. See our Check Point IPS vs. Darktrace report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.