Really? What features did you find lacking? We just got done doing a proof of Axis and Check Point P81. (Recent acquisition.). Are you proofing Check Point’s original SASE or P81?
We found Axis way superior in features. We could steer traffic by star dot domain and FQDN, Check Point was all IP based. Axis had traffic logs for the users, Check Point did not. Axis had direct tunneling on a per-app basis, Check Point did not.
What specific use case have you issues with Axis?
We haven’t decided who to buy yet so looking out for any big gotchas we might have missed in our proofs…
I’ve had a demo of the solution, was ok. Used it for the SASE firewall policies and tested the ZTNA with a connector in the environment. Policy changes reflected pretty much instantly.
It feels like a SASE/SSE appliance done right. Pretty great performance and feature set, easy enough to setup and get configured. I’m working with a customer right now who is replacing globalprotect with Cato and he is very happy. I am a bit bias since we are selling them at my company though.
It’s P81 and we just had a demo last week by our Checkpoint sales team so I haven’t actually had a chance to get my hands on it yet. We’re working on getting some NFR licenses for that. So my opinion is very much based on just the looks right now I do admit.
We did find the policy changes kicked our test users off of their voice/video calls and RDP sessions which kind of sucks. Did you guys experience the same? It was a momentary blip but a live call session would drop and the call is lost.
Considering that I think of myself as a networking doofus, I was initially intimidated by the conversation process. Turns out it was super easy and I kind of wish we would buy more sites because I want to set it up again.
Got it. If you don’t mind I’ll message back in a few weeks? You’re testing the same two products we test so I’m really interested to hear your thoughts afterwards
I did not experience that. Interesting tho, I still have access to the environment. I will try that again. Good spot. You test the ZTNA?
They definitely wanted it to be easier to deploy and be able to quickly get to a healthy and secure state. Basically if you understand basic firewall stuff you will not have many issues. I find their documentation to be pretty good and contains lots of best practices as well. If you are ever in need of some help DM me!
Certainly. Speaking for myself I like a lot of options and settings. The Axis interface seems… simple which is good in its own way. Unfinished is the feeling I get. Functionally it’s worked great for our needs. I did have some issues on install with firewall rule requirements I was getting from HPE documentation and from their support teams when I set it up. Thats when I started to get the “this isn’t a finished product” vibes from them.
Will do. We are having one problem with one of our applications not working correctly once we moved over to Cato. Obviously it is a Cato issue but the vendor cannot seem to tell us exactly what is going on so we or Cato can fix it.
Did you experience test users getting dropped off voice and video calls (and RDP sessions) when you added new routes to the private access? We definitely did… not all changes caused it, ie a new allow or deny rule didn’t hit them, but adding or removing some routes definitely did
No complaints from the test group over the past few weeks.