Check Point CloudGuard WAF Reviews

Name: Check Point CloudGuard WAF
Brand: Check Point Software Technologies
Rating: 4.4 (34 reviews)

Vendor: Check Point Software Technologies

4.4 out of 5

34 reviews
100% willing to recommend

What is Check Point CloudGuard WAF?

Check Point CloudGuard WAF (Web Application Firewall) is a cloud-native security solution designed to protect web applications and APIs from known and unknown threats. It employs contextual AI and machine learning to prevent zero-day attacks without relying on traditional signature-based detection methods, ensuring that applications remain secure even as new threats emerge.

Get the Check Point CloudGuard WAF Buyer's Guide and find out what your peers are saying about Check Point CloudGuard WAF, SonarQube Server (formerly SonarQube), Checkmarx One and more!

Check Point CloudGuard WAF is the #10 ranked solution in application security solutions and #14 ranked solution in top Web Application Firewalls. PeerSpot users give Check Point CloudGuard WAF an average rating of 8.8 out of 10. Based on the analysis of the 34 most recent Check Point CloudGuard WAF reviews, the overall sentiment is positive, with a sentiment score of 8.0. (Among the highest in the category). Check Point CloudGuard WAF is most commonly compared to SonarQube Server (formerly SonarQube): Check Point CloudGuard WAF vs SonarQube Server (formerly SonarQube). Check Point CloudGuard WAF is popular among the large enterprise segment, accounting for 58% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 20% of all views.

Buyer's Guide

Check Point CloudGuard WAF

November 2024

Get the report

Helped 816,406 peers since 2012

Featured reviews

Ashish Upadhyay

Founder at BlockMosiac

There is room for improvement in the pricing strategy. By reducing their cost and extending the trial period, Check Point can attract more partnerships and customers, keeping up with other vendors in the field. It has a trial period, but they can extend it so we can better evaluate how it's working in our environment and how well it is suited. It should be converted to activate some discounts on buying standard versions. This will attract more of us, and we'll get more time to check the application and how it works. Additionally, their effort to involve IT teams would mean continuous adaptation to meet business requirements. This can help with the price picture and increasing the trial period so we can better evaluate the cost-effectiveness. Also, Check Point need to continue developing new features and arrangements in line with changing business requirements. The analysis time while it analyzes itself is very time-consuming. They need to improve the latency and minimize the steps involved. Also, the documentation needs to be updated, more improved, and simplified... so that even a beginner can start with this application. It can make things more beginner-friendly. Also, Check Point can bring some updates to the integration features with other security solutions, making it easier to integrate. For instance, it needs to integrate with solutions someone might have various firewall solutions from IBM and others, depending on which ones the business wants to integrate with.

Read full review

Fernando Ortega

CISO at Paschoalotto

By implementing Check Point CloudGuard WAF we aimed to address challenges related to enhancing security for web applications while leveraging powerful logging capabilities. We check false positives in CloudGuard WAF using logs and the interface, and we have had very few issues, which helps our business. Using preset policies, the solution preemptively blocks zero-day attacks and detects hidden anomalies without requiring full data. The solution has cut our web application firewall costs because it is adaptable to our environment. My advice to new users would be to focus on the benefits of software as a service and ensure clarity in understanding pricing, particularly for DDoS protection. Overall, I would rate Check Point CloudGuard WAF as a ten out of ten.

Read full review

Sailas Jose

Assistant Manager at Federal Bank Ltd

We had POCs from different vendors. We haven't used any other solution before. This is our first time trying a cloud security solution. There were a few reasons. First, we are from India, and Check Point has a strong presence in the Indian market. Second, we needed a solution that could support multiple cloud environments, including Azure, AWS, and Oracle.

Read full review

Check Point CloudGuard WAF mindshare

Product category:

As of November 2024, the mindshare of Check Point CloudGuard WAF in the Application Security Tools category stands at 0.1%, up from 0.1% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Application Security Tools

Key learnings from peers

Last updated Nov 21, 2024

Valuable Features

Check Point CloudGuard WAF is valued for its scalable deployment, seamless API integration, and powerful AI for threat prevention. Users appreciate its advanced security features like Intrusion Prevention Systems, automated security policies, and comprehensive threat intelligence. Its ease of use, minimal false positives, and real-time monitoring are highlighted, along with its strong reporting capabilities and compliance support. The tool's ability to reduce total cost of ownership and enhance application security is noteworthy.

"One of the best features of CloudGuard WAF is its user-friendly GUI dashboard."
"The most valuable features are its ease of use and multiple functionalities."
"Machine learning is a valuable tool for this assessment because it allows for a two-phase approach: secure and non-secure."

Room for Improvement

Check Point CloudGuard WAF faces challenges with integration, support, and pricing. Users report high costs and limited trial periods. Improved support services and updated documentation are needed. Latency issues exist in the administrative portal and user interface. Enhanced real-time monitoring and simplified deployment are desired. More integration with third-party tools would be beneficial along with better configuration options. Users seek a more streamlined process for managing various security features and improved scalability.

"Support could be improved, particularly in terms of availability."
"The user interface, SmartConsole, sometimes malfunctions and requires a restart."
"While the GUI allows configuration for application-related features, specific definitions cannot be modified through the code."

ROI

Check Point CloudGuard WAF demonstrates significant returns, with reports of ROI exceeding 70% and even reaching 90%. Security investments are deemed valuable, with benefits seen in application protection and cost reduction. The implementation has increased efficiency, reducing time spent on rule tuning by 35% and boosting productivity by 25%. Significant cost savings are achieved through consolidation, eliminating the need for multiple tools and reducing server management requirements. Return on investment continues to improve over time.

Pricing

Check Point CloudGuard WAF pricing is generally seen as competitive within the market, offering a balance between cost and features. Organizations perceive its pricing as reasonable, with some noting it is slightly higher compared to others like FortiWeb, but justified by its extensive feature set and support. Licensing is typically yearly and offers flexibility, especially for larger deployments. While some companies find it expensive, many appreciate its value relative to the benefits it provides.

"Check Point CloudGuard WAF is expensive compared to Azure WAF."
"I work for an Indian banking client. In India, companies are on a budget. The company liked Check Point very much, but it was a little bit costly compared to FortiWeb. However, it had more features compared to FortiWeb."
"It is reasonable as compared to the other solutions."

Popular Use Cases

Organizations primarily use Check Point CloudGuard WAF to secure web applications and APIs. It provides protection against threats like SQL injections and cross-site scripting, while enhancing application security and optimizing resource utilization. It integrates with multiple cloud platforms, supporting centralized management and automation capabilities. CloudGuard WAF also assists in maintaining security policies and handling vulnerabilities, ensuring secure access and data protection, which is crucial for businesses managing cloud environments and decentralized applications.

Service and Support

Customer support for Check Point CloudGuard WAF receives mixed feedback. Some users praise the team for being knowledgeable and prompt, rating them nine or ten out of ten, while others point out areas needing improvement, citing delays and unresolved issues. Engaging with Check Point engineers during projects is appreciated and enhances the overall experience. Despite some reported deficiencies, many find their support satisfactory, with most ratings around eight out of ten.

Deployment

Check Point CloudGuard WAF's setup is described as easy and straightforward, often requiring minimal manual intervention. Many find the process uncomplicated, especially with vendor assistance. The need for extensive knowledge arises mainly during configuration. Onboarding is well-structured, often needing a small team and additional training. Some complexity is noted in cloud environments like AWS and Azure, particularly when creating virtual machines. Deployment is generally quick, documented, and often facilitated by third-party support.

Scalability

Check Point CloudGuard WAF is praised for being highly scalable across cloud environments with excellent performance. Users highlight its adaptability for growth and emphasize its functional scalability for diverse applications. Companies appreciate its ability to manage increasing traffic without issues, and many rate its scalability highly, often around eight to nine out of ten. Although a few note minor latency with large user bases, most users do not encounter significant challenges in scaling.

Stability

Check Point CloudGuard WAF is widely noted for its excellent stability and robustness. Users experience minimal downtime and commend its reliable performance. A few users mentioned occasional issues during configuration and licensing, but these are rare. Most rate its stability highly, emphasizing no major disruptions, even during deployment. In critical sectors, users appreciate its reliability, highlighting occasional minor issues but overall strong performance. Ratings often range between eight and ten out of ten.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Check Point CloudGuard WAF Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Financial Services Firm

20%

Security Firm

12%

Computer Software Company

10%

Manufacturing Company

Comms Service Provider

Healthcare Company

Construction Company

Educational Organization

Logistics Company

Recruiting/Hr Firm

Transportation Company

Wholesaler/Distributor

Energy/Utilities Company

Media Company

Retailer

Government

Outsourcing Company

University

Non Profit

Real Estate/Law Firm

Performing Arts

Hospitality Company

Compare Check Point CloudGuard WAF with alternative products

Learn more about Check Point CloudGuard WAF

CloudGuard WAF offers preemptive protection against vulnerabilities by using machine learning to identify and block zero-day threats like Log4Shell and Spring4Shell. It provides precise detection capabilities, minimizing the need for constant fine-tuning and reducing false positives. Designed for cloud-native environments, CloudGuard WAF integrates seamlessly with CI/CD pipelines, supporting automated deployment and configuration through infrastructure as code (IaC) or APIs.

Key Features of CloudGuard WAF:

ML-Based Threat Prevention: Stops application-layer attacks, including those listed in the OWASP Top 10, with minimal tuning and no reliance on signature updates.
API Discovery and Security: Identifies and secures APIs, preventing misuse and enforcing API schemas to protect against unauthorized access.
Bot and DDoS Prevention: Detects and mitigates automated attacks that can disrupt services or degrade customer experiences.
Intrusion Prevention (IPS): Provides protection against over 2,800 web-related CVEs using Check Point’s award-winning IPS technology.

Benefits of CloudGuard WAF:

Zero-Day Protection: Mitigates risks from newly discovered vulnerabilities without waiting for signature updates.
Reduced Operational Overhead: Eliminates the need for constant manual tuning and exception handling, simplifying security management.
Comprehensive API Security: Enhances control over your attack surface by discovering and securing all APIs, including shadow, rogue, and deprecated endpoints.
Fast and Easy Deployment: Deployable within minutes via WAF as a Service (WAFaaS), requiring only a one-time DNS configuration for immediate protection.

CloudGuard WAF is particularly suitable for organizations using modern, cloud-based architectures that require robust, automated security measures for both applications and APIs. Its capabilities are valuable for industries that handle sensitive data, such as finance or healthcare, where compliance and data protection are critical. Pricing and support are typically customized to the specific needs and scale of the deployment, with options for continuous updates and maintenance through Check Point's managed services.

CloudGuard WAF by Check Point provides advanced, AI-driven protection for web applications and APIs, offering automated, precise threat prevention and easy integration with cloud-native environments, ensuring robust security without the need for extensive manual configuration.

Check Point CloudGuard WAF was previously known as Check Point CloudGuard Application Security, CloudGuard Application Security, CloudGuard AppSec.