Check Point CloudGuard CNAPP Reviews

This tool provides organizations with full security visualization data. It enables each department to discover the best security practices to protect data from ransomware attacks. 

It detects any security misconfigurations with an automated alert response to the IT team to take quick action. 

It has fully deployed reliable data protection tools to our cloud servers that detect any form of data theft in advance. 

The provision of advanced data analytics helps teams in the organization to deploy awareness to all sectors to ensure each team is fully equipped with data protection knowledge.

This solution has saved the company from unnecessary data loss that occurs due to cyber attacks. 

It has enforced the best security guidelines to protect against external threats. The cloud computing system has deployed digital security systems that monitor the entire networking system. 

The user interface gives timely security performance with suitable data indicators. The cloud monitoring tool provides timely feedback to on-premise teams on the state of cloud security to enable them to focus on more important tasks.

The solution offers full visibility of cloud workloads giving team members peace of mind since they can easily identify inefficiency and act quickly to restore normal workflow processes. 

The detection of environmental safety enables teams to collaborate effectively without any fear of external attacks. 

CloudGuard Posture Management deploys routine checkups of the security situation from the networking system to enhance compliance. Reliable security governance has enabled the company to meet the set international policies on security and boost performance.

There is no full support for bot management, and the company can work on that to enhance faster service delivery and enhance reliable security checkups. 

The reporting dashboard responds slowly, which leads to late report compilation. The next release can be equipped with robust dashboards and highly responsive data models. 

The performance was more stable compared to a few challenges we faced, but with new upgrades, it could be even more stable. 

The enhancement of cloud servers' security and management of dataflows has been a great achievement, and I highly recommend this solution.

I've used the solution for one year.

CloudGuard Posture Management is highly stable and powerful in securing company workloads.

The entire deployment process took place smoothly, and we were impressed by the vendor team.

The customer service team has been helpful and very supportive when we enquire about anything.

Positive

I have not used a similar cloud networking security platform before.

The initial setup process was not complicated since the customer service team had deployed professionals to set up and provide guidelines.

We implemented it through the vendor team, and their level of expertise was very impressive.

We have achieved 35% ROI since we deployed it.

The setup cost is high, however, the pricing terms vary based on the size of an organization.

We were in rush, and we did not hae enough time to evaluate other products in the market.

This solution is highly powerful in the management of enterprise security, and I totally recommend it to other companies.

We use the Check Point CloudGuard IaaS within our company is for the protection of our cloud assets. It is deployed on Google Cloud Platform with the help of the Firewall, Application Control, and Intrusion Prevention System software blades.

In addition, we rely heavily on the GeoIP module to restrict undesired countries from accessing our services, as for now, you can't achieve it with the GCP firewall.

There are about 30 Google Cloud projects of different sizes ranging from 10 to 250 virtual machines, and they are used for development, staging, production, etc. For every project, there is one dedicated scalable instance group of the Check Point CloudGuard IaaS gateways.

Dome9 is used as an additional compliance tool to improve the security of these environments and avoid any configuration errors.

Initially, we had purchased the Dome9 solution just for its rich compliance possibilities. We have to provide the compliance reports on a regular basis to our partner companies and the regulators of the gambling and paying card areas, but now, we also rely heavily on the feature that "auto-heals" the configurations of the security groups and the firewall rules.

In addition, the Cloud infrastructure visualization feature is really good, especially for GP with its cumbersome firewall rules based on the instance tags and the service accounts.

1. This product provides a really nice visualization of the infrastructure, including network topology, firewalls, etc. It's cozy to configure stuff, and also to wander around the interface in general.
2. The Compliance Engine is powerful. We rely heavily on this feature since we must comply with the various security standards to work in the gambling sphere across the globe, and especially in the United States and European Union.
3. The solution continuously monitors config modifications and may alarm the relevant administrators, or even revert the configs automatically.

We were demotivated by the lack of native automation modules for the Terraform and Ansible tools. We think that in the era of the DevOps approach and practices, all the new products need to be released with such support, mandatorily.

In addition, we also hope that the Dome9 will eventually support the other Public Cloud platforms, like Alibaba, since we are planning to expand to the Asian market. Alibaba is the big player in this region due to the fact that Google Cloud and AWS are almost banned.

We have been using Dome9 for less than a year.

Dome9 is stable and works smoothly.

The solution is scalable. We have it run on about 30 projects without any issues.

No cases have been opened regarding Dome9 so far.

No, we are unfamiliar with the other solutions of the same kind.

The setup was straightforward, and the configuration was easy and understandable.

Our deployment was completed by our in-house team. We have a Check Point Certified engineer working in the engineering team.

I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you.

No, we did not evaluate other options before adopting Dome9.

Request a free demo directly from Check Point and see whether Dome9 suits you.

Check Point CloudGuard Intelligence provides security for the organization's cloud assets. 

It provides awareness to all the teams based on the security situations and precautions that can block future threats. 

It detects cloud anomalies to enhance workload safety and quarantine threats with a powerful threat intelligence feed. 

It secures data that is stored in the cloud servers. 

The security model provides alerts on policy violations and reports on cloud security. 

The intelligence information has helped us to plan and allocate resources efficiently.

It has established a network management system that enables each sector to monitor data flow in elastic cloud environments. 

We have been able to get reports on cloud performance and workload safety. 

The cloud networking infrastructure has been upgraded with modern data management tools that have advanced the communication system. 

It has steered the implementation of projects and tasks in a secure environment that is free from malware attacks. 

The cloud-based storage facilities are shielded from phishing attacks and cyber attacks.

The comprehensive security for IaaS and PaaS cloud assets provides efficient security awareness to all the teams. 

The data querying system gives team members an opportunity to select and give priority to the most crucial information. 

The intelligence system has powerful security management systems that have put measures in place to curb any hidden threats that can affect workflows. 

The cost and licensing terms are reliable, and many business enterprises can maintain them without facing financial challenges.

No improvements are needed. The current version has great and powerful features that take care of most sets of demands. The cloud-integrated network system can be upgraded to meet company requirements on intelligence information and for customization purposes. The set features have stable performance capability with the modern threat management network infrastructure. 

This system has a capable data orchestration system that can access data from various centers. The customer support channels are reliable, with great services when contacted.

I've used the solution for eight months.

This solution is stable.

I am impressed by the performance.

The customer service support staff is reliable.

Positive

I have not used a similar solution.

The initial setup was straightforward.

It was implemented by the vendor.

There is increased ROI from a great performance.

The setup cost and licensing terms are always good.

This is the best platform that I have worked with.

This is a great solution for any organization.

It helped us a lot in improving the regulations and security of our cloud environments.

We still manage an on-premise environment, however, many companies at the beginning believe that the cloud is invulnerable or that the manufacturer must ensure everything, which is not correct. With this implementation, it is possible to improve all current cloud security.

In the company I work for, it was implemented to be able to have governance in addition to good practices in our Microsoft Azure environment. It's a somewhat expensive tool, however, it is worth it to be able to solve all those improvements and avoid so many modern vulnerabilities, which have their point in cloud attacks.

As in our company we have environments that are hybrid in some cases and others totally cloud. We find in Check Point a reliable tool to improve security, implement regulations, and generate governance in cloud environments. In our case, we have a Microsoft Azure public cloud with enough resources which we need to protect. We achieved it together with  Check Point.

It was possible to provide greater security to identities with admin access to the cloud - a critical part of IT management.

The most striking features are:

1- Identity protection generated through Check Point posture management, which is helping to prevent user theft or unauthorized access.

2- The governance that can be provided with this tool is very good since we have been able to implement good practices to avoid vulnerabilities.

3- The administration portal panel is very intuitive. It also generates scores based on regulations and good practices to go little by little with the recommendations, significantly improving security.

Some general improvement characteristics can be made, including the following:

1- Cost improvement. Some tools are quite expensive, and some non-equal manufacturers offer more comfortable capabilities at the cost level.

2- The guidelines to implement or to link with the clouds are not complete. Following them sometimes the task of implementing under the best practices of the manufacturer is not achieved.

3- Many Check Point guides are only available to partners and not to the general public. They can make a better impression by having them public and thereby helping the client.

It's an excellent tool and is available in the Infinity Check Point Portal. Its main function is to centralize governance in the same administration portal and has been tested for more than a year to validate our cloud security.

Previously we used only Microsoft with Defender for Cloud. However, we wanted to have our security centralized. Check Point through the infinity portal achieves that feature.

It's very important to have a reliable and good partner. The proactivity helps us to see the existing needs and check with Check Point what characteristics are required.

We chose Check Point as it provides integrated and centralized security, improving the effectiveness of security reviews.

Even though the cost is somewhat expensive. I recommend this solution for users who use the public cloud.

We wanted to have a centralized and modern security environment, and it was possible to obtain it through Check Point Infinity.

It was possible to implement Check Point CloudGuard to take advantage of cloud intelligence to analyze modern threats. The global learning that Check Point obtains from all its devices for the improvement and confidence of security.

We currently use Microsoft Azure, which has several security features, all with costs, to perform governance, control, vulnerability improvements and regulatory compliance. However, we manage Check Point.

Forensics as your monitoring portal is exceptional.

The features included in Check Point CloudGuard help us a lot with the security of our Microsoft Azure cloud, which we successfully integrate with Check Point CloudGuard.

We have validated the score generated to improve security performance, thereby making improvements to avoid vulnerabilities.

The threat attack is reviewed and covered in an automated manner through cloud intelligence. Its alerts have kept us notified so that we can make the necessary adjustments. It offers incredible performance.

The most important characteristics are the following:

1- The detection of vulnerabilities in real-time. Its monitoring and alerts are triggered by a failure or non-compliance with policies. It helps us to be able to act effectively and quickly.

2- The use of Check Point ThreatCloud allows sharing of information between other Check Point devices to improve trust and form of protection against new threats.

3- Finally, its security application portals are very intuitive. It has helped us with the simple handling of Check Point CloudGuard.

Some possibilities of improvements for Check Point include:

1- Improving or creating best practices that can be generated publicly so that customers can have a package of policies, for example, that the manufacturer provides in addition to easy access to this material.

2- Improvement at the support level for management, handling and solution of cases in a better, faster, and more effective way. Sometimes the cases take a long time to be able to schedule a session and solve together with the client and support.

3- The costs are high. They could provide better costs for the client to make a simpler decision and not be affected by this issue.

One of its characteristics is cloud intelligence. It was adapted to our centralization and public cloud requirements.

Our company already uses several centralized products in the Check Point Infinity platform. For more than six months, we have used CloudGuard.

We used Azure Defender for the cloud. It is good, however, I liked more the form and the trust of Check Point.

It is always important to have access to a partner to help you with costs, and requirements and to help you choose the best option within Check Point.

We previously validated some solutions. However, the features of Check Point CloudGuard were better suited to our requirements.

It is an expensive solution. However, I recommend it.

I use it for cloud visibility detection and remediation. I also use it for reporting and dashboarding.

The most valuable features of CloudGuard CNAPP are its compliance engine and auto-remediation features.

CloudGuard CNAPP is a great tool that justifies its investment. Like any other tool, there are opportunities for improvement that can be addressed through a roadmap.

I have been using Check Point CloudGuard CNAPP for six years.

I would rate the scalability of the solution as a ten out of ten.

I would rate the technical support as seven out of ten. It is good when we get attention, but sometimes it is a bit difficult to get the attention we need.

Neutral

We opted for CloudGuard CNAPP over other solutions mostly due to its flexibility.

The implementation of the solution was easy.

There has been a significant ROI for me because now I can reduce risks effectively, and every risk I mitigate is a return on investment for the platform.

CloudGuard CNAPP has been crucial in giving us visibility into our cloud setup and has significantly lowered our risks by enabling better control over our cloud security.

I find that CloudGuard CNAPP 's cloud security posture management is exceptional for addressing both physical and digital security concerns. It offers extensive coverage and provides a straightforward yet sophisticated method for creating and implementing new security queries.

My advice would be to define your use cases very well when considering this solution.

Overall, I would rate CloudGuard CNAPP as an eight out of ten.

We need more infrastructure in the cloud to avoid vulnerabilities.                        

With this shield infrastructure, we seek to protect, improve, and close security problems that generally arise in the implementation of code, apps, and APIs that maintain privileged keys or identities, for which we have achieved increased security with best practices.

This tool really gave us development implementation security. Many times the applications were built with a user or identity with privileges to be able to manage within their infrastructure. However, it is not the best way to deal with this challenge. APIs were also exposed that were connected to the infrastructure that could be violated. Thanks to Check Point, we have been able to improve with best practices and protect the information and code of our infrastructure.

This Check Point security tool has many benefits. Some of the ones that we liked the most include:

1 - How Check Point CloudGuard centralizes the protection of the workload. In the Infinity Portal all the administration can be managed easily. We can monitor and scan the codes and make decisions to improve security.

2 - This tool is very cloud-based. In addition, it can handle hybrid environments, which is a great feature for clients with mixed environments.

3 - The automatic learning and an AI engine help to find more modern vulnerability problems. With this, it provides greater security to the client.

Some improvements that can be made to Check Point CloudGuard are the following:

1. Cost improvement. Currently, this solution is somewhat expensive. We have not really seen a solution with these characteristics and so complete. However, the cost is high.

2. There is very little Check Point documentation as it is a very new tool. Sometimes we followed the documentation, yet it was not possible to implement it in the tool, for which we had to verify with the executive of our partner to request help.

3. Support is very slow.

This tool has been used this year by development partners and managed by support. It is a great tool that is coupled with new technologies that cloud development has produced, and thus we've been able to adjust and provide the required security.

This tool and Spectral are some of the best tools we've tried. Using both is excellent.

Prepare to pay, since the tool is expensive. However, I recommend talking to a Check Point partner so that they can provide you with everything related to the tool along with costs.

This tool is centralized with the Infinity Check Point Portal. This, with the other Check Point tools that we handle, is excellent for administration.

We validated this along with some other tools. We did not have the same confidence that Check Point provided due to its prestige, its characteristics, and its comments.

Evaluate this tool and also check the new Spectral Check Point tool, which can help complement this.

Both are recommended.

We use Dome9 to control our AWS security groups, evaluate and map security group traffic, and conduct compliance checks of our cloud environment regularly.

Dome9 continues to be a major piece of our cloud security architecture and has given our senior leadership team a high degree of confidence in our ability to protect our cloud environment. We have more visibility than ever before, appreciating the valuable and proactive insight that we receive from the platform.

Clarity and Compliance have become two of our favorite features. Clarity allows us to visually depict our security groups and effective policy for both our current environment and can do predictive visualization based on cloud formation templates. The Compliance engine has helped put our auditors and senior executives at ease, as we can quickly and accurately measure ourselves against hundreds of compliance checks to include CIS benchmarks, PCI, and other best practices.

Dome9 continues to enrich its features at a blazingly fast pace. I would like to see tighter integration with other compliance tools, like Chef Compliance, in addition to Inspector. Also, I would love to add more richness to the Splunk add-on for Dome9.

None, it has been a solid performer for us, and well within the SLA.

We have yet to encounter any issues with scalability.

We have not needed it much, but when we have, they have been very responsive and they truly are helpful.

Initial setup was super easy. We were integrated in 15 minutes, then it was just another hour or so of tuning and kicking the tires.

They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. 

We evaluated native AWS features and a competitor, Evident.io, but found that Dome9 was able to do all of what we needed in one tool instead of two.

Start with read-only and move to full-control slowly. When you go to full control, there will need to be good communications with your AWS teams, so they know it is there. Do not do full-control on your lab environment.

They are a great partner to work with. Not only is the product solid, but we have loved having a good relationship with their leadership and seeing our feedback manifest into real product updates and features!