Try our new research platform with insights from 80,000+ expert users
reviewer2350686 - PeerSpot reviewer
Cloud engineer at a energy/utilities company with 5,001-10,000 employees
Real User
Top 20
Comes with IPS and blade features
Pros and Cons
  • "The tool's most valuable features are IPS and blades. These features are valuable for security."
  • "CloudGuard Network Security's pricing is expensive. We have encountered issues with its licensing."

What is our primary use case?


What is most valuable?

The tool's most valuable features are IPS and blades. These features are valuable for security. 

What needs improvement?

CloudGuard Network Security's pricing is expensive. We have encountered issues with its licensing. 

For how long have I used the solution?

I have been using the product for six years. 

Buyer's Guide
Check Point CloudGuard Network Security
March 2025
Learn what your peers think about Check Point CloudGuard Network Security. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.

What do I think about the stability of the solution?

CloudGuard Network Security's stability is good. 

What do I think about the scalability of the solution?

In terms of scalability in the cloud, manual deployment is straightforward. However, the challenge arises due to the pay-as-you-go model. The issue of buying licenses is not specific to the Check Point but is more related to our ordering process.

How are customer service and support?

The tool's support is good. 

How would you rate customer service and support?

Positive

What about the implementation team?

Check Point helped us with the deployment. 

What other advice do I have?

CloudGuard Network Security is an efficient solution. I rate it an eight out of ten. 

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer2350695 - PeerSpot reviewer
Network Engineer at a manufacturing company with 501-1,000 employees
Real User
Top 20
Provides cost and resource savings with faster deployment time
Pros and Cons
  • "The tool's deployment is rapid. Its dashboard is also useful. It's easy to deploy both on-premises and in Azure. In an office with VMware running, deployment is a simple process. Similarly, in Azure, deployment is easy and scalable. Adding more CPUs is a straightforward task – just shut it down, modify the security, and restart. This ease of use translates into cost and resource savings, and faster deployment times."
  • "Clustering in Azure is a bit different, not using the Check Point cluster but relying on load balancing. It's not as instant as I'm used to; in Azure, it might take around half a minute to a minute, and during this time, services could be down. The delay is attributed to Azure using its load balancing mechanisms instead of the Check Point cluster."

What is our primary use case?

We use CloudGuard Network Security to protect our customer's Azure environments. 

What is most valuable?

The tool's deployment is rapid. Its dashboard is also useful. It's easy to deploy both on-premises and in Azure. In an office with VMware running, deployment is a simple process. Similarly, in Azure, deployment is easy and scalable. Adding more CPUs is a straightforward task – just shut it down, modify the security, and restart. This ease of use translates into cost and resource savings, and faster deployment times.

What needs improvement?

Clustering in Azure is a bit different, not using the Check Point cluster but relying on load balancing. It's not as instant as I'm used to; in Azure, it might take around half a minute to a minute, and during this time, services could be down. The delay is attributed to Azure using its load balancing mechanisms instead of the Check Point cluster.

For how long have I used the solution?

I have been using the product for three to four years. 

How are customer service and support?

The tool's technical support is generally good. While there might be occasional delays, they usually manage to resolve issues. 

How would you rate customer service and support?

Neutral

What other advice do I have?

In Azure, when we refer to "size," it could be in terms of factors like the number of instances, bandwidth, or users. We use cloud-native platforms but prefer Check Point solutions. It is easier to manage since we know Check Point is on-prem. I have a high level of confidence in CloudGuard Network Security. I am familiar with Check Point and Azure. I rate the overall product a nine out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Check Point CloudGuard Network Security
March 2025
Learn what your peers think about Check Point CloudGuard Network Security. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.
Hugo Alexis Espinoza Naranjo - PeerSpot reviewer
Perimeter Security Administrator at a security firm with 51-200 employees
Real User
Great network segmentation and micro-segmentation with advanced threat protection
Pros and Cons
  • "The solution provides a centralized management console for easy administration and monitoring of security policies and events, making it easy for the security team."
  • "Greater automation would reduce the need for manual configuration and management."

What is our primary use case?

Check Point CloudGuard Network Security is a security solution that provides advanced threat prevention, network security, and compliance enforcement for public cloud environments. 

It can be used to protect workloads in various cloud environments, such as different clouds. 

The primary use case of Check Point CloudGuard Network Security is to secure and protect workloads and applications running in the cloud by providing a multi-layered security approach that includes a firewall, intrusion prevention, anti-malware, and sandboxing capabilities. 

How has it helped my organization?

One way it can improve an organization is by providing advanced threat prevention capabilities to protect against known and unknown threats in the cloud environment. This can help to reduce the risk of data breaches and other security incidents.

Another way it can improve an organization is by providing network segmentation and micro-segmentation capabilities that can help to limit the spread of malware or other malicious activities in the event of a security incident. Additionally, it can improve an organization's compliance posture by providing automated compliance enforcement for cloud environments. This can help organizations to meet regulatory requirements such as HIPAA, PCI-DSS, and more. 

What is most valuable?

Some of the features that are considered most valuable in Check Point CloudGuard Network Security include:

Advanced threat prevention. This feature includes firewall, intrusion prevention, anti-malware, and sandboxing capabilities that can help to protect against known and unknown threats in the cloud environment.

Network segmentation and micro-segmentation. This feature allows organizations to limit the spread of malware or other malicious activities in the event of a security incident. 

Centralized management. The solution provides a centralized management console for easy administration and monitoring of security policies and events, making it easy for the security team.

What needs improvement?

In general, some areas where security solutions could be improved include:

More advanced threat intelligence, including the ability to detect and protect against emerging threats in real time.

Improved scalability to allow the solution to handle larger numbers of users and devices without a significant impact on performance.

Greater automation to reduce the need for manual configuration and management.

Integration with other security tools and services to provide a more comprehensive security solution.

Better reporting and analytics capabilities to provide more detailed visibility into security incidents and events. 

For how long have I used the solution?

I've used the solution for one year.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer2024712 - PeerSpot reviewer
Planning Analyst at Ovato
User
Secure with good performance and advanced threat prevention
Pros and Cons
  • "This software is great in overall performance since it can locate any trouble across the networking system and provide solutions before it affects workflows."
  • "A threat categorization system can be added to give users the authority to define vulnerable attacks and classify areas that can threaten the workflow system."

What is our primary use case?

The CloudGuard Network Security monitors data flow across company applications to enhance efficient safety. 

This application manages all the security programs across the organization and easily identifies any security breaches that might affect performance. 

It blocks harmful content that can be easily transferred among colleagues and spread viruses. 

Network security configurations in the applications have saved the company cost and time that has been invested for the past year in enhancing data safety.

How has it helped my organization?

This system has been important in the organization since we deployed it. It tracks workflows in the networking system to enhance a safe data management environment. 

It has launched secure data management systems to identify and troubleshoot coding errors. 

Production has increased since we deployed this software as employees have nothing to fear and can fully focus on productive activities. It stops phishing attacks and any third-party attacks that can destroy data. 

Working in a secure environment free from malware attacks has been a great achievement in the organization. Check Point CloudGuard Network Security has helped us to achieve this.

What is most valuable?

The advanced threat prevention system stops any ransomware attacks that can leak confidential information to unauthorized parties. 

Both multi-cloud and on-premises are protected from data attackers, which has boosted the company's growth. 

This software is great in overall performance since it can locate any trouble across the networking system and provide solutions before it affects workflows. 

The automated network security is efficient in monitoring CI/CD workflows. The security across the premises has improved, and the application production has improved under a secure working environment.

What needs improvement?

The current features have ensured that there are no cloud threats that can affect data in any way. 

We have experienced the most advanced data security since we deployed CloudGuard Network Security in the organization. 

A threat categorization system can be added to give users the authority to define vulnerable attacks and classify areas that can threaten the workflow system. 

Working with this platform is complicated for new users. The cost of management is relatively high for small-scale businesses affecting overall performance.

For how long have I used the solution?

I've used the solution for eight months.

What do I think about the stability of the solution?

This platform is stable and has improved the network security in the organization.

What do I think about the scalability of the solution?

I am impressed by the overall performance.

How are customer service and support?

The customer service team provides reliable guidance and directions always.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have not worked with a similar solution.

How was the initial setup?

The setup was straightforward.

What about the implementation team?

Implementation took place through the vendor team.

What was our ROI?

There has been increased ROI since we deployed this platform.

What's my experience with pricing, setup cost, and licensing?

The setup price and cost is good for most growing business enterprises.

Which other solutions did I evaluate?

I started working with this platform, and I have no intention of leaving it soon.

What other advice do I have?

The performance has been stable and I recommend it.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Google
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Senior Network/Security Engineer at Skywind Group
Real User
Flexibility in licensing and includes support for a large number of cloud providers
Pros and Cons
  • "I find it really useful that CloudGuard supports all the main players on the Public Clouds market including AWS, GCP, and Azure, as well as some exotic ones like Alibaba Cloud, Oracle Cloud, and IBM Cloud."
  • "I hope that Check Point continues to improve its technical documentation regarding the Check Point CloudGuard IaaS gateway and management system."

What is our primary use case?

The main usage of the Check Point CloudGuard IaaS within our company is for the protection of our cloud assets. It is deployed on Google Cloud Platform with the help of the Firewall, Application Control, and Intrusion Prevention System software blades. 

In addition, we rely heavily on the GeoIP module to restrict undesired countries from accessing our services, as for now, you can't achieve it with the GCP firewall.

There are about 30 Google Cloud projects of different sizes ranging from 10 to 250 virtual machines, and they are used for development, staging, production, etc. For every project, there is one dedicated scalable instance group of the Check Point CloudGuard IaaS gateways.

How has it helped my organization?

While using the Check Point CloudGuard IaaS gateways in the cloud environment, we had almost the same experience as with other Check Point firewall solutions.

The components of the infrastructure are integrated with each other quite well. All the common Check Point Next Generation Firewall blades are supported including Firewall, IPS, Antivirus, VPN, etc. There is not a big difference with the usual on-premises gateway from this perspective. This provided us a smooth experience while moving our load from on-premises data centers to the Google Cloud environments, and increased the adoption and the speed of the migration process.

What is most valuable?

I find it really useful that CloudGuard supports all the main players on the Public Clouds market including AWS, GCP, and Azure, as well as some exotic ones like Alibaba Cloud, Oracle Cloud, and IBM Cloud. I would say there is about a 95% probability that the platform you are using is supported, and I don't know any other solution for now that can provide the same number. Moreover, it integrates with most of the public cloud management solutions, so you could automate modification of the security policies based on some triggers or changes in your cloud infrastructure.

I also like that different licensing models are supported. For testing/evaluation/PoC projects, you could go with the Pay-as-you-go (PAYG) license without wasting a lot of money in case the solution somehow doesn't suit you. On the other hand, for production, you could use the Bring-your-own-license (BYOL) way, applying the license bought earlier.

What needs improvement?

As with other solutions of this kind, you still have to manage basic cloud firewalls and routes for VPC outside of CloudGuard IaaS. There's no 100% integration.

I hope that Check Point continues to improve its technical documentation regarding the Check Point CloudGuard IaaS gateway and management system. For example, the questions on how to scale the instances in the relevant cloud should be covered, and all the High Availability options and switchover scenarios. Without that, users have to open numerous consulting cases to the support team to get it right.

For how long have I used the solution?

We have been using Check Point CloudGuard IaaS for less than a year.

What do I think about the stability of the solution?

The Check Point CloudGuard IaaS is stable product, and in fact it runs the same code as the hardware Check Point NGFWs, so no issues were encountered there.

What do I think about the scalability of the solution?

The Check Point CloudGuard IaaS scales well for the Google Cloud Platform with the help of the Instance Groups feature.

How are customer service and technical support?

We have had several support cases opened. Some of the issues were resolved by installing the latest recommended JumoHotfix, whereas some required additional configuration on the OS kernel level.

The longest issue took about one month to be resolved, which we consider too long.

Which solution did I use previously and why did I switch?

We didn't use such solutions before and had to rely on the built-in firewall rules of the Google Cloud Platform infrastructure.

How was the initial setup?

The setup was straightforward, and the configuration was easy and understandable.

What about the implementation team?

Our deployment was completed by our in-house team. We have a Check Point Certified engineer working in the engineering team.

What's my experience with pricing, setup cost, and licensing?

There is flexibility in the different licensing models that are offered.

For testing/evaluation/PoC projects, you could go with the Pay-as-you-go (PAYG) license without wasting a lot of money in case the solution somehow doesn't suit you. On the other hand, for production, you could use the Bring-your-own-license (BYOL) way, applying the license bought earlier.

This is a flexible approach and we like that.

Which other solutions did I evaluate?

No, since we decided to have a unified firewalling solution across all the infrastructure, and we already had the Check Point firewalls in the on-premises data centers.

What other advice do I have?

You should fully understand the way CloudGuard would be integrated into your cloud from a networking perspective, and it differs from platform to platform. For example, for Google Cloud, the instances of Cloud Guard must have interfaces in several VPCs as a requirement. Think about the subnetting and routing for your project, then implement a PoC with your networking staff.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Google
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer2350692 - PeerSpot reviewer
Network Engineer at a computer software company with 1,001-5,000 employees
Real User
Top 20
Helps save time with automation
Pros and Cons
  • "The solution is easier to manage than an on-premise firewall. It is easy to manage. The use of dynamic objects for these gateways made it easy to create the right rules and the right policies. Integration with Azure is also easy where we have to just add the subnets. In an on-premise setup, we have to add everything from scratch. We can automate a lot of actions."
  • "We have the product deployed on Azure China. One crucial concern is the version limitation; unfortunately, in Azure China, we are restricted to running version R80. Our architecture has a Load Balancer, VMSS CloudGuard, etc. The duplication in this setup prevents the application from seeing the original client IP. This poses a problem for certain applications that require the original IP for login purposes. Although we managed a workaround with a different architecture involving a WAF, it is not as straightforward as the standard Azure setup."

What is our primary use case?

We place our CloudGuard Network Security gateways at the front on Azure, positioned with a load balancer. The configuration includes a load balancer and gateways on a virtual automation scale set in Azure. 

What is most valuable?

The solution is easier to manage than an on-premise firewall. It is easy to manage. The use of dynamic objects for these gateways made it easy to create the right rules and the right policies. Integration with Azure is also easy where we have to just add the subnets. In an on-premise setup, we have to add everything from scratch. We can automate a lot of actions.

What needs improvement?

We have the product deployed on Azure China. One crucial concern is the version limitation; unfortunately, in Azure China, we are restricted to running version R80. Our architecture has a Load Balancer, VMSS CloudGuard, etc. The duplication in this setup prevents the application from seeing the original client IP. This poses a problem for certain applications that require the original IP for login purposes. Although we managed a workaround with a different architecture involving a WAF, it is not as straightforward as the standard Azure setup.

For how long have I used the solution?

I have been using the product for two years. However, my company has been using it for five to six years. 

What do I think about the stability of the solution?

CloudGuard Network Security's stability is high. 

What do I think about the scalability of the solution?

The solution's scalability is good. 

How are customer service and support?

We typically open tickets with our partner, but there was one instance where they couldn't provide a solution. In that case, we opened a ticket with Check Point directly, and they responded within four hours, resolving the issue.

Which solution did I use previously and why did I switch?

We initially used on-premise solutions, starting with Juniper firewalls. However, when we migrated to Check Point for IPS protection, the experience was really good.

What was our ROI?

We have seen ROI with the product's use. It helps us reduce the manhours with upgrades and odd fixes. We can automate the process. It takes only a small amount of time. On-premise solutions require informing users about potential interruptions and, in worst-case scenarios, significant disruptions. The process involves extensive preparation, including ensuring that the necessary conditions are met for updating the cluster members one at a time. In contrast, on Azure, automation simplifies everything.

Which other solutions did I evaluate?

We tried to use Azure Firewall for one application as a proof of concept. However, Check Point is easier for us. 

What other advice do I have?

We operate in a hybrid cloud environment with both on-premises and Azure, but we don't currently use other cloud providers like Amazon. Our on-premises SmartConsole remains in use, and overall, everything is running smoothly. Our confidence in the product is high. We believe that we can do better with its help. I would rate it a nine out of ten because it's very good with high potency and potential. However, it's not perfect. I faced issues with Azure China, and it's not as straightforward on other cloud platforms.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer2005803 - PeerSpot reviewer
Digital Coordinator at Modis
Real User
Helpful network security threat tools with great support and useful dashboards
Pros and Cons
  • "Workflows across the company ecosystem have can flow smoothly without experiencing any challenges."
  • "The operations require skilled manpower with extended experience of working with networking systems for better results."

What is our primary use case?

We use the solution for safeguarding the network security infrastructure. This has been one of the greatest achievements since we come across CloudGuard Network Security. 

It has launched effective security measures that can monitor security and provide feedback. 

Workflows across the company ecosystem have can flow smoothly without experiencing any challenges. 

The multi-channel security system monitors our cloud and hybrid servers. Transfer of files from the company database to the cloud servers goes through secure channels mapped by this platform.

How has it helped my organization?

A well-established encryption system now secures communication and workflow management systems. Data compromisation situations reported before have been fully eliminated since we deployed this software. There is increased production with secure workflow channels. The IT team can access and control the network security of interlinked company applications. We have developed a modern digital infrastructure that can access and give reliable reports based on real-time results. We no longer experience continuous system failures with automated performance monitoring tools.

What is most valuable?

Network security threat tools can launch and give advanced reports to the IT team on the future performance of various systems. 

The data analysis dashboards provide comprehensive reports and graphic representations of network security. 

We have secured our digital systems with high-grade security tools that cannot be bypassed by ransomware attacks. The customer service technical team provided virtual training to our team and provided the best article guidelines. 

The automatic features seal all loopholes that could be exploited by cybercriminals.

What needs improvement?

The operations require skilled manpower with extended experience of working with networking systems for better results. 

The cost depends on company size, and licensing terms are not favorable to small-scale businesses. 

The good sides are many from my experience, and I could recommend it to any growing company that requires the best-performing network security. From the first deployment, we have experienced improved and secure network infrastructure. We have been working closely with the customer service team, and there is no situation that has led to negative objections. 

A combination of on-premises and cloud computing services under one interface could enhance simple and comprehensive monitoring. 

They can integrate tools with policy recommendations and notification alerts on when to remove specific objects of the user's choice.

For how long have I used the solution?

I've used the solution for one to two years.

What do I think about the stability of the solution?

The product's stable performance has stimulated business growth.

What do I think about the scalability of the solution?

The set network security planning has been achieved, and we are happy with it.

How are customer service and support?

The customer support team never disappoints.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We started with this tool and have no intentions of leaving it soon.

How was the initial setup?

The setup was complicated since we had to get proper guidelines from the customer support team.

What about the implementation team?

We deployed through a vendor team, and their level of expertise is high.

What was our ROI?

The ROI has grown positively since we deployed it.

What's my experience with pricing, setup cost, and licensing?

Companies can try it for themselves and explore its great benefits.

Which other solutions did I evaluate?

We landed straight to CloudGuard Network Security due to the positive comments made by our partners.

What other advice do I have?

I am satisfied with the current performance.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Umair Siddiqi - PeerSpot reviewer
Network Security Specialist at a government with 1,001-5,000 employees
Real User
Top 5
All-in-one-box solution with easy configuration and great routing
Pros and Cons
  • "As per the solution's blade design, there are many options. For example, you have to buy a UTM blade and an advanced malware blade, etc. If the blade license is there, we can configure from the firewall GUI."
  • "If you compare the GUI with the Palo Alto and Forcepoint in the Cisco, they're very easy. Check Point, due to its design, is a little bit complex. They should make the GUI easy to use so that anyone can understand it easily, like Fortinet's GUI. Many companies end up using Fortinet because the GUI is very easy, and there's no need for training. They just deploy the box and do the configuration."

What is most valuable?

As per the solution's blade design, there are many options. For example, you have to buy a UTM blade and an advanced malware blade, etc. If the blade license is there, we can configure from the firewall GUI. 

The net policy and routing are also great features.

What needs improvement?

If you compare the GUI with the Palo Alto and Cisco, they're very easy. Check Point, due to its design, is a little bit complex. They should make the GUI easy to use so that anyone can understand it, like Fortinet's GUI. Many companies end up using Fortinet because the GUI is very easy, and there's no need for training. They just deploy the box and do the configuration.

Also, we have to inform customers that with Check Point there's no need to purchase any routing device. Check Point can do that routing as well as the Firewall and the IPS. The marketing should be stronger, to show that customers only need one box to handle all the features. It will be cost-effective and enhance the performance and value, but because of their poor marketing, customers don't realize this.

In the future, a color string would be powerful. Sandboxing should also be offered. Many people want the Trend Sandbox but not on the cloud. In the Middle East, there is a policy for Sandboxing that states it should be on Trend as per the government law. They have Sandboxing solutions on the cloud, but they have to bring the solution onto Trend also. Palo Alto has Wildfire, Cisco has Talos, and Forcepoint has one available as well.

In the future, routing protocols should be more supported like OSPF and BGP. There needs to be integration with the SDN. I don't know if SDN is there or not in Check Point, but SDN is one of the major requirements nowadays.

For how long have I used the solution?

I've been using the solution for one month.

What do I think about the stability of the solution?

The solution is very stable.

What do I think about the scalability of the solution?

We just deployed the solution, so scalability I cannot speak to right now. But, as per Gartner and NSS Lab, they're allegedly very good. I don't think there will be an issue with scalability.

Which solution did I use previously and why did I switch?

I am currently also working on Cisco ASA, Fortinet, and Palo Alto.

What about the implementation team?

I'm an Operation Engineer; I handle the deployments myself. 

What's my experience with pricing, setup cost, and licensing?

Compared to Cisco Firepower Threat Defense, the solution is cheap. However, not as cheap as Fortinet or Palo Alto. If clients have smaller budgets, we would have to advise one of those instead.

What other advice do I have?

There are two deployment model modes in Check Point. One is a gateway level and one is a no gateway all-in-one box solution. With the gateway level, only hardware will be there, all operating systems are stored in a VMware and if there are any issues in the hardware, you just replace the box; all of your policies will be saved into VMware.

The all-in-one box you have the GUI policies and also the gateway so it's secure. If there is an issue in the box - like failure or downtime - all of the networks will be affected.

I would rate the solution eight out of ten. We haven't been using it too long, so we haven't had a chance to look at all aspects of the solution. I would recommend Check Point to customers because it is an affordable option.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Check Point CloudGuard Network Security Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2025
Buyer's Guide
Download our free Check Point CloudGuard Network Security Report and get advice and tips from experienced pros sharing their opinions.