Check Point CloudGuard Network Security Reviews

Our end customer is using Azure to host a few applications in the cloud, and we utilize CloudGuard Network Security to secure those assets.

CloudGuard Network Security provides unified security management across hybrid-clouds as well as on-prem. Our customer is also using Check Point on-premises, so we have one place to create all of our policies. It is a lot easier than doing it at different places. We have the same policy in different clouds and on-premises. That is a great thing. There is a seamless experience and the same management. That is a great advantage over using Azure's native firewall.

CloudGuard Network Security has helped reduce our organizational risk by about 15%. That is because of the ease of working with one big policy that spans the entire organization.

With CloudGuard Network Security, we get a unified solution. It does not matter if we are on AWS, Azure, or Google Cloud. The migration with Scale Set is nice to work with. It is very easy to upgrade and so on.

Scale Set is highly beneficial. It is easy to upgrade and maintain. 

It is pretty great in all aspects, but the integration could be easier, especially with Scale Set and related features. It was somewhat challenging a few years ago to set it up, but once completed, it worked well. Easier integration with on-premises solutions could be beneficial.

I have used the solution for about three years.

The track record is excellent, with nothing to complain about.

The scalability is great.

Their support is great. We get quick responses. The customer support consists of very talented people. They are nice to work with.

Positive

I have used Azure Firewall. I have not extensively worked on AWS. In Sweden, our focus is primarily on Azure.

We went with CloudGuard because we have been working with Check Point products for quite some time. It is an easy choice. We are already familiar with on-premises network security, so choosing the same in the cloud is a big benefit.

Maintaining the policy is not difficult at all with CloudGuard. In fact, it is easier compared to Azure Firewall, which seems a few years behind Check Point. The solution is effective for utilizing all security features Check Point provides. Although I have not used all CloudGuard features yet, its network security is akin to an on-premises firewall.

We have a CloudGuard in the cloud, and we use normal quantum gateways.

It was not as simple as on-premises, but there were good guides on how to do it, so we managed in the end.

We are the integrator in this case. We managed the implementation for one of the end customers. However, we had support from local Check Point representatives.

The main return on investment has been in the time spent working with the solution. Since everything is unified in both cloud and on-premises environments, troubleshooting is faster.

It has saved about 50% of the time. If we had two solutions, we would have to troubleshoot two solutions.

Handling costs is not my department. Licensing has been quite acceptable. It is a bit easier now, but when I began working with CloudGuard, it was a bit too technical.

My overall product rating is a nine out of ten. A slightly easier setup process would be great. Check Point is performing well. The cloud is evolving rapidly, and Check Point is keeping up efficiently. 

Public Cloud

Microsoft Azure

I am tasked with deploying firewalls in Azure Cloud, AWS, and VMware. This involves setting up virtual machines in VMware and is essentially focused on these tasks.

It does a great job protecting the clouds.

The important point is that the solution is integrated into our management system (if they already have Check Point). It's just one more gateway to add. We have it on Azure and others. The advantage lies in the integration within our existing ecosystem, which is amazing.

It's good at identifying threats and on par with the market - at least, in comparison to the others we work with. 

We have confidence in secure cloud deployments and integrations. It's important to have confidence. Even if nothing happens, you are protected, You never know when bad luck will happen. There are some public cases that were missing network security on the cloud, and they were affected. It's a must-have, like an insurance policy. 

The license model could be simpler. We have some issues with the license since it tries to be simple, and yet in some cases, it tends to be complex. Apart from that, I do not recall any other issues.

I have been using the solution for roughly four years.

The stability is generally good. Sometimes there are issues we do not understand, especially with older features. Outside of that, the stability is good. It could be better. For instance, when we are working on a release and do an upgrade, we start experiencing unexpected issues. New features might have problems, however, for existing ones, we expect the same level of functionality as before.

We do not use scalability. I do not have much experience with auto scaling, however, it could be beneficial. Usually, our customers use a model that involves bringing their own licenses with static gateways, not scaling out.

Check Point support has its ups and downs. Sometimes, the support is good, and other times, we are a bit desperate. Overall, I would say the customer service is good, not marvellous. There are some challenges.

Positive

As integrators, we also work with other solutions. The main difference is we can take advantage of integrative management. If you already have an environment with Check Point, it's easy and an advantage. 

We typically deploy to the cloud. We create an implementation strategy with our clients. 

Usually, the customer is very savvy and knows what they want. We provide some advice, however, usually, they have their own ideas on what to do and when to do it.

It is important to have this solution because even if nothing happens, you are not protected without it. You never know when bad luck might knock at your door. 

I rate it eight out of ten. 

You need to have some kind of protection in the cloud. Maybe the native protection is enough, maybe it is not. Having protection gives more confidence in the solution. 

Hybrid Cloud

Other

I have implemented the solution for customers at about three or four different companies now. I primarily use it for general Cloud Security to protect Azure. In most cases, it has always been about securing Azure.

For me, Checkpoint in general is characterized by the ease of day-to-day use, management, log review, and all that. This is a big plus because I can execute these tasks effectively through the Cloud, which is the biggest point for me. It is a significant improvement over Azure's security features, providing enhanced security when Checkpoint is implemented. This is especially beneficial nowadays, as businesses are working with fewer people who need to accomplish more tasks.

In my experience, the failover times are a bit poor during an HA failover in the Cloud. However, this also depends on API calls in Azure, so there is not much I can do there. If there is something I could improve, it would be this aspect.

I would say that I have used Network Security for about two years.

The first few setups are always a bit uncertain, like wondering what is going to happen. The documentation is great, but the problem with Cloud technologies is that it changes all the time, leading to outdated documentation. It can be a bit challenging in the beginning, but once I get used to it, the process is acceptable.

The stability is good, apart from the failover I mentioned before, which takes a bit of time. Again, it is not really Checkpoint's fault; it is just due to Cloud architecture. Overall, stability is good, and upgrades are proceeding well.

Scalability offers two solutions: the gateway and the load balancer setup. The load balancer setup is fantastic. If I need anything, it spins up or spins down and works smoothly. When I adopted it around three years ago, I deployed clusters in the Cloud with two firewalls in HA, but the failover was not ideal. Depending on the scenario, I need to choose the right solution.

Technical support has greatly improved over the last couple of years. It used to be less effective, but now it is in a good state. Also, interactions with salespeople from Checkpoint are going well. I have talked with Palo Alto support as well, and Checkpoint is way better.

Neutral

I just started at the company I am working for now, but my previous customer used Palo Alto. They have the same products, of course, but the usability is not the same. It is stable and good, but the usability is not equivalent.

I use multiple approaches. First, I create an architectural design and check with their Cloud team to see their implementation of their environment. Depending on that, I proceed accordingly. It is really customer-based.

For us, it is not really applicable since we sell it and that is the end of it. However, the feedback from customers has been positive. It performs well, effectively doing its job without slowing down and stopping threats. I think the customer is also receiving a significant return on investment from the solution.

The most significant advantage for a day-to-day user like me is the logs. In Palo Alto, I need to manage brackets and everything, and issues arise if something is spaced incorrectly. In Checkpoint, I can input whatever I need and get the required results. This is a major win in troubleshooting. Logging is okay on both platforms, but if I know exactly what to type in Palo Alto, it is manageable. However, they are quite similar without too big a difference. For email security, Checkpoint offers a big advantage, but that is unrelated to Network Security.

I would give it a solid eight. This is quite a good score in my opinion. Absolutely. I rate the overall solution an 8 on a scale of 1 to 10.

I am using a Public Cloud deployment model.

I use Microsoft Azure as the cloud provider.

We had the firewalls set up in the cloud systems. We were using them for VPN as well as the encryption of traffic coming in and leaving the cloud.

When COVID-19 hit and everybody started to work from home, we did not have a scalable VPN technology. Also, with more people working from home, security was a bigger concern. CloudGuard Network Security addressed both needs in one single product.

After implementing CloudGuard Network Security, overnight, 500 people could work from home on a secure and encrypted tunnel. What more could we ask for? When COVID-19 hit and everything closed down, we were able to spin this up within 2 weeks.

CloudGuard Network Security provides us with unified security management across hybrid clouds as well as on-prem. There is a single admin client that you can use. You can have a firewall deployed on-prem. You can have a firewall deployed in GCP. You can have a firewall deployed in AWS or Microsoft Azure, but you can manage it all with a single pane of glass. You can have a single management station managing all of these.

We are very confident about it and our security. It is a very robust solution.

The endpoint VPN is super stable. The routing is also very good. We tried a competing product first, but we could not make it work. We came across CloudGuard. The network routing across different virtual networks in Azure and AWS was way ahead of any of the other technologies. That helped us be able to cover the whole network using one single cluster.

They have come such a long way. There may be other areas that other people use, but as far as I am concerned, I have been very happy with it. There are always newer features getting added and new encryption protocols coming. I can see where they are going and how far they have come. I have been using the Check Point firewall since 2010. It has been 14 years, and I have seen how they have improved.

They are coming out with more SD-WAN express route support from a firewall perspective. That would be great. They keep on launching new features. That is how they work.

I was one of the first sites to use it as a PoC before they even introduced it to the world. It has been 4 or 5 years.

I would rate it a ten out of ten for stability. It has been running since we put it up.

I would rate it a ten out of ten for scalability. It depends on your design. You can either have a static deployment where there is only one firewall, two firewalls, and four firewalls, or you can put it in the elastic mode where it will spin up as the load goes up. It will auto-scale up and auto-scale down. It is fantastic.

They are fantastic. Their technical support is absolutely great. There is ownership right from the top down. They know their product. They stand by their product. If there is a feature that is not working, I have seen them write patches for me in 48 hours. They offered to provide the patch by Sunday evening in Tel Aviv, and by Sunday afternoon, I had an email saying that the patch was available for our download. We could download it and reinstall it. That patch was only written because of something in my deployment. It was not like they had 200 customers who complained about it. I was the only one complaining about it.

Positive

We did a PoC for one week. We had some major issues because of sizing. We sized CloudGuard too small, so we made it bigger. The next week, we did another PoC, and it worked well. By the third week, we were done. We went live, and everybody was working from home. 

I would rate it an eight out of ten in terms of ease of installation.

Their support was good. We set it up when nobody else in the world had seen it. We were probably the third company in the whole world to roll it out. We were that new to it. Nowadays, I would rate their support an eight out of ten, but in those days, it was one out of ten because we were all learning together.

I was the only one involved in its deployment. To deploy this, you need to have a background in IT security and networking put together.

We have seen an ROI. 500 people were able to work from home. That itself is a huge ROI.

It is one of the top solutions in the world. We know that it is protecting our entire cloud infrastructure, so it makes a lot of sense.

I quite like the way they priced it. It is very reasonable.

We did evaluate other solutions. We looked at Fortinet, and they could not do cross-VNet traffic at that time. We spent almost five or six days. We worked 10 to 12 hours a day. Even after 60 to 70 hours, they could not make it work, but it worked out-of-the-box with CloudGuard Network Security. In terms of ease of use, CloudGuard Network Security is any day easier.

We did not just go with our cloud vendor's cloud firewall because the cloud vendor did not have a firewall at that time. Secondly, even if they did, it is always good to have a third-party product protecting the cloud. If we are using AWS, I would not put an AWS firewall there because if there is a compromise somewhere else, it is most likely going to carry over to their firewall too because everything runs on the same fabric, whereas this is separate. It gives a completely independent security front end.

I would definitely recommend it. I have used it. I know how it works.

Check Point has been one of the pioneers of firewall technology. This is the only product that they really do. They are into cybersecurity firewall technology. They are not like other competitors, such as Cisco or Fortinet, who also have network switches, hubs, routers, etc. Check Point is a dedicated company that does cybersecurity. All in all, this is what they do. You can see the investment coming from the top down. They have ownership of the product. I have raised complaints that have gone up to Gil Shwed. He is the CEO and the founder of Check Point. I have got an email from Gil saying that he knows we are frustrated, but they are working on it, and he will make sure that this gets fixed. That is the kind of ownership they have.

Overall, I would rate CloudGuard Network Security a nine out of ten.

I am quite satisfied with it, as it secures our virtual environment in both CloudGuard and on-premises. The business case was that we have several customers transitioning from on-premises to cloud solutions, and we wanted to have the same visibility and security in CloudGuard as we had on-premises.

We wouldn't have the same visibility or granularity if we didn't have Check Point. 

We have very good visibility or granularity regarding security. 

Since we are using the same management both on-premises and in the cloud, we did not need to create other security measures or learn new technology. This allows me to achieve the same results with our existing resources.

It's quite interesting to see all the new features being added to the solution. I plan to do more integration with the CloudGuard-specific elements within the new policy framework. Although I do not remember the specific name, there is a feature that involves a revision of the policies. That will be our next addition.

We have visibility both on the cloud and on-prem, and we are very satisfied with that. 

It's helped us with our security posture. We have the visibility. We have the possibility to deploy new stuff. We also used the data center dynamic objects. So when we tag solutions, they get the policies they should have from the setup.

It's easy to use and deploy. 

I'm quite satisfied with the solution. I don't have any notes for improvements. 

I have used the solution for five or six years, maybe.

I haven't had any issues regarding our cloud environment. It is completely stable with no downtime. 

It's not a scale set. It's a single node. We'd need to look at the scale set to see if there was a way to get better performance. 

I have been a Check Point customer for quite some time. We do not use other solutions. 

The initial setup did not take too long. I am unsure of the exact duration, however, I was up and running in about an hour. It was very straightforward and almost plug-and-play.

Everything could be cheaper, of course. 

There are cloud-native options. During setup, we had quite a few people telling us we should just use cloud-native solutions. However, we wanted the same security measures on-cloud and on-prem. It would have been cheaper to stay with cloud-native; however, to have visibility in the same place is important. 

People might just use a cloud-native solution since they are already there and cost less. However, my priority was to maintain visibility and consistent security measures in the cloud as on-premises rather than focusing on cost. The unified management from one platform and centralized visibility are invaluable to me.

I am quite satisfied with the solution, and I do not have significant suggestions for its improvement at this point. The product team appreciates feedback, and fortunately, I have comprehensive playbooks for deploying new solutions. The process is straightforward, especially with the dynamic data center objects. When solutions are tagged, they automatically receive the appropriate policies. 

Overall, it is an excellent solution, and I would rate it a ten out of ten.

Hybrid Cloud

My primary use case is to protect the cloud applications that we store specifically in Azure. 

It has helped our organization with security. We have other Check Point firewalls, so we can accumulate everything in one place and manage everything in one place.

It provides unified security management. It makes things easier and faster. We can manage it all in one place in one policy package. We do not have to worry about anything else.

It has helped us reduce our organizational risk.

The most valuable features for me are related to management. I can use the data center objects directly in the policy without worrying about specific static IP addresses. The data center objects update automatically if the IP addresses change. 

There is room for improvement in how it handles deployment itself, but I am not sure. It could be due to Azure's limitations, not Check Point's. Deploying a new firewall is quite bulky and not straightforward, especially in managing the resource group and networks. These issues seem to come more from the Azure part. It is hard to tell.

I have used the solution for about a year now.

The stability is good. I find it really good.

We do not use it regularly, but I tested it and it is quite good.

My experience with customer service was good. On a scale from one to ten, I would rate it a nine out of ten, leaving a gap for improvement.

Positive

I previously used Azure Native Firewall. Other solutions were just tested. We did not use them. We left Azure Native Firewall due to the firewall's slow performance, especially for operations like applying rules. The general functionality of that firewall was incomparable to CloudGuard. 

We have a hybrid environment. We have Azure Cloud.

The initial setup was fine for me. All the complications likely come from Azure. Generally, from Check Point's perspective, it is pretty simple to set up the firewall and attach it to the management. It is easy.

In terms of the implementation strategy, we follow a default or standard deployment plan for all firewalls. It is pretty much the same for on-prem and cloud firewalls, with some differences depending on the cloud, but generally, it is the same list of things to do.

We are integrating ourselves. We did it all in-house.

From the engineering side, it reduces the amount of time I spend on doing changes on the firewalls, like adding rules, which eventually saves money for the company.

Generally, it has been fine for me. I can find my way around the price list, and it is pretty simple.

We did a comparison before we went with CloudGuard, though not for this customer. We generally researched different solutions like Palo Alto, FortiGate, Cisco, and Azure Firewall. We mostly work with Azure, so we did not look into AWS or other solutions.

We went for Check Point because of its ease of management, security features, and cost. Check Point management is way easier. It saves so much time. That is why I prefer to stick to Check Point solutions. Check Point was also one of the cheapest ones. 

The management part simplifies many things. Regarding security features, there are good competitors, and I can replace Check Point with them easily, but it is the management aspect that makes it different for me.

In terms of security threats, I have not done a lot of heavy testing on threats, but my experience is pretty much on par with Palo Alto solutions. FortiGate is a bit less, and I did not even try Cisco security. In my experience, the easy management of Check Point makes all the difference.

I would rate the solution an eight out of ten.

We are dealing with customer data, so we use a firewall to cover all API calls. If you access our sites, it will be via Check Point Firewall. Or if you send a file, it will go via Check Point Firewall.

Check Point CloudGuard provides comprehensive security coverage. The solution covers all entry points and helps manage customer data securely by covering all API calls and processing data efficiently. 

It offers alerts for suspicious activities and an automated system that updates itself to detect irregular patterns, providing notifications for possibly compromised situations.

The pricing is too high. We pay more than twenty-five thousand USD per year, which could be reduced. 

Moreover, Check Point does not initially support serverless architecture, requiring additional efforts from our team to manage it.

Our company has been using Check Point tools for five years.

There are no issues with the stability of Check Point CloudGuard.

The solution is scalable to support our growth for at least two to three more years.

Customer support is efficient with no major issues. The support team is responsive and cooperative. However, the knowledge and expertise of the professional services staff were inconsistent.

Positive

We experienced a lower pricing offer from Trend Micro, however, due to security preferences and support, we chose Check Point.

The initial setup faced challenges due to knowledge gaps on the professional services team. However, the technical side was supportive and helped address these issues.

The professional services used for implementation had inconsistent expertise, requiring involvement from our technical team to resolve gaps.

Pricing is high, over $25,000 USD annually. The package offered includes features we may not need, and more flexible licensing could be cheaper.

We considered alternatives like Trend Micro, which offered more competitive pricing.

I would recommend Check Point CloudGuard. The solution is rated eight out of ten overall.

Hybrid Cloud

Other

Our primary use case for CloudGuard Network Security is to secure the cloud environment where we host our backend systems. The platform helps to guard the network security of our infrastructure by securing the traffic and preventing cyber threats. 

It also ensures compliance with industry regulations. Moreover, it integrates easily with AWS and Google Cloud, allowing us to apply a unified security policy throughout our cloud infrastructure.

Check Point CloudGuard has been very helpful in maintaining a high level of security across our cloud environments as our apps integrate with multiple cloud services. 

It ensures secure communication between services and user devices, protecting sensitive data like user information and financial transactions. This has resulted in increased client satisfaction and retention, particularly in sectors requiring stringent data protection like finance and healthcare.

One of the most valuable features is the automated threat prevention, which helps us detect and block potential cyberattacks in real-time, minimizing data breaches. 

The ability to integrate with multiple cloud platforms provides a centralized view of our applications, enhancing security management. The solution also offers real-time visibility and protection against network threats.

The user interface could be more intuitive, and the initial setup and configuration can be complex, requiring a technical team. 

Additional improved documentation and support would make it easier for beginners and small-scale startups. Furthermore, the pricing model is quite expensive, which could be a barrier for smaller companies.

I have been using the solution for approximately one year.

The platform is quite stable. We have not faced any difficulties with its stability.

The solution is very scalable. I would rate its scalability as nine out of ten.

My experience with customer support has been positive. They are responsive and knowledgeable, available twenty-four by seven. However, they could improve by providing documentation for offline issues to better assist users who may not reach out to them directly.

Neutral

Before using Check Point CloudGuard, we managed security through a team of experts. Due to budget cuts during a recession, we switched to using this solution to maintain our security standards.

The initial setup was quite complex, requiring a technical team to understand the processes and implement the solution. More intuitive configuration tools and better documentation would be helpful.

We deployed the solution with a team of fifty-seven people, including cybersecurity engineers and cloud experts, along with support from customer service.

Implementing CloudGuard has resulted in an excellent return on investment over one hundred percent ROI. It has saved costs in our security team, saved potential security breach costs, and enhanced client satisfaction.

The pricing and licensing are expensive, costing between seven thousand to eight thousand dollars. While it offers good features like threat prediction management, reducing the cost will make it more accessible to a broader audience.

We have not used other network security solutions before Check Point CloudGuard.

It is important to prioritize security if managing data in multi-cloud environments. Having a technical team familiar with cloud security is recommended. Working closely with Check Point's support team can help in navigating complex terminologies and enhancing security across cloud platforms.

I'd rate the solution eight out of ten.

Public Cloud

Other