Check Point CloudGuard Network Security Reviews

In our Azure deployment, CloudGuard Network Security serves as our cloud firewall.

Using CloudGuard Network Security has streamlined our transition to Azure by providing continuity with our on-premises setup, ensuring seamless management, and allowing us to maintain our existing security protocols without disruption.

We find all the features valuable, particularly the firewall, application control, URL filtering, and HTTPS detection, as they cover our primary security needs effectively. We realized the benefits right away upon deployment.

Improvements needed include better integration with Azure features to match on-premises capabilities, particularly in areas like identity awareness, to ensure seamless functionality across both environments.

I have been working with CloudGuard Network Security for a few months.

We haven't had any stability issues with the product so far.

We haven't had to scale much yet, but we are confident CloudGuard Network Security can meet our needs effectively if required in the future. I would rate the scalability as a nine out of ten.

Overall, Check Point's service and technical support are good, with an effective resolution of issues, although there is currently one open ticket, they typically address root causes efficiently. I would rate the support as an eight out of ten.

Positive

We have seen ROI in time saved due to our familiarity with deployment, integration, and policy creation, avoiding the need for extensive learning or adjustments.

We wanted to maintain familiarity with Check Point while transitioning to the cloud, opting for CloudGuard Network Security in Azure over Azure's native firewall for its effectiveness and seamless integration with our existing network infrastructure.

CloudGuard Network Security offers unified security management across hybrid clouds and on-premises environments, ensuring comprehensive protection across all assets.

Unified security management simplifies our security operations by consolidating all aspects, like web filtering, application control, and firewall management, into a single, easy-to-use platform, enhancing efficiency and effectiveness.

I have high confidence in CloudGuard Network Security because it runs seamlessly like our previous setup and offers robust protection. I chose it over Azure's firewall because Check Point focuses solely on security, providing more features, logs, and insights.

CloudGuard Network Security is deployed across multiple departments and business units, with various consultants connecting in, although the user count isn't high yet, it is set to expand across multiple businesses.

I would advise evaluating CloudGuard Network Security based on what is most effective and familiar, rather than just what's convenient or included, prioritizing what suits your needs best.

Overall, I would rate CloudGuard Network Security as a nine out of ten.

We use the product as an internal firewall between Azure, on-premises, and the internet. 

The tool's most valuable features are the REST APIs that help to automate the deployment and maintenance process. It helps us to reduce time to 15-25 minutes compared to the manual process which used to take around two to three hours. 

It eliminates the need to manually import hundreds of IP addresses into firewalls and architecture objects. This process now happens automatically. 

The tool helps us to automate processes. Operating it is relatively easy, especially for standard tasks like implementing firewall rules for source, destination, port, or URL. Our team can handle these tasks. 

We miss full blade support for all blades that are compatible with the cluster. Especially notable is the lack of support for Identity Awareness in active standby environments for customers. In our setup, transitioning to Connective clusters would be preferable for maintaining connections during failover situations.

I have been using the product since 2016. 

The product is stable. 

CloudGuard Network Security's scalability is easy. 

The tool's first response is usually prompt, and issues are generally resolved. Additionally, the support team proactively follows up, reminding us to provide necessary details when we might be on a high workload.

Positive

The deployment experience varies depending on the structure of your environment. In our case, we invested significant time in designing our network and aligning it with our existing Check Point environment. Once the overall design was complete, the actual deployment was straightforward. We have automated most of the process, enabling us to set up the environment within a few hours. Additional nodes can be added in just 20-30 minutes.

We had evaluated Barracuda before CloudGuard Network Security. We chose CloudGuard Network Security since Check Point knowledge was available in-house. 

Invest time in analyzing the templates provided by Check Point and tailor them to your specific requirements. Understanding the deployment process is crucial, as it allows you to benefit from it in later stages. You can optimize it later based on the needs. I rate the overall product a nine out of ten. 

In my company, we use the solution just to secure my AWS Network Insights and inside production. We use it for security purposes.

With the solution, we just need to filter the traffic coming from the internet and Direct Connect. So it filters the traffic, basically. It permits access. In short, it just filters the traffic and permits the traffic. The aforementioned details are the purposes for which we use the tool.

We use the tool as a basic firewall. It's a technical firewall. As a technical firewall, we use SmartConsole or Check Point Firewall.

The deployment phase takes too much time. I would like the deployment to be faster.

I have been using Check Point CloudGuard Network Security for two and a half years. We are using Check Point R80.10 SmartConsole in our organization.

Stability-wise, I rate the solution a seven out of ten since it takes too much time for deployment. However, it is flexible since we used to push the policy normally. It takes hardly ten seconds to install the policy. It's much easier.

I have been using the solution in my company for the last year. Other than the employees in my company, more than 25,000 users are using the solution hosted on AWS.

Basically, the application, which is hosted, is used internally. It's the same user account because it's not exposed anywhere on the internet. If anyone wants to access the solution from the internet, the traffic comes from Direct Connect, and from Direct Connect, it goes to AWS.

The initial setup was not much complex. The setup phase was good enough to be able to navigate through it.

It took a long time to deploy it. We need to run this on EC2 instances, so it took almost two hours to deploy the solution. After deploying the solution slowly, and gradually, we have to push the policy on the firewall. It takes time to deploy, but it's a stable one.

The solution is deployed on the cloud. It's a software we install in EC2 instances on AWS, which we use as a firewall.

We currently have six to seven resources managing the deployments and maintenance.

During deployment, we took technical help from Check Point.

It is a good-to-use tool that is also flexible.

Overall, I rate the solution a seven out of ten.

We use it as an edge firewall to our entire cloud environment. It protects our connections to all of our sites, to our cloud data center. And it's the internet edge, the protection mechanism between the internet and our network.

The biggest example of how it has helped our company function is the single pane of glass. The way that we implemented it is that we monitor a lot of devices in our environment through this one place now, instead of it all being distributed. We don't have to log in to different systems, correlate the data, and say, "Okay, this was related to that," etc. It's one pane of glass, so the time to resolution and the time to find what we're looking for have become a lot shorter because we're able to just put all the data into this one pane of glass. We can look at it a lot quicker and decipher what's going on a lot quicker that way.

In some cases it has saved us hours in time to remediation, in some cases a day. When dealing with a single problem that may have taken an entire work day or so to really hunt down and know what's going on, this has brought it down to finding it within an hour or 45 minutes or so.

We use its Unified Security Management to manage the solution for on-prem appliances. We combine our cloud and on-prem environments. We have multiple devices at different sites that we manage through the single Management Server, which elevates us, again, to another single pane of glass, instead of all these firewalls all over the place and having to log in to each one of them. We look at all the data and correlate it on the one system that we use to unify our physical sites and our cloud environment.

Using CloudGuard IaaS has also definitely freed up security engineers to perform more important tasks. We don't have a large team that works on these, but it has freed up the equivalent of one or two roles, overall. It saves everyone a couple of hours a week, and those couple of hours mean we can take on new projects as a team.

In addition, compared to native cloud security protection, Check Point is far more advanced. There are far more options available than in a lot of the cloud-native stuff. The cloud-native solutions have similar tools that are more "pay and spray." You buy it, you implement it, and you have a few ways to configure it for your environment. But the flexibility in Check Point is due to the fact that they've always empowered the management. You can tune whatever you want and however you need it. With other cloud providers, the approach with their tools is, "Here's how we do it in the cloud and you need to adopt it our way," which is fine. It makes it simpler to manage, but you have less flexibility to customize it to your needs.

It's really the whole suite that is valuable. But within that, the Identity Awareness is good because you can build your policies around each user. You can say what each user, or group of users, like HR, for example, can do. 

Also, the visibility, the one-pane-of-glass which allows me to see all of my edge protection through one window and one log, is great. Monitoring everything through that one pane of glass is extremely valuable.

Their IPS stuff is just fine. It updates the signatures regularly and it does a lot of that stuff automatically in the background so I don't need to worry much about that. It does its blocking and organizes things for me, as an administrator, to look at and to pick and choose what preventions I need to have enabled. That is user-friendly and it's very descriptive. I know what I'm looking at and what I need to enable. It's really useful and is one of the reasons I continue to use the product.

In addition, the reporting gives you a lot of flexibility in building your own custom stuff.

The biggest room for improvement is that, for a long time now, they've moved everything over to R80 but they still maintain some of the stuff in the old dashboard. They need to "buy in" and move everything to the modern dashboard so that you don't have to go to one place and to another place, at times, to configure the environment. It's time they just finish what they started and put everything in the new, modern dashboard. I thought they would have done that by now. It has been years. It's always a little disappointing when you get a new version and you see that it's still using the old dashboard for some of the configuration and some of the stuff that you look at.

They just need to make sure they get all their tools into this one place. It would make it a lot easier for the managers.

We just did an implementation of Check Point CloudGuard IaaS this year, so we've used it for less than a year. But the CloudGuard IaaS solution is the same software we've been running in our environment for years, just in the cloud. So our familiarity with it, and how it works is expert level.

I've had no problems with its stability or reliability. It's been up and running since then. We've done some patching of the system. And we've built it to be highly available so that we could shut certain ones down and bring other ones up. As we've done that, we've had no outages, nothing even close; nothing that would be of impact, since the implementation.

Scalability is amazing when you're in the cloud. It's no problem. Once you settle on a configuration like we have, and once you've put it together and decided that this is your de facto template, all you have to do is click a couple of buttons to deploy another one. And that scales upwards. It's very simple.

It's used pretty extensively in our environment because we are trying to get the single pane of glass for traffic going through our network in multiple directions from a bunch of different networks. It's playing a more important role than the individual Check Point firewalls we used. We don't, at this time, need anything more with CloudGuard. We may, in the future, need another data center, so that's a consideration. I'm looking at other Check Point products that secure other components, in different ways. Our relationship with Check Point is still growing.

Their technical support is usually spot-on. They've got some really good guys there. No matter what, sometimes you're going to get someone who is brand-new and who might not know as much, but they're okay at escalating, when that happens. But most of the time you've got someone who is highly trained and really knows what they're talking about, or they'll get you to someone who does. You generally find a resolution pretty quickly, or you can really take a deep technical dive with them.

For this type of functionality we did not have a previous solution. We're building a new cloud data center, and this was our first cloud protection. But it's basically a firewall on the edge of a network.

We've had different firewalls on the edge of our other networks prior to this and we've consolidated those into the Check Point solution so that we've got just one vendor to deal with. We had some Juniper firewalls and some Cisco ASAs. We also had some WatchGuards and one old Palo Alto in there. It was a variety of solutions, depending on which network we were in. There was something of a long journey that took us two years or so to get to where we are now. We're almost there using one solution, one pane of glass, and one configuration.

We knew we needed to change because things were taking too much time. We weren't being efficient. We weren't able to get stuff done. Requests that were coming in were not being fulfilled properly. They were being half-done. There were too many different technologies that served the exact same purpose. It was incredibly inefficient because everybody needed to be trained up on every single one of them, including everything that they needed to do in their roles. Unless we wanted to hire four or five times the amount of staff so that we could have people specializing in just firewalls, we needed to change. To keep the same lean model, where we have people doing a variety of roles, we needed not to have to study 10 different things that serve the exact same purpose. So we decided that we were going to consolidate to one vendor.

In our decision to go with Check Point CloudGuard the favorable results of its security effectiveness score from third-party lab tests were a factor, but not really important. Our biggest deciding factor was what we had in the environment already; what we were most comfortable with. What was important was a solution that was the most feature-rich, and that could actually accomplish our goals the best among the vendors we already had. We didn't want to go with an entirely new vendor either, to leverage some of the knowledge we already had about them. We picked what we thought would serve us the best.

The fact that Check Point has been a leader, for many years, in industry reviews of network firewalls definitely affected our decision to go with it. They had to be a leader because with this — because of how important it is in our network — I was not ready to take a risk on a young, enterprising company that may be very creative in what it's doing but that will stumble more, along the way, than a company that is well-established.

The setup seemed straightforward. We had a roadmap; we had it all planned out. But there were parts of the implementation that were "aha" moments. There were things that I found during the implementation that I told their engineers about and they would say, "Oh, you're right, that totally doesn't work," even though it was documented that it did. They would say, "We'll go back to our developers and they'll probably fix that in another release." 

During the implementation, we built and destroyed the environment about 10 times because we got to a point where we said, "Alright, maybe this is a problem with something we did earlier. Let's just start over and make sure that we follow every step and we don't make a mistake, to verify that this will work." A couple of different things were documented that you could do but it turned out that, no, you just couldn't quite do them yet.

We started talking about the deployment at the beginning of May and we were done by the end of June. It took about two months.

We were building a new data center in the cloud. We traditionally had stuff onsite but we had decided we were going to uplift everything and move it into the cloud. This was us building our network and the edge of the network in the cloud in preparation for moving everything up there. This was the first step in a long, ongoing process.

In terms of maintaining it, there is only ever one person on it, unless there's a major event going on. We're a team and all of us use the data coming out of it at various times. No one is ever just sitting there monitoring the thing all the time. We have other tools that help with that and send us notifications if something's weird that we need to look at a little further. It's the the team who are logging in regularly, every week, and pulling pieces of data out of it for either an investigation we're doing or a report we're doing. It's used frequently.

No one else is using it directly. There are other teams that, for certain reporting, may request some data from us to use for analysis. But no one else is actually logging in and using the tool.

We worked with the Check Point cloud implementation team. There were two of us from my team involved and three Check Point cloud architects who helped us through most of the process.

We've seen ROI in time saved in threat hunting and in having a unified policy across our organization. We actually have this one policy that we can look at to determine if something is going to be accurately filtered. It has been very valuable.

It has been very expensive but my approach is that, while we're spending a bit more money, we're getting everything that we actually need. We should be happy with that. Obviously everybody would love to spend less, but that's just not the reality.

The pricing is pretty high, not just for your capital, for what you have to pay upfront, but for what you pay for your annual software renewals as well, compared to a lot of other vendors. Check Point is near the top, as far as how much it's going to cost you.

Years ago they used to piecemeal and you could pick whatever you wanted. But now they have two basic options. You can go with this level or the higher level and that's it. It makes it simple.

We looked into the same vendors that we already had onsite. We looked at Cisco, WatchGuard, and Palo Alto, in addition to Check Point.

Some of them were actually quicker, in terms of mouse clicks, but they were less intuitive. With some of them you could just write a couple commands on a command-line and it would spit out the data for you, instead of having to click around with a bunch of mouse clicks. But that would have required some of the staff being comfortable with scripting, coding, and command-line stuff.

All of these solutions have their own unique perspectives. Most of them are pretty much market leaders. They're all very effective in their own ways, especially in threat protection. They all have very extensive databases on their protections and know what they're doing, and that's why they're all market leaders.

Sometimes you've got to pay for what you actually want. We realized that it's an expensive solution, there's no denying that. But we're happy with what we have gotten out of it. Sometimes you just have to fork over the cash out of your budget and work with it. Work hard with it, because you can't just spend money and expect it to work. But with the time that you put into it, you can get something really good out of it for your company.

Really do your analysis, which is something anybody should really know if they're going to spend a lot of money like this. They offer up trials. Try it out and see if it actually works for you.

One of the biggest reasons it was successful for us was because we already used it in our environment and we used it pretty extensively. We had a variety of different systems in there, but we used the Check Point more. So we were more familiar with it coming into it and that's why we leaned more towards it. We figured, it will be expensive but it will probably have the lowest learning curve for us to get where we want to be.

Another company may already use, say, Palo Alto extensively and be very familiar with it. If their decision is that they want their team to be really well versed in what's going on, rather than have to break it all down and study all over again and retrain everybody, maybe their choice will be to stick with their Palo Alto solution rather than flipping over to Check Point. 

If you're going to change vendors entirely, you're going to have a steep learning curve and that's going to mean it will take time, where you might not be able to fulfill a request, because you have to learn how to do it.

I haven't really measured rates like the block rate or malware prevention rate yet. The CloudGuard stuff is the same software running under there that I have run for years. It's just in a cloud environment and it's been extremely effective. It doesn't really paint a picture of how much actually gets through, so I don't know the rates, but I do know that I don't have a lot of problems with things getting through that I didn't know about or didn't want to get through.

I don't think there are really any false positives with this solution. Sometimes an investigation that leads me down a path and I follow it so far that I can't quite figure it out, but I attribute that to not having enough visibility into other areas of the environment to actually see what's going on, so I can't paint the whole picture and can't then solve the problem. But I don't have a problem with false positives leading me down a path towards something that just had no relevance at all.

The ease of use is good if you have a strong technical background. The intuitiveness of getting in there has a learning curve to it because there's a lot going on there, but with something that takes care of this many things in your environment, it's hard not to make it complex. They've done a pretty good job of trying to make it as uncomplicated as possible, but no matter what, you're going to have a learning curve to be able to use it effectively.

The Unified Security Management has made threat hunting a lot easier because we have it all in one view, but managing the environment has become a little bit more complex because we have one ruleset to cross the environment. So we really need to know what we're doing there. We've had to adapt a little bit towards that. Instead of having little rulesets all over the environment, we have one massive ruleset. We have to be a little bit more careful about what we're allowing because it can affect more than just the site you want to change. For example, if you want to change a device in New York, you have to be very careful that you don't affect a device in Boston as well, because it's all in this one unified policy.

Overall, Check Point has been a nine-plus out of 10 for me. I'm really happy with it. It's a very expensive solution, but everything has gone really well. There are bumps along the way, like with anything. I don't fault them for that. We've worked with it and we've worked around those problems and have come up with solutions that work for everybody. So everybody's happy in the end.

We use the security gateways to protect the virtual data centers. 

The most valuable feature for us is the ability to run the gateways as virtual machines in our virtual data center. The tool protects the virtual data centers. 

The solution's integration with cloud providers has seen significant development in the past months, but there is room for improvement for better integration.

I have been using the product for two years. 

CloudGuard Network security is stable. 

Scaling up is straightforward, involving the purchase of additional licenses and allocating virtual CPUs to the client.

CloudGuard Network Security's support is good. I would like the support to be faster. However, it is not possible all the time. 

Positive

The tool's deployment is straightforward. 

My customers have experienced ROI with the tool's use. If there's a security issue, it can lead to downtime or loss of data, which means losing money. So, the main focus is on the financial aspect. Security is also one of the benefits of using the product. 

We have both cloud and on-premises deployment models. The solution offers protection and full visibility of traffic on cloud solutions. It is rock solid and comes with proven technology. We can benefit from its detection rates and security. I rate the overall product a ten out of ten. It is a straightforward solution that uses existing technology. We don't have to learn new technology. We can use what we know and deploy it on to the cloud. 

The solution is a core operating system, and we use it for threat intelligence.

CloudGuard has a better catch rate with respect to any attack which is happening. We once faced an attack in a customer's environment on one of our data centers, and Check Point Firewall blocked that attack. The solution's performance is on the higher side.

The feature most valuable to me is the NDTX blade that Check Point provides, and I like how the solution is not vulnerable. We haven't had any vulnerabilities in Check Point in the last six months, which is a plus point because the OS Check Point provides is hardened enough that it's not vulnerable to the newer issues, so the network security solution is given in a proper way. These features are an advantage for our customers.

The solution is easy to use once deployed if the administrators have a basic understanding of firewalling. Administrators just have to check the traffic passing through the solution, which will log the traffic properly. And if anything gets dropped, the solution will showcase that to you. The management server Check Point uses is a gold standard.

Check Point CloudGuard is not a feature-centric product because Check Point concentrates on security. For example, if a customer asks for reporting, it might not be available, like a bandwidth report. At most, the reports are given with respect to security, not infrastructure.

I've used CloudGuard for the last three years.

We have more than 50 customers.

Customer support needs to think about what the customer is talking about. They need to improve on that.

CloudGuard is not a plug-and-play product and requires proper technical knowledge to deploy it. You need the help of a proper professional to deploy it. Deployment hardly takes four hours, but that's only if you know what you're doing. You need to plan the deployment with respect to AWS. You have to know what exactly the customers have deployed in AWS or Azure, or any cloud solution, and based on the review, you need to do their architecture before you can start the deployment. The first step, then, is to understand the customer's data because everything is on a template when it comes to the cloud. You should understand which template you need to use on any cloud. It is impossible to deploy if you're not aware of the customer's environment and how the cloud infrastructure is made. After selecting the proper template, you have to do the implementation. The implementation will go smoothly if you understand the customer's requirements and infrastructure.

I would not say Check Point is very expensive, but when customers compare it with Sophos or any other products, the price is on the higher side.

In terms of features, FortiGate has more features in terms of routing.

Our customers use Check Point solutions both on-premise and on the cloud.

Check Point's research and development happening in terms of threat intelligence is better than its competitors, and Check Point's vulnerabilities are fewer. Check Point CloudGuard Network Security has proper security in place with respect to the vulnerabilities. They do not have any vulnerabilities right now. And the research and development happening on Check Point is on the higher side. Most zero-day attacks are protected against. Customers should go for Check Point because of these two points.

If a customer wants FortiGate instead, it's all about whether they can map the budget with Check Point or any other security solution. I cannot compare Check Point and FortiGate, though, because each has its own market.

I rate Check Point CloudGuard Network Security a nine out of ten.

Check Point CloudGuard Network Security is the best security software for protecting IT systems inside out. There is no compromise with system security if the CloudGuard Network solution is intact. It provides threat prevention and protection from malware and enables system and server security up to 100%.

We have numerous API integration of our internal IT systems with outside servers and network systems, where security lapses are a huge concern. CloudGuard helped in providing complete security and protected entry of threat entrants in our system from outside servers.

CloudGuard Network Security has enabled the security system to operate safely without any trouble. It has resulted in saving on huge expenses for organizations as it's a cost-effective and cheap alternative compared to its market competitors. It brings a secure IT environment for a workforce, which leads to boosting productivity and an increased revenue stream for the organization. This leads to increased productivity and prosperity.

Also, it's the one-stop solution for preventing systems from security threats and all kinds of endpoints in the IT space.

There are no security lapses and 100% restriction of threat entrants in the system or server.

It's a cost-effective solution with no false positive cases.

The product helps in bringing productivity and enhanced customer experience for users.

We have a happy workforce and more workforce retention and increased IT environment sustainability.

There is 100% proactive detection of root causes and root sources.

It is dynamic and agile, and its features and utilities continuously improve and evolve.

It's the best-unified endpoint management solution for IT systems globally. The product is available for all kinds of business users.

We really believe in ongoing improvements for emerging business needs. The business and product development team should introduce a high-end feedback collection mechanism and analyze the customer requirements constructively.

The feedback mechanism is best to understand the user and market needs. All kinds and sizes of businesses should be approached to provide feedback so that unanimous decisions and unbiased reviews/feedback can be collected.

Also, more customized strategic pricing can be involved and introduced so that more and more businesses can be attracted for trial and usage of the software. 

We've used the solution for almost a year now.

The product offers amazing stability and we had no discomfort or hassle in the setup.

The solution is scalable and attractive.

The solution has strong customer support and agile service experience.

Positive

We use McAfee solutions earlier due to the company and parent organization's long-term association with McAfee.

After subsequent years of usage, we felt a dire need of usage of advanced security solutions. After receiving continuous good feedback from peer organizations, we landed at Check Point.

It's been a great experience so far.

The setup is effortless and not complicated at all.

We implemented the solution through vendor team management.

We've seen an ROI of 80% to 85%.

In my book, Check Point comes as quite a handy and cost-effective alternative for the security enablement of IT systems. It's cheap and easy for deployment and is the best solution so far. Its signing of SLA and maintaining long-term key association and collaboration with service partners is really effortless and easy. We've had a highly professional partner experience.

Licensing is usually annual.

Setup and deployment costs are offered with discounts that are attractive and  sustainable.

We analyzed and did trials for Cisco Secure Firewall and other security solutions like Trend Micro, etc.

I would strongly recommend everyone to go for a trial of this security solution ASAP. It is one of the best experiences ever.

Our use case is simple. We utilize CloudGuard Network Security with a bridge to connect all components in the cloud directly to the on-premise. By establishing peering with the bridge, we route traffic to the Google Cloud-based cluster. We apply our standard on-premise environment rules to CloudGuard, utilizing threat prevention, EPS, etc.

The most valuable feature for us is the simplicity of creating this environment. Even though our current cloud usage is limited, the process of setting up machines in the product and establishing an HR system was straightforward. 

CloudGuard Network Security helped us create stable VPN connections from our Google Cloud to our data center. This was important because we had issues with dependencies between Google, the data center, etc.

We have an on-premise management system, and it's straightforward. We use it within the same management of our other files. 

In the past year, I noticed that the challenging part, especially in the cloud, is upgrading to the next release of the firewall. Unlike on-premise upgrades, it's not as simple in the cloud. You need to recreate the machine, which makes the process more complex.

We have been using CloudGuard Network Security for four years now. We initially adopted it when we began using the Google Cloud platform. It helps us enable connections between the cloud, data center, and hybrid infrastructure. 

The solution is stable. 

The tool's pricing is not cheap. 

I rate the solution a nine out of ten.