Check Point CloudGuard Network Security Reviews

CloudGuard is protecting my cloud workloads. The secure communication between my on-premises network and the cloud network is the main use case. I am establishing one continuous rule set across all of my infrastructure and then maintaining all the guards and measures throughout my infrastructure.

We managed to reduce the effort and workload as well as the attack surface across our infrastructure. We now have a more continuous policy. 

The centralized management is one of the key use cases. 

I managed to reduce the effort, workload, and attack surface across my overall financial infrastructure. These are the main things. Centralized management is the feature I like best, resulting in reduced workload and more continuous policy.

We have unified security management across hybrid environments. 

It's good for identifying security threats. We compare it to what cloud solutions providers offer. We look more into the actual traffic and the enforcement of the policy. What Check Point provides goes beyond and is not comparable to what is offered by the native network solutions. 

We have confidence in secure cloud migrations. It's imperative to use a solution like this. We wouldn't want to run our cloud without this level of security and protection.

Today, we are trying to look more into encrypted traffic. API security is one of the most highlighted aspects we are currently evaluating. Network Detection Response (NDR) and AI protection are the main areas I am focusing on now. In addition, I am looking into Secure Access Service Edge (SASE) solutions in general.

I have been using a Check Point solution for three and a half years now. I have used network security for a much longer period before that. 

The stability is very good. I am very happy with stability.

CloudGuard scalability is what it is. It integrates perfectly into the cloud world, which is what I expect. With the centralized management in place, scalability is perfect. I can deploy it everywhere I need it. Scalability is one of the key factors for selecting this solution.

Check Point support is similar to other support on the market.

Neutral

I have looked at Cisco and Palo Alto. I evaluated these solutions and then came to terms with Check Point. We like that it integrates with other security solutions from Check Point we're running.

We have looked at competitive vendors a lot and we decided to go with Check Point. We've looked at Cisco and Palo Alto, however, we preferred Check Point's centralized management. 

Overall, I would rate the product eight out of ten.

I use it to protect our public cloud workloads today. It safeguards them directly from the internet and also from the corporate network. We have interconnected our Azure environments with our on-premises network, including our data centre. CloudGuard Network Security helps protect workloads within Azure from both the corporate network and the internet.

CloudGuard Network Security has significantly improved our operations. Its automatic scaling capability, based on the network load, eliminates the need for capacity planning. 

We don't need capacity planning anymore or do proactive actions in order to always have that capacity planning, it does it automatically. Our network engineers now focus on administering the entire cluster rather than managing individual members and their loads.

Our confidence in our cloud network security is pretty high, largely because of central console management. It ensures that we have uniform threat prevention policies applied globally, which significantly boosts our confidence in the system.

The most valuable feature for us is the scale set, which allows us to scale horizontally, vertically and dynamically depending on the traffic load.

It provides us with unified security management across both CloudGuard and on-premises environments. We use CloudGuard Network Security for Azure and have a single management console that allows full visibility into logs and consolidated logs across all environments. This ensures we maintain consistent IPS, IDS, and threat prevention policies across all regions and data centres.

There is room for improvement in the integration with PaaS services from the public cloud. It would be very helpful. A more cloud-native approach is needed because even it is PaaS services require public cloud resources, even if the traffic load is low. These resources are still required for high availability and resiliency.

So, a full PaaS solution with improvements on that end, basically.

I have been using it for five years now. 

We have many different firewalls worldwide in our environment. Check Point support provides direct, 24/7 support, even when some components may be outdated. Since almost 95% of our hardware is supported, they're still able to provide support for the remaining 5%, which is greatly appreciated.

Positive

We opted for CloudGuard primarily due to two factors, which ultimately became three. 

• First was the Azure consumption cost, which was lower compared to competitors. 
• Secondly, its plug-and-play capability is straight out of the box, as deployment is directly made from the Azure Cloud Marketplace. In contrast, with competitors, you have to manually import and deploy the image they provide, which isn’t off the shelf. 
• The third factor was the scaling solution offered by CloudGuard, which we found to be the fastest.

I was involved. It was straightforward, out of the box, plug and play. 

We didn’t use a reseller or integrator; it’s really simple to deploy, and we had the capability to set it up on our own.

I haven't calculated it because we deployed CloudGuard Network Security as part of our cloud journey. The ROI wasn't calculated solely on that part; it was more about the overall process of closing the data centre and moving to the cloud.

The licesning has some good features. For example, the scaling feature is free of charge, allowing multiple scale-ups and scale-downs over a two-week period, which is pretty good. 

However, since we are still on an IaaS infrastructure, we end up paying for firewalls that are operational without actually handling traffic loads. This is why a PaaS approach would yield more benefits for us.

Overall, I would rate the solution an eight out of ten. The reason it's not a ten relates to the need for a more cloud-native solution that fits today's requirements. The deployment was five years ago, and we're still waiting for Check Point to evolve to truly have cloud-native capabilities.

I'd advise looking into the scale set feature and the out-of-the-box capability, which were really the silver bullets for us. It was a strong requirement, and if anyone is seeking that kind of solution, I would greatly recommend it.

We utilize CloudGuard Network Security as virtual appliances deployed within virtual machines, acting as firewalls at the perimeter of our data center in QSaver. These virtual appliances safeguard all internet access originating from the virtual machines at our factory in Curitiba, Brazil.

The challenges we sought to tackle through the implementation of CloudGuard Network Security were to ensure the protection of our servers against threats and attempts to breach them via internet-facing avenues.

We found it advantageous due to its ease of implementation and use. There were no delays in receiving customer devices, which enhances security within the environment.

We enjoy all the benefits typically associated with physical appliances, even while utilizing virtual machines. Although it took some time for customers to fully grasp the benefits, as they weren't immediately clear, over time, they began to recognize the value it brings to their security infrastructure.

It offers us unified security management across hybrid CloudGuard deployments, as well as on-premises. The option to manage it bridges physical devices onto the data center. With consolidated logs accessible on the same management interface, it becomes highly convenient and straightforward to operate.

Comparing CloudGuard's network security to other solutions in terms of ease of use is challenging. Additionally, since we're already utilizing Check Point solutions, integrating it with hardware network security proves to be very straightforward and user-friendly.

We have a high level of confidence in the effectiveness of CloudGuard Network Security.

The SSL spectrum proved to be the most valuable for our incoming connections. This feature enabled us, for instance, to successfully prevent Log4J attack attempts.

New features have been introduced recently, but they have not yet been integrated into CloudGuard Vsec. It would be advantageous to have them implemented as they would improve the performance.

I have been using it for three years.

It provides excellent stability capabilities.

It offers good scalability abilities. We have a plan to increase the utilization of CloudGuard Network Security and its services in the future.

I am satisfied with the customer service and support provided. I would rate it eight out of ten.

Positive

In our deployment environment, each instance is strategically positioned at the forefront of the web servers within the data center, effectively serving its purpose. Specifically, it functions to regulate internet access for the servers and manage inbound connections from internet customers to the servers.

It's remarkably easy to deploy, by far the simplest. For instance, it only took us a few minutes to transition to production. This capability is incredibly beneficial, as it allows us to swiftly assist customers during emergencies by deploying a firewall and addressing any threats they may encounter.

Determining the return on investment can be challenging; however, we've observed other companies operating in the same sector with similar approaches. Despite encountering attacks, we have yet to experience any incidents. This absence of incidents serves as a metric for us, indicating the reliability of our alternative solution.

The pricing is highly competitive and advantageous, offering great value.

I recommend others to give it a try because of its simplicity in deployment, scalability, and usability. Overall, I would rate it ten out of ten.

We use it to analyze all the traffic in our network. It is the main tool for security services and networking in our company.

We increased our security score by introducing the tool. We are continuing to grow and improve. In terms of policies, we have a lot of benefits in terms of the security cluster and how it works.

CloudGuard Network Security provides unified security management across hybrid-clouds as well as on-prem. We have a hybrid scenario in the company. We have 3% of services in the cloud, and we can use the same clusters and the same policies that we have on the on-premise side for our cloud services. We have the same benefits for both.

We are pretty confident in our cloud network security using CloudGuard Network Security. We are not exactly an Internet-exposure company, but we have a cloud setup. We are pretty confident with its configuration assessment. With Check Point as our partners, we are protected, and we can be confident in our security.

Microsegmentation is very useful for us because we minimize the surface attack. The easy management of the policies is great for us because we are a small team and having easy management is great and useful for us.

At this point, we are very happy with what is happening with their horizon. At CPX, we heard that we can see all the things on the same platform. That is what we have been asking for, and hopefully, we are going to start seeing it this year.

I have been using CloudGuard Network Security since 2020.

It is stable. I cannot remember a time when we had any issues with it. Our operations are 24/7.

It is scalable. We do not have any problems with it.

We have had a good experience with the support and customer service, and we are happy with them.

I would rate them a nine out of ten. A unique issue that we have is related to the language. When the first level of support cannot resolve an issue and the issue needs to be escalated, we have a language challenge because the team is based in India. There are some limitations on both ends.

Positive

We used our cloud vendor's security but did not get as many details when we had any issues. We immediately moved to Check Point, and we are more confident of Check Point.

At first, we used Azure and Defender, and before we changed to CheckPoint, we used ESET. So, we had ESET and then we started rolling out Check Point. We had a mix with the cloud vendor solution, and then we went for Check Point.

We have a mix of on-premises and cloud. We use the Infinity services.

My team deployed it. I have three security engineers on the team, and with the help of Check Point, we deployed it. We upgraded very recently in December, and it was a good experience. It has been running well.

We used the services of a company based in Panama. With the Infinity contract, we had some professional time with Check Point, and they helped us set up some of the things. They reviewed some of the things that we deployed, so we have all the best practices.

I do not have a lot of details on that, but our uptime is pretty high. 

It is an expensive product, but when you realize that you need it, it does not feel so expensive.

We have had a good experience with them as partners. They have helped us with designing and having good architecture and the best equipment at the best prices. We find it a good deal. 

We evaluated Microsoft's security suite. The thing that made us decide on Check Point was that Check Point had the least zero-day attack score. We have a lot of solutions from Check Point, and we stayed with Check Point.

We are now not evaluating other solutions because, since 2020, we have chosen Check Point as our partner. It continues to be the best solution for us to improve our score. We are not looking for software solutions from other vendors.

We always keep track of the service and the score, and with Check Point, there has always been the highest score.

I would rate CloudGuard Network Security a ten out of ten. We are happy with the uptime and management. It is a good tool, and it provides a lot of value for us. We are happy.

Our primary use case is for segmentation and next-generation protection. 

Our clients choose CloudGuard as a natural progression of their solutions. They understand Microsoft and CloudGuard fits. They are vendor-oriented. They stick with Microsoft. They have a lot of experience with Check Point and this fits in. 

Check Point Management is the best and Azure management is also very good. It's simple and has high security. There are no additional costs which is one of the advantages. 

Compared to other solutions, CloudGuard is easier to use. 

I don't see much need for improvement. 

In Czech, we are a little behind the USA and Germany so we have matured in our mentality to move towards the cloud. 

Check Point could show us use cases that would help us in Czech and could help us with security threats in our specific country.

The level of confidence our clients have in their cloud network security using CloudGuard Network Security depends. Some are very confident but some are worried about information being exploited. When compared to other vendors, CloudGuard is the best when it comes to threat protection.

I have been implementing CloudGuard for our clients for four years. 

It's stable.

It scales well for our clients' needs. We have deployed over 2,000 servers.

Support is good for CloudGuard. It could depend on the support person who is helping us. Different regions offer different levels of support. Israel and US offer the best support.

Positive

It's easy for me to deploy. 

Every project needs different pricing. I believe that when we talk with the particular guys, we will find a price for the customer. They are flexible in terms of that because we need to be flexible, and we have many companies who are aggressive with discounts. 

I rate the overall product an eight out of ten. 

We use it to protect cloud infrastructure, workloads, and applications from advanced threats and attacks.

For our operations team, CloudGuard proved to be the ideal solution. Troubleshooting became much simpler as all traffic—allowed or blocked—could be found in a single point, the SmartConsole. Integrating CloudGuard with VMware was straightforward; we established a connection between Check Point Management and VMware, allowing for the automated deployment of CloudGuard in NSX as a service. This automation made deployment and management a breeze, allowing us to easily specify the number of CloudGuard instances needed, which would then be deployed automatically.

CloudGuard's integration with the SmartConsole ensured continuity for our administrators, who could continue using familiar tools and methods. The ability to manage everything within the virtual environment provided speed and flexibility. With CloudGuard, we could define rules to control traffic with precision, redirecting or blocking as needed. 

Check Point's approach of preventing threats at the outset aligns with this perspective, eliminating the need to constantly battle against incoming threats. This proactive stance instills a strong sense of security, as it significantly reduces the likelihood of breaches. Given our positive experiences and lack of any negative encounters with the product, we feel extremely confident in its ability to safeguard our environment effectively.

One of the most crucial and beneficial aspects of Check Point is its ability to consolidate and present logs in a clear and easily accessible manner. This centralized approach offers immense value, as it allows users to access all network security information from a single point, eliminating the need to navigate through multiple tools and sources. With Check Point, users can conveniently find and manage all security-related data in one centralized location.

Its centralized control, ease of use, and flexibility are the most valuable for our data center security.

The licensing structure is unclear, so a transparent and flexible licensing structure would be preferable.

We have been working with it for five years.

In terms of stability and reliability, the virtual machine running CloudGuard functions seamlessly and as anticipated, demonstrating no issues or disruptions.

Regarding scalability, you have the flexibility to deploy as many instances as necessary. If additional instances are required, you can easily add them to production by obtaining the necessary licenses.

While we haven't encountered significant issues necessitating support, we did face occasional challenges with perimeter gateways rather than CloudGuard itself.

Before this project, we collaborated with a sister company that utilized Cisco ACI, but it didn't prove to be the right fit. Considering our longstanding partnership with Check Point as our security provider, particularly for network and cloud traffic, choosing CloudGuard for East-West traffic inspection seemed like a natural extension. Additionally, observing our sister company's positive experience with CloudGuard on Cisco ACI further reinforced our confidence in the product as the best solution for our needs.

Initially, we sought the help of a partner for deployment, but for upgrades and migrations, we largely handled them ourselves. Fortunately, these processes weren't overly complex, and we found helpful documentation on the Check Point website to guide us through them.

When we initially adopted CloudGuard, we operated under a different licensing model based on the number of hosts. The licensing model has since transitioned to a cluster-based variant.

Overall, I would rate it ten out of ten.

For any private cloud data center leveraging software-defined networking through VMware or Cisco ACI, CloudGuard stands out as the optimal choice. It offers unparalleled flexibility and ease of management, making it the ideal solution for customers already utilizing Check Point in conjunction with virtual networks within their data centers.

Primarily, we are using it for deploying cloud firewalls on Azure to protect our applications. We are using TerraForm.

CloudGuard Network Security helps to streamline bringing in the hardware and putting the effort upfront to do the automation. It takes all that effort away from a human. It streamlines the process and provides security on the cloud.

CloudGuard Network Security provides us with unified security management across hybrid clouds as well as on-prem. It gives us one place to look. Security teams have common logging, and our SIEM integration is already built in. We have a gateway. It is logging for SIEM log servers, and they are being sent to our SIEM. No additional changes are required by anyone to know where to look. It is all integrated into our existing solution.

We are pretty confident in our cloud network security using CloudGuard Network Security. I would rate our confidence level a nine out of ten.

The ease of administration with the cloud management extension and the cloud licensing model is valuable.

I have not dealt with it enough to find any pitfalls.

We have been using CloudGuard Network Security for about four months.

So far, it is great. We use scale sets. We have deployed two gateways per region with the scale set settings of two to ten. We do not have much workload yet, so I cannot say how the scaling is working, but overall, I am sure we will be able to scale the gateways.

I did not need support for much of what we have been working on.

We mostly have a public cloud in Azure. Over the next few months, we are looking to port the same functionality we have in Azure to AWS. 

The deployment is simple as well as complex. The ARM template to deploy in Azure is very simple, but we have taken that and extracted it to do it via TerraForm. The migration to TerraForm is a little more complicated, but we made it work.

We have not gone far enough to know.

We are using our BYOL. We are using our existing Check Point discounts to work with licensing. Overall, it is very competitive. Its pricing is reasonable to me.

I have not evaluated other solutions.

I would advise taking a look at the solution. It performs well and integrates with our existing solutions. It streamlines processes. It is definitely worth a look.

Overall, I would rate it a nine out of ten. The solution is very similar to what we are doing everywhere else. It integrates well with the Azure services, but nothing is perfect, so I cannot give it a ten.

Check Point CloudGuard Network Security has a beautiful threat emulation different from the market. They have a threat extraction feature. The solution's zero phishing feature is pretty much commendable. The solution has one of the best reporting any vendor has in network security. The solution also has a CSPM or posture management tool inbuilt into CGNS or network security.

The solution’s technical support, DNS security and training could be improved. Check Point CloudGuard Network Security's training and reachability to the customer can be done a bit better. One recommendation from my side is that the handover of the tasks can be a bit better. If an engineer is on a ticket and their shift gets over, the smooth handshake between the two engineers can be a bit better.

I have been using Check Point CloudGuard Network Security for more than one and a half years.

Check Point CloudGuard Network Security is a stable product.

Check Point CloudGuard Network Security is a scalable product. I would recommend the solution to small, medium, and enterprise companies because it has a scalable model. The solution is over the cloud and can be integrated with any company.

Previously, I worked with Palo Alto, a direct competitor of Check Point CloudGuard Network Security. CloudGuard Network Security's threat extraction features, reporting features, and threat emulation are better than Palo Alto's. Check Point CloudGuard Network Security is more user-friendly than Palo Alto. On the other hand, Palo Alto has a bit better DNS security than Check Point CloudGuard Network Security.

Check Point CloudGuard Network Security is easy to deploy, and if you are unable to do it, you can get support from the OEM.

The solution's implementation depends on the customer's network scenario and policies. The initial setup doesn't take more than 30 minutes, and the rest can be done later.

Check Point CloudGuard Network Security's pricing is far better than Palo Alto's because Palo Alto is very expensive. Check Point CloudGuard Network Security comes at a price that even a small business can manage to buy, whereas Palo Alto would restrict you to enterprise customers. Check Point CloudGuard Network Security's licensing cost changes from country to country. The solution has different discount models across the globe in regions like Asia and Ireland.

People who want to implement Check Point CloudGuard Network Security should focus during the planning phase. If planning is done correctly and the prerequisites are matched perfectly, they won't face any challenges during deployment. But it's very important to check the prerequisites' limitations.

Overall, I rate Check Point CloudGuard Network Security nine and a half out of ten.