Check Point CloudGuard Network Security Reviews

We primarily use it for egress internet traffic for four clouds, as well as between clouds to on-prem. Those are the main use cases. We have another small use case for ingress traffic, but it is a very small use case right now.

By implementing CloudGuard Network Security, we wanted to get network visibility in our clouds. That was the main point. We also wanted to provide a segregation layer with stateful inspection with all the next-generation features, such as IPS.

CloudGuard Network Security certainly has made our organization more secure. Our business partners cannot inadvertently open up the access that they should not be just to get things done. They now have to go through our firewall. We have got the inspection layer. Our security organization can see threats if they come in and take action on them. We were able to realize its benefits almost instantly.

CloudGuard Network Security provides unified security management across hybrid-clouds as well as on-prem. We heavily use global policy to join on-prem and the cloud, as well as multiple clouds. It is a huge benefit for us as we can set a global standard for policy and then push that across all the different security zones.

We are very confident in our cloud network's security. We have had many years of experience developing it, so we were very aware of the design and the solution within each cloud. We are confident with how we deploy it, and we have plans to make it more efficient as we go.

Most recently, it would be the dynamic objects or datacenter objects. The query feature is going to be a game-changer for us as we move forward. It simplifies our policy, and it gives us a way to dynamically learn and discover things in the cloud instead of having a static way.

Currently, we are struggling with licensing just because of the pace and growth of our cloud. Keeping up with licensing for new regions and new gateway usage is certainly something we are looking into. We are working with our accounting to figure out how we can improve. The licensing piece is big for us.

We are at the place where we are looking at better integration with the management system. We use an MDS today, and it is self-deployed. We want to get to the Smart-1 Cloud, but we do not know what that looks like today because it does not support a multi-domain setup. Smart-1 should either be able to do multi-domain or there should be some form of taking a multi-domain environment and putting it in Smart-1.

I have been using CloudGuard Network Security for probably five years.

From our experience in five years, it has been very stable.

It seems to be very scalable. We have plans to increase the usage of CloudGuard Network Security.

We do scale sets across our clouds and across many regions globally. The number of applications behind it is in the hundreds if not thousands.

It is an excellent service. I would rate their support a nine out of ten. Improving a little bit in the smaller clouds such as Oracle and Google would help a lot.

Positive

We did not specifically use any similar solution in the cloud. It was brand new.

We have a public cloud and then a hybrid with on-prem. We have AWS, Azure, Google, and Oracle.

In terms of the version, on-prem, we use Maestro, and in the cloud, we use the latest CloudGuard. We use the software version R80.40 and are about to upgrade to R81.20.

Its deployment was a little complex for us because we have a very large cloud environment and we are multi-cloud. We had an existing estate, so it was hard to put a firewall in the path and not break things.

We are still implementing it because we are taking a cloud-by-cloud approach. We have done AWS and Azure. It took probably two years to do that, so I would assume that for Google and Oracle, it is going to take at least a year.

In terms of the implementation strategy, we first develop the IEC for the code to deploy it, and then we deploy it and test it in a sandbox environment. We then deploy it to non-prod and roll it out to those regions, and after that, we would do the same with prod.

We implemented it ourselves.

We have seen an ROI, but I do not have any metrics.

Pricing-wise, it is pretty competitive. However, I would like to see more flexible licensing. There should be more of a consume what you need and true-up type of model.

In the past, we have evaluated other solutions. When we tested them, they did not have the same feature set or functionality that CloudGuard had. When I initially tested years ago, the scaling probably was not as efficient. The support was also a big factor. The support that we got from those vendors was not as good as from our account team with Check Point. 

When we looked at the cloud provider firewalls, they did not match up to what Check Point could do with the various deep packet features and functions like IPS. The feature set was the main difference. At the time, the cloud providers could not provide IPS or deep packet features. That was a big driver for us with Check Point. The fact that we could not integrate policy with our on-prem firewalls, which were from Check Point, was another big driver because we wanted a unified policy. Our existing relationship with Check Point helped as well.

To those evaluating CloudGuard Network Security, I would advise certainly engaging with the Check Point account team. Get their solutions team to help you walk through the solution and talk to others in the industry about their experiences.

The biggest lesson that I have learned from using this solution is to deploy it as soon as you can in your cloud journey.

I would rate CloudGuard Network Security a nine out of ten. 

We are using CloudGuard Network Security for comprehensive security. We have hardware appliances from Check Point, and we also have their firewall installed.

CloudGuard Network Security provides unified security management across hybrid-clouds as well as on-prem. It has improved our security posture. 

CloudGuard Network Security helped reduce our organizational risk. It has not yet helped us save time and costs because we are understaffed. However, it has helped to see what is happening and what we should mitigate or allow to happen.

It gives us all-encompassing security and overview. Previously, we did not have any kind of overview of what was happening with the network.

The interface is unifying all the data in one place. I can see the network side and the policy attached to using USB devices. Everything is stored and related.

A Check Point problem was that there were different solutions, and each had its own interface, section, and logs. Things are going great with the new feature that consolidates all the data from those systems in one place. Right now, I am not sure what improvements are needed. We are having occasional issues related to gateways, but we are still analyzing it.

I have been using CloudGuard Network Security for the past six months since I joined the company.

Until now, it has been stable, but we have had occasional issues with two gateways that used to break or are broken. We are not sure yet. We are still analyzing it. We might be sending it to the warranty team.

We implemented it keeping in mind all the requirements in terms of licenses, hardware, and other things. Everything is pretty much as we needed. We have no plans to upscale it. However, I am waiting for the OS version R82 to see how we can add more data on the fly.

So far, customer service has been almost great. We have had some issues, such as needing to escalate every time because one gateway was not working at some point. We had an endless loop of emails trying to fix this, and the suggestion was to reinstall the gateway and do it from scratch, which was not an option at that point because it would leave that specific location without access, and business hours did not permit it. Other than that, things went smoothly most of the time.

Positive

Previously, we only had security with a basic VPN and firewall in place.

I would rate CloudGuard Network Security a nine out of ten.

I use it to protect our public cloud workloads today. It safeguards them directly from the internet and also from the corporate network. We have interconnected our Azure environments with our on-premises network, including our data centre. CloudGuard Network Security helps protect workloads within Azure from both the corporate network and the internet.

CloudGuard Network Security has significantly improved our operations. Its automatic scaling capability, based on the network load, eliminates the need for capacity planning. 

We don't need capacity planning anymore or do proactive actions in order to always have that capacity planning, it does it automatically. Our network engineers now focus on administering the entire cluster rather than managing individual members and their loads.

Our confidence in our cloud network security is pretty high, largely because of central console management. It ensures that we have uniform threat prevention policies applied globally, which significantly boosts our confidence in the system.

The most valuable feature for us is the scale set, which allows us to scale horizontally, vertically and dynamically depending on the traffic load.

It provides us with unified security management across both CloudGuard and on-premises environments. We use CloudGuard Network Security for Azure and have a single management console that allows full visibility into logs and consolidated logs across all environments. This ensures we maintain consistent IPS, IDS, and threat prevention policies across all regions and data centres.

There is room for improvement in the integration with PaaS services from the public cloud. It would be very helpful. A more cloud-native approach is needed because even it is PaaS services require public cloud resources, even if the traffic load is low. These resources are still required for high availability and resiliency.

So, a full PaaS solution with improvements on that end, basically.

I have been using it for five years now. 

We have many different firewalls worldwide in our environment. Check Point support provides direct, 24/7 support, even when some components may be outdated. Since almost 95% of our hardware is supported, they're still able to provide support for the remaining 5%, which is greatly appreciated.

Positive

We opted for CloudGuard primarily due to two factors, which ultimately became three. 

• First was the Azure consumption cost, which was lower compared to competitors. 
• Secondly, its plug-and-play capability is straight out of the box, as deployment is directly made from the Azure Cloud Marketplace. In contrast, with competitors, you have to manually import and deploy the image they provide, which isn’t off the shelf. 
• The third factor was the scaling solution offered by CloudGuard, which we found to be the fastest.

I was involved. It was straightforward, out of the box, plug and play. 

We didn’t use a reseller or integrator; it’s really simple to deploy, and we had the capability to set it up on our own.

I haven't calculated it because we deployed CloudGuard Network Security as part of our cloud journey. The ROI wasn't calculated solely on that part; it was more about the overall process of closing the data centre and moving to the cloud.

The licesning has some good features. For example, the scaling feature is free of charge, allowing multiple scale-ups and scale-downs over a two-week period, which is pretty good. 

However, since we are still on an IaaS infrastructure, we end up paying for firewalls that are operational without actually handling traffic loads. This is why a PaaS approach would yield more benefits for us.

Overall, I would rate the solution an eight out of ten. The reason it's not a ten relates to the need for a more cloud-native solution that fits today's requirements. The deployment was five years ago, and we're still waiting for Check Point to evolve to truly have cloud-native capabilities.

I'd advise looking into the scale set feature and the out-of-the-box capability, which were really the silver bullets for us. It was a strong requirement, and if anyone is seeking that kind of solution, I would greatly recommend it.

We mainly use the firewall part. We use it to interface with our cloud environments.

We have a CloudGuard firewall in place, and we have Azure or AWS networks at the backend. We use it to secure workloads and be a bridge to our on-prem as a hybrid solution.

It makes securing our cloud workload super easy, and we are able to push any sort of policy changes we need pretty quickly. It is a lot better than the native cloud firewalls that are available in terms of ease of use and features. Check Point IPS is way more advanced than the native cloud firewall solutions.

CloudGuard Network Security provides us with unified security management across hybrid clouds as well as on-prem. It is fantastic. It makes our security operations a lot smoother because we only have to push policy once to our cloud firewalls and our on-prem firewalls. We can select whichever firewalls we want and hit install. The changes are made across all different types of devices. We had evaluated the native cloud firewalls for a specific use case, but we saw that Check Point firewalls were superior in the aspects that we were looking at for our requirements. 

We just set up the firewalls and forget about them. We only have to do jumbo hotfix upgrades on the major version upgrades. For the most part, the uptime on them is fantastic. We do not have any downtime on them, so we never have to worry about them, which is why I do not have a lot of experience with them. We just set them up and forget about them.

CloudGuard Network Security has been fantastic in terms of identifying threats. Being able to log those cloud firewalls to the same place where all of our other Check Point firewalls are is a huge plus because we can see where something gets prevented by IPS or something like that.

We only use it for the firewall, so it is about security.

I want the upgrades of their CloudGuard solution to major versions to be easier. We have had a few small hiccups. They have different types of cloud clusters called Geo Clusters, and those just cannot be upgraded past a certain point, which is a hurdle that we are currently experiencing.

We have been using CloudGuard Network Security for four years.

Its stability is amazing. We have never had any weird downtime issues with our CloudGuard firewalls.

We do not use any of the auto-scaling features that Check Point provides. We do not have a use case for it, so I cannot attest to that.

When you get the right person, Check Point TAC is fantastic, but sometimes, it can take a while to find the right tech engineer to be able to answer your problem within a reasonable amount of time. Most TAC engineers can answer a question, but some might take longer than others. I would rate their support an eight out of ten.

Positive

It is super easy to deploy. In a few clicks, it is up and going. 

I deployed it myself.

We have definitely seen an ROI, but I am not sure how to quantify that. I am satisfied with it. 

It is definitely easy to use and simple. Compared to the native cloud firewalls where if they do not have a feature, you are out of luck, I feel that Check Point has a very superior feature set.

I like the flexibility because I am pretty sure you can use the same license on Azure or AWS. I forgot the name of the license, but there is a specific type you can use that lets you interchange them, and that is pretty good. I like that. 

I would rate it a nine out of ten. The only reason it is not a ten is that sometimes there are hiccups when we have to interact with it, such as while upgrading. These are small things, but I wish it was more seamless than it already is. It is already pretty seamless, but there can always be improvements.

We have deployed CloudGuard in our environment to protect conversations between different network segments. For example, we can protect north-south traffic and east-west traffic.

We deploy our production workload in different cloud provider environments, such as GCP, Azure, AWS, and IBM.

CloudGuard Network Security enhances our network security from an end-to-end connectivity point of view. We can deliver high-performance security to our different functional teams to support our business.

CloudGuard Network Security provides us with unified security management across hybrid-clouds and on-prem. We have one unified platform to manage on-premises gateway and CloudGuard gateway. We have a unified and standard way to ensure compliance and enforce all the definition requirements and process outcomes.

Check Point is at the top end of the market when it comes to security and threat prevention. They have a service called ThreatCloud. We get frequent updates from ThreatCloud. We can look at the numbers, signatures, and bad IPs they provide to us, and we can compare this information with other vendors or competitors. It gives us confidence that they are better in terms of threat detection.

All the features that we subscribe to from CloudGuard NGTP are valuable. All the threat prevention and access control features give us the network security that we expect.

From the policy optimization point of view, they can do better. This is not just for CloudGuard. CloudGuard is one little piece managed by Check Point. They can also integrate a third-party policy management solution to improve that. For example, Tufin is focused on policy optimization and management.

They can also offer solutions faster to address customer concerns.

We have been using this solution for five or six years in our environment.

Check Point overall is pretty stable. We can rely on them. This is one of the key reasons why we stuck with Check Point for more than 20 years.

It is good. They have all kinds of solutions from on-premises to the cloud. There might be some limitations to their partnership with certain cloud providers. They can speed up to give us better solutions, especially for CloudGuard. I know some competitors offer solutions to address customer concerns faster than Check Point. It is an area for improvement.

Our experience has been good. Their sales engineers and support engineers are pretty good, but they also have some gaps. They can improve that. I would rate them an eight out of ten.

Positive

We have seen an ROI because they fixed the gap. We were able to put a solution to fix a gap. It gives us confidence about how secure our environment is.

We have a pretty good partnership with Check Point. We have a global subscription and agreement. They give us a pretty good corporate discount.

We have a global subscription to cover everything, not just the cloud but also the on-premises gateway. We have all the threat prevention subscriptions as well, which makes us stick with Check Point. Even though we get a better price offer from competitors, this global discount makes its pricing a better deal for us.

Before deploying it, we did compare it with other vendors. We looked at the major players in the market, such as Palo Alto and Fortinet.

We did not go for a cloud-native solution because they could not provide the same security as Check Point. We deployed CloudGuard in all of our cloud environments because we felt that their native solutions could not satisfy our requirements. We were also able to add selective threat prevention features, which native-gateway solutions might not have had. This is a value-add when we deploy CloudGuard in a cloud.

CloudGuard Network Security is easy to use for us. Because we have been using Check Point, it is easier for us to integrate new features, rather than deploying a new environment.

Overall, I would rate CloudGuard Network Security a nine out of ten.

We are primarily using it for access control for our various cloud environments from our on-prem resources.

By implementing CloudGuard Network Security, we wanted granularity and control of the traffic going through our different BDCs within AWS. We use one there. We also wanted identity awareness for going into cloud resources.

CloudGuard Network Security gives us access and visibility into what is going on in our cloud environments. Previously, we did not have any cloud instances. We were just managing the on-prem and then letting it go. It gives a lot of visibility. We could realize its benefits instantly.

CloudGuard Network Security provides us with unified security management across hybrid-clouds as well as on-prem. We were able to manage all of our cloud environments from one central place. We have got CloudGuard in Azure and AWS restricting traffic between those hybrid cloud environments.

We feel very confident in our cloud network security by using CloudGuard Network Security. We get what we would expect with an on-prem firewall. We get all of the functionality and security that we would expect from an on-prem firewall in the cloud. We did not go with our cloud vendor's cloud firewall because they were not able to meet a lot of the security standards that we needed.

The ease of deployment has been nice. It is like managing any of our on-prem firewalls.

The only pain points we have had with it were when we did major version upgrades. Rather than being able to do incremental upgrades on those, we had to completely redeploy. I know that has changed recently, but we had some hiccups when we did the upgrades. This is the only issue we have had.

We have been using CloudGuard Network Security for over four years.

It is very stable. I would rate it a ten out of ten for stability.

It scales pretty easily. At this time, I am not aware of any plans to increase its usage.

Their support is great. I would rate them a ten out of ten.

Positive

We did not use a similar solution previously.

It is a private cloud. We have it in both our private Azure and private AWS restricting access between the individual BDCs and on-prem environment and between the two different cloud environments as well. 

It is primarily deployed by one team, but multiple clients use the cloud services.

I believe we have seen an ROI. We are able to manage it from an already existing management server that we are using for on-prem. Not having to have another product that we are managing outside of Check Point is a big plus.

We looked at cloud-native firewalls. They were not able to meet the security standards that we were able to get by using CloudGuard.

We looked at their IPS solutions with the cloud-native firewalls, but we could not go as granular. With CloudGuard Network Security, we could see the individual protection and fine-tune it.

CloudGuard Network Security is also easier to use than other solutions.

I would rate CloudGuard Network Security a ten out of ten.

Our primary use case is for segmentation and next-generation protection. 

Our clients choose CloudGuard as a natural progression of their solutions. They understand Microsoft and CloudGuard fits. They are vendor-oriented. They stick with Microsoft. They have a lot of experience with Check Point and this fits in. 

Check Point Management is the best and Azure management is also very good. It's simple and has high security. There are no additional costs which is one of the advantages. 

Compared to other solutions, CloudGuard is easier to use. 

I don't see much need for improvement. 

In Czech, we are a little behind the USA and Germany so we have matured in our mentality to move towards the cloud. 

Check Point could show us use cases that would help us in Czech and could help us with security threats in our specific country.

The level of confidence our clients have in their cloud network security using CloudGuard Network Security depends. Some are very confident but some are worried about information being exploited. When compared to other vendors, CloudGuard is the best when it comes to threat protection.

I have been implementing CloudGuard for our clients for four years. 

It's stable.

It scales well for our clients' needs. We have deployed over 2,000 servers.

Support is good for CloudGuard. It could depend on the support person who is helping us. Different regions offer different levels of support. Israel and US offer the best support.

Positive

It's easy for me to deploy. 

Every project needs different pricing. I believe that when we talk with the particular guys, we will find a price for the customer. They are flexible in terms of that because we need to be flexible, and we have many companies who are aggressive with discounts. 

I rate the overall product an eight out of ten. 

My company uses the solution as an Edge firewall and East-West firewall. 

The tool's most valuable feature is its management console. 

Check Point CloudGuard Network Security needs to improve the management of the actual firewalls. Improvement is also needed for the consolidated UI of different security aspects. 

I have been using the product for a year and a half. My company has been using it for eight years. 

We recently had some issues with stability, so it's hit or miss. It seems to have more minor bugs than other platforms, but overall stability is the same.

The speed of the support's response varies. Sometimes, you can get a good engineer who can give you the right answers. 

Neutral

I have used Cisco, Fortinet, Palo Alto, and SonicWall. The worst ones on the list are Cisco, Fortinet, and SonicWall. Palo Alto is better in some areas. Check PointCloudGuard Network Security is top in terms of actual security. But in terms of managing the whole platform, I would put it below Palo Alto.

Check Point CloudGuard Network Security's deployment is easy and takes two hours to complete. 

I did the solution's deployment myself. However, I connected with the consultants whenever needed. 

We've been secure and haven't had any security breaches.

The tool's pricing is been higher than other solutions, but it seems like it's turning downwards.

I rate the overall product a seven out of ten.