Check Point CloudGuard Network Security Reviews

We are using CloudGuard Network Security to protect North-South traffic or VPCs. We are using the CloudGuard firewall between the Internet and VPCs. All the traffic needs to pass through the firewall.

CloudGuard Network Security provides features, such as threat emulation, that native cloud solutions do not offer. AWS, Azure, and GCP have a lot of features, but you sometimes need to pay charges for specific features. With Check Point products, you have all these features in one license. You pay once and you can use everything.

CloudGuard Network Security improves our security against advanced threats. Others do not offer features like threat emulation out of the box. CloudGuard Network Security protects very well against advanced threats.

We have a high level of confidence in our cloud network security by using CloudGuard Network Security. The product is similar to what we use in traditional data centers. The infrastructure is almost the same. The way to manage the policies is the same. It is very easy to implement and manage CloudGuard networks. There is some difference when you are using auto-provision, but in the end, it is the same technology. It is easy for a traditional network engineer to work with CloudGuard.

We did not go for the cloud vendor's cloud firewall because we wanted to be able to manage all the firewalls, policies, and other things from a single point. 

The most valuable feature for me is that you have just one license. You can test and implement everything you need with one license. You do not need to pay for separate module licenses when you want IPS or other features. The license includes everything that you need.

The version upgrades need improvement. We faced issues while upgrading our CloudGuard Network Gateway. When we tried to use the template that Check Point offers on their site, it was not available for the second to the latest version, so I was forced to upgrade my management server. That was very challenging for us.

I have been working with Check Point CloudGuard Network Security for 8 years.

I cannot remember the last time I had an issue. It is stable, but every product has a few bugs. If you maintain the configuration and the versions, everything is fine.

We do not have any problems because we can use the auto-provision templates. If I need to scale up or scale down, I can do this. If there is any issue, it is very transparent. For example, if I lose my gateway, the manager will automatically create a gateway and bring everything up.

Their support is very good. Their response is fast. You can contact an engineer in a few minutes, but it depends on the severity of the issue. In the case of a high-severity issue, you can talk to an engineer to assist you with an issue.

Compared to other vendors our company has been working with, Check Point has better support. They have the best technical staff.

Positive

We only use Check Point products. In our data center, we are only using CloudGuard.

It is very easy. With a few clicks, you can implement your firewall. 

It is fair. Its license covers all the features. There is a cost-benefit. The licensing for the cloud is better than on-premises because, with on-premises, you have to pay separately for different things.

Overall, I would rate CloudGuard Network Security a nine out of ten.

My customers use the solution for technical and internal Azure resources, including remote access VPN.

Some retail customers find the scale-up and scale-down features valuable, particularly with scale sets. This is useful for handling increased loads on devices and utilizing firewalls, similar to on-premises setups with active standby configurations.

The solution allows customers to migrate workloads securely into the cloud space with a trusted vendor, maintaining everything under a single platform. This ensures visibility into their cloud environments similar to on-premises setups, all managed through a single smart console. 

Unified security management simplifies operations by providing visibility into both cloud and on-premises infrastructure. The skill set required to manage it remains the same for both environments.

The level of confidence in CloudGuard Network Security, both for myself and my customers, is very high. The product operates familiarly, consistent with what customers are used to, and it is a trusted name in the space.

Based on my previous experience, there were improvements, especially in in-place upgrades. Regarding cost, it might be potentially cheaper considering resource utilization in Azure and VM costs, but licensing could be improved, possibly moving towards a simpler model.

I have been using the product for four to five years. 

CloudGuard Network Security has improved its stability. It is a stable platform. 

The tool has improved its scalability over the four years. 

The support experience can be hit or miss. It depends on the expertise of the support representative. Some are highly skilled and knowledgeable, while others require more guidance. There might be room for improvement in this aspect.

Neutral

The tool's deployment is straightforward, whether through the marketplace or templates. It offers flexibility for making amendments before deployment. 

On a scale of one to ten, I would rate the solution an eight. The ease of deployment, the single management function, and the features it provides, especially in terms of scale sets and scaling, contribute to it being a solid platform. Many customers are increasingly interested in using it to protect their assets within Azure and AWS, which are the two main areas of operation.

If a colleague is considering purchasing the solution for its security features and licensing, my advice would be to ensure correct deployment. While the solutions are generally straightforward to deploy, there are nuances, especially in Azure infrastructure, that can make troubleshooting more challenging. It's crucial to either use a knowledgeable partner for deployment or ensure a clear understanding of the process before proceeding, as it may be more complicated than anticipated.

The solution helps protect network security by offering threat prevention, addressing vulnerabilities, and utilizing blades. 

We use it for the protection of our internal services. We're a Telco company, our internal users are on the machines. We also have some external services that we protect. We protect our customers and our public cloud with it.

VMware is our public cloud provider. 

Threat prevention is the biggest benefit we see from it. 

The network security is the most valuable aspect of CloudGuard. I am a network engineer so it's the most relevant feature to me.

CloudGuard Network Security provides us with unified security management across hybrid-clouds and on-prem. We manage all of those environments through this one solution. 

It's user-friendly. It's a multi-domain solution. CloudGuard is really, really good. 

I have experience with FortiGate and Cisco. I worked with them at previous jobs. FortiGate is easy and user-friendly when it comes to the configuration, but it is unstable in some countries and the routing tables have problems. The configuration of the network is in the same management platform, which might be better for some.

In comparison, CloudGaurd is very stable.

Cisco is hard to use, FortiGate is easy and CloudGuard is somewhere in the middle when it comes to ease of use. 

When it comes to identifying security threats, CloudGuard is really good compared to its competition.

I am confident that CloudGuard's Network Security can protect us. It enables me to sleep very well at night.

We utilize logging systems, and geolocation is crucial for us as some applications must only be accessible from our country. However, there have been occasional issues with this feature. It drops requests. It's not always precise. 

I have been using the product for two years. 

My team has been using it for five to six years. 

CloudGuard Network Security is very stable. 

We have 28 licenses. We have 800 servers on our private cloud. 

Their support is fast. They answer quickly.

Positive

We integrate with NSX. The setup wasn't hard.

We have seen ROI. It saves us time because it's stable. It's easily administered. We have time to do other tasks. It is easy. 

Licensing is complicated. When a license expires, we have to renew it and the process is complicated. They should make the process easier.

Using CloudGuard Network Security saves time due to its stability and ease of administration. The solution is not complex, allowing administrators to focus on other tasks. The configuration process is straightforward. It can integrate with NSX. 

I rate the product a nine out of ten. We manage a total of 800 servers that host a variety of components, including our infrastructure, customer applications, databases, application sites, and disaster recovery systems

We use the product as an internal firewall between Azure, on-premises, and the internet. 

The tool's most valuable features are the REST APIs that help to automate the deployment and maintenance process. It helps us to reduce time to 15-25 minutes compared to the manual process which used to take around two to three hours. 

It eliminates the need to manually import hundreds of IP addresses into firewalls and architecture objects. This process now happens automatically. 

The tool helps us to automate processes. Operating it is relatively easy, especially for standard tasks like implementing firewall rules for source, destination, port, or URL. Our team can handle these tasks. 

We miss full blade support for all blades that are compatible with the cluster. Especially notable is the lack of support for Identity Awareness in active standby environments for customers. In our setup, transitioning to Connective clusters would be preferable for maintaining connections during failover situations.

I have been using the product since 2016. 

The product is stable. 

CloudGuard Network Security's scalability is easy. 

The tool's first response is usually prompt, and issues are generally resolved. Additionally, the support team proactively follows up, reminding us to provide necessary details when we might be on a high workload.

Positive

The deployment experience varies depending on the structure of your environment. In our case, we invested significant time in designing our network and aligning it with our existing Check Point environment. Once the overall design was complete, the actual deployment was straightforward. We have automated most of the process, enabling us to set up the environment within a few hours. Additional nodes can be added in just 20-30 minutes.

We had evaluated Barracuda before CloudGuard Network Security. We chose CloudGuard Network Security since Check Point knowledge was available in-house. 

Invest time in analyzing the templates provided by Check Point and tailor them to your specific requirements. Understanding the deployment process is crucial, as it allows you to benefit from it in later stages. You can optimize it later based on the needs. I rate the overall product a nine out of ten. 

In my company, we use the solution just to secure my AWS Network Insights and inside production. We use it for security purposes.

With the solution, we just need to filter the traffic coming from the internet and Direct Connect. So it filters the traffic, basically. It permits access. In short, it just filters the traffic and permits the traffic. The aforementioned details are the purposes for which we use the tool.

We use the tool as a basic firewall. It's a technical firewall. As a technical firewall, we use SmartConsole or Check Point Firewall.

The deployment phase takes too much time. I would like the deployment to be faster.

I have been using Check Point CloudGuard Network Security for two and a half years. We are using Check Point R80.10 SmartConsole in our organization.

Stability-wise, I rate the solution a seven out of ten since it takes too much time for deployment. However, it is flexible since we used to push the policy normally. It takes hardly ten seconds to install the policy. It's much easier.

I have been using the solution in my company for the last year. Other than the employees in my company, more than 25,000 users are using the solution hosted on AWS.

Basically, the application, which is hosted, is used internally. It's the same user account because it's not exposed anywhere on the internet. If anyone wants to access the solution from the internet, the traffic comes from Direct Connect, and from Direct Connect, it goes to AWS.

The initial setup was not much complex. The setup phase was good enough to be able to navigate through it.

It took a long time to deploy it. We need to run this on EC2 instances, so it took almost two hours to deploy the solution. After deploying the solution slowly, and gradually, we have to push the policy on the firewall. It takes time to deploy, but it's a stable one.

The solution is deployed on the cloud. It's a software we install in EC2 instances on AWS, which we use as a firewall.

We currently have six to seven resources managing the deployments and maintenance.

During deployment, we took technical help from Check Point.

It is a good-to-use tool that is also flexible.

Overall, I rate the solution a seven out of ten.

We have been using Scale Set with Check Point. We use it to scale up and down in Azure depending on the workload. It is scalable, and it is easy to scale up and down depending on the usage. If we have a lot of traffic, it automatically adds a new firewall, and if the traffic slows down, it just removes the firewall. I do not need to worry about the load because it would not be an issue when scaling.

The management server provides unified management. We save a lot of time by not having to log in to different platforms. It is good to have everything in the same place. It saves maybe half an hour a day.

We get good insights into security, and we are more secure because we have more insights than we would get from other products.

We are having issues with updatable objects in the Scale Set solution. It needs to be fixed by Check Point.

The setup instructions are not correct. They should be corrected. We sent the product feedback last week. Several things were misspelled and incorrect in the documentation, and it got updated.

We have been using Scale Set with Check Point for about four years.

We do not have any issues with the product. Usually, the issues are with the Azure platform, such as an Azure host going down. It is not a Check Point issue.

I have been working with Azure Firewall for five years. It is a lot smoother to work with Check Point. When it comes to rule sets and IPS, Azure Firewall does not have too many functions. It does not look nice, and it is not easy to make rules. It is a lot of a headache to work with Azure Firewall. It also costs a lot more.

We cannot get any fancy reports from Azure Firewall the way we can from Check Point. We do not have any insights with Azure Firewall. We get a lot better insights with Check Point.

It is easy if you know what to do. If you follow Check Point instructions, it is hard because the instructions are not correct.

I do not have too much to compare to, but if I compare it with Azure Firewall, Scale Set is quite good. It has quite a good price.

I can only speak for Scale Set. I would rate it an eight out of ten because it is a good solution. I like it.

My main use cases for CloudGuard Network Security are to scale the technology for protecting and filtering traffic within AWS and Azure environments.

The main challenge I was looking to address by implementing CloudGuard Network Security was the need to establish a firewall on our cloud perimeter for enhanced security.

The flexibility to rebuild the firewall in CloudGuard Network Security has helped our organization eliminate downtime.

CloudGuard Network Security has improved our organization by allowing us to easily deploy firewalls from the cloud wherever we might need them.

The most valuable feature I have found in CloudGuard Network Security is the flexibility to rebuild the firewall as needed.

CloudGuard Network Security could be improved in the area of upgrading in place.

I have been working with CloudGuard Network Security for five years.

The scalability of CloudGuard Network Security is very good and we can scale it as needed.

Check Point's service and tech support are very good, especially since we have access to their Diamond-level support. I would rate the support as a ten out of ten.

Positive

I find the pricing and licensing of CloudGuard Network Security to be pretty straightforward.

The main benefit we have seen from using CloudGuard Network Security is the ability to filter traffic by URL. We realized these benefits approximately six months after deployment.

Unified management of the firewall has positively affected our security operations by making it easy to manage from one place.

My advice for those evaluating CloudGuard Network Security is to remember that licensing is critical, so ensure that central licensing is configured properly.

Overall, I would rate CloudGuard Network Security as a ten out of ten.

I like the tool's ability to manage cloud traffic locally without routing it through our data centers.

The product needs to improve technical support.

I have been using the product for four years. 

The tool's support has been excellent. We can maintain our Check Point Firewalls effectively, both on-premises and in the cloud.

Positive

The tool's monthly costs have undergone a significant reduction, dropping from approximately 12,000 euros to around 4,000. This represents a cost reduction of over 60 percent. However, it's essential to note that while costs decreased in some areas, they increased in others due to shifts in our environment. As our overall environment has grown, currently connecting 50 accounts to the cloud, it's challenging to directly compare costs with the state of our setup three years ago.

Initially, we faced some challenges, especially with the AWS transit gateway, involving manual routing configurations and complex setup tasks. I rate the overall product a nine out of ten.