Check Point CloudGuard Network Security Reviews

Our primary use case for CloudGuard Network Security is to secure the cloud environment where we host our backend systems. The platform helps to guard the network security of our infrastructure by securing the traffic and preventing cyber threats. 

It also ensures compliance with industry regulations. Moreover, it integrates easily with AWS and Google Cloud, allowing us to apply a unified security policy throughout our cloud infrastructure.

Check Point CloudGuard has been very helpful in maintaining a high level of security across our cloud environments as our apps integrate with multiple cloud services. 

It ensures secure communication between services and user devices, protecting sensitive data like user information and financial transactions. This has resulted in increased client satisfaction and retention, particularly in sectors requiring stringent data protection like finance and healthcare.

One of the most valuable features is the automated threat prevention, which helps us detect and block potential cyberattacks in real-time, minimizing data breaches. 

The ability to integrate with multiple cloud platforms provides a centralized view of our applications, enhancing security management. The solution also offers real-time visibility and protection against network threats.

The user interface could be more intuitive, and the initial setup and configuration can be complex, requiring a technical team. 

Additional improved documentation and support would make it easier for beginners and small-scale startups. Furthermore, the pricing model is quite expensive, which could be a barrier for smaller companies.

I have been using the solution for approximately one year.

The platform is quite stable. We have not faced any difficulties with its stability.

The solution is very scalable. I would rate its scalability as nine out of ten.

My experience with customer support has been positive. They are responsive and knowledgeable, available twenty-four by seven. However, they could improve by providing documentation for offline issues to better assist users who may not reach out to them directly.

Neutral

Before using Check Point CloudGuard, we managed security through a team of experts. Due to budget cuts during a recession, we switched to using this solution to maintain our security standards.

The initial setup was quite complex, requiring a technical team to understand the processes and implement the solution. More intuitive configuration tools and better documentation would be helpful.

We deployed the solution with a team of fifty-seven people, including cybersecurity engineers and cloud experts, along with support from customer service.

Implementing CloudGuard has resulted in an excellent return on investment over one hundred percent ROI. It has saved costs in our security team, saved potential security breach costs, and enhanced client satisfaction.

The pricing and licensing are expensive, costing between seven thousand to eight thousand dollars. While it offers good features like threat prediction management, reducing the cost will make it more accessible to a broader audience.

We have not used other network security solutions before Check Point CloudGuard.

It is important to prioritize security if managing data in multi-cloud environments. Having a technical team familiar with cloud security is recommended. Working closely with Check Point's support team can help in navigating complex terminologies and enhancing security across cloud platforms.

I'd rate the solution eight out of ten.

When we build security for companies, we use the cloud of services for building and configuring networks and Security on the company Network, including EDR or XDR on the computers, routers, and switches.

The customer gets reasonable security for their network at a reasonable price, except for Check Point's expensive router. Overall, the product is reasonably priced.

The router's anti-bot feature and network security for detecting malware and preventing its spread are critical components. Additionally, there are other features like antivirus, anti-malware, and a firewall. The anti-bot feature can detect if one device is hacked and has malware. It monitors the communication to and from this device and can detect and block the malware when it spreads to other computers on the network.

Every good security product requires a company with many research departments and staff. This ensures that the product is always up to date on the most relevant security threats. An excellent expert team of researchers on vulnerabilities and new cyber threats could exist.

They should start integrating AI more into the product to make it easier to use

I have been using Check Point CloudGuard Network Security for one year and a half.

The product is stable if deployed correctly. I rate the solution’s stability a nine out of ten.

I rate the solution’s scalability a nine out of ten.

The initial setup was neither easy nor difficult.

The product is expensive.

Check Point is a reliable company for network security. I trust them to protect my resources when using their products. However, their solutions could be improved to be more user-friendly and easier to integrate.

I recently implemented Check Point CloudGuard Network Security for our company's new customers. I installed the features and products after consulting with them. Setting up the network configuration was moderately complex and required careful attention. Check Point offers extensive configuration options, providing enhanced control and security, although it may require more setup effort initially.

I advised others to configure their product correctly.

Overall, I rate the solution an eight out of ten.

We've implemented CloudGuard in Azure, configuring it as firewalls and file management systems. These functionalities skillfully oversee our API application and various aspects of our data center environment. Our entire infrastructure, hosted within Azure's data centers, is effectively managed by CloudGuard, ensuring comprehensive security coverage.

One of the notable benefits we've observed is the ease of deployment in our environment. It offers remarkable flexibility in how we configure and utilize the resources. This flexibility allows developers to seamlessly collaborate with network security experts to ensure that our applications are secure. This level of assurance has instilled confidence within our teams, knowing that we're deploying solutions that will be effectively managed.

CloudGuard Network Security offers unified security management across hybrid cloud and on-premises environments. With this comprehensive feature set, we benefit from enhanced flexibility. We can seamlessly manage both on-premises and cloud environments from a single interface, simplifying our operations and providing a centralized view of our data.

On a scale of one to ten, our confidence level in CloudGuard Network Security stands at an eight. This rating signifies that it surpasses the average level of confidence. While we acknowledge that there's always room for improvement in technology, we believe that CloudGuard Network Security has demonstrated its effectiveness and reliability.

The data center objects, checks, and other components are thoroughly examined, allowing us to incorporate them into our policy definitions. This approach has proven to be highly effective, akin to the standards typically seen in on-premises environments.

There is room for improvement regarding the technical support provided. Having a more refined and advanced feature would offer significant benefits.

I have been using it for three and a half years.

In terms of stability, it's rock solid. I haven't encountered much trouble over the past three and a half years.

It performs well in terms of the use case scenario where deployment is required, and its scalability is satisfactory. Overall, I would say it's good enough for our needs.

In terms of tech support, I would rate it a four on a scale of one to ten, which is lower than it used to be. Previously, I would have rated it a seven. Over the years, I've noticed a decline in the technical expertise of support staff. While I have extensive experience with Check Point products spanning fifteen to twenty years, I find it increasingly challenging to get the level of assistance I need. Support personnel nowadays seem to specialize in only one or two products, making it difficult to get comprehensive assistance for complex issues. This lack of holistic understanding delays problem resolution and frustrates customers.

Neutral

We've been loyal users of Check Point products for quite some time now. The company has a strong reputation in the industry, and I have more experience with Check Point products compared to others. It offers some of the best services available in the industry.

When comparing CloudGuard Network Security to other solutions for identifying security threats, it emerges as one of the leaders in the field. Our statistics demonstrate its effectiveness, with a notable ninety percent or higher success rate. Check Point covers the majority of our security needs, achieving a remarkable ninety-nine percent success rate, which is among the best in the industry. In terms of setup and reliability, we have a strong preference for CloudGuard.

We opted not to proceed with our vendor's cloud firewall solution because it lacked a comprehensive understanding of our network infrastructure. These solutions are primarily tailored to the specific environment of the vendor, which may not align with our needs. Instead, we prefer utilizing an NGFW appliance or a more versatile NBI device, such as those offered by Check Point. This approach allows us to avoid vendor lock-in and leverage familiar security devices. By partnering with third-party vendors like Check Point, we gain flexibility and can choose products specifically designed for security purposes. This contrasts with relying solely on the cloud service provider's offerings, which may prioritize their products over comprehensive security. In my opinion, solutions like those from Check Point offer a more mature and reliable approach to network security.

During the initial deployment phase, we encountered a learning curve as we transitioned from traditional firewall deployment methods to cloud-based environments. One concern was whether the throughput would match that of physical appliances. However, we ultimately found the performance to be satisfactory and were pleased with the results. We engaged with both Check Point and third-party experts to assist with deployment, given that it was a new process for us. Drawing on their expertise proved invaluable in navigating the deployment process smoothly.

The return on investment has become evident over the past three years. As a global company, we've successfully migrated over two hundred applications from on-premises to the cloud. This transition has provided us with greater flexibility and enhanced security measures, allowing us to efficiently patch and maintain applications without significant downtime. Overall, it has significantly improved our operational efficiency and streamlined our processes.

We explored both pay-as-you-go and build-your-own-licensing models, and found both to be competitive. While everyone desires lower prices, we're content with the current pricing structure, as it meets our needs effectively.

Overall, I would rate it seven out of ten. 

CloudGuard Network Security ensures that there is integrity and secure network services in the enterprise. It gives the IT team an opportunity to access and control the internet infrastructure in both on-premise and cloud-based services. The technical analysis and data assessment from all the sources enable us to protect our computing devices from cyber-attacks and minimize potential risks. The network security controls have enhanced efficiency and adequate security for implementing set projects and tasks.

This product has helped us address security concerns that touch on our goals and daily programs. 

It has enhanced effective planning and data safeguarding by providing controlled access to computing devices. 

The creation of crucial passwords for creation and data editing has saved the organization from internal data compromise that may lead to crucial data leakages. 

The IT team has full authority to monitor performance and give access to the internal database to the permitted teams only. 

The access control principles enacted in the applications save confidential information from leaking to unsafe hands. 

The hacking detection feature blocks any suspicious activity that is detected on our websites. The 24/7 online customer support services enhance effective operations and provide quick services in case of a system failure. 

The authentication processes deployed across applications gives only approved members the authority to connect to the company network. This data protection system has set identification controls for confirming unique IDs.

The networking system updates, when delayed, can lead to misconfigurations and data loss. The cost is high, and many businesses may not be able to support the entire package. 

Poor integrations give hackers an opportunity to penetrate and get confidential information access. 

Duties should be well categorized, and the right teams should be given an opportunity of handling specific data. Admins and concerned teams should map data rights in the database efficiently to avoid mishandling. The cybersecurity features have to be upgraded on time to meet the modern industrial data protection demands.

I've used the solution for nine months.

The CloudGuard security system is ever-stable.

I am impressed by the great performance.

24/7 customer support services are always reliable.

Positive

I have not worked with similar tools in the past.

The initial setup was straightforward.

The vendor executed implementation and deployment.

The ROI has improved from 35% in last year to 60% this year.

It is cost-effective and highly effective.

The other tools in the market are not as powerful as this solution.

Network security is efficient with this product.

Check Point CloudGuard Network Security is a security solution that provides advanced threat prevention, network security, and compliance enforcement for public cloud environments. 

It can be used to protect workloads in various cloud environments, such as different clouds. 

The primary use case of Check Point CloudGuard Network Security is to secure and protect workloads and applications running in the cloud by providing a multi-layered security approach that includes a firewall, intrusion prevention, anti-malware, and sandboxing capabilities. 

One way it can improve an organization is by providing advanced threat prevention capabilities to protect against known and unknown threats in the cloud environment. This can help to reduce the risk of data breaches and other security incidents.

Another way it can improve an organization is by providing network segmentation and micro-segmentation capabilities that can help to limit the spread of malware or other malicious activities in the event of a security incident. Additionally, it can improve an organization's compliance posture by providing automated compliance enforcement for cloud environments. This can help organizations to meet regulatory requirements such as HIPAA, PCI-DSS, and more. 

Some of the features that are considered most valuable in Check Point CloudGuard Network Security include:

Advanced threat prevention. This feature includes firewall, intrusion prevention, anti-malware, and sandboxing capabilities that can help to protect against known and unknown threats in the cloud environment.

Network segmentation and micro-segmentation. This feature allows organizations to limit the spread of malware or other malicious activities in the event of a security incident. 

Centralized management. The solution provides a centralized management console for easy administration and monitoring of security policies and events, making it easy for the security team.

In general, some areas where security solutions could be improved include:

More advanced threat intelligence, including the ability to detect and protect against emerging threats in real time.

Improved scalability to allow the solution to handle larger numbers of users and devices without a significant impact on performance.

Greater automation to reduce the need for manual configuration and management.

Integration with other security tools and services to provide a more comprehensive security solution.

Better reporting and analytics capabilities to provide more detailed visibility into security incidents and events. 

I've used the solution for one year.

The CloudGuard Network Security monitors data flow across company applications to enhance efficient safety. 

This application manages all the security programs across the organization and easily identifies any security breaches that might affect performance. 

It blocks harmful content that can be easily transferred among colleagues and spread viruses. 

Network security configurations in the applications have saved the company cost and time that has been invested for the past year in enhancing data safety.

This system has been important in the organization since we deployed it. It tracks workflows in the networking system to enhance a safe data management environment. 

It has launched secure data management systems to identify and troubleshoot coding errors. 

Production has increased since we deployed this software as employees have nothing to fear and can fully focus on productive activities. It stops phishing attacks and any third-party attacks that can destroy data. 

Working in a secure environment free from malware attacks has been a great achievement in the organization. Check Point CloudGuard Network Security has helped us to achieve this.

The advanced threat prevention system stops any ransomware attacks that can leak confidential information to unauthorized parties. 

Both multi-cloud and on-premises are protected from data attackers, which has boosted the company's growth. 

This software is great in overall performance since it can locate any trouble across the networking system and provide solutions before it affects workflows. 

The automated network security is efficient in monitoring CI/CD workflows. The security across the premises has improved, and the application production has improved under a secure working environment.

The current features have ensured that there are no cloud threats that can affect data in any way. 

We have experienced the most advanced data security since we deployed CloudGuard Network Security in the organization. 

A threat categorization system can be added to give users the authority to define vulnerable attacks and classify areas that can threaten the workflow system. 

Working with this platform is complicated for new users. The cost of management is relatively high for small-scale businesses affecting overall performance.

I've used the solution for eight months.

This platform is stable and has improved the network security in the organization.

I am impressed by the overall performance.

The customer service team provides reliable guidance and directions always.

Positive

I have not worked with a similar solution.

The setup was straightforward.

Implementation took place through the vendor team.

There has been increased ROI since we deployed this platform.

The setup price and cost is good for most growing business enterprises.

I started working with this platform, and I have no intention of leaving it soon.

The performance has been stable and I recommend it.

Check Point CloudGuard Network Security is a highly advanced security solution that prevents any incoming threat, issue, or malware entry and secures the cloud network end-to-end by creating a secure virtual gateway that proactively diffuses and creates a unified, secure environment for users to work securely without any tension. 

The unified security management is an important characteristic of the software which differentiates the same from other similar products and stand out from the crowd. 

It can efficiently work on multi-cloud environments and different hybrid and online premises without any compatibility issues.

The software has significantly improved the security system, resulting in increased productivity and improved performance by the team. Also, it has the great potential and immense capability to work in different kinds of software environments, from offline to online and hybrid premises, with full vigor without any issue.

Advanced threat prevention and data protection in hybrid and private business environments is critical. Check Point is truly a savior here, and it promotes security enhancement in a true sense without any problem.

Data protection and threat prevention across hybrid and private cloud environments is an extremely important aspect. Check Point has aced this. Any kind of cloud environment anywhere can be protected through this effortlessly. 

The encryption technology to prevent data loss and leakage works really well for us. All security instructions and policy processes are auto-scaled up and operate on their own and keep everything in check. 

Security management is unified and can be singularly managed from a place without any hassle.

They can improve their security features to the next advanced level so that their efficiency in catching the malware can become 100%, and there is no scope for any data loss or leakage from the system due to any issue. 

The compatibility factor often poses some integration issues and consumes a lot of time for APIs. The business and tech team should be more responsive to our clientele and tech requirements, as it is critical in today's era.

The auto-remediation and risk management segment can be further researched and made more flexible and customizable.

I've used the solution for almost six months.

The solution is stable.

The solution is scalable.

Technical support is good.

Positive

I did not use a different solution previously. This solution is used in trial mode.

The initial setup is easy.

We handled the setup in-house.

The ROI is good.

It offers good security and everyone should be signing up for a trial for sure. It is easy to license and use.

We evaluated FireBox, SRX Series, Sonic Wall, Cisco firewalls, etc.

Try the solution today.

We use CloudGuard IaaS for cloud security in AWS, and it serves all kinds of purposes for us. It could be internal segmentation between on-prem or between application VPCs, and it can also help us to provide perimeter security for those parts of the network that require internet access.

Our company has a very dynamic IT landscape, and the demand to go live is very high. That means we have to deliver connectivity in very short time frames, and we can do that using CloudGuard IaaS. Once we have figured out a working template for connectivity, it becomes our standard, and we can run connectivity for new applications within a day or two, and sometimes it might only take hours. In the past this would take a much longer time. We also now have much better control over the sizing of the firewalls, which gives us a lot of flexibility in our planning.

In addition, we use an existing on-premise appliance, which is a multi-domain security server. The use of CloudGuard's Unified Security Management was an easy part of our integration. We didn't need to make a lot of effort to incorporate the new firewalls. We just needed to apply some existing policies to the new firewall. We didn't have to develop something from scratch. We just used our existing infrastructure and existing policies, and it was the easiest part of the deployment. And the use of the Unified Security Management has definitely freed up security engineers to perform more important tasks.

The features of the solution which I have found most valuable are its flexibility and agility. It's a fully scalable solution, from our perspective. We can define scaling groups and, based on the load, it will create new instances. It's truly a product which is oriented toward the cloud mindset, cloud agility, and this is a great feature.

Check Point is a known leader in the area of block rate, so I don't have any complaints about it. It's working as expected. And similarly for malware prevention. When it comes to exploit resistance rate, it's excellent. I haven't seen any Zero-day vulnerabilities found in Check Point products in a very long time, which is not the case with other vendors.

The false positive rate is at an acceptable level. No one would expect a solution to be 100 percent free of false positives. It's obvious that we need to do some manual tuning. But for our specific environment and for our specific traffic, we don't see a lot of false positives.

Overall, the comprehensiveness of the solution's threat prevention security is great. It was changed in our "80." version and I know that Check Point put a lot of effort into threat prevention specifically, as a suite of products. They are trying to make it as simple as it can be. I have been working with Check Point for a long time, and in the past it was much more complicated for an average user, without advanced knowledge. Today it's more and more user-friendly. Check Point itself has started to offer managed services for transformation configuration. So if you don't have enough knowledge to do it yourself, you can rely on Check Point. It's a really great service.

Check Point recently released a feature which recognizes that many companies are going with the MITRE ATT&CK model of incident handling, and it has started to tailor its services to provide incident-related information in that format. It is easier for cyber security defense teams to analyze security incidents, based on the information that Check Point provides. It's great that this vendor looks for feedback from the industry and tries to make the lives of security professionals easier.

I highly rate the security that we are getting from the product, because the security research team is great. We all know that they proactively analyze numerous products available on the IT market, like applications and web platforms, and they find numerous vulnerabilities. And from a reactive point of view, as soon as a vulnerability is discovered, we see a very fast response time from Check Point and the relevant protection is usually released within a day, and sometimes even within a few hours. So the security is great.

Clustering has not been perfect from the very beginning. There weren't too many options for redundancy. It was improved in later versions, but that's something which should be available from the very beginning, because the cloud itself offers you a very redundant model with different availability zones, different regions, etc. But the Check Point product was a little bit behind in the past. 

The convergence time between cluster members is still not perfect. It's far away from what we get in traditional appliances. If a company wants to move mission-critical applications for an environment to the cloud, it somehow has to accept that it could have downtime of up to 40 seconds, until cluster members switch virtual IP addresses between themselves and start accepting the traffic. That is a little bit too high in my opinion. It's not fully Check Point's fault, because it's a hybrid mechanism with AWS. The blame is 50/50.

I have been using CloudGuard IaaS for close to one year.

In terms of the stability, so far everything is good. We have had no problems. 

The scalability is also great. It's not complicated to configure it and the environment can become really scalable. Everything can be auto-provisioned: instances created, policies pushed, licenses installed. Check Point did a great job in covering all these aspects and reducing manual intervention, which is how it is supposed to be on the cloud.

It is deployed in all AWS regions and we plan to increase the number of security features in use in the future.

Check Point's technical support is great. We are a Diamond customer, meaning we have the highest level of support available from them. We always have very competent engineers and the right level of attention. We haven't had an opportunity to test technical support regarding this product, but in general we are happy with technical support we get.

We did not have a similar previous solution. 

The favorable results of its security effectiveness score from third-party lab tests were not a major part of our consideration because Check Point is a known leader. There were no doubts about security.

As for the solution being a leader for many years in industry reviews of network firewalls, it is important to go with a solution that not only has good specs on paper, but also has a known record of success.

The setup process offered by Check Point is quite straightforward. The challenge is that there is no single blueprint for an organization, and that's why each and every company chooses its own design for the cloud. That means we have to be creative and start adjusting whatever Check Point provided as a setup guide, for our needs.

Setting up a working environment took us approximately 10 days.

Our implementation strategy was quite simple. We first needed to understand the business needs and what the stakeholders wanted us to deliver. Based on that we created a design draft: How to proceed with the least complexity, the best way to provide connectivity, and obviously, to do everything in a secure way. After creating a high-level draft, we started our work. Since the environment was not really in production yet, it was a long path of trial and error. But at the end of the day, all aspects were accounted for, lessons were learned, and we adjusted our initial design and prepared operational documentation for our operational team.

Licensing is easy since this is a virtual instance which does not require RMA.

The cloud security provided by public cloud providers is great because it's cloud-native. Sometimes it comes without an additional cost or as part of a basic license, but it's definitely not enough for an enterprise environment. Everything comes back to operational complexity. I could incorporate a new, simple tool from a public provider, but on my side it would mean I would need to up-skill team members and manage an additional layer of security, and it could be hard for troubleshooting. To integrate these tools into the peripheral systems, like sending logs, and analyzing these logs, and maintaining additional rule sets from additional dashboards, would require additional efforts.

So cloud-native security has its own disadvantages. Many companies try to stick with the simplicity whenever they define the operational flows, but I prefer choosing Check Point everywhere in a hybrid environment to make my life easier from all perspectives.

The biggest lesson I have learned from using this solution is that network security is moving away from traditional deployments and companies have to adapt themselves to stay competitive.

We are fully managing the service. As soon as a new version is released on the Check Point site, they make sure to release it for CloudGuard as well. But so far, we have stayed with our original version. We haven't done any upgrades.

The integration process between CloudGuard and AWS Transit Gateway is not straightforward, because we're not talking about traditional networking. There are a lot of different aspects that we are still not used to keeping in mind. For example, routing is completely reworked in AWS. It's just a matter of time to get used to it. Once you get used to it, everything becomes relatively easy.

In terms of our workflow when using the integration between CloudGuard and AWS Transit Gateway, we needed to review our operational documentation and prepare additional guides for our operations team on how to do it. We needed to up-skill our team members, and we needed to utilize new technologies or new features, like BGP over VPN, to make communication secure in the cloud.

The solution provides security for numerous corporate applications and is under the responsibility of the operations team which consists of about 15 people. For deployment and maintenance of the solution we have one security operations engineer, one network operations engineer, one AWS operations engineer, and one SDWAN engineer.