Try our new research platform with insights from 80,000+ expert users

Check Point CloudGuard Network Security vs ShieldX comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
317
Ranking in other categories
Firewalls (2nd), Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Check Point CloudGuard Netw...
Average Rating
8.6
Reviews Sentiment
7.5
Number of Reviews
127
Ranking in other categories
Firewalls (8th), Managed Security Services Providers (MSSP) (2nd), Software Defined WAN (SD-WAN) Solutions (3rd), Cloud and Data Center Security (7th), WAN Edge (3rd), Unified Threat Management (UTM) (6th)
ShieldX
Average Rating
9.2
Number of Reviews
4
Ranking in other categories
Microsegmentation Software (13th)
 

Mindshare comparison

Firewalls
Microsegmentation Software
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
PRASHANT GARJE - PeerSpot reviewer
Cost-effective, supports automation, and provides good security
We have done a lot of automation with the firewall, but sometimes, there are some failures because of some bugs. The fixes for them are still not available. We have daily or weekly communication with the Check Point people giving support in the India region, but we have not seen much improvement or response to our requests for some additional features. We are moving to infra as a code, so we are expecting more advancements in this product. Just installing the patches is not going to help us. They need to focus on this area. I expect Check Point CloudGuard to come up with some AI/ML integration. A firewall is the first L3 security device available to you. It is the single point that manages or processes the traffic for an organization. There is a possibility that the device goes down or gets rebooted for any reason. The integration of artificial intelligence with the devices can help us to know in advance that there might be a surge in traffic. There might be a spike in the traffic, so we can have some additional firewalls integrated. This predictive analysis has to be there. This way, if required, a second, third, or fourth firewall can come into the picture. All the firewalls will process the traffic simultaneously. I am expecting such capability. This sort of feature is available with AWS. We are deploying all the firewalls on AWS, but it would be easy if, in the future, such a feature is available from the OEM or Check Point itself. It will be very helpful for the organization. We have had a couple of outages because of some misconfiguration. They were human errors but there were no prior indications that if we were making these sorts of changes, this would happen. People making the changes on the firewall were not aware of this, and that is the reason why the outage happened. In a financial organization, an outage of even five minutes can cost a lot.
MP
Proactively monitors, blocks, and reports what it has blocked; and self-updates meaning there is zero maintenance
The most valuable feature is the automatic scaling. With its microservices, it scales both up and down, depending on traffic and throughput. The traffic through our website depends on holiday bookings. It's very quiet in November through January, and then our traffic picks up quite rapidly and, at our peak, we will take in excess of a million pounds of business a day through our website. The UI was also one of the huge selling points. My web development manager was blown away with the detail and the granularity that you can get out of the UI. It is a very strong and informative UI, with the amount of data it provides. Uptime on the system has been 648 days and we do very little to it because it self-updates and alerts. It does everything that we need it to do, so the administration side of it is zero. One of the beauties about ShieldX is that it's such a good "fire-and-forget" product.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"​Easy to implement, and it is also reliable.​"
"The email protection and VPN features are the most valuable."
"The most valuable feature is the bundled subscription, which is IPS, TV and web filtering."
"The CLI and GUI do a good job of putting a lot at your fingertips."
"The ease of setting the solution up is a valuable aspect for us."
"The solution is stable."
"It is very flexible to use."
"I like Fortinet FortiGate's antispam filter, SPN, and clustering features."
"The main benefit of the Check Point Virtual Systems solution is its ability to split up the hardware appliances that we have into several logical, virtual devices with separate traffic handling policies, as well as the switching and routing."
"Auto-scaling and zero touch are valuable features."
"The CloudGuard Network Security's most valuable feature is implementing IPS for accessing our data center and server environment in Azure. It helps us to prevent attacks. By protecting our environment with Check Point, which we were already familiar with, it provided a solution that extended into the cloud environment."
"Now, we can filter which websites users can access and block categories that are a risk. For example, we can block social media and gambling sites. This has helped to decrease the risk of access to malicious content on the internet."
"Workflows across the company ecosystem have can flow smoothly without experiencing any challenges."
"The most valuable feature is the centralized dashboard, which is used for managing all of the Check Point Security Gateways."
"Its blades and VSLS (Virtual System Load Sharing) work fine."
"I find it really useful that CloudGuard supports all the main players on the Public Clouds market including AWS, GCP, and Azure, as well as some exotic ones like Alibaba Cloud, Oracle Cloud, and IBM Cloud."
"The UI was also one of the huge selling points. My web development manager was blown away with the detail and the granularity that you can get out of the UI. It is a very strong and informative UI, with the amount of data it provides."
"...It takes the exact same policies that you would apply to your on-premise environment and enables you to simply apply them to the cloud. It becomes one policy for both on-prem and for the cloud."
"The Adaptive Intention Engine is fantastic. It allows us to develop security policies using the language of our internal customers. It's machine-learning applied to security workflows. That allows us to much more easily construct the policies that will protect those workflows."
"ShieldX has been designed from the very beginning to work well in cloud environments. It understands autoscaling, automation, and auto-configuration. These are the things which are important in today's operating environment."
"The most valuable feature is the automatic scaling. With its microservices, it scales both up and down, depending on traffic and throughput."
"It has helped us tighten our security posture. Now, staff can only access things that they should be accessing."
"We were able to see what devices are talking to each other, giving us more visibility."
 

Cons

"The cloud features can be improved."
"With FortiGate, the main complaint that I have heard is about the technical support."
"Due to its higher cost, Fortinet FortiGate can lead to increased operational expenses."
"The configuration part was challenging, especially converting configurations from another OEM to FortiGate."
"We have an issue with hotel guest vouchers."
"Their software support needs improvement. I would prefer to have better support for bug fixes. Sometimes, we open a ticket, and it is very difficult to get a solution. Specifically, we are not at all happy with their support for load balancing."
"They are doing good, but they can improve the distributor assignment. The availability of the product and the timeline of delivery are the main things. The distribution should be swift, and the distributor should not reach out to end customers directly. They should work as a distributor. There should also be one more local distributor. Currently, there is only one distributor in Pakistan, and the rest of them are in UAE. It is difficult to work with only one distributor. Sometimes, you don't get along with the same distributor, and that's why they should have one more distributor. Their licensing should also be improved. The activation or renewal of the product should be done from the date of renewal, not from the date on which the license expired."
"It does not have key authentication for admin access."
"We faced issues while upgrading our CloudGuard Network Gateway. When we tried to use the template that Check Point offers on their site, it was not available for the second to the latest version, so I was forced to upgrade my management server. That was very challenging for us."
"Check Point CloudGuard Network Security needs to improve the management of the actual firewalls. Improvement is also needed for the consolidated UI of different security aspects."
"The costs are high."
"They can improve their security features to the next advanced level so that their efficiency in catching the malware can become 100%, and there is no scope for any data loss or leakage from the system due to any issue."
"The main issue that I have noticed is that for deployment, it still requires a dedicated management server, and the gateway is completely different. That sometimes can cause issues."
"There is room for improvement in addressing bugs and support issues."
"New features have been introduced recently, but they have not yet been integrated into CloudGuard Vsec."
"With the incorporation of a lot of AI and machine learning, they can build some sort of a matrix for low-level threats or low-level things that require attention. There can be automation of those tasks so that we don't have to take more time and effort. There should be machine learning to eliminate level-one types of tasks."
"With any kind of tool like ShieldX, where you're in the cloud instead of a traditional firewall, you're using CPU resources in those environments to provide the protection. So there's a cost associated with CPU resources. I'm pressing upon them to make the product much more efficient and use less CPUs to do the same thing."
"I would like better reports and in-depth reporting."
"There should be a bit more customer care, with regular review meetings on it or regular reports. It would be nice to have a quarterly or biannual review of what ShieldX has blocked."
"They need to be consistent in performance and capabilities over time, given the fact that this is new and I want to see where this goes in the next year or so. As the vendor continues to evolve and add future functionality, we want to make sure that we are still keeping up with the integrations, etc. Time will be the key factor here. The proper support for some of the latest technologies, Docker containers, etc. They need to keep up with threat landscape, so we will see how the security get layered. This is what we are going to be keeping an eye on."
"We are having some issues with their LDAP and integrating it with the Active Directory. We can't seem to set it up."
 

Pricing and Cost Advice

"The license is too expensive to renew. The license renewal process is also complex."
"Fortinet FortiGate's price can be reduced."
"It scales well if you know what to buy from a physical box standpoint. They seem to offer something for every level."
"The pricing is fair."
"The price of the license and warranty can be better because it is very expensive."
"The license is yearly. We pay for the top end. It's called 360."
"No comment."
"The price is highly competitive when compared to other brands that offer similar functionality."
"The licensing model has since transitioned to a cluster-based variant."
"Every project needs different pricing. I believe that when we talk with the particular guys, we will find a price for the customer. They are flexible in terms of that because we need to be flexible, and we have many companies who are aggressive with discounts."
"I like the flexibility because I am pretty sure you can use the same license on Azure or AWS. I forgot the name of the license, but there is a specific type you can use that lets you interchange them, and that is pretty good. I like that."
"It is not expensive, but it is a little bit above the middle range. There are other solutions that are a little more expensive than this, but they also have some interesting features."
"Pricing of CloudGuard is pretty fair when you have a single account. It's comparable with other cloud providers. But for our use case, it got really pricey when we had to deploy multiple CloudGuards on multiple accounts in different regions, because you can't have CloudGuard protecting multiple regions. That's the big thing."
"The licesning has some good features. For example, the scaling feature is free of charge, allowing multiple scale-ups and scale-downs over a two-week period, which is pretty good."
"I do not know the exact price, but it is fairly priced. It is neither cheap nor costly."
"On average, it is normally on the lower end, being less expensive than Palo Alto or Cisco."
"We are actually expecting our costs to drop in the coming year, but it is just a matter of the licensing expiring. That is going to happen in the next six months or so. Then, we will start to see a decrease in overall spend."
"We are very happy with the pricing and licensing. It's about getting a site-wide license. One of the challenges that we've had with our previous vendor had been the cost of licensing."
"For a three-year deal we paid £55,000 plus tax... But, and this is a big "but," this was over two years ago. ShieldX had only just hit the market. We were the first company in Europe to buy ShieldX."
"For other security professions who are looking for something which is low in cost that does microsegmentation, they should look at ShieldX. It might not be the big name out there, but it does everything that you are looking for in microsegmentation at a very low price."
"ShieldX ensures that we can have the separation needed for our environment to avoid drastically increasing the cost on the licensing side. From this perspective, it's been very positive and helpful."
"ShieldX also enables us to migrate to cloud environments faster. That is an important part of it for sure because it takes the exact same policies that we would apply to our on-premise environment and enables us to simply apply them to the cloud. It becomes one policy for both on-prem and for the cloud."
"Security policies are now applied as applications are going up. Because it's automated, we don't have the three to four week delay. The insertion of applications in the cloud for us dropped from an average of three to four weeks to a couple of days."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
831,791 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Comms Service Provider
6%
Manufacturing Company
6%
Computer Software Company
19%
Financial Services Firm
13%
Manufacturing Company
7%
Energy/Utilities Company
6%
No data available
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
What do you like most about Check Point CloudGuard Network Security?
The tool's most valuable feature is its management console.
What is your experience regarding pricing and costs for Check Point CloudGuard Network Security?
Pricing is high, over $25,000 USD annually. The package offered includes features we may not need, and more flexible ...
What needs improvement with Check Point CloudGuard Network Security?
The pricing is too high. We pay more than twenty-five thousand USD per year, which could be reduced. Moreover, Check ...
Ask a question
Earn 20 points
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
CloudGuard IaaS, Check Point vSEC, CloudGuard IaaS, Check Point Virtual Systems, Check Point CloudGuard Network Security
APEIRO, ShieldX APEIRO
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
Physicians Choice Laboratory Services, Helvetica Insurance
Iowa State University
Find out what your peers are saying about Check Point CloudGuard Network Security vs. ShieldX and other solutions. Updated: November 2024.
831,791 professionals have used our research since 2012.