It is important to prioritize security if managing data in multi-cloud environments. Having a technical team familiar with cloud security is recommended. Working closely with Check Point's support team can help in navigating complex terminologies and enhancing security across cloud platforms. I'd rate the solution eight out of ten.
Security Solution Architect at a tech consulting company with 10,001+ employees
Real User
Top 20
2024-08-21T12:16:48Z
Aug 21, 2024
I highly recommend CloudGuard for organizations looking to enhance cloud security due to its comprehensive features and strong track record. I rate it a ten out of ten.
Sr network engineer at a outsourcing company with 10,001+ employees
Real User
Top 5
2024-07-24T10:04:00Z
Jul 24, 2024
For a few reasons, we decided not to go with it compared to the cloud vendor's firewall. One was the technology and integration itself. You can integrate CloudGuard into many third-party tools. However, it adds extra cost. Also, if we could find something in the Azure ecosystem, we don't need to go for a third party. That's why we decided to go with Azure. I have not yet used its AI capabilities. That said, my understanding is that they have very good tools and built-in initial learning capabilities that can help you begin to understand the traffic. I would recommend the solution to others, and I have never had issues with the product itself. However, we were looking for Azure-native tools, which is why using this long-term didn't work out. I'd rate the solution eight out of ten. I'd rate it a nine if I was 100% sure you could control ransomware attacks. I'm not sure if you can do that fully with CloudGuard.
Check Point is a reliable company for network security. I trust them to protect my resources when using their products. However, their solutions could be improved to be more user-friendly and easier to integrate. I recently implemented Check Point CloudGuard Network Security for our company's new customers. I installed the features and products after consulting with them. Setting up the network configuration was moderately complex and required careful attention. Check Point offers extensive configuration options, providing enhanced control and security, although it may require more setup effort initially. I advised others to configure their product correctly. Overall, I rate the solution an eight out of ten.
Manager - Enterprise Architecture and Cloud at Axis Bank
Real User
Top 10
2024-05-22T11:10:00Z
May 22, 2024
I feel confident using this product. In fact, I have completed a few certifications related to Check Point CloudGuard. I am a Check Point certified administrator, and I am also a Check Point Certified Cloud Specialist. I have also been working with automation-related things, and sometimes, we do some bash scripting and shell scripting to make things easier for us. Traditionally, you can only access the firewall via a CLI. That is the basic level, and at the next level, you should be able to do a few daily things in an automated way. I am very good at that. I would recommend this solution, but it also depends on the requirements. It is a cost-effective solution. If you are a small organization or a startup, you do not need to have this solution. If you are a big organization with 5,000 to 10,000 users, you can go ahead with it. The ROI for our organization was up to 80%, but it necessarily would not be the same for other organizations. Overall, I would rate it a nine out of ten.
Learn what your peers think about Check Point CloudGuard Network Security. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
Cyber Security Architect at a manufacturing company with 10,001+ employees
Real User
Top 20
2024-03-15T13:39:00Z
Mar 15, 2024
I would advise taking a look at the solution. It performs well and integrates with our existing solutions. It streamlines processes. It is definitely worth a look. Overall, I would rate it a nine out of ten. The solution is very similar to what we are doing everywhere else. It integrates well with the Azure services, but nothing is perfect, so I cannot give it a ten.
We implemented CloudGuard Network Security to meet our customers' demands for enhanced security features and centralized management. They specifically requested Check Point CloudGuard for its robust capabilities, including SMS and MDS for global management. Using CloudGuard Duo Security has provided us with the ability to manage globally through MDS, which has been a valuable capability. It is convenient to have multiple pockets of global management from UniFi OS. We realized the benefits of CloudGuard Duo Security quickly after deployment. Understanding the architecture, especially the MDS setup for higher-level organization control, allowed us to establish multiple pockets of management efficiently. Unified security management allows us to streamline our security operations significantly. With centralized management through SMS and MDS, we can efficiently oversee not only the firewalls within our cloud exchange points but also on-premises devices, enabling a cohesive and unified security architecture across all environments. I'm very confident in CloudGuard Network Security because it helps us secure our global network. With CloudGuard, we can set up rules to protect against risks from on-premises traffic and ensure security through various measures like single sign-on integration and VPN restrictions. CloudGuard Network Security is a great product that fulfills firewall needs effectively and provides detailed insights. However, in multi-segment environments requiring multiple VRFs, it can be cumbersome and costly due to the need for separate firewalls. The best lesson I have learned from using CloudGuard Network Security is to carefully consider the scalability requirements of each environment. While Check Point offers robust features, the lack of VRF support can lead to increased costs and complexity, especially in multi-segment setups where separate firewalls are needed for each segment. Overall, I would rate CloudGuard Network Security as an eight out of ten.
Senior IT Analyst at a manufacturing company with 10,001+ employees
Real User
Top 20
2024-03-15T12:55:00Z
Mar 15, 2024
The main benefit we have seen from using CloudGuard Network Security is the ability to filter traffic by URL. We realized these benefits approximately six months after deployment. Unified management of the firewall has positively affected our security operations by making it easy to manage from one place. My advice for those evaluating CloudGuard Network Security is to remember that licensing is critical, so ensure that central licensing is configured properly. Overall, I would rate CloudGuard Network Security as a ten out of ten.
Sr Security Engineer at a computer software company with 51-200 employees
MSP
Top 10
2024-03-15T12:39:00Z
Mar 15, 2024
It functions well, especially the auto-scaling feature, despite the complexity involved, particularly with integrating Azure load balancers. Consolidating these components would be beneficial, but without a SaaS offering, reliance on Azure's resources or cloud-native resources remains a factor. Overall, I would rate it eight out of ten.
IT Security Engineer at a healthcare company with 1,001-5,000 employees
Real User
Top 20
2024-03-15T12:36:00Z
Mar 15, 2024
We wanted to maintain familiarity with Check Point while transitioning to the cloud, opting for CloudGuard Network Security in Azure over Azure's native firewall for its effectiveness and seamless integration with our existing network infrastructure. CloudGuard Network Security offers unified security management across hybrid clouds and on-premises environments, ensuring comprehensive protection across all assets. Unified security management simplifies our security operations by consolidating all aspects, like web filtering, application control, and firewall management, into a single, easy-to-use platform, enhancing efficiency and effectiveness. I have high confidence in CloudGuard Network Security because it runs seamlessly like our previous setup and offers robust protection. I chose it over Azure's firewall because Check Point focuses solely on security, providing more features, logs, and insights. CloudGuard Network Security is deployed across multiple departments and business units, with various consultants connecting in, although the user count isn't high yet, it is set to expand across multiple businesses. I would advise evaluating CloudGuard Network Security based on what is most effective and familiar, rather than just what's convenient or included, prioritizing what suits your needs best. Overall, I would rate CloudGuard Network Security as a nine out of ten.
I would rate it a nine out of ten. The only reason it is not a ten is that sometimes there are hiccups when we have to interact with it, such as while upgrading. These are small things, but I wish it was more seamless than it already is. It is already pretty seamless, but there can always be improvements.
Director of IT Operations at a tech services company with 10,001+ employees
Real User
Top 10
2024-03-14T16:37:00Z
Mar 14, 2024
I would advise taking your time. Be patient, and you will see results. It does not take much time, but some people want to see a return right away. It took us about 90 days to see the return. It is more based on you getting in it and doing things with it, but be patient. I would rate CloudGuard Network Security a nine out of ten.
Director comercial at a tech services company with 201-500 employees
Real User
Top 20
2024-03-07T23:21:00Z
Mar 7, 2024
I would recommend using it. Overall, I would rate the solution a nine out of ten. It is very good. Because it's very well integrated with the traditional platform, especially the Infinity portal part. The unified security concept is very sound for that. However, there is always room for improvement, we always have to extend the capabilities to other use cases.
Software Development and Information Security Manager at a manufacturing company with 201-500 employees
Real User
Top 10
2024-03-07T23:16:00Z
Mar 7, 2024
I would rate CloudGuard Network Security a ten out of ten. We are happy with the uptime and management. It is a good tool, and it provides a lot of value for us. We are happy.
Senior Network Security Engineer at a manufacturing company with 10,001+ employees
Real User
Top 10
2024-03-07T19:09:00Z
Mar 7, 2024
I would rate CloudGuard Network Security a nine out of ten. The ease of template deployment would have been nice. There was also a little bit of weirdness with the licensing models for our on-premise management. That is pretty much it. Otherwise, I am extremely happy with it. They are not negatives. It is still great.
Network and Security Engineer at a consultancy with 11-50 employees
Real User
Top 20
2024-03-03T12:12:00Z
Mar 3, 2024
For us, the solution was easy to understand. The syncing of the CloudGuard Network Security is like that of the gateway on-prem. Translating in a very easy path to bring the features is very easy. I rate the product a nine out of ten.
Sr Network Engineer at a comms service provider with 1,001-5,000 employees
Real User
Top 20
2024-03-03T12:08:00Z
Mar 3, 2024
Using CloudGuard Network Security saves time due to its stability and ease of administration. The solution is not complex, allowing administrators to focus on other tasks. The configuration process is straightforward. It can integrate with NSX. I rate the product a nine out of ten. We manage a total of 800 servers that host a variety of components, including our infrastructure, customer applications, databases, application sites, and disaster recovery systems
CloudGuard Network Security provides unified security management across hybrid clouds as well as on-premises environments. It helps to manage everything from a single point. I have been exploring Harmony SASE for remote security and zero-trust access in some proof-of-concept activities. Also, I'm checking out the CloudGuard Web Application Firewall for safeguarding our applications on the internet. I rate the product a ten out of ten. We have had a great experience with Check Point, and we haven't faced any major incidents or attacks compromising our organization. It has helped us detect activities on our endpoints. I would genuinely recommend it. Check Point is easy to manage, implement, and configure. The support is excellent, and the constant threat intelligence updates ensure protection against various threats. It's truly an amazing product for securing your environment.
It took around a year to see the benefits of using CloudGuard Network Security. If you have CloudGuard Network Security managed by the same management server used for on-premises, you can control all policies in one management tool. I am confident in using the product. We are a Check Point partner, hence we trust the product and the company. I rate the overall product a nine out of ten.
We have both cloud and on-premises deployment models. The solution offers protection and full visibility of traffic on cloud solutions. It is rock solid and comes with proven technology. We can benefit from its detection rates and security. I rate the overall product a ten out of ten. It is a straightforward solution that uses existing technology. We don't have to learn new technology. We can use what we know and deploy it on to the cloud.
Head of Datacenter at a tech services company with 201-500 employees
Real User
Top 10
2024-03-03T07:52:00Z
Mar 3, 2024
For any private cloud data center leveraging software-defined networking through VMware or Cisco ACI, CloudGuard stands out as the optimal choice. It offers unparalleled flexibility and ease of management, making it the ideal solution for customers already utilizing Check Point in conjunction with virtual networks within their data centers.
Global network and telecom director at a hospitality company with 10,001+ employees
Real User
Top 20
2024-03-03T07:49:00Z
Mar 3, 2024
Overall, I would rate the solution an eight out of ten. The reason it's not a ten relates to the need for a more cloud-native solution that fits today's requirements. The deployment was five years ago, and we're still waiting for Check Point to evolve to truly have cloud-native capabilities. I'd advise looking into the scale set feature and the out-of-the-box capability, which were really the silver bullets for us. It was a strong requirement, and if anyone is seeking that kind of solution, I would greatly recommend it.
System Engineer at a energy/utilities company with 10,001+ employees
Real User
Top 20
2024-02-26T15:55:00Z
Feb 26, 2024
Initially, we faced some challenges, especially with the AWS transit gateway, involving manual routing configurations and complex setup tasks. I rate the overall product a nine out of ten.
Solution Architect at BNC Business Network Communications AG
Real User
Top 10
2024-02-26T15:50:00Z
Feb 26, 2024
In most cases, we use the smart management on-premises. With the hybrid solution, we have one log visibility of every single management, which is an advantageous concept. I rate it an eight out of ten.
Unified Security Management provides a consistent interface and knowledge base, allowing those who were trained in Check Point for on-premise use to apply that same understanding across various cloud environments such as Google, AWS, Alibaba, Oracle, and more. I rate the product an eight out of ten. There is always work to be done. However, some customers may find other technologies more understandable, and there could be a perceived difficulty in the human-computer interaction with Check Point. This might create challenges in comparison to competitors, as customers may find competitors' solutions easier to use.
EVP, chief product and revenue officer at BBT.live
Real User
Top 10
2024-02-26T15:44:00Z
Feb 26, 2024
We utilize the tool's SmartConsole integrated into our management system. However, we encounter challenges with multi-tenancy. Since we integrate it as an application on the cloud we can integrate it with any other provider. We do think that the synergy with Check Point is very good because we also allow Check Point to move from the edge to the cloud while we provide security connectivity from the edge to the cloud. So we can support its transition from on-prem security solutions to the cloud. It looks like a very good win-win situation for both Check Point and BBT, and we see it in the market, bringing us big deals in Japan and France. We can go with others as well in terms of architecture because our architecture is very open. We are a small company and cannot engage with everyone. We have good connections with Check Point in Israel. We also have some connections abroad. So far, we are getting good support. We have an application that is running on our cloud. Normally, our main cloud provider is Google, but we can run over any cloud. It could be a private cloud or any data center that provides virtual machines and connectivity. We are agnostic. We are in several POCs in France, Japan, and Thailand, and they are progressing well. However, we need more presales support. There is a lack of knowledge about the solution in the regions, and we are finding it challenging to get sufficient support from those regions. There seems to be a gap in support that needs to be addressed. It seems that the product is the answer that we need. We haven't identified any missing components in the security suite, apart from the operational challenges related to working in a multi-tenancy environment. I rate the product an eight out of ten.
Network security architect at a energy/utilities company with 10,001+ employees
Real User
Top 5
2024-02-26T15:35:00Z
Feb 26, 2024
We have moved our security level from on-prem to the cloud. The security posture is consistent. We can use the same storage system, monitoring system, and objects both on-prem and in the cloud. I am quite confident with CloudGuard Network Security. The primary reason for choosing the product over other cloud firewall vendors was to maintain the same solution as on-premises. Additionally, it offered a good level of security functionalities. I rate the overall product an eight out of ten. You should define your requirements before choosing the product.
Network Engineer at a manufacturing company with 501-1,000 employees
Real User
Top 20
2024-02-26T15:34:02Z
Feb 26, 2024
In Azure, when we refer to "size," it could be in terms of factors like the number of instances, bandwidth, or users. We use cloud-native platforms but prefer Check Point solutions. It is easier to manage since we know Check Point is on-prem. I have a high level of confidence in CloudGuard Network Security. I am familiar with Check Point and Azure. I rate the overall product a nine out of ten.
We operate in a hybrid cloud environment with both on-premises and Azure, but we don't currently use other cloud providers like Amazon. Our on-premises SmartConsole remains in use, and overall, everything is running smoothly. Our confidence in the product is high. We believe that we can do better with its help. I would rate it a nine out of ten because it's very good with high potency and potential. However, it's not perfect. I faced issues with Azure China, and it's not as straightforward on other cloud platforms.
Network security at a tech services company with 5,001-10,000 employees
Real User
Top 20
2024-02-26T15:21:00Z
Feb 26, 2024
I don't see any difference in user experience between on-prem and the cloud setup. We have an MDS environment where we can manage the whole country. The tool enables us to manage policies on the same platform for branches and regions in the country. I rate the product an eight out of ten.
Cloud Engineer at a energy/utilities company with 5,001-10,000 employees
Real User
Top 20
2024-02-26T15:13:24Z
Feb 26, 2024
Invest time in analyzing the templates provided by Check Point and tailor them to your specific requirements. Understanding the deployment process is crucial, as it allows you to benefit from it in later stages. You can optimize it later based on the needs. I rate the overall product a nine out of ten.
Communication Department Manager at a transportation company with 5,001-10,000 employees
Real User
Top 20
2024-02-26T15:09:00Z
Feb 26, 2024
CloudGuard Network Security provides unified security management across both our hybrid clouds and on-premises environments. I rate it a nine out of ten. I would recommend others to install the solution.
Network and Security Engineer at a retailer with 10,001+ employees
Real User
Top 20
2024-02-26T15:03:00Z
Feb 26, 2024
There is no real issue with the software itself. It does the job. It does what it was designed for. I can rate it a ten out of ten because it is exactly like the on-prem software physical appliance. There is no difference for us.
Network and Security Manager at a financial services firm with 1,001-5,000 employees
Real User
Top 20
2024-02-26T14:59:00Z
Feb 26, 2024
My recommendation for those who are thinking of installing the product is to check its survivability at the level of downloading a machine and uploading it. Do not upload all the applications straight away to run tests. Research first. Based on my experience, I would rate it a seven out of ten. There were some malfunctions. There were also issues at the beginning due to the lack of a dependency needed for it to function. The experience is not yet perfect, but like any product, it will improve over time. In the end, I need stability in the cloud, but right now, that feeling is not there. I do not have the feeling of stability where I can say that the production and the service will not drop again. That is the concern. I want to start uploading some kind of application to production soon. Foreign Language:(Hebrew) המוצר מספק ניהול מאוחד, אבל נראה שלשדרוג הגרסה יש מגבלה מהו השימוש העיקרי שלנו במוצר? אנחנו משתמשים בו לאבטחת רשת. בחרנו אותו כדי להתרחב ולעשות הרחבה ל-Azure Cloud כדי שנוכל להקים שירותים שיעשו קישור בין On-Prem לענן. זו הייתה המטרה. איך זה עזר לארגון שלי? יש לנו ניהול מאוחד. זה אחד היתרונות של המוצר הזה. מבחינת הגנה, עדיין לא עשינו שום סוג של בדיקות חדירה. נבדוק זאת בהמשך. בעתיד, נרצה גם להשתמש בכל מיני תכונות כמו IPS, IPSec וכו'. מה התכונה הכי משמעותית של המוצר? היתרון שלו הוא הפריסה שלו. אתה לא צריך להשיג מכשירים ייחודיים ולהתקין אותם. ההתקנה קלה. ההטמעה פחות קלה כי צריך לעבוד עם מנהל ב-Azure ולהעלות ולהגדיר כל מיני כתובות. בעצם, אתה עושה בדיוק את מה שאתה עושה מ- On Prem. זו אותה פעולה. אתה יכול לנהל אותו באותו אופן כמו ב-On-Prem, וזה יתרון. אתה יכול לנהל את הפיירוול בענן מ-on-prem, ולא צריך יותר התערבויות. מה טעון שיפור? ישנה מגבלה בשדרוג הגרסה. אנחנו משתמשים בגרסה 81.10 ולפי מה שהבנתי זה בעייתי לשדרג את הגרסה הזו. אני לא יודע אם זה נכון. אני מנסה להבין את זה. אם אני רוצה לשדרג לגרסה חדשה יותר, אני צריך ליצור מכונות חדשות. אם זה נכון, זה ישפיע לרעה על המחשבות שלי לגבי המוצר. מה אני חושב על יציבות המוצר? המוצר פועל תמיד. הזמינות שלו גבוהה מכיוון שהוא ממוקם בשני מרכזי נתונים שונים. זו מטרת הענן. הוא ממוקם בשני מרכזי נתונים בשתי מדינות שונות. הקמנו אחד בפרנקפורט והשני באמסטרדם או בלונדון. זה היתרון. מכיוון שלא מדובר באותה מדינה או עיר, הזמינות גדולה. איך שירות הלקוחות והתמיכה? אני מקבל בעיקר תמיכה מאינטגרטור. צ'ק פוינט לא ליוותה אותי כספק מההתחלה. אני מרוצה מהאינטגרטור כרגע. הוא נותן לי את התשובות. היו לנו כמה תקלות לאחרונה והוא סיפק לי את כל התשובות. הוא גם עזר מאוד במהלך ההתקנה. עם היצרן הייתה לי פחות תקשורת. לבעיות מורכבות יותר, אני יכול לתקשר עם התמיכה של צ'ק פוינט. הייתי מדרג את תמיכת האינטגרטור תשע מתוך עשר, כי לפעמים לוקח הרבה זמן עד שהאינטגרטור מוצא את הפתרון לתקלות. התקלה הקשורה למכונות שנמחקו הייתה קריטית מאוד עבור הארגון שלנו. דברים עבדו כרגיל ברשת ופתאום כל הפרויקט פשוט נחסם לכמה ימים. ציפיתי שהאינטגרטור יפתח טיקט בצורה מהירה יותר, אבל הוא לא פתח טיקט בכלל. הוא פתר את הכל לבד, הוא גם לא שיתף אותנו לגבי מה היה הפתרון לתקלה. למחוק דברים ולפתוח אותם שוב זה לא מספיק טוב כי זה לא מבטיח לנו שהתקלה לא תחזור על עצמה. באיזה מוצר השתמשתי בעבר ומדוע החלפתי אותו? לא השתמשנו בשום מוצר אחר לפניו. איך הייתה ההתקנה הראשונית? ההתקנה הייתה פשוטה. היינו צריכים לשים אותו בשני מרכזים ולפרוס אותו. זה היה קל. במהלך התהליך, היינו צריכים למחוק מכונה. מיקרוסופט נתנה לנו כמה כתובות לעבוד איתן. השתמשנו בכתובות האלה כי היינו צריכים כתובות ציבוריות לעבוד איתן. בהתחלה לא הצלחנו לעשות משהו כמו שצריך, אז מחקנו את המכונה. כשחזרנו להגדיר את המכונה, היינו צריכים לקחת מחדש כתובות חדשות ממיקרוסופט. אני לא יודע אם זה היה בגלל Azure או אם זו הייתה אשמתו של צ'ק פוינט. מה היה החזר ההשקעה שלנו? אני לא יודע אם ראיתי את ההחזר על ההשקעה, כי אנחנו בתחילת הקמת הענן וזה עדיין לא לגמרי עובד. כרגע הוא לא בייצור, אבל אני מניח שיהיה החזר של ההשקעה. מה דעתי על התמחור, עלות התקנה ורישוי? זה לא יקר. אילו מוצרים נוספים שקלתי? רציתי לנסות את פאלו אלטו בהתחלה, אבל בגלל שכל ההתקנה שלי כבר הייתה בצ'ק פוינט, לא הלכתי לכיוון הזה. רציתי ניהול מאוחד. התייעצתי גם עם הצוות שלי והם אמרו שהם לא רוצים לנהל פיירוול נוסף בגלל הניהול והידע שזה דורש. היתרון של המוצר הזה הוא הניהול המאוחד. איזה עוד עצה יש לי? ההמלצה שלי למי שחושב להתקין את המוצר היא לבדוק את השרידות שלו ברמת הורדת מכונה והעלאתה. לא להעלות את כל האפליקציות מיד, כדאי להריץ בדיקות ולחקור קודם. בהתבסס על הניסיון שלי, הייתי מדרג את המוצר שבע מתוך עשר. היו כמה תקלות. היו בעיות גם בהתחלה בגלל חוסר העצמאות הדרושה לתפקוד. החוויה עדיין לא מושלמת, אבל כמו כל מוצר, היא תשתפר עם הזמן. בסופו של דבר, אני צריך יציבות בענן, אבל כרגע, התחושה הזו לא שם. אין לי תחושת יציבות שבה אני יכול להגיד שהייצור והשירות לא יירדו שוב. זו הדאגה. אני רוצה להתחיל להעלות איזושהי אפליקציה לייצור בקרוב.
Platform Lead at a financial services firm with 5,001-10,000 employees
Real User
Top 20
2024-02-26T14:45:00Z
Feb 26, 2024
CloudGuard Network Security can manage security for both our hybrid cloud and on-premises systems. Currently, we have separate solutions for on-premises and the cloud. We also use Smart-1 Cloud from the Infinity portal. We haven't integrated the tool with both Azure and on-prem environments. I have about an eight out of ten confidence level in our cloud network security with the product. It is because of Azurre's robust and dynamic nature. It is easy to incorporate anything new that comes up. We can integrate any new steps in Azure concerning the blades, CloudGuard Network Security, and Check Point. Cloud-native firewalls lack functionalities such as IPS, which are exclusive to products like Check Point or other vendor-specific solutions. This is why we opted for CloudGuard Network Security as an additional layer, complementing the limitations of Azure's native or any cloud-native firewalls. We are already using Check Point for our on-prem environment. The cloud solution was easy to integrate with our existing infrastructure. I rate the overall product a six out of ten. Due to certain limitations in the integration between Azure and CloudGuard Network Security, I currently rate the experience as a six. However, I'm hopeful that Check Point is working on its new release.
Technical Head at Quoinx Technologies private Limited
Real User
Top 5
2023-07-10T08:18:28Z
Jul 10, 2023
Our customers use Check Point solutions both on-premise and on the cloud. Check Point's research and development happening in terms of threat intelligence is better than its competitors, and Check Point's vulnerabilities are fewer. Check Point CloudGuard Network Security has proper security in place with respect to the vulnerabilities. They do not have any vulnerabilities right now. And the research and development happening on Check Point is on the higher side. Most zero-day attacks are protected against. Customers should go for Check Point because of these two points. If a customer wants FortiGate instead, it's all about whether they can map the budget with Check Point or any other security solution. I cannot compare Check Point and FortiGate, though, because each has its own market. I rate Check Point CloudGuard Network Security a nine out of ten.
The usability is moderate. The product has helped us free up some time. It's a complicated situation, however. I'd rate the solution an eight out of ten.
Cloud Engineer at IT Quest Solutions|interglobalmsp
User
Top 5
2022-12-23T14:29:00Z
Dec 23, 2022
I'd advise new users, if they are going to acquire a tool of this type, to look for the greatest amount of information on the solution to uncover which offers them the most benefits.
I rate the solution seven out of ten. The solution is reliable and would fulfil what it is marketed to achieve. It provides very good security protection, but the customer support response times could be improved.
Network Administrator at Ministry of Finanace and the Public Service
Real User
2022-07-11T15:25:42Z
Jul 11, 2022
My advice to others is the solution is very stable, and reliable, and they should ensure that they invest in Check Point. I rate Check Point CloudGuard Network Security a nine out of ten.
Before purchasing it's important to assess the size of your cloud infrastructure. You need to have a concrete plan for which virtual or private network or clouds you have to scope and to do that before deciding which solution you want and what functionality you need. I rate this solution eight out of 10 since there has been some improvement with regard to integrations.
Technical Team Lead at Softcell Technologies Limited
Real User
2022-01-28T11:06:00Z
Jan 28, 2022
My advice to people looking into implementing Check Point CloudGuard Cloud Network Security is that they should have technical expertise before deploying it. I'm giving Check Point CloudGuard Cloud Network Security an eight out of ten.
For most Check Point CloudGuards, it's not actually deployed on the private cloud of the end-user. They usually deploy it on the public cloud. I'd rate the solution at a nine out of ten. The clients who are using it have nothing bad to say about its capabilities. I'd recommend the solution. They are doing quite unique workarounds with cloud security while many others are more focused on on-premises.
Network, Systems and Security Engineer at SOLTEL Group
Real User
2021-05-12T10:55:00Z
May 12, 2021
The combination of NGFW + URL Filtering + Antivirus + Anti Bot, with 8 vCore D4 v2, is able to provide a throughput of 4Gbps. On Azure, the combination of NGFW + URL Filtering + Anit Virus + Anit Bot, with 8vCore c5n 2xlarge, is able to provide a throughput of 4.7Gbps. It is similar to AWS.
Information security officer at a tech services company with 1-10 employees
Real User
2021-03-15T16:32:48Z
Mar 15, 2021
In summary, this is a good product and I have not found any problems when using it. I can recommend it to others. I would rate this solution a nine out of ten.
CEO at a tech services company with 51-200 employees
Real User
2021-03-15T06:59:06Z
Mar 15, 2021
The solution always updates automatically, and therefore we are always using the latest. We do plan to continue to use the product as we've mostly been quite satisfied with it. I'd recommend the solution to other organizations. Overall, I would rate the solution at a nine out of ten.
DBA Team Lead at a tech services company with 51-200 employees
Real User
2021-03-08T07:36:00Z
Mar 8, 2021
In the past, my clients were all using Check Point Systems. When I reviewed it at that time, back 10 years ago, Check Point was number one, as far as I remember, meaning FortiGate wasn't a major solution in Turkey. Nobody was talking about FortiGate then. Now FortiGate, is a major player in the firewall industry in Turkey. Most of our clients are migrating to FortiGate because they say it's cheaper than Check Point. So when I see the Check Point's GUI, it's really complicated. My recommendation would be for Check Point customers to first learn about Check Point's GUI, which is pretty advanced, for me at least. But when I talk to my friends who are managing IT, they are migrating to FortiGate. They say, FortiGate is very easy to manage and I should really think about it now. When I was first introduced to Check Point it was really advanced. I didn't understand when I first looked into it. I just wanted a solution. pfSense has the same problem. By the way, according to your report, some customers said that pfSense needs improvement on the management and the GUI and aspects like that, so maybe I'll need another review of OPNsense versus Check Point and FortiGate etc... We didn't have any problems at all. Just in one case, actually. We have a rule that pops up from nowhere which we didn't create. When we restart our Virtual System firewall, it creates a rule which messes up all our internet connection. So if I were to give a number from one to 10, I would probably say Check Point is a nine out of 10. Other than that, we haven't had any problems. Check Point is pretty reliable. I think it's our company's problem that we couldn't patch it after it froze. Maybe an up to date, patched version doesn't have this problem. Overall, it's really working for us. I don't have any problems other than it's just outdated.
We're solutions providers. We're partners with Check Point. We offer integrations and support. This is one of the products we offer to our clients. We're using the latest version of the solution. The platform is R80.40. It's deployed on VMware's virtual environment. I'd recommend the solution to other organizations. The likelihood of running into issues is low. I'd rate the solution at a nine out of ten. We've largely been satisfied with the product.
Dy General Manager at a real estate/law firm with 501-1,000 employees
Real User
2021-02-06T10:27:16Z
Feb 6, 2021
We're just a customer and an end-user. We aren't a vendor, consultant, or integrator. I'm not sure if I would recommend the solution to other organizations. It would likely be 50/50. It really depends on the company's requirements. For us, for example, we needed to scale, and that ended up not being possible and so we have to move away from it. Overall, I would rate the solution six out of ten. Although it has some good aspects, for us, the lack of scalability was impossible to overcome.
Business Manager at a tech services company with 11-50 employees
Real User
2021-01-30T04:24:31Z
Jan 30, 2021
I would recommend Check Point as it's an effective tool, and implementation is very easy. On a scale from one to ten, I would give Check Point Virtual Systems a nine.
I would recommend this solution. It is pretty straightforward to implement. It is easy, and it doesn't require too much time to make a clean implementation. I am not really sure about using it in a really small company. It depends on the budget. I would rate Check Point Virtual Systems a nine out of ten.
Advisory Information Security Analyst at a financial services firm with 501-1,000 employees
Real User
2020-12-06T06:40:00Z
Dec 6, 2020
We should have done the Auto Scaling stuff upfront instead of going static. The biggest lesson was that the tools in place let you embrace the good parts of the cloud, which is flexibility and cost savings. The thing that we kind of learned is we just treated it upfront like it was another on-prem device, but you miss out on the whole point of having infrastructure as a service if you're not going to leverage it to its fullest capabilities. Remember that you are doing this in the cloud, so treat it like a cloud device. Don't suddenly try to extend your on-prem network without leveraging the whole capabilities that CloudGuard gives you to scale your network in and out as needed. CloudGuard's false positive rate is acceptable and low. You have pretty granular control over everything that you are doing. Even if you're running into false positives, you can easily tweak them and work with CloudGuard to eliminate them. I would rate it a nine (out of 10). It does everything that we wanted it to. It kind of grows with AWS, where new AWS functionality is now enabling new CloudGuard functionality by virtue of a couple of changes that they have been making. They sort of work hand in hand. The only reason that stops it from being a 10 (out of 10) is just the limitations of AWS end up being the limitations CloudGuard as well. You take the good and the bad of the cloud.
My advice: Get it. It's a great product. It's a great solution. In terms of CloudGuard's block rate, malware prevention rate, and exploit resistance rate, we didn't really do much testing when it comes to those types of scenarios. But I've used Check Point as a physical firewall before, and it was great. It detected threats and gave me an alert as soon as it detected them. It was really good.
If you are already a Check Point customer, this is the perfect solution. If you are not used to Check Point products, you should also analyze other solutions and compare them before you buy. The biggest lesson I have learned is that with this product, you can secure the Cloud environment the same way that you secure the on-prem, which helps a lot with people that are new to the Cloud security environment. I would rate Check Point CloudGuard IaaS a ten out of ten.
IT Security Manager at a retailer with 10,001+ employees
Real User
2020-09-15T11:13:00Z
Sep 15, 2020
The biggest lesson I have learned from using this solution is that network security is moving away from traditional deployments and companies have to adapt themselves to stay competitive. We are fully managing the service. As soon as a new version is released on the Check Point site, they make sure to release it for CloudGuard as well. But so far, we have stayed with our original version. We haven't done any upgrades. The integration process between CloudGuard and AWS Transit Gateway is not straightforward, because we're not talking about traditional networking. There are a lot of different aspects that we are still not used to keeping in mind. For example, routing is completely reworked in AWS. It's just a matter of time to get used to it. Once you get used to it, everything becomes relatively easy. In terms of our workflow when using the integration between CloudGuard and AWS Transit Gateway, we needed to review our operational documentation and prepare additional guides for our operations team on how to do it. We needed to up-skill our team members, and we needed to utilize new technologies or new features, like BGP over VPN, to make communication secure in the cloud. The solution provides security for numerous corporate applications and is under the responsibility of the operations team which consists of about 15 people. For deployment and maintenance of the solution we have one security operations engineer, one network operations engineer, one AWS operations engineer, and one SDWAN engineer.
Cyber Security Manager at H2O Power Limited Partnership
Real User
2020-09-07T05:57:00Z
Sep 7, 2020
Sometimes you've got to pay for what you actually want. We realized that it's an expensive solution, there's no denying that. But we're happy with what we have gotten out of it. Sometimes you just have to fork over the cash out of your budget and work with it. Work hard with it, because you can't just spend money and expect it to work. But with the time that you put into it, you can get something really good out of it for your company. Really do your analysis, which is something anybody should really know if they're going to spend a lot of money like this. They offer up trials. Try it out and see if it actually works for you. One of the biggest reasons it was successful for us was because we already used it in our environment and we used it pretty extensively. We had a variety of different systems in there, but we used the Check Point more. So we were more familiar with it coming into it and that's why we leaned more towards it. We figured, it will be expensive but it will probably have the lowest learning curve for us to get where we want to be. Another company may already use, say, Palo Alto extensively and be very familiar with it. If their decision is that they want their team to be really well versed in what's going on, rather than have to break it all down and study all over again and retrain everybody, maybe their choice will be to stick with their Palo Alto solution rather than flipping over to Check Point. If you're going to change vendors entirely, you're going to have a steep learning curve and that's going to mean it will take time, where you might not be able to fulfill a request, because you have to learn how to do it. I haven't really measured rates like the block rate or malware prevention rate yet. The CloudGuard stuff is the same software running under there that I have run for years. It's just in a cloud environment and it's been extremely effective. It doesn't really paint a picture of how much actually gets through, so I don't know the rates, but I do know that I don't have a lot of problems with things getting through that I didn't know about or didn't want to get through. I don't think there are really any false positives with this solution. Sometimes an investigation that leads me down a path and I follow it so far that I can't quite figure it out, but I attribute that to not having enough visibility into other areas of the environment to actually see what's going on, so I can't paint the whole picture and can't then solve the problem. But I don't have a problem with false positives leading me down a path towards something that just had no relevance at all. The ease of use is good if you have a strong technical background. The intuitiveness of getting in there has a learning curve to it because there's a lot going on there, but with something that takes care of this many things in your environment, it's hard not to make it complex. They've done a pretty good job of trying to make it as uncomplicated as possible, but no matter what, you're going to have a learning curve to be able to use it effectively. The Unified Security Management has made threat hunting a lot easier because we have it all in one view, but managing the environment has become a little bit more complex because we have one ruleset to cross the environment. So we really need to know what we're doing there. We've had to adapt a little bit towards that. Instead of having little rulesets all over the environment, we have one massive ruleset. We have to be a little bit more careful about what we're allowing because it can affect more than just the site you want to change. For example, if you want to change a device in New York, you have to be very careful that you don't affect a device in Boston as well, because it's all in this one unified policy. Overall, Check Point has been a nine-plus out of 10 for me. I'm really happy with it. It's a very expensive solution, but everything has gone really well. There are bumps along the way, like with anything. I don't fault them for that. We've worked with it and we've worked around those problems and have come up with solutions that work for everybody. So everybody's happy in the end.
You should fully understand the way CloudGuard would be integrated into your cloud from a networking perspective, and it differs from platform to platform. For example, for Google Cloud, the instances of Cloud Guard must have interfaces in several VPCs as a requirement. Think about the subnetting and routing for your project, then implement a PoC with your networking staff.
CISO and Senior Director Technical Operations at a insurance company with 201-500 employees
Real User
2020-06-10T08:05:00Z
Jun 10, 2020
Intently know and understand the integration points within your environment. It is a great security solution, but understand how integrated it is with, and what level of partnership there is between, Check Point and the virtualization platform that you're looking to add it on top of. The biggest lesson I have learned is that the Check Point CloudGuard features, although good, are only as good as the accompanying virtual platform and its level of integration. I have to be honest: Overall, this is the ideal solution for us and our organization, but it is slightly more complex. There are newer competitive products that take a different stance, that are agent-based. We did not want — and this is another key distinction — a solution that wasn't agent-based in which we had to deploy a piece of software on each and every virtual endpoint. Having this done at the hypervisor level definitely was the right strategy for us. However, the lesson learned, with this type of solution, is that it is very important to understand the nuances of your virtualization platform and what is required on that side to enable the Check Point CloudGuard. You're relying heavily on the partnership and the capabilities of that virtualization platform. Going in, understand the degree of that partnership and the respective road maps of each, because the CloudGuard solution is only as good as the capabilities it has with the virtualization platform. That's especially true for large enterprises that want to constantly move workloads around and have their rule set follow in an event where they're having to ensure that systems are always alive and always protected.
CTO at a healthcare company with 10,001+ employees
Real User
2019-09-12T09:01:00Z
Sep 12, 2019
My advice for anybody who is considering this solution is to start by identifying high-bandwidth use cases. If you have any, and you have a high-security requirement, then I suggest considering other options. This is a secure and reliable solution for us, although we are a bit disappointed with the limited scalability and resource consumption. I would rate this solution an eight out of ten.
Network Security Specialist at a government with 1,001-5,000 employees
Real User
Top 20
2019-09-11T10:12:00Z
Sep 11, 2019
There are two deployment model modes in Check Point. One is a gateway level and one is a no gateway all-in-one box solution. With the gateway level, only hardware will be there, all operating systems are stored in a VMware and if there are any issues in the hardware, you just replace the box; all of your policies will be saved into VMware. The all-in-one box you have the GUI policies and also the gateway so it's secure. If there is an issue in the box - like failure or downtime - all of the networks will be affected. I would rate the solution eight out of ten. We haven't been using it too long, so we haven't had a chance to look at all aspects of the solution. I would recommend Check Point to customers because it is an affordable option.
Assistant Manager IT Projects at Mustafa Sultan Office Technology Co. LLC
Real User
2019-09-02T05:33:00Z
Sep 2, 2019
The web application firewall is commonly used in most firewalls now. If they can add that as a feature, it would be a very strong scenario. When we use Check Point on a perimeter or a DMZ zone, the first thing that clients ask is if there is wireless protection. Check Point has IPS (Intrusion Prevention System) but it does not have wireless protection. So if production is using the cloud if they can integrate mobile app protection, mobile shielding, there's more value for Check Point, but if they include that, Check Point could be the very best firewall option. On a scale from one to ten, when one is the worst and ten is the best, I would rate Check Point as an eight. It needs to do better in pricing and with broader features for mobile. One thing that I learned from multiple installations of Check Point is that you have to train the customer before implementing. Unless the customer is already a highly skilled security engineer so that they know what they can get out of the product, they will not be as satisfied. Otherwise, just before the deployment, we have them go for training so they understand the product and what it can do. They will be happier and they won't choose to go with another product in the future. Even with my engineers who understand many other products, I trained them properly before I send them out for deployments. Check Point is not a product that if you don't know you can just install without knowing anything about it. You have to know the architecture first. You have to know each and every option than work on the product. Then it will be far better and say no to certain features which are not important to use. On the other hand, knowing it is available is fantastic and becomes an option in the right situations.
For those who want to implement the solution, they should make sure they have a very strong networking background. I would rate the solution eight out of ten.
The solution is the on-premises deployment model which we use in our server environment. We are an integration company, and although we deal with other solutions, we mainly focus on Check Point. The solution is a great mix of user experience, flexibility, security features, and cost. After five years, I believe the total cost ownership will be much cheaper than any competitor. The advice I would give to others interested in implementing is that this solution does have security problems. Not Check Point, per se, but in the network environment. The security recommendation from the Check Point and from us is to use the VSX in the internal network. It should not protect your border because there are some issues around bugs, etc. It could cause vulnerabilities if it's used this way. I would rate this solution eight out of ten.
Network Consultant Engineer at a tech services company with 11-50 employees
Real User
2019-08-25T05:17:00Z
Aug 25, 2019
I will recommend this program to others and my rating is seven out of ten. I do recommend that users should always use the checkpoints and backup as often as they can.
The biggest lesson that I have learned from this solution is to never assume that something is simple, because there's always a hidden snag that we run into. I would rate this solution a nine out of ten.
Network and Security Manager at a financial services firm with 1,001-5,000 employees
Real User
2019-08-04T07:38:00Z
Aug 4, 2019
I would rate it a nine out of ten and I would recommend this solution. Their support team should be faster because sometimes when we need support their responses are late.
Check Point CloudGuard Network Security is designed to secure cloud assets, offering robust firewall capabilities and protection for both internal and external traffic across AWS, Azure, and on-premises environments.
Enterprises rely on Check Point CloudGuard Network Security for comprehensive network protection, threat prevention, and compliance enforcement. Supporting virtual machines and hybrid environments, it delivers advanced security measures including intrusion prevention and...
I would recommend Check Point CloudGuard. The solution is rated eight out of ten overall.
It is important to prioritize security if managing data in multi-cloud environments. Having a technical team familiar with cloud security is recommended. Working closely with Check Point's support team can help in navigating complex terminologies and enhancing security across cloud platforms. I'd rate the solution eight out of ten.
I highly recommend CloudGuard for organizations looking to enhance cloud security due to its comprehensive features and strong track record. I rate it a ten out of ten.
For a few reasons, we decided not to go with it compared to the cloud vendor's firewall. One was the technology and integration itself. You can integrate CloudGuard into many third-party tools. However, it adds extra cost. Also, if we could find something in the Azure ecosystem, we don't need to go for a third party. That's why we decided to go with Azure. I have not yet used its AI capabilities. That said, my understanding is that they have very good tools and built-in initial learning capabilities that can help you begin to understand the traffic. I would recommend the solution to others, and I have never had issues with the product itself. However, we were looking for Azure-native tools, which is why using this long-term didn't work out. I'd rate the solution eight out of ten. I'd rate it a nine if I was 100% sure you could control ransomware attacks. I'm not sure if you can do that fully with CloudGuard.
Check Point is a reliable company for network security. I trust them to protect my resources when using their products. However, their solutions could be improved to be more user-friendly and easier to integrate. I recently implemented Check Point CloudGuard Network Security for our company's new customers. I installed the features and products after consulting with them. Setting up the network configuration was moderately complex and required careful attention. Check Point offers extensive configuration options, providing enhanced control and security, although it may require more setup effort initially. I advised others to configure their product correctly. Overall, I rate the solution an eight out of ten.
I feel confident using this product. In fact, I have completed a few certifications related to Check Point CloudGuard. I am a Check Point certified administrator, and I am also a Check Point Certified Cloud Specialist. I have also been working with automation-related things, and sometimes, we do some bash scripting and shell scripting to make things easier for us. Traditionally, you can only access the firewall via a CLI. That is the basic level, and at the next level, you should be able to do a few daily things in an automated way. I am very good at that. I would recommend this solution, but it also depends on the requirements. It is a cost-effective solution. If you are a small organization or a startup, you do not need to have this solution. If you are a big organization with 5,000 to 10,000 users, you can go ahead with it. The ROI for our organization was up to 80%, but it necessarily would not be the same for other organizations. Overall, I would rate it a nine out of ten.
I rate the overall product a seven out of ten.
I would advise taking a look at the solution. It performs well and integrates with our existing solutions. It streamlines processes. It is definitely worth a look. Overall, I would rate it a nine out of ten. The solution is very similar to what we are doing everywhere else. It integrates well with the Azure services, but nothing is perfect, so I cannot give it a ten.
We implemented CloudGuard Network Security to meet our customers' demands for enhanced security features and centralized management. They specifically requested Check Point CloudGuard for its robust capabilities, including SMS and MDS for global management. Using CloudGuard Duo Security has provided us with the ability to manage globally through MDS, which has been a valuable capability. It is convenient to have multiple pockets of global management from UniFi OS. We realized the benefits of CloudGuard Duo Security quickly after deployment. Understanding the architecture, especially the MDS setup for higher-level organization control, allowed us to establish multiple pockets of management efficiently. Unified security management allows us to streamline our security operations significantly. With centralized management through SMS and MDS, we can efficiently oversee not only the firewalls within our cloud exchange points but also on-premises devices, enabling a cohesive and unified security architecture across all environments. I'm very confident in CloudGuard Network Security because it helps us secure our global network. With CloudGuard, we can set up rules to protect against risks from on-premises traffic and ensure security through various measures like single sign-on integration and VPN restrictions. CloudGuard Network Security is a great product that fulfills firewall needs effectively and provides detailed insights. However, in multi-segment environments requiring multiple VRFs, it can be cumbersome and costly due to the need for separate firewalls. The best lesson I have learned from using CloudGuard Network Security is to carefully consider the scalability requirements of each environment. While Check Point offers robust features, the lack of VRF support can lead to increased costs and complexity, especially in multi-segment setups where separate firewalls are needed for each segment. Overall, I would rate CloudGuard Network Security as an eight out of ten.
The main benefit we have seen from using CloudGuard Network Security is the ability to filter traffic by URL. We realized these benefits approximately six months after deployment. Unified management of the firewall has positively affected our security operations by making it easy to manage from one place. My advice for those evaluating CloudGuard Network Security is to remember that licensing is critical, so ensure that central licensing is configured properly. Overall, I would rate CloudGuard Network Security as a ten out of ten.
It functions well, especially the auto-scaling feature, despite the complexity involved, particularly with integrating Azure load balancers. Consolidating these components would be beneficial, but without a SaaS offering, reliance on Azure's resources or cloud-native resources remains a factor. Overall, I would rate it eight out of ten.
We wanted to maintain familiarity with Check Point while transitioning to the cloud, opting for CloudGuard Network Security in Azure over Azure's native firewall for its effectiveness and seamless integration with our existing network infrastructure. CloudGuard Network Security offers unified security management across hybrid clouds and on-premises environments, ensuring comprehensive protection across all assets. Unified security management simplifies our security operations by consolidating all aspects, like web filtering, application control, and firewall management, into a single, easy-to-use platform, enhancing efficiency and effectiveness. I have high confidence in CloudGuard Network Security because it runs seamlessly like our previous setup and offers robust protection. I chose it over Azure's firewall because Check Point focuses solely on security, providing more features, logs, and insights. CloudGuard Network Security is deployed across multiple departments and business units, with various consultants connecting in, although the user count isn't high yet, it is set to expand across multiple businesses. I would advise evaluating CloudGuard Network Security based on what is most effective and familiar, rather than just what's convenient or included, prioritizing what suits your needs best. Overall, I would rate CloudGuard Network Security as a nine out of ten.
I recommend others to give it a try because of its simplicity in deployment, scalability, and usability. Overall, I would rate it ten out of ten.
I would rate it a nine out of ten. The only reason it is not a ten is that sometimes there are hiccups when we have to interact with it, such as while upgrading. These are small things, but I wish it was more seamless than it already is. It is already pretty seamless, but there can always be improvements.
I would advise taking your time. Be patient, and you will see results. It does not take much time, but some people want to see a return right away. It took us about 90 days to see the return. It is more based on you getting in it and doing things with it, but be patient. I would rate CloudGuard Network Security a nine out of ten.
Overall, I would rate it seven out of ten.
I would recommend using it. Overall, I would rate the solution a nine out of ten. It is very good. Because it's very well integrated with the traditional platform, especially the Infinity portal part. The unified security concept is very sound for that. However, there is always room for improvement, we always have to extend the capabilities to other use cases.
I would rate CloudGuard Network Security a ten out of ten. We are happy with the uptime and management. It is a good tool, and it provides a lot of value for us. We are happy.
Overall, I would rate CloudGuard Network Security a nine out of ten.
Overall, I would rate the solution a ten out of ten.
I would rate CloudGuard Network Security a nine out of ten. The ease of template deployment would have been nice. There was also a little bit of weirdness with the licensing models for our on-premise management. That is pretty much it. Otherwise, I am extremely happy with it. They are not negatives. It is still great.
Overall, I would rate CloudGuard Cloud Network Security as a ten out of ten.
I rate the solution a nine out of ten.
For us, the solution was easy to understand. The syncing of the CloudGuard Network Security is like that of the gateway on-prem. Translating in a very easy path to bring the features is very easy. I rate the product a nine out of ten.
Using CloudGuard Network Security saves time due to its stability and ease of administration. The solution is not complex, allowing administrators to focus on other tasks. The configuration process is straightforward. It can integrate with NSX. I rate the product a nine out of ten. We manage a total of 800 servers that host a variety of components, including our infrastructure, customer applications, databases, application sites, and disaster recovery systems
CloudGuard Network Security provides unified security management across hybrid clouds as well as on-premises environments. It helps to manage everything from a single point. I have been exploring Harmony SASE for remote security and zero-trust access in some proof-of-concept activities. Also, I'm checking out the CloudGuard Web Application Firewall for safeguarding our applications on the internet. I rate the product a ten out of ten. We have had a great experience with Check Point, and we haven't faced any major incidents or attacks compromising our organization. It has helped us detect activities on our endpoints. I would genuinely recommend it. Check Point is easy to manage, implement, and configure. The support is excellent, and the constant threat intelligence updates ensure protection against various threats. It's truly an amazing product for securing your environment.
It took around a year to see the benefits of using CloudGuard Network Security. If you have CloudGuard Network Security managed by the same management server used for on-premises, you can control all policies in one management tool. I am confident in using the product. We are a Check Point partner, hence we trust the product and the company. I rate the overall product a nine out of ten.
We have both cloud and on-premises deployment models. The solution offers protection and full visibility of traffic on cloud solutions. It is rock solid and comes with proven technology. We can benefit from its detection rates and security. I rate the overall product a ten out of ten. It is a straightforward solution that uses existing technology. We don't have to learn new technology. We can use what we know and deploy it on to the cloud.
For any private cloud data center leveraging software-defined networking through VMware or Cisco ACI, CloudGuard stands out as the optimal choice. It offers unparalleled flexibility and ease of management, making it the ideal solution for customers already utilizing Check Point in conjunction with virtual networks within their data centers.
Overall, I would rate the solution an eight out of ten. The reason it's not a ten relates to the need for a more cloud-native solution that fits today's requirements. The deployment was five years ago, and we're still waiting for Check Point to evolve to truly have cloud-native capabilities. I'd advise looking into the scale set feature and the out-of-the-box capability, which were really the silver bullets for us. It was a strong requirement, and if anyone is seeking that kind of solution, I would greatly recommend it.
Initially, we faced some challenges, especially with the AWS transit gateway, involving manual routing configurations and complex setup tasks. I rate the overall product a nine out of ten.
In most cases, we use the smart management on-premises. With the hybrid solution, we have one log visibility of every single management, which is an advantageous concept. I rate it an eight out of ten.
Unified Security Management provides a consistent interface and knowledge base, allowing those who were trained in Check Point for on-premise use to apply that same understanding across various cloud environments such as Google, AWS, Alibaba, Oracle, and more. I rate the product an eight out of ten. There is always work to be done. However, some customers may find other technologies more understandable, and there could be a perceived difficulty in the human-computer interaction with Check Point. This might create challenges in comparison to competitors, as customers may find competitors' solutions easier to use.
We utilize the tool's SmartConsole integrated into our management system. However, we encounter challenges with multi-tenancy. Since we integrate it as an application on the cloud we can integrate it with any other provider. We do think that the synergy with Check Point is very good because we also allow Check Point to move from the edge to the cloud while we provide security connectivity from the edge to the cloud. So we can support its transition from on-prem security solutions to the cloud. It looks like a very good win-win situation for both Check Point and BBT, and we see it in the market, bringing us big deals in Japan and France. We can go with others as well in terms of architecture because our architecture is very open. We are a small company and cannot engage with everyone. We have good connections with Check Point in Israel. We also have some connections abroad. So far, we are getting good support. We have an application that is running on our cloud. Normally, our main cloud provider is Google, but we can run over any cloud. It could be a private cloud or any data center that provides virtual machines and connectivity. We are agnostic. We are in several POCs in France, Japan, and Thailand, and they are progressing well. However, we need more presales support. There is a lack of knowledge about the solution in the regions, and we are finding it challenging to get sufficient support from those regions. There seems to be a gap in support that needs to be addressed. It seems that the product is the answer that we need. We haven't identified any missing components in the security suite, apart from the operational challenges related to working in a multi-tenancy environment. I rate the product an eight out of ten.
The tool is working well so far for normal use cases. I rate it an eight out of ten.
We have moved our security level from on-prem to the cloud. The security posture is consistent. We can use the same storage system, monitoring system, and objects both on-prem and in the cloud. I am quite confident with CloudGuard Network Security. The primary reason for choosing the product over other cloud firewall vendors was to maintain the same solution as on-premises. Additionally, it offered a good level of security functionalities. I rate the overall product an eight out of ten. You should define your requirements before choosing the product.
In Azure, when we refer to "size," it could be in terms of factors like the number of instances, bandwidth, or users. We use cloud-native platforms but prefer Check Point solutions. It is easier to manage since we know Check Point is on-prem. I have a high level of confidence in CloudGuard Network Security. I am familiar with Check Point and Azure. I rate the overall product a nine out of ten.
We operate in a hybrid cloud environment with both on-premises and Azure, but we don't currently use other cloud providers like Amazon. Our on-premises SmartConsole remains in use, and overall, everything is running smoothly. Our confidence in the product is high. We believe that we can do better with its help. I would rate it a nine out of ten because it's very good with high potency and potential. However, it's not perfect. I faced issues with Azure China, and it's not as straightforward on other cloud platforms.
CloudGuard Network Security is an efficient solution. I rate it an eight out of ten.
I don't see any difference in user experience between on-prem and the cloud setup. We have an MDS environment where we can manage the whole country. The tool enables us to manage policies on the same platform for branches and regions in the country. I rate the product an eight out of ten.
Invest time in analyzing the templates provided by Check Point and tailor them to your specific requirements. Understanding the deployment process is crucial, as it allows you to benefit from it in later stages. You can optimize it later based on the needs. I rate the overall product a nine out of ten.
CloudGuard Network Security provides unified security management across both our hybrid clouds and on-premises environments. I rate it a nine out of ten. I would recommend others to install the solution.
There is no real issue with the software itself. It does the job. It does what it was designed for. I can rate it a ten out of ten because it is exactly like the on-prem software physical appliance. There is no difference for us.
My recommendation for those who are thinking of installing the product is to check its survivability at the level of downloading a machine and uploading it. Do not upload all the applications straight away to run tests. Research first. Based on my experience, I would rate it a seven out of ten. There were some malfunctions. There were also issues at the beginning due to the lack of a dependency needed for it to function. The experience is not yet perfect, but like any product, it will improve over time. In the end, I need stability in the cloud, but right now, that feeling is not there. I do not have the feeling of stability where I can say that the production and the service will not drop again. That is the concern. I want to start uploading some kind of application to production soon. Foreign Language:(Hebrew) המוצר מספק ניהול מאוחד, אבל נראה שלשדרוג הגרסה יש מגבלה מהו השימוש העיקרי שלנו במוצר? אנחנו משתמשים בו לאבטחת רשת. בחרנו אותו כדי להתרחב ולעשות הרחבה ל-Azure Cloud כדי שנוכל להקים שירותים שיעשו קישור בין On-Prem לענן. זו הייתה המטרה. איך זה עזר לארגון שלי? יש לנו ניהול מאוחד. זה אחד היתרונות של המוצר הזה. מבחינת הגנה, עדיין לא עשינו שום סוג של בדיקות חדירה. נבדוק זאת בהמשך. בעתיד, נרצה גם להשתמש בכל מיני תכונות כמו IPS, IPSec וכו'. מה התכונה הכי משמעותית של המוצר? היתרון שלו הוא הפריסה שלו. אתה לא צריך להשיג מכשירים ייחודיים ולהתקין אותם. ההתקנה קלה. ההטמעה פחות קלה כי צריך לעבוד עם מנהל ב-Azure ולהעלות ולהגדיר כל מיני כתובות. בעצם, אתה עושה בדיוק את מה שאתה עושה מ- On Prem. זו אותה פעולה. אתה יכול לנהל אותו באותו אופן כמו ב-On-Prem, וזה יתרון. אתה יכול לנהל את הפיירוול בענן מ-on-prem, ולא צריך יותר התערבויות. מה טעון שיפור? ישנה מגבלה בשדרוג הגרסה. אנחנו משתמשים בגרסה 81.10 ולפי מה שהבנתי זה בעייתי לשדרג את הגרסה הזו. אני לא יודע אם זה נכון. אני מנסה להבין את זה. אם אני רוצה לשדרג לגרסה חדשה יותר, אני צריך ליצור מכונות חדשות. אם זה נכון, זה ישפיע לרעה על המחשבות שלי לגבי המוצר. מה אני חושב על יציבות המוצר? המוצר פועל תמיד. הזמינות שלו גבוהה מכיוון שהוא ממוקם בשני מרכזי נתונים שונים. זו מטרת הענן. הוא ממוקם בשני מרכזי נתונים בשתי מדינות שונות. הקמנו אחד בפרנקפורט והשני באמסטרדם או בלונדון. זה היתרון. מכיוון שלא מדובר באותה מדינה או עיר, הזמינות גדולה. איך שירות הלקוחות והתמיכה? אני מקבל בעיקר תמיכה מאינטגרטור. צ'ק פוינט לא ליוותה אותי כספק מההתחלה. אני מרוצה מהאינטגרטור כרגע. הוא נותן לי את התשובות. היו לנו כמה תקלות לאחרונה והוא סיפק לי את כל התשובות. הוא גם עזר מאוד במהלך ההתקנה. עם היצרן הייתה לי פחות תקשורת. לבעיות מורכבות יותר, אני יכול לתקשר עם התמיכה של צ'ק פוינט. הייתי מדרג את תמיכת האינטגרטור תשע מתוך עשר, כי לפעמים לוקח הרבה זמן עד שהאינטגרטור מוצא את הפתרון לתקלות. התקלה הקשורה למכונות שנמחקו הייתה קריטית מאוד עבור הארגון שלנו. דברים עבדו כרגיל ברשת ופתאום כל הפרויקט פשוט נחסם לכמה ימים. ציפיתי שהאינטגרטור יפתח טיקט בצורה מהירה יותר, אבל הוא לא פתח טיקט בכלל. הוא פתר את הכל לבד, הוא גם לא שיתף אותנו לגבי מה היה הפתרון לתקלה. למחוק דברים ולפתוח אותם שוב זה לא מספיק טוב כי זה לא מבטיח לנו שהתקלה לא תחזור על עצמה. באיזה מוצר השתמשתי בעבר ומדוע החלפתי אותו? לא השתמשנו בשום מוצר אחר לפניו. איך הייתה ההתקנה הראשונית? ההתקנה הייתה פשוטה. היינו צריכים לשים אותו בשני מרכזים ולפרוס אותו. זה היה קל. במהלך התהליך, היינו צריכים למחוק מכונה. מיקרוסופט נתנה לנו כמה כתובות לעבוד איתן. השתמשנו בכתובות האלה כי היינו צריכים כתובות ציבוריות לעבוד איתן. בהתחלה לא הצלחנו לעשות משהו כמו שצריך, אז מחקנו את המכונה. כשחזרנו להגדיר את המכונה, היינו צריכים לקחת מחדש כתובות חדשות ממיקרוסופט. אני לא יודע אם זה היה בגלל Azure או אם זו הייתה אשמתו של צ'ק פוינט. מה היה החזר ההשקעה שלנו? אני לא יודע אם ראיתי את ההחזר על ההשקעה, כי אנחנו בתחילת הקמת הענן וזה עדיין לא לגמרי עובד. כרגע הוא לא בייצור, אבל אני מניח שיהיה החזר של ההשקעה. מה דעתי על התמחור, עלות התקנה ורישוי? זה לא יקר. אילו מוצרים נוספים שקלתי? רציתי לנסות את פאלו אלטו בהתחלה, אבל בגלל שכל ההתקנה שלי כבר הייתה בצ'ק פוינט, לא הלכתי לכיוון הזה. רציתי ניהול מאוחד. התייעצתי גם עם הצוות שלי והם אמרו שהם לא רוצים לנהל פיירוול נוסף בגלל הניהול והידע שזה דורש. היתרון של המוצר הזה הוא הניהול המאוחד. איזה עוד עצה יש לי? ההמלצה שלי למי שחושב להתקין את המוצר היא לבדוק את השרידות שלו ברמת הורדת מכונה והעלאתה. לא להעלות את כל האפליקציות מיד, כדאי להריץ בדיקות ולחקור קודם. בהתבסס על הניסיון שלי, הייתי מדרג את המוצר שבע מתוך עשר. היו כמה תקלות. היו בעיות גם בהתחלה בגלל חוסר העצמאות הדרושה לתפקוד. החוויה עדיין לא מושלמת, אבל כמו כל מוצר, היא תשתפר עם הזמן. בסופו של דבר, אני צריך יציבות בענן, אבל כרגע, התחושה הזו לא שם. אין לי תחושת יציבות שבה אני יכול להגיד שהייצור והשירות לא יירדו שוב. זו הדאגה. אני רוצה להתחיל להעלות איזושהי אפליקציה לייצור בקרוב.
CloudGuard Network Security can manage security for both our hybrid cloud and on-premises systems. Currently, we have separate solutions for on-premises and the cloud. We also use Smart-1 Cloud from the Infinity portal. We haven't integrated the tool with both Azure and on-prem environments. I have about an eight out of ten confidence level in our cloud network security with the product. It is because of Azurre's robust and dynamic nature. It is easy to incorporate anything new that comes up. We can integrate any new steps in Azure concerning the blades, CloudGuard Network Security, and Check Point. Cloud-native firewalls lack functionalities such as IPS, which are exclusive to products like Check Point or other vendor-specific solutions. This is why we opted for CloudGuard Network Security as an additional layer, complementing the limitations of Azure's native or any cloud-native firewalls. We are already using Check Point for our on-prem environment. The cloud solution was easy to integrate with our existing infrastructure. I rate the overall product a six out of ten. Due to certain limitations in the integration between Azure and CloudGuard Network Security, I currently rate the experience as a six. However, I'm hopeful that Check Point is working on its new release.
I rate the product an eight out of ten.
It's worth it in the sense that it can protect your network, and it's very scalable. Overall, I would rate the solution an eight out of ten.
Our customers use Check Point solutions both on-premise and on the cloud. Check Point's research and development happening in terms of threat intelligence is better than its competitors, and Check Point's vulnerabilities are fewer. Check Point CloudGuard Network Security has proper security in place with respect to the vulnerabilities. They do not have any vulnerabilities right now. And the research and development happening on Check Point is on the higher side. Most zero-day attacks are protected against. Customers should go for Check Point because of these two points. If a customer wants FortiGate instead, it's all about whether they can map the budget with Check Point or any other security solution. I cannot compare Check Point and FortiGate, though, because each has its own market. I rate Check Point CloudGuard Network Security a nine out of ten.
It's the best solution to use. You can trust it. We don't have any issues with it. It works fine. Overall, I'd rate it a ten out of ten.
The usability is moderate. The product has helped us free up some time. It's a complicated situation, however. I'd rate the solution an eight out of ten.
I rate Check Point CloudGuard Network Security an eight out of ten.
I recommend doing a little research before purchasing the product.
Network security is efficient with this product.
I'd advise new users, if they are going to acquire a tool of this type, to look for the greatest amount of information on the solution to uncover which offers them the most benefits.
Try the solution today.
I am satisfied with the current performance.
I rate the solution seven out of ten. The solution is reliable and would fulfil what it is marketed to achieve. It provides very good security protection, but the customer support response times could be improved.
This is a good solution, but they have to be ready to pay the high costs. I rate Check Point CloudGuard Network Security an eight out of ten.
It is one of the best solutions on the market. I challenge you to try it so you can say the same.
My advice to others is the solution is very stable, and reliable, and they should ensure that they invest in Check Point. I rate Check Point CloudGuard Network Security a nine out of ten.
Before purchasing it's important to assess the size of your cloud infrastructure. You need to have a concrete plan for which virtual or private network or clouds you have to scope and to do that before deciding which solution you want and what functionality you need. I rate this solution eight out of 10 since there has been some improvement with regard to integrations.
When doing a cloud deployment, remember you are doing this in the cloud so treat it like a cloud device, as good configuration brings good results.
My advice to people looking into implementing Check Point CloudGuard Cloud Network Security is that they should have technical expertise before deploying it. I'm giving Check Point CloudGuard Cloud Network Security an eight out of ten.
My advice to others is to evaluate the products first and then proceed. I rate Check Point CloudGuard Network Security an eight out of ten.
For most Check Point CloudGuards, it's not actually deployed on the private cloud of the end-user. They usually deploy it on the public cloud. I'd rate the solution at a nine out of ten. The clients who are using it have nothing bad to say about its capabilities. I'd recommend the solution. They are doing quite unique workarounds with cloud security while many others are more focused on on-premises.
The combination of NGFW + URL Filtering + Antivirus + Anti Bot, with 8 vCore D4 v2, is able to provide a throughput of 4Gbps. On Azure, the combination of NGFW + URL Filtering + Anit Virus + Anit Bot, with 8vCore c5n 2xlarge, is able to provide a throughput of 4.7Gbps. It is similar to AWS.
If we end up needing to scale, we would have to buy a new license.
In summary, this is a good product and I have not found any problems when using it. I can recommend it to others. I would rate this solution a nine out of ten.
The solution always updates automatically, and therefore we are always using the latest. We do plan to continue to use the product as we've mostly been quite satisfied with it. I'd recommend the solution to other organizations. Overall, I would rate the solution at a nine out of ten.
In the past, my clients were all using Check Point Systems. When I reviewed it at that time, back 10 years ago, Check Point was number one, as far as I remember, meaning FortiGate wasn't a major solution in Turkey. Nobody was talking about FortiGate then. Now FortiGate, is a major player in the firewall industry in Turkey. Most of our clients are migrating to FortiGate because they say it's cheaper than Check Point. So when I see the Check Point's GUI, it's really complicated. My recommendation would be for Check Point customers to first learn about Check Point's GUI, which is pretty advanced, for me at least. But when I talk to my friends who are managing IT, they are migrating to FortiGate. They say, FortiGate is very easy to manage and I should really think about it now. When I was first introduced to Check Point it was really advanced. I didn't understand when I first looked into it. I just wanted a solution. pfSense has the same problem. By the way, according to your report, some customers said that pfSense needs improvement on the management and the GUI and aspects like that, so maybe I'll need another review of OPNsense versus Check Point and FortiGate etc... We didn't have any problems at all. Just in one case, actually. We have a rule that pops up from nowhere which we didn't create. When we restart our Virtual System firewall, it creates a rule which messes up all our internet connection. So if I were to give a number from one to 10, I would probably say Check Point is a nine out of 10. Other than that, we haven't had any problems. Check Point is pretty reliable. I think it's our company's problem that we couldn't patch it after it froze. Maybe an up to date, patched version doesn't have this problem. Overall, it's really working for us. I don't have any problems other than it's just outdated.
We're solutions providers. We're partners with Check Point. We offer integrations and support. This is one of the products we offer to our clients. We're using the latest version of the solution. The platform is R80.40. It's deployed on VMware's virtual environment. I'd recommend the solution to other organizations. The likelihood of running into issues is low. I'd rate the solution at a nine out of ten. We've largely been satisfied with the product.
We're just a customer and an end-user. We aren't a vendor, consultant, or integrator. I'm not sure if I would recommend the solution to other organizations. It would likely be 50/50. It really depends on the company's requirements. For us, for example, we needed to scale, and that ended up not being possible and so we have to move away from it. Overall, I would rate the solution six out of ten. Although it has some good aspects, for us, the lack of scalability was impossible to overcome.
I would recommend Check Point as it's an effective tool, and implementation is very easy. On a scale from one to ten, I would give Check Point Virtual Systems a nine.
I would recommend this solution. It is pretty straightforward to implement. It is easy, and it doesn't require too much time to make a clean implementation. I am not really sure about using it in a really small company. It depends on the budget. I would rate Check Point Virtual Systems a nine out of ten.
We should have done the Auto Scaling stuff upfront instead of going static. The biggest lesson was that the tools in place let you embrace the good parts of the cloud, which is flexibility and cost savings. The thing that we kind of learned is we just treated it upfront like it was another on-prem device, but you miss out on the whole point of having infrastructure as a service if you're not going to leverage it to its fullest capabilities. Remember that you are doing this in the cloud, so treat it like a cloud device. Don't suddenly try to extend your on-prem network without leveraging the whole capabilities that CloudGuard gives you to scale your network in and out as needed. CloudGuard's false positive rate is acceptable and low. You have pretty granular control over everything that you are doing. Even if you're running into false positives, you can easily tweak them and work with CloudGuard to eliminate them. I would rate it a nine (out of 10). It does everything that we wanted it to. It kind of grows with AWS, where new AWS functionality is now enabling new CloudGuard functionality by virtue of a couple of changes that they have been making. They sort of work hand in hand. The only reason that stops it from being a 10 (out of 10) is just the limitations of AWS end up being the limitations CloudGuard as well. You take the good and the bad of the cloud.
My advice: Get it. It's a great product. It's a great solution. In terms of CloudGuard's block rate, malware prevention rate, and exploit resistance rate, we didn't really do much testing when it comes to those types of scenarios. But I've used Check Point as a physical firewall before, and it was great. It detected threats and gave me an alert as soon as it detected them. It was really good.
If you are already a Check Point customer, this is the perfect solution. If you are not used to Check Point products, you should also analyze other solutions and compare them before you buy. The biggest lesson I have learned is that with this product, you can secure the Cloud environment the same way that you secure the on-prem, which helps a lot with people that are new to the Cloud security environment. I would rate Check Point CloudGuard IaaS a ten out of ten.
The biggest lesson I have learned from using this solution is that network security is moving away from traditional deployments and companies have to adapt themselves to stay competitive. We are fully managing the service. As soon as a new version is released on the Check Point site, they make sure to release it for CloudGuard as well. But so far, we have stayed with our original version. We haven't done any upgrades. The integration process between CloudGuard and AWS Transit Gateway is not straightforward, because we're not talking about traditional networking. There are a lot of different aspects that we are still not used to keeping in mind. For example, routing is completely reworked in AWS. It's just a matter of time to get used to it. Once you get used to it, everything becomes relatively easy. In terms of our workflow when using the integration between CloudGuard and AWS Transit Gateway, we needed to review our operational documentation and prepare additional guides for our operations team on how to do it. We needed to up-skill our team members, and we needed to utilize new technologies or new features, like BGP over VPN, to make communication secure in the cloud. The solution provides security for numerous corporate applications and is under the responsibility of the operations team which consists of about 15 people. For deployment and maintenance of the solution we have one security operations engineer, one network operations engineer, one AWS operations engineer, and one SDWAN engineer.
Sometimes you've got to pay for what you actually want. We realized that it's an expensive solution, there's no denying that. But we're happy with what we have gotten out of it. Sometimes you just have to fork over the cash out of your budget and work with it. Work hard with it, because you can't just spend money and expect it to work. But with the time that you put into it, you can get something really good out of it for your company. Really do your analysis, which is something anybody should really know if they're going to spend a lot of money like this. They offer up trials. Try it out and see if it actually works for you. One of the biggest reasons it was successful for us was because we already used it in our environment and we used it pretty extensively. We had a variety of different systems in there, but we used the Check Point more. So we were more familiar with it coming into it and that's why we leaned more towards it. We figured, it will be expensive but it will probably have the lowest learning curve for us to get where we want to be. Another company may already use, say, Palo Alto extensively and be very familiar with it. If their decision is that they want their team to be really well versed in what's going on, rather than have to break it all down and study all over again and retrain everybody, maybe their choice will be to stick with their Palo Alto solution rather than flipping over to Check Point. If you're going to change vendors entirely, you're going to have a steep learning curve and that's going to mean it will take time, where you might not be able to fulfill a request, because you have to learn how to do it. I haven't really measured rates like the block rate or malware prevention rate yet. The CloudGuard stuff is the same software running under there that I have run for years. It's just in a cloud environment and it's been extremely effective. It doesn't really paint a picture of how much actually gets through, so I don't know the rates, but I do know that I don't have a lot of problems with things getting through that I didn't know about or didn't want to get through. I don't think there are really any false positives with this solution. Sometimes an investigation that leads me down a path and I follow it so far that I can't quite figure it out, but I attribute that to not having enough visibility into other areas of the environment to actually see what's going on, so I can't paint the whole picture and can't then solve the problem. But I don't have a problem with false positives leading me down a path towards something that just had no relevance at all. The ease of use is good if you have a strong technical background. The intuitiveness of getting in there has a learning curve to it because there's a lot going on there, but with something that takes care of this many things in your environment, it's hard not to make it complex. They've done a pretty good job of trying to make it as uncomplicated as possible, but no matter what, you're going to have a learning curve to be able to use it effectively. The Unified Security Management has made threat hunting a lot easier because we have it all in one view, but managing the environment has become a little bit more complex because we have one ruleset to cross the environment. So we really need to know what we're doing there. We've had to adapt a little bit towards that. Instead of having little rulesets all over the environment, we have one massive ruleset. We have to be a little bit more careful about what we're allowing because it can affect more than just the site you want to change. For example, if you want to change a device in New York, you have to be very careful that you don't affect a device in Boston as well, because it's all in this one unified policy. Overall, Check Point has been a nine-plus out of 10 for me. I'm really happy with it. It's a very expensive solution, but everything has gone really well. There are bumps along the way, like with anything. I don't fault them for that. We've worked with it and we've worked around those problems and have come up with solutions that work for everybody. So everybody's happy in the end.
You should fully understand the way CloudGuard would be integrated into your cloud from a networking perspective, and it differs from platform to platform. For example, for Google Cloud, the instances of Cloud Guard must have interfaces in several VPCs as a requirement. Think about the subnetting and routing for your project, then implement a PoC with your networking staff.
My advice to anyone wanting to implement this solution would be to religiously follow the guidelines. I would rate this solution an eight out of 10.
Intently know and understand the integration points within your environment. It is a great security solution, but understand how integrated it is with, and what level of partnership there is between, Check Point and the virtualization platform that you're looking to add it on top of. The biggest lesson I have learned is that the Check Point CloudGuard features, although good, are only as good as the accompanying virtual platform and its level of integration. I have to be honest: Overall, this is the ideal solution for us and our organization, but it is slightly more complex. There are newer competitive products that take a different stance, that are agent-based. We did not want — and this is another key distinction — a solution that wasn't agent-based in which we had to deploy a piece of software on each and every virtual endpoint. Having this done at the hypervisor level definitely was the right strategy for us. However, the lesson learned, with this type of solution, is that it is very important to understand the nuances of your virtualization platform and what is required on that side to enable the Check Point CloudGuard. You're relying heavily on the partnership and the capabilities of that virtualization platform. Going in, understand the degree of that partnership and the respective road maps of each, because the CloudGuard solution is only as good as the capabilities it has with the virtualization platform. That's especially true for large enterprises that want to constantly move workloads around and have their rule set follow in an event where they're having to ensure that systems are always alive and always protected.
My advice for anybody who is considering this solution is to start by identifying high-bandwidth use cases. If you have any, and you have a high-security requirement, then I suggest considering other options. This is a secure and reliable solution for us, although we are a bit disappointed with the limited scalability and resource consumption. I would rate this solution an eight out of ten.
There are two deployment model modes in Check Point. One is a gateway level and one is a no gateway all-in-one box solution. With the gateway level, only hardware will be there, all operating systems are stored in a VMware and if there are any issues in the hardware, you just replace the box; all of your policies will be saved into VMware. The all-in-one box you have the GUI policies and also the gateway so it's secure. If there is an issue in the box - like failure or downtime - all of the networks will be affected. I would rate the solution eight out of ten. We haven't been using it too long, so we haven't had a chance to look at all aspects of the solution. I would recommend Check Point to customers because it is an affordable option.
The web application firewall is commonly used in most firewalls now. If they can add that as a feature, it would be a very strong scenario. When we use Check Point on a perimeter or a DMZ zone, the first thing that clients ask is if there is wireless protection. Check Point has IPS (Intrusion Prevention System) but it does not have wireless protection. So if production is using the cloud if they can integrate mobile app protection, mobile shielding, there's more value for Check Point, but if they include that, Check Point could be the very best firewall option. On a scale from one to ten, when one is the worst and ten is the best, I would rate Check Point as an eight. It needs to do better in pricing and with broader features for mobile. One thing that I learned from multiple installations of Check Point is that you have to train the customer before implementing. Unless the customer is already a highly skilled security engineer so that they know what they can get out of the product, they will not be as satisfied. Otherwise, just before the deployment, we have them go for training so they understand the product and what it can do. They will be happier and they won't choose to go with another product in the future. Even with my engineers who understand many other products, I trained them properly before I send them out for deployments. Check Point is not a product that if you don't know you can just install without knowing anything about it. You have to know the architecture first. You have to know each and every option than work on the product. Then it will be far better and say no to certain features which are not important to use. On the other hand, knowing it is available is fantastic and becomes an option in the right situations.
For those who want to implement the solution, they should make sure they have a very strong networking background. I would rate the solution eight out of ten.
The solution is the on-premises deployment model which we use in our server environment. We are an integration company, and although we deal with other solutions, we mainly focus on Check Point. The solution is a great mix of user experience, flexibility, security features, and cost. After five years, I believe the total cost ownership will be much cheaper than any competitor. The advice I would give to others interested in implementing is that this solution does have security problems. Not Check Point, per se, but in the network environment. The security recommendation from the Check Point and from us is to use the VSX in the internal network. It should not protect your border because there are some issues around bugs, etc. It could cause vulnerabilities if it's used this way. I would rate this solution eight out of ten.
I will recommend this program to others and my rating is seven out of ten. I do recommend that users should always use the checkpoints and backup as often as they can.
The biggest lesson that I have learned from this solution is to never assume that something is simple, because there's always a hidden snag that we run into. I would rate this solution a nine out of ten.
I would rate it a nine out of ten and I would recommend this solution. Their support team should be faster because sometimes when we need support their responses are late.