What needs improvement with CloudGuard for Application Security?

Support could be improved, particularly in terms of availability. Although they provide 24/7 support, there are sometimes delays in delivering solutions. Advanced bot protection has recently been improved, which has helped a lot.

When I was working with the WAF platform, there were limitations, particularly concerning compliance and reporting. Managing multiple tools for different functions like WAF, firewall, CDN solutions, and antivirus—could be cumbersome for organizations. They often prefer a more centralized platform to manage various features efficiently. While having separate tools can enhance visibility and support a defense-in-depth strategy, the WAF platform's reporting capabilities could have been improved.

Check Point CloudGuard WAF's code could be improved. While the GUI allows configuration for application-related features, specific definitions cannot be modified through the code. Ideally, we would prefer consistent configuration across all products to simplify deployment, but in this case, the ISE is incompatible with the two or three different models we've identified. Therefore, we must rely solely on the GUI for configuration.

We have many users or employees who are using the VPN to access our network. More configuration for VPN users is required. More scalability is also required because, as compared to other Check Point solutions, it is less scalable. Its scalability can be better. Last year, the application was being used by 10,000 users. We expanded our businesses, and the user base is now expanded to 25,000. We have seen some latency in accessing the application. If they could scale it better, the users would not face any challenges. There should be automation of threat detection, risk mitigation, and report generation. Reports should have less complexity so that they can be easily analyzed by senior management.

In terms of features, I do not have any negatives. Their integration is extremely quick. It is better than others I have been involved with in the past. Their pricing model, however, can be better.

For the next release, I would suggest considering features like enhanced threat intelligence integration.

In terms of improvement, I feel like I need more clarity in understanding pricing for DDoS protection.

One area for potential improvement is the management interface. Occasionally, when there are major updates, the layout of the menus changes, which can be somewhat disruptive as I need to search for familiar options. Consistency in menu structure would be beneficial, as it allows users to develop muscle memory and navigate the interface more efficiently over time. Improving the process for handling licensing renewals would be a welcome enhancement.

I do not know if it is already there, but I would like to have complete visibility between the posture management and firewall as a service. I would like the complete visibility of every product for the client to see in an executive way. I do not want it in a very complex way with so many warnings and threats. They should focus on the main things in all the products. I would like to see that.

We recently had a discussion about the challenge of API discovery and protection. There are occasions when it interfaces with other systems, leading to a loss of visibility. It would be advantageous to improve this aspect.

I have faced issues with the tool's blocking aspects. It is hard to open or block web services due to the multitude of cloud centers. I have to do the process manually at times. We have a bug which is hard to solve.

CloudGuard could improve in areas such as ease of integration with Fortinet and reducing costs associated with deployment in cloud environments like Azure. Simplifying the implementation process and offering more cost-effective solutions could make it more competitive and easier for clients to adopt.

It doesn't detect user activity like some of its competitors. It's not a vulnerability, but it's a legitimate activity that it doesn't detect. It only detects vulnerabilities or misconfigurations. Additionally, Zenix features are not handled or captured.

Check Point CloudGuard Application Security needs to improve updates on integrations. It also needs to incorporate real-time monitoring features.

You need to know exactly the system. You cannot have someone running the system if they don't have the knowledge to do so.

One of the big problems we found in Check Point, in general, is the support. It is always attended very late or they take a long time to answer. The cost of this tool is extremely high, which is why it must be analyzed before implementing it. The support language is only English. This causes some problems in Spanish-speaking countries. They could expand the languages offered to help the client.

Check Point CloudGuard Application Security can be improved in general as any security tool will do what you need, yet sometimes minor updates or improvements are needed. Some updates are needed due to integration with other security solutions. Some organizations may wish to be able to integrate other security solutions into this product. It needs to have the ability to monitor network traffic and detect potential security threats in real-time. The analysis is time-consuming. In order to minimize steps and waiting time, they need to make it simpler. They need improved latency in the main window. The tool's documentation has to be improved to make it easier to find items. They should improve technical support areas.

The tool works perfectly, and improvements should be made, if any, in various technical and administrative aspects. They have to improve the login functionality. At present, some slowness is experienced at the time of entering. Profiling takes a long time. they need to to minimize steps and wait times. The documentation of each of the tools that they offer needs to be better. They should create a repository where we can find everything. They should also improve the quality of technical support that they offer since that has been one of the lowest points that we have found in their offering.

The support part should be improved. They need to provide a better service to their users. This will generate a lot of security when purchasing the tool. It could also provide more detailed documentation information on errors and have a database of knowledge data that can be accessed. It should give more updates. They should also improve the updates since we have had to do several rollbacks due to the fact that some plugins or characteristics would give an error. When that happened, support would take a long time to respond and we'd have several delays and we'd have to roll back since it was unclear what to do. Regarding the tool itself, they do not need any new features. For the moment, it has met the expectations and has gone a little further than expected, fulfilling the objective that it was designed for.

The creation of security profiles for each application takes a lot of time. The new release can have a unified security control system that can access the security situation of all applications from one single source. The system blocks some authorized data entries that are not threats. AppSec could easily deploy a system with set commands that can be used to block unsafe operations and authorize areas of interest based on the user's needs. I have loved the way this software works, and I am impressed by the increased security across the applications.

The application allows us to have control over its activities, the management, and the interconnection of monitoring which takes advantage of computing power, is exceptional. That said, I would like to be able to integrate the theme of Artificial Intelligence to help review issues and to monitor and view the security issue while also suggesting and interpreting and additionally configuring solutions - basically, acting as an interpreter.

The technical team needs to exercise the pilot testing across all kinds of IT hardware and software to ensure the pilot QA testing shows the highest rate of positives while ensuring system protection. The trial version should be extended further so that QA test engineers can actually test the utilities in a real sense and can provide the maximum amount of feedback for enhancements. There needs to be an improvement in features and utilities now and then as per business demand. It needs to be customized to match market trends and demand.

This Check Point solution is an extremely complete security solution, it is really amazing. However, there are always improvements that can be made to all of the tools. We would like the solution to be more economical since it is not accessible to all clients or is a point of consideration. Regarding the documentation, starting implementation was not so clear. We had to validate several guides until we could do it correctly. Finally, we would like the Infinity portal perform better.

CloudGuard for Application Security, like the other Check Point applications, has been presenting major latency problems when entering their administrative portal. That should be one of the priorities to take into account. They must also improve the support provided to the client and improve the documentation library. The tool fulfills the functionality very well. Hopefully, the next improvements will surprise us with something new since at present it fulfills the security expectations very well.

Cost reduction and trial period extension should be considered with some lucrative discount offerings in buying standard versions. This will attract more and more new vendors and customers to partner and will be a win-win situation for all stakeholders involved. Also, the IT security environment is dynamic and ever-evolving, with new developmental changes every now and then. We are customizing our needs and requirements for business mindfully, and this requires a lot of effort in immersing new and advanced features to enhance customer satisfaction. Cloud Guard Application Security should attune their working and new developments in alignment with the business requirements in these changing environments.

Check Point could improve a little in the performance of the portal. Some administrations that are generated from the website take a while. There is a feeling of latency that is not always generated yet it is noticeable. On the other hand, it would be good to have more documentation for integration with Microsoft Azure, since sometimes the guides are followed, however, the objective is not achieved. Consultations must be made with the partner to help with the correct implementation.