Sold by: Check Point Software TechnologiesÂ
Deployed on AWS
Are you looking for an automated Web Application Firewall (WAF) with precise prevention and no management overheads? CloudGuard WAF delivers AI-enabled Web Application and API protection.
Overview
With deep application contextual analysis, CloudGuard WAF eliminates the tradeoff between the level of application security and the complexity of managing it. Your applications drive your business. As they evolve, grow, and expose more APIs, your attack surface expands. CloudGuard WAF learns how an application is typically used by profiling the user and the app content. It then scores each request accordingly, eliminating false positives while maintaining the highest security standards. CloudGuard WAF is easy to deploy and requires no ongoing maintenance as it continues to protect your evolving applications and APIs.
Advantages
- 90% of CloudGuard WAF customers run in prevent mode, demonstrating the hands-off nature of the management required
- 100% of CloudGuard WAF customers have less than 10 exception rules!
- CloudGuard WAF goes from deployment to active protection in just days, not weeks.
Click on the "View Usage Instructions" and "Usage Information" below to get next steps for setting up CloudGuard WAF.
This is a BYOL Image. Pricing and entitlements for this product are directly with Check Point. As an AWS partner Check Point enables marketplace transaction on this listing through a private offer provided by Check Point. Please contact your Check Point trusted advisers (link to a list of CP sellers / or directly to check point SDRs). Payment for the underlaying infrastructures are paid directly to AWS and is based on AWS pricing.
Highlights
- Precise Prevention: Contextual app analysis for high fidelity application security to prevent known and unknown cyberattacks.
- Automated by Design: Auto-deploy, hands-off management and AI-powered short learning cycles.
- Flexible deployment: Protect all applications in any cloud environment built on any architecture.
Details
Categories
Delivery method
Delivery option
Auto Scaling Group
Single Gateway into existing VPC
Single Gateway into new VPC
Latest version
Operating system
OtherLinux Gaia 3.10
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed through an external billing relationship between you and the vendor. You activate the product by supplying a license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. AWS Subscriptions have no end date and may be canceled any time. However, the cancellation won't affect the status of the external license.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
Please see seller website for refund details.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Auto Scaling Group
A number of AppSec instances in an Auto Scaling Group. Load balanced by an ELB.
CloudFormation Template (CFT)
AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."
Version release notes
Additional details
Usage instructions
Navigate to https://portal.checkpoint.com ; if you do not have an existing account, open a new account. Open the main menu (icon is in the top left corner), choose APPLICATION SECURITY under the CloudGuard column, then select Cloud on the left. The Getting Started page will open. After defining the asset, you will be redirected to the Profile page. Note: Obtain the Token for CloudGuard WAF from the Profile page.
Resources
Vendor resources
Support
Vendor support
To open a support ticket, send an email to infinity-next-support@checkpoint.com CloudGuard WAF
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
CloudGuard WAF-as-a-Service (Premium, PAYG, Free 7 Days or 1M Requests)
By Check Point Software Technologies
Check Point CloudGuard WAF-as-a-Service (WAFaaS) is an AI-based WAF and API discovery and security solution, delivering the highest protection against known and zero-day threats using advanced AI & IPS. The CloudGuard WAF-as-a-Service provides multiple layers of protection: rate limiting, AI engines, IPS signatures, zero-day file security, bot protection, and comprehensive API discovery and schema validation. CloudGuard WAFaaS delivers a non-agent WAF, deployable within minutes, and adds advanced DDoS mitigation. Traffic is seamlessly routed through Check Point servers, which automatically issue SSL certificates.
CloudGuard WAF-as-a-Service (Advanced, PAYG, Free 7 Days or 1M Requests)
By Check Point Software Technologies
Check Point CloudGuard WAF-as-a-Service (WAFaaS) is an AI-based WAF solution delivering the highest protection against known and zero-day threats through advanced AI and IPS signatures. CloudGuard WAFaaS provides multiple layers of protection: rate limiting, AI engines, IPS signatures, zero-day file security, bot protection. CloudGuard WAFaaS delivers a non-agent WAF, deployable within minutes, and adds advanced DDoS mitigation. Traffic is seamlessly routed through Check Point servers, which automatically issue SSL certificates.
CloudGuard WAF-as-a-Service (Advanced/Premium, Contract)
By Check Point Software Technologies
Check Point CloudGuard WAFaaS is an AI-driven, fully managed web application firewall that provides advanced security for applications and APIs. It delivers real-time protection against zero-day threats, OWASP Top 10 vulnerabilities, DDoS attacks, and more, ensuring high availability, AWS security compliance, and uninterrupted service.
CloudGuard WAFaaS integrates seamlessly with AWS services, including Amazon Route 53, AWS WAF, AWS Shield, AWS API Gateway, Amazon CloudFront, and AWS Lambda, enabling automated threat prevention with minimal operational overhead.
Check Point CloudGuard
By Cadre Information Security
- CloudGuard WAF
- CloudGuard CDR
- CloudGuard Network Security
- CloudGuard CNAPP
- CloudGuard Posture Management
- CloudGuard Code Security
- CloudGuard Workload
- Developer Security
Customer reviews
4.2
3 ratings
3 AWS reviews
|
51 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
reviewer2753559
Simplifies cloud security with quick integrations and highlights areas for enhanced customization
Reviewed on Sep 02, 2025
Review from a verified AWS customer
What is our primary use case?
My main use case for Check Point CloudGuard WAFÂ is to protect web applications and APIs from OWASP Top 10, and it has helped to secure cloud workload and prevent unauthorized access to data leaks.
I use Check Point CloudGuard WAFÂ to block SQL injection and cross-site scripting attacks, and we protect the API by enforcing strict access, automatically applying a security policy to new applications before deploying in the cloud.
What is most valuable?
The best features Check Point CloudGuard WAFÂ offers in my experience include automated policy upgrade with threat coverage intelligence, flexible deployment, and zero-day protection, which stand out to me the most.
The automated policy creation and threat intelligence have helped my team by reducing manual configuration and saving time, and the threat intelligence updates ensure immediate protection against new threats, simplifying daily operations and improving response speed.
Check Point CloudGuard WAFÂ has positively impacted my organization by strengthening overall application security and data security, and it reduces manual workload for the security team while improving compliance in securing cloud workloads.
It has improved compliance and manual workflows through automated updates and reports, making it easier to meet compliance, with faster audits and readily available security evidence in reports, and it reduces time spent on manual rule creation and log reviews by automating policy enforcement.
What needs improvement?
Check Point CloudGuard WAF could be improved by simplifying the initial setup for a faster deployment, making the dashboard and reporting more customizable, and offering a more accessible pricing model.
For how long have I used the solution?
I have been using Check Point CloudGuard WAF for the past one year.
What do I think about the stability of the solution?
Check Point CloudGuard WAF is definitely stable in my experience.
How are customer service and support?
It has a user-friendly interface that makes monitoring and management easier with smooth integration with other Check Point and third-party security tools, and it provides a clear dashboard for visibility into attack and traffic patterns.
I would rate customer support as eight out of ten.
I chose this rating because sometimes the response will be delayed more than expected.
Customer support is good, but sometimes it takes longer than expected.
How would you rate customer service and support?
Positive
What was our ROI?
I have seen a return on investment from using Check Point CloudGuard WAF, considering both time and money.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing was good.
The experience with pricing, setup cost, and licensing is straightforward without any challenges.
What other advice do I have?
My advice for others looking into using Check Point CloudGuard WAF is to plan deployment with clear policies to maximize protection from the start and take advantage of automated updates and threat intelligence to reduce manual work, ensuring proper integration with your cloud environment.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Soe Moe T.
The Best Protection Shield for Web App and API Security
Reviewed on Aug 27, 2025
Review provided by G2
What do you like best about the product?
Firstly, I like the best about Check Point CloudGuard WAF is It's UI. It is very responsive, simple and easy to use and understand. It is also provided for AI powered, Automation and can block others attack such as DDOS, SQL Injection, and etc ... So I used CloudGuard WAF for my Web and API security.
What do you dislike about the product?
I don't have much about Check Point Cloud Guard WAF. It is very useful for me and I prefer to use.
What problems is the product solving and how is that benefiting you?
Cloud Guard WAF can benefit to me because it can protect a lot of protection for my Web and API security. The best benefiting to me is unknown threats.
reviewer2751732
AI-driven threat detection significantly reduces false positives and enhances efficiency
Reviewed on Aug 22, 2025
Review provided by PeerSpot
What is our primary use case?
My main use case for Check Point CloudGuard WAFÂ is defending from SQL injection or DDoS attacks, and a quick specific example would be that it protects our applications and data from these threats.
I don't have anything else to add about my main use case, as there are no stories or examples where it helped my team.
What is most valuable?
The best features Check Point CloudGuard WAFÂ offers are that it's very easy to use, the automated management is very nice, and the introduction of new AI is very efficient, which I find valuable.
With the introduction of AI in general, Check Point CloudGuard WAFÂ provides very high accuracy on the data, allowing me to avoid a lot of false positives and saving me time in determining if what I'm seeing is a possible attack.
Check Point CloudGuard WAFÂ has positively impacted my organization by reducing incidents because I don't have false positives.
What needs improvement?
Check Point CloudGuard WAF can be improved; initially, the setup is very complicated, and there's not a lot of documentation available, plus it didn't have something for anti-bot, but other than that, it is fine.
The documentation issue means that I can't find it online very easily, and while I can always ask support, it's a bit limited. As for anti-bot, I refer to a feature that I can find a better option for on Cloudflare .
I don't have anything more to add about the needed improvements or anything regarding the onboarding.
For how long have I used the solution?
I have been using Check Point CloudGuard WAF for one year.
What do I think about the stability of the solution?
Check Point CloudGuard WAF is very stable, and I haven't had any issues with downtime or reliability, plus it handles growth easily in my environment.
How are customer service and support?
The customer support is rated eight. I have had to contact them, and my experience was satisfactory.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I did not previously use a different solution before Check Point CloudGuard WAF, so there's no prior comparison.
What was our ROI?
I don't have metrics, but I see a return on investment in overall efficiency, as it has saved my team time and reduced incidents.
What's my experience with pricing, setup cost, and licensing?
I don't know about the pricing, setup cost, or licensing for Check Point CloudGuard WAF, as I don't manage costs.
Which other solutions did I evaluate?
Before choosing Check Point CloudGuard WAF, I did not evaluate other options, as I went straight with it.
What other advice do I have?
Check Point CloudGuard WAF works very well with all the clouds, such as Azure and AWS , and I shouldn't have any problems adding this feature to my environment.
Regarding the reduction in incidents, I don't have any percentages, but I know I can save a lot of time because I understand that if something is signaled, I need to check it, as it's very not probable that it is a false threat.
My advice for others looking into using Check Point CloudGuard WAF is that, similar to other Check Point services, it can be intimidating at the start, but you will manage after some time.
I rate Check Point CloudGuard WAF eight out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Information Technology and Services
Great AI-powered security
Reviewed on Aug 20, 2025
Review provided by G2
What do you like best about the product?
Great AI-powered security protecting web applications and APIs
Contextual Threat Prevention
API Discovery & Protection
Easy Deployement
Self sufficent and able to prevent and improve by itself isolating possible breaches.
Contextual Threat Prevention
API Discovery & Protection
Easy Deployement
Self sufficent and able to prevent and improve by itself isolating possible breaches.
What do you dislike about the product?
Depends a lot on the support and to resolve certain issues it might require some time.
What problems is the product solving and how is that benefiting you?
WAF and cloud protection
Hailemichael Yigrem
Helps protect against multiple attack types with seamless integration and strong threat prevention
Reviewed on Jun 22, 2025
Review provided by PeerSpot
What is our primary use case?
Our main use case for Check Point CloudGuard WAFÂ is that we have been reselling this product for three years, and we have experienced that this CloudGuard WAFÂ protects from zero-day attacks, boot attacks, and other OWASP top 10 attacks.
Before deploying Check Point CloudGuard WAFÂ , we faced several vulnerabilities such as SQL injections. We encountered different vulnerabilities, but after implementing this product, we have reduced these attacks.
We are a reseller of Check Point.
What is most valuable?
The best features that Check Point CloudGuard WAFÂ offers are its easy integration with other products and its good threat prevention features. Since it is default in a device, it protects us from zero-day attacks, and first learns traffic before allowing it into our network. It protects us from botnet attacks and many vulnerabilities are discarded by these deployments.
The integration process went smoothly for us as it easily integrated with our existing products, and it reduced approximately 90% of attacks after deployment.
Check Point CloudGuard WAF also has a comprehensive reporting feature and a well-designed dashboard.
Check Point CloudGuard WAF has impacted our organization positively, as after deploying this product it reduces the time to analyze attacks and protects from several attacks, enhancing our security posture.
We are now saving approximately four hours per day on analyzing attacks.
What needs improvement?
There are improvements that can be made regarding pricing since it has a high initial cost. If they could reduce that, it would be beneficial. Additionally, it has a complex initial configuration. Reducing such complexities would make it even better to have.
For how long have I used the solution?
We have been using Check Point CloudGuard WAF for three years now. It is a good product.
What do I think about the stability of the solution?
Check Point CloudGuard WAF is stable.
What do I think about the scalability of the solution?
It handles increasing traffic easily because we can extend our demands based on our needs.
How are customer service and support?
The customer support service is good based on the support we purchased, as they are available 24/7.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup with Check Point CloudGuard WAF is complex.
What was our ROI?
I have seen a return on investment since deploying Check Point CloudGuard WAF. We have saved money by protecting our environment from new vulnerabilities and preventing theft by cybercriminals. It has saved our money and time investigating vulnerabilities and zero-day attacks. It has great potential and provides an excellent security profile to our environment.
What's my experience with pricing, setup cost, and licensing?
The initial cost of Check Point CloudGuard WAF is high.
Which other solutions did I evaluate?
We have evaluated other WAF providers such as F5 and others, but we chose Check Point CloudGuard WAF according to its performance. It is a good device.
What other advice do I have?
I suggest to others that if you have web-based applications or HTTPS traffic, you must use Check Point CloudGuard WAF to protect your service. On a scale of 1-10, I rate this solution a 9.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other