
Overview
Video 1
With deep application contextual analysis, CloudGuard WAF eliminates the tradeoff between the level of application security and the complexity of managing it. Your applications drive your business. As they evolve, grow, and expose more APIs, your attack surface expands. CloudGuard WAF learns how an application is typically used by profiling the user and the app content. It then scores each request accordingly, eliminating false positives while maintaining the highest security standards. CloudGuard WAF is easy to deploy and requires no ongoing maintenance as it continues to protect your evolving applications and APIs.
Advantages
- 90% of CloudGuard WAF customers run in prevent mode, demonstrating the hands-off nature of the management required
- 100% of CloudGuard WAF customers have less than 10 exception rules!
- CloudGuard WAF goes from deployment to active protection in just days, not weeks.
Click on the "View Usage Instructions" and "Usage Information" below to get next steps for setting up CloudGuard WAF.
This is a BYOL Image. Pricing and entitlements for this product are directly with Check Point. As an AWS partner Check Point enables marketplace transaction on this listing through a private offer provided by Check Point. Please contact your Check Point trusted advisers (link to a list of CP sellers / or directly to check point SDRs). Payment for the underlaying infrastructures are paid directly to AWS and is based on AWS pricing.
Highlights
- Precise Prevention: Contextual app analysis for high fidelity application security to prevent known and unknown cyberattacks.
- Automated by Design: Auto-deploy, hands-off management and AI-powered short learning cycles.
- Flexible deployment: Protect all applications in any cloud environment built on any architecture.
Details
Unlock automation with AI agent solutions

Features and programs
Buyer guide

Financing for AWS Marketplace purchases
Pricing
Vendor refund policy
Please see seller website for refund details.
Custom pricing options
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Auto Scaling Group
A number of AppSec instances in an Auto Scaling Group. Load balanced by an ELB.
CloudFormation Template (CFT)
AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."
Version release notes
Additional details
Usage instructions
Navigate to https://portal.checkpoint.com ; if you do not have an existing account, open a new account. Open the main menu (icon is in the top left corner), choose APPLICATION SECURITY under the CloudGuard column, then select Cloud on the left. The Getting Started page will open. After defining the asset, you will be redirected to the Profile page. Note: Obtain the Token for CloudGuard WAF from the Profile page.
Resources
Vendor resources
Support
Vendor support
To open a support ticket, send an email to infinity-next-support@checkpoint.com CloudGuard WAF
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
Simplifies cloud security with quick integrations and highlights areas for enhanced customization
What is our primary use case?
My main use case for Check Point CloudGuard WAFÂ is to protect web applications and APIs from OWASP Top 10, and it has helped to secure cloud workload and prevent unauthorized access to data leaks.
I use Check Point CloudGuard WAFÂ to block SQL injection and cross-site scripting attacks, and we protect the API by enforcing strict access, automatically applying a security policy to new applications before deploying in the cloud.
What is most valuable?
The best features Check Point CloudGuard WAFÂ offers in my experience include automated policy upgrade with threat coverage intelligence, flexible deployment, and zero-day protection, which stand out to me the most.
The automated policy creation and threat intelligence have helped my team by reducing manual configuration and saving time, and the threat intelligence updates ensure immediate protection against new threats, simplifying daily operations and improving response speed.
Check Point CloudGuard WAFÂ has positively impacted my organization by strengthening overall application security and data security, and it reduces manual workload for the security team while improving compliance in securing cloud workloads.
It has improved compliance and manual workflows through automated updates and reports, making it easier to meet compliance, with faster audits and readily available security evidence in reports, and it reduces time spent on manual rule creation and log reviews by automating policy enforcement.
What needs improvement?
Check Point CloudGuard WAF could be improved by simplifying the initial setup for a faster deployment, making the dashboard and reporting more customizable, and offering a more accessible pricing model.
For how long have I used the solution?
I have been using Check Point CloudGuard WAF for the past one year.
What do I think about the stability of the solution?
Check Point CloudGuard WAF is definitely stable in my experience.
How are customer service and support?
It has a user-friendly interface that makes monitoring and management easier with smooth integration with other Check Point and third-party security tools, and it provides a clear dashboard for visibility into attack and traffic patterns.
I would rate customer support as eight out of ten.
I chose this rating because sometimes the response will be delayed more than expected.
Customer support is good, but sometimes it takes longer than expected.
How would you rate customer service and support?
Positive
What was our ROI?
I have seen a return on investment from using Check Point CloudGuard WAF, considering both time and money.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing was good.
The experience with pricing, setup cost, and licensing is straightforward without any challenges.
What other advice do I have?
My advice for others looking into using Check Point CloudGuard WAF is to plan deployment with clear policies to maximize protection from the start and take advantage of automated updates and threat intelligence to reduce manual work, ensuring proper integration with your cloud environment.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
The Best Protection Shield for Web App and API Security
AI-driven threat detection significantly reduces false positives and enhances efficiency
What is our primary use case?
My main use case for Check Point CloudGuard WAFÂ is defending from SQL injection or DDoS attacks, and a quick specific example would be that it protects our applications and data from these threats.
I don't have anything else to add about my main use case, as there are no stories or examples where it helped my team.
What is most valuable?
The best features Check Point CloudGuard WAFÂ offers are that it's very easy to use, the automated management is very nice, and the introduction of new AI is very efficient, which I find valuable.
With the introduction of AI in general, Check Point CloudGuard WAFÂ provides very high accuracy on the data, allowing me to avoid a lot of false positives and saving me time in determining if what I'm seeing is a possible attack.
Check Point CloudGuard WAFÂ has positively impacted my organization by reducing incidents because I don't have false positives.
What needs improvement?
Check Point CloudGuard WAF can be improved; initially, the setup is very complicated, and there's not a lot of documentation available, plus it didn't have something for anti-bot, but other than that, it is fine.
The documentation issue means that I can't find it online very easily, and while I can always ask support, it's a bit limited. As for anti-bot, I refer to a feature that I can find a better option for on Cloudflare .
I don't have anything more to add about the needed improvements or anything regarding the onboarding.
For how long have I used the solution?
I have been using Check Point CloudGuard WAF for one year.
What do I think about the stability of the solution?
Check Point CloudGuard WAF is very stable, and I haven't had any issues with downtime or reliability, plus it handles growth easily in my environment.
How are customer service and support?
The customer support is rated eight. I have had to contact them, and my experience was satisfactory.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I did not previously use a different solution before Check Point CloudGuard WAF, so there's no prior comparison.
What was our ROI?
I don't have metrics, but I see a return on investment in overall efficiency, as it has saved my team time and reduced incidents.
What's my experience with pricing, setup cost, and licensing?
I don't know about the pricing, setup cost, or licensing for Check Point CloudGuard WAF, as I don't manage costs.
Which other solutions did I evaluate?
Before choosing Check Point CloudGuard WAF, I did not evaluate other options, as I went straight with it.
What other advice do I have?
Check Point CloudGuard WAF works very well with all the clouds, such as Azure and AWS , and I shouldn't have any problems adding this feature to my environment.
Regarding the reduction in incidents, I don't have any percentages, but I know I can save a lot of time because I understand that if something is signaled, I need to check it, as it's very not probable that it is a false threat.
My advice for others looking into using Check Point CloudGuard WAF is that, similar to other Check Point services, it can be intimidating at the start, but you will manage after some time.
I rate Check Point CloudGuard WAF eight out of ten.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Great AI-powered security
Contextual Threat Prevention
API Discovery & Protection
Easy Deployement
Self sufficent and able to prevent and improve by itself isolating possible breaches.
Helps protect against multiple attack types with seamless integration and strong threat prevention
What is our primary use case?
Our main use case for Check Point CloudGuard WAFÂ is that we have been reselling this product for three years, and we have experienced that this CloudGuard WAFÂ protects from zero-day attacks, boot attacks, and other OWASP top 10 attacks.
Before deploying Check Point CloudGuard WAFÂ , we faced several vulnerabilities such as SQL injections. We encountered different vulnerabilities, but after implementing this product, we have reduced these attacks.
We are a reseller of Check Point.
What is most valuable?
The best features that Check Point CloudGuard WAFÂ offers are its easy integration with other products and its good threat prevention features. Since it is default in a device, it protects us from zero-day attacks, and first learns traffic before allowing it into our network. It protects us from botnet attacks and many vulnerabilities are discarded by these deployments.
The integration process went smoothly for us as it easily integrated with our existing products, and it reduced approximately 90% of attacks after deployment.
Check Point CloudGuard WAF also has a comprehensive reporting feature and a well-designed dashboard.
Check Point CloudGuard WAF has impacted our organization positively, as after deploying this product it reduces the time to analyze attacks and protects from several attacks, enhancing our security posture.
We are now saving approximately four hours per day on analyzing attacks.
What needs improvement?
There are improvements that can be made regarding pricing since it has a high initial cost. If they could reduce that, it would be beneficial. Additionally, it has a complex initial configuration. Reducing such complexities would make it even better to have.
For how long have I used the solution?
We have been using Check Point CloudGuard WAF for three years now. It is a good product.
What do I think about the stability of the solution?
Check Point CloudGuard WAF is stable.
What do I think about the scalability of the solution?
It handles increasing traffic easily because we can extend our demands based on our needs.
How are customer service and support?
The customer support service is good based on the support we purchased, as they are available 24/7.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup with Check Point CloudGuard WAF is complex.
What was our ROI?
I have seen a return on investment since deploying Check Point CloudGuard WAF. We have saved money by protecting our environment from new vulnerabilities and preventing theft by cybercriminals. It has saved our money and time investigating vulnerabilities and zero-day attacks. It has great potential and provides an excellent security profile to our environment.
What's my experience with pricing, setup cost, and licensing?
The initial cost of Check Point CloudGuard WAF is high.
Which other solutions did I evaluate?
We have evaluated other WAF providers such as F5 and others, but we chose Check Point CloudGuard WAF according to its performance. It is a good device.
What other advice do I have?
I suggest to others that if you have web-based applications or HTTPS traffic, you must use Check Point CloudGuard WAF to protect your service. On a scale of 1-10, I rate this solution a 9.