Sold by: Check Point Software TechnologiesÂ
Deployed on AWS
Free Trial
Check Point CloudGuard Network Security is a cloud-native security gateway that delivers automated, advanced threat prevention and multi-layered network security for assets that customers migrate to or store on AWS. Try it free for 30 days.
4.4
Overview
Video
Video 1
Video
Product video
Check Point CloudGuard Network Security is a cloud-native security gateway that delivers industry-leading threat prevention and multi-layered network security for workloads migrated to or deployed in AWS environments.
Comprehensive Cloud Network Security: CloudGuard Network Security for AWS protects cloud assets with a full suite of advanced security capabilities, including: firewall, Data Loss Prevention (DLP), Intrusion Prevention System (IPS), application control, IPsec VPN, URL filtering, antivirus, anti-Bot, threat emulation, and threat extraction. These features enable proactive defense against known and unknown threats, ensuring robust protection for cloud workloads.
Industry-Leading Threat Prevention: CloudGuard Network Security for AWS provides advanced threat prevention to secure AWS environments from sophisticated threats, unapproved access, and application-layer Denial of Service (DoS) attacks with industry-leading catch rates.
Full Control of Network Traffic: CloudGuard Network Security for AWS ensures secure, encrypted data flows between your on-premises network and your AWS VPCs. It inspects traffic entering and exiting private subnets in the VPC ("North-South") as well as between VPCs ("East-West").
Unified Security Management: Extend on-premises security policies into the AWS cloud with unified, centralized management via Check Point CloudGuard Security Management Server. Manage policies, logs, and reports consistently across AWS, hybrid, and on-premises environments from a single pane of glass. This listing includes the gateway only. For management, use Check Point Smart-1 Cloud: https://www.checkpoint.com/quantum/unified-cyber-security-platform/smart-1-cloud/Â
Automated, Scalable Cloud Security: Integrates with infrastructure-as-code tools like Terraform and Ansible for policy automation and cloud-native scaling. CloudGuard dynamically adapts security policies based on real-time cloud metadata and changes. Supports AWS Transit Gateway, auto-scaling, high availability, and multi-AZ redundancy.
Flexible Licensing and Seamless AWS Integration: Deploy within minutes as either a single gateway, as a high availability cluster, or as an auto scaling group via Check Point CloudFormation templates (sk111013). Recommended deployment on a 4 vCPU instance for optimal performance. CloudGuard Network Security integrates with a broad range of AWS services, including Gateway Load Balancer, AWS Security Hub, VPC Ingress Routing, AWS Traffic Mirroring, AWS Transit Gateway, AWS Outposts, and Amazon Macie.
Getting Started: Supports both Pay-As-You-Go (PAYG) and Bring Your Own License (BYOL) models with a flexible pricing model that supports both usage-based billing and contract-based subscriptions. Start your free 30-day trial to gain full access to CloudGuards features and capabilities. At the end of the trial, your subscription will automatically convert to a paid, usage-based plan, unless canceled beforehand. Request a private offer for custom pricing and terms. For a guided walkthrough, you may request a product demo through this listing.
Highlights
- Advanced Protection with Security Features: Firewall, DLP, IPS, Application Control, IPsec VPN, URL Filtering, Antivirus, Anti-Bot, Threat Emulation and Threat Extraction.
- Industry-Leading Threat Prevention: Cutting-edge threat prevention with industry-leading catch rate of malware, ransomware and other types of attacks (per Miercom and Cyberratings, 2025).
- Unified Security Management: Provides consistent visibility, policy management, logging, reporting and control across hybrid-clouds and on-premises from a single pane of glass.
Details
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux Gaia 3.10
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c6in.xlarge Recommended | $0.91 |
m5.4xlarge | $3.00 |
m6i.xlarge | $0.91 |
r5.24xlarge | $16.42 |
r5.large | $0.80 |
r5.8xlarge | $5.86 |
m6i.24xlarge | $16.42 |
r5a.xlarge | $0.91 |
r5b.12xlarge | $8.79 |
r5b.xlarge | $0.91 |
Vendor refund policy
Terminate the instance at any given time to stop incurring charges.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Additional details
Usage instructions
Once the instance is running, connect to it using SSH, set an admin password using: 'set user admin password' followed by 'save config'. Then connect to https://[instance] using Internet Explorer (IE) to finalize the configuration. Notes:
- SSH password authentication is disabled in /etc/ssh/sshd_config
- For information regarding Firefox and Chrome refer to sk121373.
Support
Vendor support
This offer includes Premium Support. For the full list of included support services visit: https://www.checkpoint.com/support-services/support-plans/ To open a support ticket, you would need to have a Check Point user center account. If you do not have a user center account, you can sign up for one here: https://accounts.checkpoint.com . Need support? Contact us at https://www.checkpoint.com/support-services/contact-support/Â
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Check Point Software Technologies
By Palo Alto Networks
Top
10
In Log Analysis, Network Infrastructure
Top
10
In Network Infrastructure
Top
10
In Network Infrastructure, Security
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Network Traffic Inspection
Inspects traffic entering and exiting private subnets in VPC ("North-South") and between VPCs ("East-West")
Advanced Threat Prevention
Provides multi-layered security capabilities including firewall, IPS, threat emulation, and threat extraction with advanced catch rates
Cloud Infrastructure Integration
Supports infrastructure-as-code tools like Terraform and Ansible, dynamically adapts security policies based on cloud metadata
Security Protocol Coverage
Comprehensive security features including Data Loss Prevention, application control, IPsec VPN, URL filtering, antivirus, and anti-Bot protection
Cloud Service Compatibility
Integrates with AWS services including Gateway Load Balancer, AWS Security Hub, VPC Ingress Routing, AWS Traffic Mirroring, and AWS Transit Gateway
Network Traffic Protection
Advanced cloud-native firewall service powered by FortiOS and FortiGuard Labs threat intelligence for securing cloud network traffic
Threat Intelligence
AI-powered intrusion prevention (IPS), data leak prevention (DLP), and advanced filtering capabilities to block malicious traffic and potential security breaches
Dynamic Policy Management
Security policies that dynamically use cloud metadata tags to follow cloud workloads without requiring static IP updates
Geo-Specific Security Control
Enforcement of compliance policies through geo-IP blocking and traffic restrictions to/from specified countries
Multi-Account Security Aggregation
Capability to consolidate security across multiple VPCs and accounts within an AWS region using a single firewall instance
Threat Prevention
Advanced machine learning-powered inspection engine that detects known and zero-day threats including exploits, malware, spyware, and command and control attacks
Web Security
Inline machine learning-based web security engine for real-time detection of phishing, ransomware, and evasive web-based attacks
File Analysis
Proprietary cloud-based hypervisor for static and dynamic file-based threat detection using advanced sandbox analysis techniques
Protocol Layer Security
Comprehensive security coverage across network layers including DNS-layer attack prevention and network data exfiltration detection
Traffic Visibility
Complete application layer-7 traffic inspection and control with dynamic policy management based on AWS tags, application IDs, and user contexts
Standard contract
No
No
No
Customer reviews
Ricardosilva Silva
Centralized cloud security has improved segmentation and visibility but still needs faster policy updates
Reviewed on Dec 11, 2025
Review from a verified AWS customer
What is our primary use case?
I normally use Check Point CloudGuard Network Security to protect cloud workloads and control traffic between cloud resources. It is mostly for enforcing segmentation and managing security policies across different cloud environments.
A recent example of how I use Check Point CloudGuard Network Security to enforce segmentation or manage policies was when we deployed a new application tier in the cloud. I used CloudGuard to segment it from the rest of the environment and apply stricter threat prevention rules.
Check Point CloudGuard Network Security is deployed in the public cloud setup in my case.
Check Point CloudGuard Network Security does provide unified security management across hybrid clouds as well as on-premises. Having policies and visibility centralized in one place makes operations much smoother. Instead of managing separate rule sets for cloud and on-premises, I can apply consistent policies across both and see all traffic flows in a single dashboard. That cuts down on configuration risk and makes troubleshooting faster.
I do utilize Check Point CloudGuard Network Security alongside other Check Point products. In my case, I use it alongside Quantum and Harmony Endpoint.
What is most valuable?
The best features in Check Point CloudGuard Network Security are the centralized cloud-native policy management, strong threat prevention for cloud traffic, and automatic discovery of cloud assets.
The most valuable feature of Check Point CloudGuard Network Security in my day-to-day work is the centralized cloud-native policy management. I can control all the clouds, which is very beneficial.
Check Point CloudGuard Network Security has helped us reduce misconfigurations and improve how quickly we can secure new cloud workloads. We have also had fewer issues with unexpected traffic because the visibility tools make it easier to spot problems.
Check Point CloudGuard Network Security has helped me reduce my organizational risk. The clear visibility into cloud traffic and the automatic adaptation to cloud changes reduced the chance of misconfigurations, which were one of our biggest risks. The number of policy-related issues we had to fix dropped noticeably once we started using it.
It has increased my confidence in secure cloud deployments and migrations quite a bit. Knowing that policy adjusts automatically when new resources come online makes migration less stressful. The consistent visibility across environments also helps because I can verify traffic flows.
What needs improvement?
Check Point CloudGuard Network Security could be improved with faster policy propagation across large multi-cloud environments and more intuitive dashboards for complex rule sets.
For how long have I used the solution?
I have been using Check Point CloudGuard Network Security for about one year and a half.
What do I think about the stability of the solution?
Check Point CloudGuard Network Security is stable.
What do I think about the scalability of the solution?
Check Point CloudGuard Network Security scales well as our cloud footprint grows. It handled adding more workloads and environments without major issues.
How are customer service and support?
The customer support for Check Point CloudGuard Network Security is very good and very helpful, but I think it could be better on higher complexity issues.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We used a mix of native cloud controls and some older firewall setups before Check Point CloudGuard Network Security. We switched because they did not give us the same level of unified visibility or consistent policies across environments.
How was the initial setup?
Securing a new workload with Check Point CloudGuard Network Security now could take a few hours before because I had to map out network paths and build policies manually. Now, it usually takes under an hour. The automatic asset discovery and clear visibility shave off a good chunk of the setup time.
What about the implementation team?
I purchased Check Point CloudGuard Network Security through the AWS Marketplace .
What was our ROI?
I cannot give a percentage for money, but we have seen a return mainly through time savings and fewer configuration-related issues with Check Point CloudGuard Network Security.
Which other solutions did I evaluate?
I have evaluated solutions that compete with Check Point CloudGuard Network Security. We evaluated solutions from Palo Alto Networks, Prisma Cloud, and also Azure . However, AWS with Check Point CloudGuard Network Security was much easier to implement, and that is why we prefer it.
We did evaluate other options before choosing Check Point CloudGuard Network Security. The main alternatives we evaluated were Palo Alto's Prisma Cloud and some of the native security tools from Azure . They work for certain use cases, but Check Point CloudGuard Network Security gave us a stronger unified policy management.
What other advice do I have?
The core security features of Check Point CloudGuard Network Security work really well, but a few usability areas hold it back: the policy propagation speed and parts of the interface. I would give Check Point CloudGuard Network Security a rating of seven out of ten.
I would advise others looking into using Check Point CloudGuard Network Security to first plan ahead. I recommend starting with a small pilot across one or two tiers, defining policy and segmentation baselines upfront.
Evans Vasavan
Unified cloud security has improved automated threat prevention and clarified network visibility
Reviewed on Dec 09, 2025
Review provided by PeerSpot
What is our primary use case?
The main use cases for Check Point CloudGuard Network Security are to address the threats that are currently occurring, and it automates the network security while also providing rapid deployment. The automations are particularly effective in Check Point, offering all the cool features available.
What is most valuable?
The best features in Check Point CloudGuard Network Security include the prevention it provides to my organization via automated engines, unified security management across hybrid clouds, a complete security framework, and a clean and clear dashboard.
The main benefits that Check Point CloudGuard Network Security brings to the table include clean dashboards, clarity of architecture in my organization regarding what applications and traffic passes through, firewall and threat prevention, and integration with tools like Terraform , Cloud Formation, Kubernetes , and others.
Check Point CloudGuard Network Security provides unified security management across hybrid clouds and on-premises deployments.
The unified security management provided by Check Point CloudGuard Network Security affects my security operations by preventing many attacks, ensuring compliance, and improving the governance aspect. The automation is very good in that segment, and the cloud adapts to any changes or integrations very well. Overall, it is fantastic.
What needs improvement?
Check Point CloudGuard Network Security is working well currently. I do not think much needs to be improved, but while loading the console, it is a little bit lacking sometimes as it gets stuck, and we have to refresh it again. That part needs to be reduced.
For how long have I used the solution?
I have been working with Check Point CloudGuard Network Security for two years.
What do I think about the stability of the solution?
Apart from the console that I mentioned, I have not faced any other crashes, downtimes, performance issues, or stability issues with Check Point CloudGuard Network Security. The website has never crashed; there is just slowness, and that is all.
What do I think about the scalability of the solution?
The scalability aspect of Check Point CloudGuard Network Security is very good; it is perfect and easy to scale up and scale out.
How are customer service and support?
Since I have not escalated any questions regarding Check Point CloudGuard Network Security to the Check Point team, I cannot say much, but whenever I tag a ticket, the response is very good, so there are no issues with that.
How would you rate customer service and support?
Negative
Which solution did I use previously and why did I switch?
I have not evaluated any other options or solutions available in the market before choosing Check Point CloudGuard Network Security.
How was the initial setup?
The deployment process of Check Point CloudGuard Network Security was straightforward since it was a cloud-based product. We partnered for the initial setup, and they have been working for the past seven years. They have experienced engineers, and they completed it smoothly; there were no complexities in terms of deployment.
My experience onboarding Check Point CloudGuard Network Security was very good. I was part of it, and now I also manage it. There was nothing complex; the prerequisites were very clear from the partners and Check Point. The communication was good, and everything was executed perfectly.
What about the implementation team?
For the sake of this review, we have not integrated any products with Check Point CloudGuard Network Security yet because we are still in trial mode. We do have some challenges within the partner, and we are involved with a partner, so we are trying to integrate some applications. I do not know what those applications are because they have not disclosed them yet, as it involves a bank customer and disclosures happen only after everything is verified. We are facing some challenges, but we have a partner who is excellently coordinating with us, so that is not an issue.
What was our ROI?
Since I have been working for the past two years, a lot of risk has been reduced, but I cannot quantify the exact count. We do have reports that we provide to the management department on a weekly basis to verify and review, and it has been wonderful.
What's my experience with pricing, setup cost, and licensing?
Although I do not know much about the pricing or setup costs, Check Point CloudGuard Network Security is very cost-effective. If you want to secure your organization completely from all ends against attacks like ransomware or zero-day attacks, you definitely have to pay a particular price. If it is securing my organization, it is definitely cost-effective, but all business deals are presented by higher management based on that.
Which other solutions did I evaluate?
I have not used or evaluated other solutions that compete with Check Point CloudGuard Network Security, but I have been working on application controls, DLPs, and EDRs. Those technologies are what I know and work on.
Apart from Check Point CloudGuard Network Security, I have not worked on any other SD-WAN or Cloud and Data Center security products.
What other advice do I have?
The issues with Check Point CloudGuard Network Security stem from the bank sector itself. In the bank sector, they mostly use customized ports, and we need certain applications that are handled by different departments. We used to take approvals for a single port, and for different customized ports, we need different approvals. Management and IT are getting stuck, but that will get sorted out soon.
I have not faced any issues, so I cannot comment on the impact that Check Point CloudGuard Network Security has had on the confidence in secure cloud deployments and migrations.
Check Point CloudGuard Network Security definitely helps when it comes to cloud deployments and migrations, and I feel it reduces the risk. I can deploy application control, URL filtering, and we also have an antivirus that provides a perfect security posture in my organization. It also blocks zero-day malware and ransomware, making it a very big impact on my organization and very supportive.
As of now, nothing needs to be added to Check Point CloudGuard Network Security, but in case there is anything in the roadmap, I would definitely love to try that particular segment.
I would suggest to any organization considering Check Point CloudGuard Network Security that they should try it. They will also get clarity on their own organization's security implementation, and they can have good clarity on that. My overall rating for this review is 9 out of 10.
Animation
Consistent Cloud Security, Easy Setup
Reviewed on Dec 01, 2025
Review provided by G2
What do you like best about the product?
I appreciate that Check Point CloudGuard Network Security offers me consistent and automated security, which is essential for managing threats in hybrid and multicloud environments. The product's ease of setup makes it accessible for any user, allowing me to quickly implement and start protecting my cloud network without hassle. This ease of use combined with its robust security features gives me confidence in managing advanced threats and maintaining a secure multi-cloud infrastructure.
What do you dislike about the product?
I think there is room for improvement in Check Point CloudGuard Network Security, particularly concerning hybrid cloud security and ensuring consistency in management across public and private clouds.
What problems is the product solving and how is that benefiting you?
I use Check Point CloudGuard Network Security to protect my cloud network from advanced threats and ensure consistent security policies across hybrid and multicloud environments with automated security.
Accounting
Strong Threat Prevention, Seamless Integration
Reviewed on Nov 30, 2025
Review provided by G2
What do you like best about the product?
I really appreciate Check Point CloudGuard Network Security for its strong threat prevention, which is crucial in protecting our cloud workloads. It effectively blocks cloud-based attacks, which adds an extra layer of security beyond what native cloud controls offer. I also value how seamlessly it integrates into our existing Check Point management stack. This smooth integration not only saves us a lot of time but also helps in maintaining consistent security policies across our operations. The ease of setup, especially for users with experience, is another aspect that I find commendable. Overall, these features significantly contribute to the product’s effectiveness and enhance our cybersecurity framework.
What do you dislike about the product?
The cost of Check Point CloudGuard Network Security can increase significantly as your environment grows. Because traffic inspection—particularly for encrypted data or east-west traffic within cloud networks, as well as inter-region traffic—requires both compute resources and bandwidth, an increase in traffic volume will naturally lead to higher expenses.
What problems is the product solving and how is that benefiting you?
I use Check Point CloudGuard Network Security to secure our cloud workloads effectively, blocking cloud-based attacks. Its strong threat prevention enhances security beyond native cloud controls, and seamless integration with Check Point management saves time and ensures consistent policies.
Eliezer P.
Real-Time Visibility and Efficient Comprehensive Protection
Reviewed on Nov 25, 2025
Review provided by G2
What do you like best about the product?
I love the real-time visibility that Check Point CloudGuard Network Security provides me regarding cloud security. This allows me to respond effectively to incidents, which is crucial for protecting our data and operations. I also greatly value the comprehensive protection it offers for cloud environments. I like it because it covers all the security aspects I need, ensuring that all our areas are adequately protected. These features make this tool a vital part of our IT security strategy.
What do you dislike about the product?
Integration with more cloud platforms.
What problems is the product solving and how is that benefiting you?
I use Check Point CloudGuard Network Security to protect against threats and network attacks. It provides me with real-time visibility and comprehensive protection, allowing me to respond effectively to incidents and secure all aspects of cloud security.