Feature-rich with good threat prevention and protection
What is our primary use case?
We use Check Point firewalls and SMS servers in on-prem DC and in multi-cloud environments extensively. These are used to protect the perimeter, DMZ, and internal network to protect and inspect network traffic.
The firewalls are best of breed and provide extensive rich features and a diverse range of protection against DDoS, malware, ransomware, and zero-day attacks. Also, it is used for terminating client and mobile VPN tunnels, URL filtering, IDP, DLP, etc.
The environment is Internal and a multi-tenant hosted for external clients which is a complex setup.
How has it helped my organization?
The new Check Point firewalls are best-of-breed and provide next-gen firewall features with AI and ML capabilities. This helps to reduce the operational support overhead and protects against new emerging threats.
Previously we used Juniper, Cisco, and other firewall platforms which have very limited capabilities and offer no inspection or threat-prevention features at all.
Check Point has changed this dynamic completely and offers a complete security solution to protect all digital assets which is immensely helpful.
What is most valuable?
Identity awareness, URL filtering, IDS, DLP, Content Filtering, VPN, and Application Control are all excellent. They provide features to inspect internet traffic, data protection compliance, and DDoS attack detection and protection.
The Check Point firewall product that we picked up has an excellent feature set and all the required licenses, it's a nicely engineered firewall technology and has a great support team to escalate.
Features like threat prevention and protection are good to have to protect against zero-day attacks, malware, and ransomware.
What needs improvement?
Software bugs and OS releases can be very fast to keep up with. Check Point has a history of moving fast with software release and upgrade cycles which are difficult to keep up with at times.
New features should have a single-pane-of-glass view for on-prem DC and cloud environments.
Licensing costs are very high compared to other vendors. Check Point needs to be competitive to keep the cost down for the customers and partners.
The previous Check Point OS model had to support multiple OSs which was difficult and cumbersome (i.e. SPLAT, IPSO, GAIA).
For how long have I used the solution?
I've used the solution for ten years.
Which solution did I use previously and why did I switch?
We did use a different solution and wanted to have better security capability and visibility.
What's my experience with pricing, setup cost, and licensing?
The solution is expensive but feature-rich.
Which other solutions did I evaluate?
We looked at other options and checked if the firewalls had all the security and compliance features required by the organization.
Manages traffic at the network level
What do you like best about the product?
It enhances the capabilities of GWLB by offering cutting edge threat prevention and security features. The satisfaction it brings is unparalleled.
What do you dislike about the product?
I find it lacking in terms of documentation and technical support. Facing issues or needing assistance the provided resources.
What problems is the product solving and how is that benefiting you?
CloudGuard Network Security solves the problem of balancing traffic flow in our business. This leads to an reliable network infrastructure.
Efficient Cloud Security Service
What do you like best about the product?
Intuitive user interface, has similarities to other products out there like Watchguard EDR.
What do you dislike about the product?
It would take at least one year of working with the product to become proficient in it.
What problems is the product solving and how is that benefiting you?
Centralized cloud security management if customer is solely on AWS.
Review of CloudGuard
What do you like best about the product?
The way how the Cloud Guard Network Security product handels traffic
What do you dislike about the product?
Till now i havent seen any dislike features in this product.
What problems is the product solving and how is that benefiting you?
It hepls me to manage my network
Easy to implement, easy to use and great feature
What do you like best about the product?
I like the interface about how this product represent data with so comprehensive features. Another reason is how easy the implementation is in a large scale environment without having a headache with minimum of time. It so easy.
What do you dislike about the product?
So far, everything work great and reliable.
What problems is the product solving and how is that benefiting you?
Best cloud-based firewall solution, easy to use, easy to implement, great features. It will increase security level and visibility.
A strong cloud security platform that has protected us against zero-day attacks
What is our primary use case?
The solution is a core operating system, and we use it for threat intelligence.
How has it helped my organization?
CloudGuard has a better catch rate with respect to any attack which is happening. We once faced an attack in a customer's environment on one of our data centers, and Check Point Firewall blocked that attack. The solution's performance is on the higher side.
What is most valuable?
The feature most valuable to me is the NDTX blade that Check Point provides, and I like how the solution is not vulnerable. We haven't had any vulnerabilities in Check Point in the last six months, which is a plus point because the OS Check Point provides is hardened enough that it's not vulnerable to the newer issues, so the network security solution is given in a proper way. These features are an advantage for our customers.
The solution is easy to use once deployed if the administrators have a basic understanding of firewalling. Administrators just have to check the traffic passing through the solution, which will log the traffic properly. And if anything gets dropped, the solution will showcase that to you. The management server Check Point uses is a gold standard.
What needs improvement?
Check Point CloudGuard is not a feature-centric product because Check Point concentrates on security. For example, if a customer asks for reporting, it might not be available, like a bandwidth report. At most, the reports are given with respect to security, not infrastructure.
For how long have I used the solution?
I've used CloudGuard for the last three years.
What do I think about the scalability of the solution?
We have more than 50 customers.
How are customer service and support?
Customer support needs to think about what the customer is talking about. They need to improve on that.
How would you rate customer service and support?
How was the initial setup?
CloudGuard is not a plug-and-play product and requires proper technical knowledge to deploy it. You need the help of a proper professional to deploy it. Deployment hardly takes four hours, but that's only if you know what you're doing. You need to plan the deployment with respect to AWS. You have to know what exactly the customers have deployed in AWS or Azure, or any cloud solution, and based on the review, you need to do their architecture before you can start the deployment. The first step, then, is to understand the customer's data because everything is on a template when it comes to the cloud. You should understand which template you need to use on any cloud. It is impossible to deploy if you're not aware of the customer's environment and how the cloud infrastructure is made. After selecting the proper template, you have to do the implementation. The implementation will go smoothly if you understand the customer's requirements and infrastructure.
What's my experience with pricing, setup cost, and licensing?
I would not say Check Point is very expensive, but when customers compare it with Sophos or any other products, the price is on the higher side.
Which other solutions did I evaluate?
In terms of features, FortiGate has more features in terms of routing.
What other advice do I have?
Our customers use Check Point solutions both on-premise and on the cloud.
Check Point's research and development happening in terms of threat intelligence is better than its competitors, and Check Point's vulnerabilities are fewer. Check Point CloudGuard Network Security has proper security in place with respect to the vulnerabilities. They do not have any vulnerabilities right now. And the research and development happening on Check Point is on the higher side. Most zero-day attacks are protected against. Customers should go for Check Point because of these two points.
If a customer wants FortiGate instead, it's all about whether they can map the budget with Check Point or any other security solution. I cannot compare Check Point and FortiGate, though, because each has its own market.
I rate Check Point CloudGuard Network Security a nine out of ten.
An easy-to-navigate tool useful for filtering internet traffic that needs to improve its deployment speed
What is our primary use case?
In my company, we use the solution just to secure my AWS Network Insights and inside production. We use it for security purposes.
What is most valuable?
With the solution, we just need to filter the traffic coming from the internet and Direct Connect. So it filters the traffic, basically. It permits access. In short, it just filters the traffic and permits the traffic. The aforementioned details are the purposes for which we use the tool.
What needs improvement?
We use the tool as a basic firewall. It's a technical firewall. As a technical firewall, we use SmartConsole or Check Point Firewall.
The deployment phase takes too much time. I would like the deployment to be faster.
For how long have I used the solution?
I have been using Check Point CloudGuard Network Security for two and a half years. We are using Check Point R80.10 SmartConsole in our organization.
What do I think about the stability of the solution?
Stability-wise, I rate the solution a seven out of ten since it takes too much time for deployment. However, it is flexible since we used to push the policy normally. It takes hardly ten seconds to install the policy. It's much easier.
What do I think about the scalability of the solution?
I have been using the solution in my company for the last year. Other than the employees in my company, more than 25,000 users are using the solution hosted on AWS.
Basically, the application, which is hosted, is used internally. It's the same user account because it's not exposed anywhere on the internet. If anyone wants to access the solution from the internet, the traffic comes from Direct Connect, and from Direct Connect, it goes to AWS.
How was the initial setup?
The initial setup was not much complex. The setup phase was good enough to be able to navigate through it.
It took a long time to deploy it. We need to run this on EC2 instances, so it took almost two hours to deploy the solution. After deploying the solution slowly, and gradually, we have to push the policy on the firewall. It takes time to deploy, but it's a stable one.
The solution is deployed on the cloud. It's a software we install in EC2 instances on AWS, which we use as a firewall.
We currently have six to seven resources managing the deployments and maintenance.
What about the implementation team?
During deployment, we took technical help from Check Point.
What other advice do I have?
It is a good-to-use tool that is also flexible.
Overall, I rate the solution a seven out of ten.
The solution has good threat emulation, threat extraction, and reporting features
What is most valuable?
Check Point CloudGuard Network Security has a beautiful threat emulation different from the market. They have a threat extraction feature. The solution's zero phishing feature is pretty much commendable. The solution has one of the best reporting any vendor has in network security. The solution also has a CSPM or posture management tool inbuilt into CGNS or network security.
What needs improvement?
The solution’s technical support, DNS security and training could be improved. Check Point CloudGuard Network Security's training and reachability to the customer can be done a bit better. One recommendation from my side is that the handover of the tasks can be a bit better. If an engineer is on a ticket and their shift gets over, the smooth handshake between the two engineers can be a bit better.
For how long have I used the solution?
I have been using Check Point CloudGuard Network Security for more than one and a half years.
What do I think about the stability of the solution?
Check Point CloudGuard Network Security is a stable product.
What do I think about the scalability of the solution?
Check Point CloudGuard Network Security is a scalable product. I would recommend the solution to small, medium, and enterprise companies because it has a scalable model. The solution is over the cloud and can be integrated with any company.
Which solution did I use previously and why did I switch?
Previously, I worked with Palo Alto, a direct competitor of Check Point CloudGuard Network Security. CloudGuard Network Security's threat extraction features, reporting features, and threat emulation are better than Palo Alto's. Check Point CloudGuard Network Security is more user-friendly than Palo Alto. On the other hand, Palo Alto has a bit better DNS security than Check Point CloudGuard Network Security.
How was the initial setup?
Check Point CloudGuard Network Security is easy to deploy, and if you are unable to do it, you can get support from the OEM.
What about the implementation team?
The solution's implementation depends on the customer's network scenario and policies. The initial setup doesn't take more than 30 minutes, and the rest can be done later.
What's my experience with pricing, setup cost, and licensing?
Check Point CloudGuard Network Security's pricing is far better than Palo Alto's because Palo Alto is very expensive. Check Point CloudGuard Network Security comes at a price that even a small business can manage to buy, whereas Palo Alto would restrict you to enterprise customers. Check Point CloudGuard Network Security's licensing cost changes from country to country. The solution has different discount models across the globe in regions like Asia and Ireland.
What other advice do I have?
People who want to implement Check Point CloudGuard Network Security should focus during the planning phase. If planning is done correctly and the prerequisites are matched perfectly, they won't face any challenges during deployment. But it's very important to check the prerequisites' limitations.
Overall, I rate Check Point CloudGuard Network Security nine and a half out of ten.
Awesome security with an awesome cloud guard experience.
What do you like best about the product?
With the help of an integration with GWLB, CloudGuard Network Security offers powerful threat-prevention capabilities. It incorporates firewalling, an IPS, and application control technologies to quickly identify and stop known and unidentified threats. This helps protect your cloud workloads by ensuring that harmful traffic is kept out of your VPC. It was totally user friendly, this is an important aspect of cloud guard.
What do you dislike about the product?
I have nothing against anything. Totally content.
What problems is the product solving and how is that benefiting you?
By combining the features of CloudGuard Network Security with Gateway Load Balancer, it improves the security of their AWS systems. It provides me with secure access management, comprehensive network visibility, and excellent threat prevention.
Secure Your Network with CloudGuard
What do you like best about the product?
First and foremost, CloudGuard Network Security for Gateway Load Balancer delivers advanced cyber threat defense, such as DDoS attacks and Cross-Site Scripting (XSS). It provides various features, such as a Web Application Firewall, Content Filtering, etc. The second excellent feature is that it provides real-time monitoring and reporting, allowing organizations to quickly identify and respond to security incidents.
What do you dislike about the product?
There is nothing to dislike. However, there are certain limitations, such as if I want some specialized requirements that CloudGuard does not fully provide. Its additional configuration increased the difficulty and cost of building a secure cloud network.
What problems is the product solving and how is that benefiting you?
One of the most challenging problems I've encountered regarding protection and security is that CloudGuard is readily linked with load balancers to provide additional security and scalability. I can defend their cloud network from threats while ensuring high availability and performance by deploying CloudGuard with load balancers.
