We had the firewalls set up in the cloud systems. We were using them for VPN as well as the encryption of traffic coming in and leaving the cloud.

When COVID-19 hit and everybody started to work from home, we did not have a scalable VPN technology. Also, with more people working from home, security was a bigger concern. CloudGuard Network Security addressed both needs in one single product.

After implementing CloudGuard Network Security, overnight, 500 people could work from home on a secure and encrypted tunnel. What more could we ask for? When COVID-19 hit and everything closed down, we were able to spin this up within 2 weeks.

CloudGuard Network Security provides us with unified security management across hybrid clouds as well as on-prem. There is a single admin client that you can use. You can have a firewall deployed on-prem. You can have a firewall deployed in GCP. You can have a firewall deployed in AWS or Microsoft Azure, but you can manage it all with a single pane of glass. You can have a single management station managing all of these.

We are very confident about it and our security. It is a very robust solution.

The endpoint VPN is super stable. The routing is also very good. We tried a competing product first, but we could not make it work. We came across CloudGuard. The network routing across different virtual networks in Azure and AWS was way ahead of any of the other technologies. That helped us be able to cover the whole network using one single cluster.

They have come such a long way. There may be other areas that other people use, but as far as I am concerned, I have been very happy with it. There are always newer features getting added and new encryption protocols coming. I can see where they are going and how far they have come. I have been using the Check Point firewall since 2010. It has been 14 years, and I have seen how they have improved.

They are coming out with more SD-WAN express route support from a firewall perspective. That would be great. They keep on launching new features. That is how they work.

I was one of the first sites to use it as a PoC before they even introduced it to the world. It has been 4 or 5 years.

I would rate it a ten out of ten for stability. It has been running since we put it up.

I would rate it a ten out of ten for scalability. It depends on your design. You can either have a static deployment where there is only one firewall, two firewalls, and four firewalls, or you can put it in the elastic mode where it will spin up as the load goes up. It will auto-scale up and auto-scale down. It is fantastic.

They are fantastic. Their technical support is absolutely great. There is ownership right from the top down. They know their product. They stand by their product. If there is a feature that is not working, I have seen them write patches for me in 48 hours. They offered to provide the patch by Sunday evening in Tel Aviv, and by Sunday afternoon, I had an email saying that the patch was available for our download. We could download it and reinstall it. That patch was only written because of something in my deployment. It was not like they had 200 customers who complained about it. I was the only one complaining about it.

Positive

We did a PoC for one week. We had some major issues because of sizing. We sized CloudGuard too small, so we made it bigger. The next week, we did another PoC, and it worked well. By the third week, we were done. We went live, and everybody was working from home. 

I would rate it an eight out of ten in terms of ease of installation.

Their support was good. We set it up when nobody else in the world had seen it. We were probably the third company in the whole world to roll it out. We were that new to it. Nowadays, I would rate their support an eight out of ten, but in those days, it was one out of ten because we were all learning together.

I was the only one involved in its deployment. To deploy this, you need to have a background in IT security and networking put together.

We have seen an ROI. 500 people were able to work from home. That itself is a huge ROI.

It is one of the top solutions in the world. We know that it is protecting our entire cloud infrastructure, so it makes a lot of sense.

I quite like the way they priced it. It is very reasonable.

We did evaluate other solutions. We looked at Fortinet, and they could not do cross-VNet traffic at that time. We spent almost five or six days. We worked 10 to 12 hours a day. Even after 60 to 70 hours, they could not make it work, but it worked out-of-the-box with CloudGuard Network Security. In terms of ease of use, CloudGuard Network Security is any day easier.

We did not just go with our cloud vendor's cloud firewall because the cloud vendor did not have a firewall at that time. Secondly, even if they did, it is always good to have a third-party product protecting the cloud. If we are using AWS, I would not put an AWS firewall there because if there is a compromise somewhere else, it is most likely going to carry over to their firewall too because everything runs on the same fabric, whereas this is separate. It gives a completely independent security front end.

I would definitely recommend it. I have used it. I know how it works.

Check Point has been one of the pioneers of firewall technology. This is the only product that they really do. They are into cybersecurity firewall technology. They are not like other competitors, such as Cisco or Fortinet, who also have network switches, hubs, routers, etc. Check Point is a dedicated company that does cybersecurity. All in all, this is what they do. You can see the investment coming from the top down. They have ownership of the product. I have raised complaints that have gone up to Gil Shwed. He is the CEO and the founder of Check Point. I have got an email from Gil saying that he knows we are frustrated, but they are working on it, and he will make sure that this gets fixed. That is the kind of ownership they have.

Overall, I would rate CloudGuard Network Security a nine out of ten.

We are using CloudGuard Network Security to protect North-South traffic or VPCs. We are using the CloudGuard firewall between the Internet and VPCs. All the traffic needs to pass through the firewall.

CloudGuard Network Security provides features, such as threat emulation, that native cloud solutions do not offer. AWS, Azure, and GCP have a lot of features, but you sometimes need to pay charges for specific features. With Check Point products, you have all these features in one license. You pay once and you can use everything.

CloudGuard Network Security improves our security against advanced threats. Others do not offer features like threat emulation out of the box. CloudGuard Network Security protects very well against advanced threats.

We have a high level of confidence in our cloud network security by using CloudGuard Network Security. The product is similar to what we use in traditional data centers. The infrastructure is almost the same. The way to manage the policies is the same. It is very easy to implement and manage CloudGuard networks. There is some difference when you are using auto-provision, but in the end, it is the same technology. It is easy for a traditional network engineer to work with CloudGuard.

We did not go for the cloud vendor's cloud firewall because we wanted to be able to manage all the firewalls, policies, and other things from a single point. 

The most valuable feature for me is that you have just one license. You can test and implement everything you need with one license. You do not need to pay for separate module licenses when you want IPS or other features. The license includes everything that you need.

The version upgrades need improvement. We faced issues while upgrading our CloudGuard Network Gateway. When we tried to use the template that Check Point offers on their site, it was not available for the second to the latest version, so I was forced to upgrade my management server. That was very challenging for us.

I have been working with Check Point CloudGuard Network Security for 8 years.

I cannot remember the last time I had an issue. It is stable, but every product has a few bugs. If you maintain the configuration and the versions, everything is fine.

We do not have any problems because we can use the auto-provision templates. If I need to scale up or scale down, I can do this. If there is any issue, it is very transparent. For example, if I lose my gateway, the manager will automatically create a gateway and bring everything up.

Their support is very good. Their response is fast. You can contact an engineer in a few minutes, but it depends on the severity of the issue. In the case of a high-severity issue, you can talk to an engineer to assist you with an issue.

Compared to other vendors our company has been working with, Check Point has better support. They have the best technical staff.

Positive

We only use Check Point products. In our data center, we are only using CloudGuard.

It is very easy. With a few clicks, you can implement your firewall. 

It is fair. Its license covers all the features. There is a cost-benefit. The licensing for the cloud is better than on-premises because, with on-premises, you have to pay separately for different things.

Overall, I would rate CloudGuard Network Security a nine out of ten.

Primarily, we are using it for deploying cloud firewalls on Azure to protect our applications. We are using TerraForm.

CloudGuard Network Security helps to streamline bringing in the hardware and putting the effort upfront to do the automation. It takes all that effort away from a human. It streamlines the process and provides security on the cloud.

CloudGuard Network Security provides us with unified security management across hybrid clouds as well as on-prem. It gives us one place to look. Security teams have common logging, and our SIEM integration is already built in. We have a gateway. It is logging for SIEM log servers, and they are being sent to our SIEM. No additional changes are required by anyone to know where to look. It is all integrated into our existing solution.

We are pretty confident in our cloud network security using CloudGuard Network Security. I would rate our confidence level a nine out of ten.

The ease of administration with the cloud management extension and the cloud licensing model is valuable.

I have not dealt with it enough to find any pitfalls.

We have been using CloudGuard Network Security for about four months.

So far, it is great. We use scale sets. We have deployed two gateways per region with the scale set settings of two to ten. We do not have much workload yet, so I cannot say how the scaling is working, but overall, I am sure we will be able to scale the gateways.

I did not need support for much of what we have been working on.

We mostly have a public cloud in Azure. Over the next few months, we are looking to port the same functionality we have in Azure to AWS. 

The deployment is simple as well as complex. The ARM template to deploy in Azure is very simple, but we have taken that and extracted it to do it via TerraForm. The migration to TerraForm is a little more complicated, but we made it work.

We have not gone far enough to know.

We are using our BYOL. We are using our existing Check Point discounts to work with licensing. Overall, it is very competitive. Its pricing is reasonable to me.

I have not evaluated other solutions.

I would advise taking a look at the solution. It performs well and integrates with our existing solutions. It streamlines processes. It is definitely worth a look.

Overall, I would rate it a nine out of ten. The solution is very similar to what we are doing everywhere else. It integrates well with the Azure services, but nothing is perfect, so I cannot give it a ten.

I use CloudGuard Network Security to enhance our cloud exchange points' security. Our customers can seamlessly connect across multiple clouds within the region, and CloudGuard provides next-generation firewall services to ensure their data and applications are protected.

CloudGuard Network Security has significantly improved our organization by helping us tap into the Check Point customer market.

The VPN features in CloudGuard Network Security have been the most valuable for us. It allows us to scale securely within our infrastructure, providing both strong security and VPN capabilities.

In the next release, including VRF support would be highly beneficial. Many customers have been requesting this feature, as it is currently lacking in Check Point's offerings, which can make architectural designs more cumbersome compared to competitors.

I have been working with CloudGuard Network Security for two and a half years.

As for scalability, it could be even better with VRF support, as it would allow for more efficient scaling without the need to deploy separate firewalls for different workloads.

CloudGuard Network Security has been quite stable.

I would rate technical support for CloudGuard as an eight out of ten.To make it a ten, I would expect more proactive assistance and smoother transitions between support levels.

Positive

When comparing CloudGuard Network Security to other solutions like Fortinet and Palo Alto Firewalls, they are similar in terms of identifying security threats. They all offer robust features such as antivirus, deep packet inspection, and IPS. Some of our customers have transitioned from Palo Alto to Check Point. While I don't have specific reasons, it could be related to factors like pricing.

We deployed it across multiple locations, utilizing AWS for SMS management. The environment was designed to ensure security and privacy, with all deployments being private despite being in the public cloud. Our implementation strategy was flexible, depending on the customer's needs, focusing on workload security first and then gradually migrating workloads. The initial deployment was straightforward.

One significant difference between CloudGuard Network Security and other solutions is the lack of VRF support. This means that when dealing with customers who have multiple segments and exchange points, deploying new firewalls becomes necessary. Competitors' solutions typically include VRF support, making scaling much easier and eliminating the need for additional firewall purchases.

We chose CloudGuard over other vendors because it allows us to provide unified security across multiple cloud providers like AWS, Azure, and Google Cloud. Unlike native cloud firewalls, CloudGuard offers scalability and the ability to expand across different platforms, meeting our customers' needs for consistent security across diverse cloud environments.

We implemented CloudGuard Network Security to meet our customers' demands for enhanced security features and centralized management. They specifically requested Check Point CloudGuard for its robust capabilities, including SMS and MDS for global management.

Using CloudGuard Duo Security has provided us with the ability to manage globally through MDS, which has been a valuable capability. It is convenient to have multiple pockets of global management from UniFi OS.

We realized the benefits of CloudGuard Duo Security quickly after deployment. Understanding the architecture, especially the MDS setup for higher-level organization control, allowed us to establish multiple pockets of management efficiently.

Unified security management allows us to streamline our security operations significantly. With centralized management through SMS and MDS, we can efficiently oversee not only the firewalls within our cloud exchange points but also on-premises devices, enabling a cohesive and unified security architecture across all environments.

I'm very confident in CloudGuard Network Security because it helps us secure our global network. With CloudGuard, we can set up rules to protect against risks from on-premises traffic and ensure security through various measures like single sign-on integration and VPN restrictions.

CloudGuard Network Security is a great product that fulfills firewall needs effectively and provides detailed insights. However, in multi-segment environments requiring multiple VRFs, it can be cumbersome and costly due to the need for separate firewalls.

The best lesson I have learned from using CloudGuard Network Security is to carefully consider the scalability requirements of each environment. While Check Point offers robust features, the lack of VRF support can lead to increased costs and complexity, especially in multi-segment setups where separate firewalls are needed for each segment.

Overall, I would rate CloudGuard Network Security as an eight out of ten.

We primarily use it for egress internet traffic for four clouds, as well as between clouds to on-prem. Those are the main use cases. We have another small use case for ingress traffic, but it is a very small use case right now.

By implementing CloudGuard Network Security, we wanted to get network visibility in our clouds. That was the main point. We also wanted to provide a segregation layer with stateful inspection with all the next-generation features, such as IPS.

CloudGuard Network Security certainly has made our organization more secure. Our business partners cannot inadvertently open up the access that they should not be just to get things done. They now have to go through our firewall. We have got the inspection layer. Our security organization can see threats if they come in and take action on them. We were able to realize its benefits almost instantly.

CloudGuard Network Security provides unified security management across hybrid-clouds as well as on-prem. We heavily use global policy to join on-prem and the cloud, as well as multiple clouds. It is a huge benefit for us as we can set a global standard for policy and then push that across all the different security zones.

We are very confident in our cloud network's security. We have had many years of experience developing it, so we were very aware of the design and the solution within each cloud. We are confident with how we deploy it, and we have plans to make it more efficient as we go.

Most recently, it would be the dynamic objects or datacenter objects. The query feature is going to be a game-changer for us as we move forward. It simplifies our policy, and it gives us a way to dynamically learn and discover things in the cloud instead of having a static way.

Currently, we are struggling with licensing just because of the pace and growth of our cloud. Keeping up with licensing for new regions and new gateway usage is certainly something we are looking into. We are working with our accounting to figure out how we can improve. The licensing piece is big for us.

We are at the place where we are looking at better integration with the management system. We use an MDS today, and it is self-deployed. We want to get to the Smart-1 Cloud, but we do not know what that looks like today because it does not support a multi-domain setup. Smart-1 should either be able to do multi-domain or there should be some form of taking a multi-domain environment and putting it in Smart-1.

I have been using CloudGuard Network Security for probably five years.

From our experience in five years, it has been very stable.

It seems to be very scalable. We have plans to increase the usage of CloudGuard Network Security.

We do scale sets across our clouds and across many regions globally. The number of applications behind it is in the hundreds if not thousands.

It is an excellent service. I would rate their support a nine out of ten. Improving a little bit in the smaller clouds such as Oracle and Google would help a lot.

Positive

We did not specifically use any similar solution in the cloud. It was brand new.

We have a public cloud and then a hybrid with on-prem. We have AWS, Azure, Google, and Oracle.

In terms of the version, on-prem, we use Maestro, and in the cloud, we use the latest CloudGuard. We use the software version R80.40 and are about to upgrade to R81.20.

Its deployment was a little complex for us because we have a very large cloud environment and we are multi-cloud. We had an existing estate, so it was hard to put a firewall in the path and not break things.

We are still implementing it because we are taking a cloud-by-cloud approach. We have done AWS and Azure. It took probably two years to do that, so I would assume that for Google and Oracle, it is going to take at least a year.

In terms of the implementation strategy, we first develop the IEC for the code to deploy it, and then we deploy it and test it in a sandbox environment. We then deploy it to non-prod and roll it out to those regions, and after that, we would do the same with prod.

We implemented it ourselves.

We have seen an ROI, but I do not have any metrics.

Pricing-wise, it is pretty competitive. However, I would like to see more flexible licensing. There should be more of a consume what you need and true-up type of model.

In the past, we have evaluated other solutions. When we tested them, they did not have the same feature set or functionality that CloudGuard had. When I initially tested years ago, the scaling probably was not as efficient. The support was also a big factor. The support that we got from those vendors was not as good as from our account team with Check Point. 

When we looked at the cloud provider firewalls, they did not match up to what Check Point could do with the various deep packet features and functions like IPS. The feature set was the main difference. At the time, the cloud providers could not provide IPS or deep packet features. That was a big driver for us with Check Point. The fact that we could not integrate policy with our on-prem firewalls, which were from Check Point, was another big driver because we wanted a unified policy. Our existing relationship with Check Point helped as well.

To those evaluating CloudGuard Network Security, I would advise certainly engaging with the Check Point account team. Get their solutions team to help you walk through the solution and talk to others in the industry about their experiences.

The biggest lesson that I have learned from using this solution is to deploy it as soon as you can in your cloud journey.

I would rate CloudGuard Network Security a nine out of ten. 

My main use cases for CloudGuard Network Security are to scale the technology for protecting and filtering traffic within AWS and Azure environments.

The main challenge I was looking to address by implementing CloudGuard Network Security was the need to establish a firewall on our cloud perimeter for enhanced security.

The flexibility to rebuild the firewall in CloudGuard Network Security has helped our organization eliminate downtime.

CloudGuard Network Security has improved our organization by allowing us to easily deploy firewalls from the cloud wherever we might need them.

The most valuable feature I have found in CloudGuard Network Security is the flexibility to rebuild the firewall as needed.

CloudGuard Network Security could be improved in the area of upgrading in place.

I have been working with CloudGuard Network Security for five years.

The scalability of CloudGuard Network Security is very good and we can scale it as needed.

Check Point's service and tech support are very good, especially since we have access to their Diamond-level support. I would rate the support as a ten out of ten.

Positive

I find the pricing and licensing of CloudGuard Network Security to be pretty straightforward.

The main benefit we have seen from using CloudGuard Network Security is the ability to filter traffic by URL. We realized these benefits approximately six months after deployment.

Unified management of the firewall has positively affected our security operations by making it easy to manage from one place.

My advice for those evaluating CloudGuard Network Security is to remember that licensing is critical, so ensure that central licensing is configured properly.

Overall, I would rate CloudGuard Network Security as a ten out of ten.