CloudGuard is a tool for evaluating the health and configuration of an account. We primarily use it for AWS, but we also use it for Azure. I also use it for inventory and historical reporting.

We work with 50 AWS accounts. Four teams across a couple of time zones use CloudGuard. Our security and DevOps teams are the primary users, but the support team occasionally uses it. Management consumes the output and the reports. I think it makes them feel good, so that's nice. 

I recently transitioned into a management and architecture role. CloudGuard helped me delegate to my engineers the day-to-day tasks of operational care and feeding and health assessments of the environments. I previously spent more time building rules and implementing automatic remediations. Now, I let it fly, and my engineers operate it. 

I helped with the design and build, and I was originally in charge of the run. I've now handed off the run, which enabled me to do more. I think it helped those guys to be effective and do more. I'd say it freed up the equivalent of a quarter to an eighth of an FTE.

CloudGuard allows us to scale. As we bring on customers, more accounts come online, and more platforms are deployed in our environment, I don't have to scale my team linearly with the growth of our product. These rules work over and over on the number of accounts. I think that's a place where it will help us as our customer base grows.

The security operations team saved some time. I'm on the team, so I do a lot with this. It's one of the essential tools. Depending on the incident, Check Point can be extremely helpful in understanding the configuration. I use it ad hoc or tactically in those conditions. At the same time, other operations or security incidents are out of view of Check Point and Dome9, so it doesn't come into play. When the problem is at the account or configuration level, it makes remediation and troubleshooting an investigation easier.

It saves time because I can look across the organization. Instead of checking 50 different accounts atomically and spending 15 minutes investigating each, I can spend 15 minutes exploring all 50 accounts. It allows me to quickly look across the org for similar problems when one comes up. That's a huge time saver. 

The most valuable feature is the ability to create a reference rule set and use that to evaluate an account's health. It provides daily reports on any drift from that rule set and real-time alerts. Some of the automated remediations are also helpful.

I like the GSL Builder, which helped us reduce human error. It helps answer a question quickly in real-time that I might not want to put into a specific rule that I evaluate across all my accounts all the time. In many cases, we've built rules that we consider everywhere for the posture of all our essential accounts. However, I often work on an issue or question, and I just want to see who has this configuration or misconfiguration. GSL Builder lets me quickly locate all the S3 buckets with a faulty configuration. I use it tactically like that sometimes.

I'd be sad if it went away. However, you couldn't throw an inexperienced person at it and expect them to get any value from it without some handholding or spending time to read the documentation and think about it. You must know about the asset you interrogate to write a good rule or to do a good evaluation. That isn't a Check Point problem, but it's a general issue in cloud security. 

CloudGuard offers several pre-packaged rules for various evaluations, such as NIST, 853, etc. I went through them, found 50 rules I think are handy, and put them into a custom rule set. Then, I spent time writing about 30 rules specific to my environment. I use those to evaluate the health of my accounts continuously. 

We check health insurer information because all this data is highly confidential and protected by HIPAA. We use these rules to evaluate our cloud properties constantly. I can't imagine the time that would take to perform this kind of evaluation by hand or using another tool. That's why we have Check Point.

There are many auto-remediations available. We use a few and wrote a couple of our own. It's an excellent risk management tool. We use it because we're so paranoid about the security of our environment. I've used this tool at other companies in different industries, and they've been apprehensive about automatic remediation. It depends on the part of the world you live in. I use it, and it stopped problems, so I've gotten tremendous value from auto-remediation.

The ability to prioritize alerts has been handy. It enables me to focus on critical issues instead of common misconfiguration. The visibility into my workloads is pretty good but not great. I don't use it at a granular level. I'm primarily focused on protecting my overall cloud posture and the health of the account with CloudGuard, but I also look for some common misconfigurations that might be workload-induced.

Making basic rules is easy, but it's complex if you want to do something a little more nuanced. I've been unable to make some rules that I wanted. I couldn't evaluate some values or parameters of the components I look for. I haven't always been able to assess them.

It feels like some attributes of resources can't be interrogated through the GSL the way I would like. For example, I wanted to figure out all the systems launched with a particular image that had been running for 31 days or more. Until I talked to the Dome9 people and the support team, I didn't understand how to frame that query in GSL. The support team told me how to do it, but I couldn't figure it out alone. The documentation is a little unclear about how to do some of those configurations. More tutorials and examples on the blogs and support pages would be helpful. 

I had another problem when we tried to encrypt all of our storage volumes. There is a feature called batch jobs or Elastic MapReduce jobs. CloudGuard sometimes can't detect the encryption status of the underlying disks of those systems that process my workloads. It pops up with a bunch of alerts that say, "Non-encrypted volumes have been found in your account." 

Those jobs are dynamic, so they spin up, run for an hour or two, and all the systems are destroyed. By the time I checked it, all the systems were gone. CloudGuard threw a bunch of alerts in the middle of the night when all these things happened, and I went back to evaluate the configuration. I know they were all encrypted because I can see how it was deployed. It didn't have a great insight into my actual workload, but it generally tells me when people launch unencrypted things. It isn't perfect, but it's okay.

I have used CloudGuard for four years.

CloudGuard has been solidly stable. I'd say nearly perfect.

CloudGuard's scalability is decent. They're switching to a new onboarding methodology that I'm not in love with, but I think we'll find a way to make it work and continue to scale. It has been good.

I rate Check Point's support an eight out of ten. I've contacted them with a few questions or issues and always had good support experiences with them. I'm not a huge customer paying millions of dollars a year. I work for a small startup on the bleeding edge of technology, and I feel like Check Point and Dome9 meet me where I am. 

It wasn't trying to shove a network firewall, like a data center security tool, down my throat. Palo Alto and Check Point are old-school network security appliance vendors that are out of their depth in cloud security, so they bought tools like bought Twistlock and Dome9. Check Point's acquisition and management of Dome9 have been excellent. I can still talk to people at Dome9 and get support for this tooling, but it has been difficult for me to do that with their competitors. 

Positive

I've used Palo Alto Prisma Cloud, but I've also used Palo Alto's Cloud Security Posture Management tooling. I prefer Check Point, which is why we have it.

I still have both solutions, but I use Palo Alto for something else. I use Twistlock, a Prisma Cloud module, for runtime protection of containerized workloads. I also use Dome9 for CSPM. I did not like using Prisma Cloud for CSPM because I did not care for the rule language or configuration. 

Also, I feel like Check Point, and Dome9 listen to their users. If I'm dying for a new feature to improve the solution, they would hear me out and consider it. I guarantee you that Palo Alto doesn't care.

Deploying CloudGuard is straightforward. I deployed it and configured the auto-remediation alone, but I also worked with another architect to discuss the design and workshop some ideas, so we could say a team of two deployed it.
After deployment, maintenance has been very low.

We've seen a return. It still makes sense to write a check. I can't imagine going back to doing it the way I did before. It's essential for my compliance program to have this tool in place. If I could save the $100,000 or more I pay annually and use cloud-native tools, the additional time I would spend tuning and doing everything I'm doing with CloudGuard wouldn't be worth it, at least not in the first year. 

CloudGuard is fairly priced.

I rate Check Point CloudGuard Posture Management an eight out of ten. I advise new users to start with a defined list of goals or problems and implement the solution in a way that initially prioritizes their most significant issues or primary goals. Don't try to boil the ocean. In other words, don't enable all the features and do everything at once. They will be overloaded unless they know what they're doing. Go feature by feature, function by function, and area by area. Determine where your critical risks are and implement the solution based on that knowledge.

I think there are some benefits to using a third-party tool. For example, these tools might simplify and enrich features or offer focus. You're adding another view or pane of glass to your security world, but once you start to look across clouds, it becomes interesting. I have to write all my own rules for Azure and AWS. At the same time, I can get the same report delivered to my inbox that I can then feed to my executives, showing them the health of these cloud properties. 

It looks cohesive and coherent instead of using separate native tools for AWS, GCP, Alibaba, and Azure and trying to compile all those reports and metrics. At least I can distill my posture into a commonsense readable score and transmit that to the executives. I can tell them, "Our posture's at 98% compliance." They can comprehend that and compare the scores from week to week. It helps me from a reporting angle.

Currently, the company I work for has implemented several cloud solutions such as Azure and AWS, in which they are migrating from AWS to Azure to have everything unified in a single environment. 

At the moment, we have different applications in both clouds, which have their own system of security in the environments. Recently, in the country there were several ransomware attacks on government companies they were the target due to this we decided to expand security a little more and it was where we made use of Check Point tools that will help us comply with a more centralized security that is more robust on all our end devices.

We have made the decision to centralize our security infrastructure via that CloudGuard for Cloud Intelligence tool. It has contributed a lot to security since many companies were having security problems. We decided we could be one of the few that was not violated with this tool as it gave us a lot of security and helped us avoid vulnerabilities. We were able to counteract attacks with the recommendations that the tool gave us since each point of vulnerability that we found told us how to increase security. That is how our organization was able to survive even an attack.

The CloudGuard for Cloud Intelligence tool has several significant features that provide security to our company. These are helping us to prevent misfortune. Some of these features are centralized monitoring, alerts that indicate some type of vulnerability, recommendations on how to reduce these vulnerabilities, and configuration and monitoring of policies, all based on real-time monitoring with excellent efficiency. They are very effective.

One of the most effective functionalities is integration with the cloud since a match can also be done between the two. 

Check Point tools need to improve the latency in the portal since they take a long time to load. 

They also need to improve the support a little or hire more staff since the response time is slow or the solutions take a long time to implement.

Check Point should give added value to all those customers who purchase their product by providing training so that they can certify in the tool. That way, the customer stops depending so much on support and can solve incidents themselves.

I've used the solution for approximately Three year.

The stability is very good. Even when updates are made, it has not presented any type of failure.

The tool has excellent scalability.

The support must improve the level of service and must train their staff a bit more.

Positive

Currently, we only had other Check Point tools.

Making the investment is a bit high, however, it is very effective to make the acquisition of the tool.

The implementation was done with the help of the vendor and an engineer.

Here it will be reflected in the long term since it is not something tangible but by making the investment in security we can have a company always working

The cost is a bit high, however, the investment is worth it.

We evaluated Palo Alto and Cisco however, they forced us through Check Point at the company.

The solution is very effective. It fulfills perfectly for what it was made to do.

As an organization, we have implemented Azure Microsoft and AWS for some applications. Most of the workloads are managed in the cloud. Therefore we needed a tool that could protect us against some type of cyber threat that would generate losses in the apps that are being used. We apply CloudGuard Workload that comes to us to cover all those security breaches that we could see presenting. In the beginning, we used the free trial to do some tests, and it worked for what we needed it for, and then we acquired it with all the functionalities

CloudGuard Workload Protection came to help us a lot in the organization in the application development part since it is one of the areas where there is more workflow and vital generation of the company since applications are generated and modified daily. With this tool, IT came to us to help provide a series of security layers to all these flows by providing us with different types of security options such as alerts and improvements. One of the characteristics that we liked very much is that it can be coupled with different public clouds.

One of the CloudGuard Workload Protection features that we liked a lot is the security it handles in containers. 

Another interesting thing is that it works without an agent involved. 

It also offers great complete visibility of all devices, and assets in the cloud, which allows us to control all those assets, thus generating complete analysis of the infrastructure in real-time. In this way, we've been able to attack the points where there is some vulnerability in our infrastructure and being able to be at the forefront of security.

It cost us a little to find some information about CloudGuard Workload Protection. It cost us to find information about the tool and recommendations.

The configuration administration documentation is not very available on the web, or it is not completely updated. They should also improve the support so that we can create a case and they can respond faster. They take time to respond or coordinate a meeting since they maintain a schedule that does not fit Latin America very well. It is sometimes difficult to coordinate support hours. 

They do not provide a concrete and rapid solution which causes security implementations to be delayed.

The solution was implemented a¿twoo ago.

So far, the stability of the product has remained excellent. We have not presented any failures.

It has great scalability. It's very fast and precise.

The support offered by Check Point in general is very regular.

Positive

No other solution has been implemented.

Like all setup-type software, it is very easy to install.

The implementation was done in conjunction with a support team from the company and the supplier.

The implementation of a security tool is always an excellent investment. One thing outweighs the other.

The installation of the product is very reliable, and fast, and it is a very competitive cost in the market.

Check Point was the first solution we used. It was recommended by third parties.

It is a very complete tool for workflows. It provides excellent security.

We pull all of our cloud platforms into Microsoft Azure. We needed a tool that would provide us with provides policy compliance to be able to monitor our environment. In the case something is in violation of one of those rules, it will let us know and we can correct it. 

It is also very flexible to configure users, and authentication methods and thus be able to control the activities of each of the system administrators and users, another one of the functionalities it presents is that it allows us to monitor the records of our environment in the Azure Cloud and be able to take the necessary measures if there is a problem..

One of the reasons we were able to implement this solution is that it gives us complete visibility into the workload that we have hosted on our Microsoft Azure platform. This tool came to help improve our security environment in the cloud and provide more detail through reports such as compliance and security, as it shows us complete visibility of the traffic that is flowing to our Azure platform.

Another reason we implemented it and it caught our attention was the access control to our Azure cloud. Every time a policy is created for each purpose, it immediately blocks the access for which it was designed. Dome9 provides excellent visibility.

Check Point CloudGuard Posture Management presents great values, such as the IAM role control, since if it does not meet the established parameters, these controls will not allow the creation of users, and policies that are not allowed.

It presents great visibility of the traffic flow of our cloud, providing information on what data and users are circulating and in the event of a threat, it immediately identifies them by providing detailed and granular information from our entire environment. 

It also has and provides the ability to provide recommendations of the errors that exist and thus be able to correct them as soon as possible

The service is very complete for the functionality that it was created for, however, they can make a couple of improvements such as the validation of policies that must be available before they are implemented in the production environment. It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published. They do not update as they should and the new rules are not applied. They can also try to reduce the false positives generated by the tool.

This solution has been used for approximately five years in the company.

One of the reasons why we chose to do the implementation with Check Point was its stability. Its performance is very good.

My impression was that the scalability was very good. It is a super scalable product.

On some occasions, we have had problems as they do not send the meetings on time or it takes a long time to resolve a case. However, on other occasions, they resolve very quickly.

Positive

Check Point was always our first option as many security teams are from Check Point.

The configuration was very simple. The application is a very user-friendly tool - apart from training and courses for implementation.

A Check Point engineer who had a lot of experience helped us with the implementation.

When making an investment with these tools you are taking care of an important patrimony that will double your profits.

Check Point always manages good prices and costs in the tools they sell.

We do not evaluate other options. We wanted to continue implementing the same brand since the other products have helped us a lot in the security of our company.

Users can fully rely on Check Point products as they are robustly designed for security.