Positive

We use Check Point CloudGuard Network Security to replace an Azure Firewall, securing the network flow in our organization.

The URL filtering provides a lot of added value compared to the Azure Firewall. It is easier to use and offers much more visibility on the network activities. It helps us manage our security operations by reusing on-prem solutions with the cloud, therefore improving ease of use.

The reporting needs enhancement. Currently, we are not always aware of the gateways' status, like CPU and RAM usage. It would be beneficial to have a report that manages everything and gives an overall view of what is going on.

I have been using it for six to ten months.

I have experienced a few issues where connectivity is lost temporarily, however, it does not affect traffic processing. It is more about not having management information for a few seconds.

The scalability is really good and relies totally on CloudGuard, whether it is on Azure or AWS. At least on Azure, it works fine.

The customer service is good. They helped me with the few issues I had, meeting my expectations. Their support for traditional security projects is good, and I found the same support quality for cloud projects.

Neutral

I have used solutions for on-prem security management, yet not for the cloud.

The initial deployment was easy, taking about a week.

I rate the overall solution an eight out of ten. It would be ideal to have improved reporting features for a comprehensive overview.

Neutral

We primarily use the solution for protecting the network perimeter and monitoring incoming and outgoing packets. Over the years, the product has evolved significantly by inspecting HTTPS and IPS and having antivirus and anti-bot capabilities. It has been interesting to observe how Check Point keeps pace with global security challenges and addresses them efficiently through policies on CloudGuard gateways.

In addition to blocking attacks and protecting the network, we benefit from the visibility into the logs, the simplicity, and the accuracy of reaching the events. All the capabilities are inside the solution. Unlike its competitors, it does not require extra licenses. It is well-integrated and very detailed. We can pinpoint the details to minutes, seconds, or milliseconds, and see what is going on. We can also see smart events and smart reports with pictures, graphs, etc. Through a single pane, we can see how our network environment is behaving. We can see any changes in the attack patterns, the number of logs, or any new events, which may give insights into an attack going on. We can also see if a new application was released by DevOps teams without telling us.

A big benefit of Check Point is that the same policy can be installed on-premises, on the cloud, with Kubernetes, with Dockers, etc. It works on huge devices or gateways on the cloud. It can work with Azure, Google Cloud, and others. The SmartConsole view helps handle all the environments with a single policy which makes it very easy. It enables working with a small team. A small team of five to ten people is enough for a global, worldwide network.

I found the access control policy through SmartConsole, which was formerly SmartDashboard, to be very valuable. It deeply explores source, destination, and port protocols. Competitors struggle to match this simplicity and effectiveness. The evolution of HTTPS inspections, threat prevention, and autonomous threat prevention are commendable. The consistent interface across versions ensures familiarity despite minor tweaks, maintaining a long-standing valid approach.

The visibility provided through logs, charts, and graphs, without requiring extra licensing, is excellent.

I believe that presentations on artificial intelligence indicate that analyzing logs via SmartEvent and SmartLog Security Event Information Management can offer insights into emerging trends and potential next steps. By correlating logs related to BYOD, BYOL, and Shadow IT, it will become easier to manage and hopefully mitigate or understand risks.

I have used Check Point solutions since NGX R65, which was a lot of years ago.

In my experience, recent versions with recommended jumbo hotfixes offer remarkable stability. There have been no unexplained reboots reported by customers.

While working with a customer using 561k gateways, handling 140 gigabits of peak traffic was successful. After that, they changed the product but maintained the same big picture while enhancing throughput and scalability. Adding more devices to security groups is straightforward. The complexity managed by Check Point developers is amazing. Check Point developers in Israel are ninjas. They have built a complete solution with amazing throughput and details. With a few clicks, there is elastic and protected network growth.

Sometimes I find that the VPN teams provide exceptional service, identifying issues promptly. Occasionally, ticket handling delays arise due to repetitive questions despite detailed notes. However, overall, my experience is positive, achieving a more than 75% success rate. Issues are eventually resolved through hotfixes or innovative solutions, supported by a robust knowledge base.

Positive

As an integrator and partner, we have the opportunity to see how other products work. SmartConsole itself is an excellent idea, and the management aspect of Check Point products significantly differentiates them. However, my opinion will be biased because I have been working with Check Point products for a long time, but I find Check Point's approach more simple and integrated. We do not need several devices or appliances to do verification at various layers. A simple gateway can deliver everything and secure the network.

On the perimeter of the network, it works as an employee hired to allow or deny based on the policies. It is able to follow the rules. There is simplicity. The capability of SmartDashboard to create rules, receive logs back from the gateway, generate all those insights, and pinpoint the events is amazing.

Compared to open-source solutions, there is more than 95% security. It does not handle only access controls; it has the capability of deep packet inspection to see what is going on and have insights into the intention of the malicious activity.

Its deployment model is a mix-and-match. Sometimes it is better to have it on the cloud because of the elasticity, but sometimes it is better to have it on-premises due to regulations. With the single configuration on SmartConsole, it can deploy policies on the cloud and on-premises. Some customers use Azure, and some use AWS. Having a Check Point solution makes them more comfortable because they know that it is a robust and mature product. It is not something built by a startup six months or one year ago.

I can set it up with my eyes closed, though typing the IP address is necessary. I am very comfortable handling initial client configurations and cabling. Although some view configuration as tedious, the results are satisfying once complete.

I believe that the return on investment largely revolves around network protection. An investment, such as 10,000 euros, aims to prevent costly outages or security breaches, which could be more expensive than the solution itself. Despite views on cost, the value lies in maintaining operational integrity with zero downtime or incidents, facilitating secure, ongoing business operations.

As a partner and solution provider for the last fifteen years, I have distanced myself from specific numbers. However, customer trust in the product is evident due to its comprehensive protective capabilities. Centralized appliances have mitigated previous CPU usage concerns, thanks to multi-threading and processing enhancements. Correct sizing assures minimal CPU usage, even at high traffic levels.

I would rate the solution a nine out of ten. A ten might impede progress. They might relax and stop the progress. They should keep doing a good job.

Our end customer is using Azure to host a few applications in the cloud, and we utilize CloudGuard Network Security to secure those assets.

CloudGuard Network Security provides unified security management across hybrid-clouds as well as on-prem. Our customer is also using Check Point on-premises, so we have one place to create all of our policies. It is a lot easier than doing it at different places. We have the same policy in different clouds and on-premises. That is a great thing. There is a seamless experience and the same management. That is a great advantage over using Azure's native firewall.

CloudGuard Network Security has helped reduce our organizational risk by about 15%. That is because of the ease of working with one big policy that spans the entire organization.

With CloudGuard Network Security, we get a unified solution. It does not matter if we are on AWS, Azure, or Google Cloud. The migration with Scale Set is nice to work with. It is very easy to upgrade and so on.

Scale Set is highly beneficial. It is easy to upgrade and maintain. 

It is pretty great in all aspects, but the integration could be easier, especially with Scale Set and related features. It was somewhat challenging a few years ago to set it up, but once completed, it worked well. Easier integration with on-premises solutions could be beneficial.

I have used the solution for about three years.

The track record is excellent, with nothing to complain about.

The scalability is great.

Their support is great. We get quick responses. The customer support consists of very talented people. They are nice to work with.

Positive

I have used Azure Firewall. I have not extensively worked on AWS. In Sweden, our focus is primarily on Azure.

We went with CloudGuard because we have been working with Check Point products for quite some time. It is an easy choice. We are already familiar with on-premises network security, so choosing the same in the cloud is a big benefit.

Maintaining the policy is not difficult at all with CloudGuard. In fact, it is easier compared to Azure Firewall, which seems a few years behind Check Point. The solution is effective for utilizing all security features Check Point provides. Although I have not used all CloudGuard features yet, its network security is akin to an on-premises firewall.

We have a CloudGuard in the cloud, and we use normal quantum gateways.

It was not as simple as on-premises, but there were good guides on how to do it, so we managed in the end.

We are the integrator in this case. We managed the implementation for one of the end customers. However, we had support from local Check Point representatives.

The main return on investment has been in the time spent working with the solution. Since everything is unified in both cloud and on-premises environments, troubleshooting is faster.

It has saved about 50% of the time. If we had two solutions, we would have to troubleshoot two solutions.

Handling costs is not my department. Licensing has been quite acceptable. It is a bit easier now, but when I began working with CloudGuard, it was a bit too technical.

My overall product rating is a nine out of ten. A slightly easier setup process would be great. Check Point is performing well. The cloud is evolving rapidly, and Check Point is keeping up efficiently. 

We have been using Scale Set with Check Point. We use it to scale up and down in Azure depending on the workload. It is scalable, and it is easy to scale up and down depending on the usage. If we have a lot of traffic, it automatically adds a new firewall, and if the traffic slows down, it just removes the firewall. I do not need to worry about the load because it would not be an issue when scaling.

The management server provides unified management. We save a lot of time by not having to log in to different platforms. It is good to have everything in the same place. It saves maybe half an hour a day.

We get good insights into security, and we are more secure because we have more insights than we would get from other products.

We are having issues with updatable objects in the Scale Set solution. It needs to be fixed by Check Point.

The setup instructions are not correct. They should be corrected. We sent the product feedback last week. Several things were misspelled and incorrect in the documentation, and it got updated.

We have been using Scale Set with Check Point for about four years.

We do not have any issues with the product. Usually, the issues are with the Azure platform, such as an Azure host going down. It is not a Check Point issue.

I have been working with Azure Firewall for five years. It is a lot smoother to work with Check Point. When it comes to rule sets and IPS, Azure Firewall does not have too many functions. It does not look nice, and it is not easy to make rules. It is a lot of a headache to work with Azure Firewall. It also costs a lot more.

We cannot get any fancy reports from Azure Firewall the way we can from Check Point. We do not have any insights with Azure Firewall. We get a lot better insights with Check Point.

It is easy if you know what to do. If you follow Check Point instructions, it is hard because the instructions are not correct.

I do not have too much to compare to, but if I compare it with Azure Firewall, Scale Set is quite good. It has quite a good price.

I can only speak for Scale Set. I would rate it an eight out of ten because it is a good solution. I like it.

My primary use case is to protect the cloud applications that we store specifically in Azure. 

It has helped our organization with security. We have other Check Point firewalls, so we can accumulate everything in one place and manage everything in one place.

It provides unified security management. It makes things easier and faster. We can manage it all in one place in one policy package. We do not have to worry about anything else.

It has helped us reduce our organizational risk.

The most valuable features for me are related to management. I can use the data center objects directly in the policy without worrying about specific static IP addresses. The data center objects update automatically if the IP addresses change. 

There is room for improvement in how it handles deployment itself, but I am not sure. It could be due to Azure's limitations, not Check Point's. Deploying a new firewall is quite bulky and not straightforward, especially in managing the resource group and networks. These issues seem to come more from the Azure part. It is hard to tell.

I have used the solution for about a year now.

The stability is good. I find it really good.

We do not use it regularly, but I tested it and it is quite good.

My experience with customer service was good. On a scale from one to ten, I would rate it a nine out of ten, leaving a gap for improvement.

Positive

I previously used Azure Native Firewall. Other solutions were just tested. We did not use them. We left Azure Native Firewall due to the firewall's slow performance, especially for operations like applying rules. The general functionality of that firewall was incomparable to CloudGuard. 

We have a hybrid environment. We have Azure Cloud.

The initial setup was fine for me. All the complications likely come from Azure. Generally, from Check Point's perspective, it is pretty simple to set up the firewall and attach it to the management. It is easy.

In terms of the implementation strategy, we follow a default or standard deployment plan for all firewalls. It is pretty much the same for on-prem and cloud firewalls, with some differences depending on the cloud, but generally, it is the same list of things to do.

We are integrating ourselves. We did it all in-house.

From the engineering side, it reduces the amount of time I spend on doing changes on the firewalls, like adding rules, which eventually saves money for the company.

Generally, it has been fine for me. I can find my way around the price list, and it is pretty simple.

We did a comparison before we went with CloudGuard, though not for this customer. We generally researched different solutions like Palo Alto, FortiGate, Cisco, and Azure Firewall. We mostly work with Azure, so we did not look into AWS or other solutions.

We went for Check Point because of its ease of management, security features, and cost. Check Point management is way easier. It saves so much time. That is why I prefer to stick to Check Point solutions. Check Point was also one of the cheapest ones. 

The management part simplifies many things. Regarding security features, there are good competitors, and I can replace Check Point with them easily, but it is the management aspect that makes it different for me.

In terms of security threats, I have not done a lot of heavy testing on threats, but my experience is pretty much on par with Palo Alto solutions. FortiGate is a bit less, and I did not even try Cisco security. In my experience, the easy management of Check Point makes all the difference.

I would rate the solution an eight out of ten.

The use depends on the case. I have many customers. Right now, I have one customer, and it's a collection of these functions. The basic ones involve making numerous rules in normal network security. I can protect my emails and files. If someone from my company tries to upload something from the Internet, and I don't know if it’s sensitive, this can help protect my data.

It allows us to make a lot of rules around network security. It helps us protect emails and files. We have the power to protect our data.

There's a whole range of functions that make up prevention against malware and everything. It’s not just one aspect that garners my attention - the whole application is being used to defend. Even as the complexity increases, it is maintained at the same level. And with increasing complexity, I become more efficient, so I have to spend at least the same amount of time.

CloudGuard Network Security provides our customers with unified security management across hybrid clouds as well as on-premise.

In terms of security operations, it helps people spend less time. Integrations make work more efficient.

So far, it's helped our companies to reduce organizational risk by 99%.

We're very confident in the secure cloud deployments and migrations. We feel more safe. It's reliable and it helps avoid mistakes. 

Everything is in one place, and it seems it's easier to use than before. Making it even easier is a good way to improve it more. When it's easier to use, there are fewer mistakes.

I have used the Check Point product for around six years now. 

Stability is okay. I am not aware of any potential stability issues. Check Point is one of the best vendors in this regard.

Performance scalability is good. For my customers, they can add what they want. This is what customers want: the options to get the scalability they need. We simply need to manage the traffic accordingly.

Every experience is different. Every ticket is different, and sometimes it's a little bit painful to pinpoint problems. Sometimes I have a quick solution. Sometimes I am angry, and sometimes I am okay with it.

Neutral

I have worked with Fortinet, however, not with integration into the cloud; it was on-premises solutions. So, I am not sure if I can compare the two, since it's different when it's on the cloud. 

My understanding is the initial setup should be easy. 

The licensing is a bit expensive. 

I'd rate the solution eight out of ten.

Primary use case is to use it for protecting the network.

I am working with the platform, but unlike a typical customer using it for protection, we are mostly using it for deployment and debugging.

The overall network security is good. It's big-picture, all in one bundle. It's valuable to have everything in one place instead of spreading across different products.  

Unified security management positively affects a company's security operations. They have one unified view of the security. I can connect multiple gateways to the management and have it in one place. I can have reporting and views in a single pane of glass on the consolidated platform. 

It's easy to use. The management is the best on the market. It's very easy to work with, read, understand, and navigate.

It helps increase our customer's security posture. We can see in some cases CloudGuard improves our customers' posture overall. 

It should be more unified across all platforms. There are different kinds of releases for private cloud, public cloud (HA), NSX, and VSX. It is a little bit different on every platform where I install it, and each platform has many limitations like SMB or Maestro. So I need to know that and decide on which platform I should install it on.

I am using the solution for about eight years on a daily basis.

It's mostly stable. There were some stability issues. But most customers have high availability.

Check Point is a leader in firewall scalability. Check Point Maestro is good and Elastic XL looks promising but the code between maintrain and scalable platform should be unified to have a match 1:1 in the terms of commands and limitations. 

Sometimes the customer service is good. Sometimes it is very bad and I have nightmares from it. The worst thing Check Point did was to move the support to India. There are some good people, however, most of the time, the engineers are not very good, just at a basic level. This needs an improvement.

When I am working on a problem and need help, creating a ticket for a particular issue takes about two weeks to get somewhere. I have to describe the issue multiple times, show what the real issue is but lately I have some very difficult issues and I have good engineers assigned to it, so lately my feedback is positive.

Neutral

Cisco ASA and Juniper. My main focus is 95% with Check Point. So I am using only Check Point. I am familiar with other products, however, I am not using them.

It is very easy to deploy. I have the installation with ISO. With ISO, I can install a firewall, the management, or both of them. I can just choose, and it is very easy. The ISO is unified in the new version, R82. I can install a firewall, management, log server, smart event or a combination. This is very efficient.

We dont buy we sell/distribute.

We as a distributor work closely with the licensing. The pricing has some downsides. It could be better and there could be better scalability of the licensing itself. There are just some licenses which are not on the table. Licensing should be more agile and additive.

It was not needed.

This solution would be more beneficial for my AWS side, for our applications. The platform is utilizing AWS, so it requires further protection through some enhancements, which involve allocating more resources into AWS. Check Point serves as our system. I consider it a business case to protect that application work on the cloud.

Check Point is one of the key aspects of our security. It's protecting the e-commerce side and some functions on the public side of the website. It plays a large role in protection.

The types of prevention functions, such as the IPS and other advanced features, provide significant value. 

Check Point is a product that doesn't require a lot of patching throughout the year compared to some competitors. This stability is beneficial for my customer-facing application workload, as it minimizes changes to the infrastructure. 

Maintaining a stable infrastructure that doesn't demand frequent attention is important to me. For our security engineering team in the bank, Check Point is definitely a key aspect. It safeguards our e-commerce side, functions hosted on the public website, our DMZ zones, and the e-commerce hyper-converged infrastructure. 

Overall, it plays a vital role in protecting both our customer-facing and internal company infrastructure.

CloudGuard Network Security provides us with unified security management across hybrid clouds as well as on-premise. We can have a hybrid solution which can be managed easily alongside what we already have on-premises. Rather than than have team layers of management, for example, one cloud separate and one cloud on something else, doesn't make sense. 

The centralization affects our security operations. We are already using a lot of Check Point. What they are already doing has been good for us. However, CloudGuard will add another layer of protection for the things we have in AWS. Any reluctance the organization may have for goign into the cloud, or multiple clouds, will be overcome by solutions like Check point, which is giving us a layer of comfort for our critical workloads.

We're confident in secure cloud deployment and migration. We're already an existing customer and we have a level of comfort with the solution. We know it will give us that extra layer of security and play their role and do what they are supposed to do.  

One aspect that I noticed is that we already have a substantial Check Point setup, so management is a consideration. I'd like to have an ease of management. That's important. I am anticipating the introduction of features like AI or advanced supporting functions on the on-premises side. This would be beneficial by providing insights into capacity and enabling me to project future needs, such as enhancements or additional layers for the Check Point infrastructure. Ease of management and reporting would be crucial for capacity planning and budgeting. If I see capacity increasing, I want to be able to plan appropriately.

I have been using Check Point for many years. However, we began doing some changes in firewalls and handling replacements since last year.

I believe it will perform quite well if it remains similar to what we are already using.

There have not been any scalability issues yet.

I have never had to struggle with customer service. My suppliers are really good partners. They always support us, backed by Check Point. Even if I encounter issues, Check Point's account managers maintain a close relationship with us. Whether through suppliers or direct contact, they are always helpful.

I have used previous solutions, however, I won't mention specific names. Since 80% of us are using Check Point, it doesn't make sense to replace the remaining 20% with something else.

The setup cost is reasonable, and many engineers are familiar with Check Point, making it easy to find someone to do the job. Suppliers and Check Point account managers maintain good relationships with the customers and suppliers.

I use a supplier, one of Check Point's partners, to support us. We utilize two Check Point partners, Indiguity 360 and D2B, to assist us in our Check Point journey and management.

The setup cost is okay. The cost overall is somewhat high compared to other vendors, whether firewalls or cloud-native solutions. Check Point may be on the pricier side, however, in the long run, it proves its value.

We have not done a POC with any other product.

I'm not on the technical side; I'm more on the management side of the product. We do have some rollouts still pending with Check Point. 

I would rate it an eight out of ten since I've never had a negative experience.