Sign in
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

CloudGuard Network Security All-In-One

Check Point Software Technologies

Reviews from AWS customer

22 AWS reviews

External reviews

201 reviews
from and

External reviews are not included in the AWS star rating for the product.


5-star reviews ( Show all reviews )

    reviewer2355630

Gives a lot of visibility and we can manage all cloud environments from a central place

  • March 15, 2024
  • Review provided by PeerSpot

What is our primary use case?

We are primarily using it for access control for our various cloud environments from our on-prem resources.

By implementing CloudGuard Network Security, we wanted granularity and control of the traffic going through our different BDCs within AWS. We use one there. We also wanted identity awareness for going into cloud resources.

How has it helped my organization?

CloudGuard Network Security gives us access and visibility into what is going on in our cloud environments. Previously, we did not have any cloud instances. We were just managing the on-prem and then letting it go. It gives a lot of visibility. We could realize its benefits instantly.

CloudGuard Network Security provides us with unified security management across hybrid-clouds as well as on-prem. We were able to manage all of our cloud environments from one central place. We have got CloudGuard in Azure and AWS restricting traffic between those hybrid cloud environments.

We feel very confident in our cloud network security by using CloudGuard Network Security. We get what we would expect with an on-prem firewall. We get all of the functionality and security that we would expect from an on-prem firewall in the cloud. We did not go with our cloud vendor's cloud firewall because they were not able to meet a lot of the security standards that we needed.

What is most valuable?

The ease of deployment has been nice. It is like managing any of our on-prem firewalls.

What needs improvement?

The only pain points we have had with it were when we did major version upgrades. Rather than being able to do incremental upgrades on those, we had to completely redeploy. I know that has changed recently, but we had some hiccups when we did the upgrades. This is the only issue we have had.

For how long have I used the solution?

We have been using CloudGuard Network Security for over four years.

What do I think about the stability of the solution?

It is very stable. I would rate it a ten out of ten for stability.

What do I think about the scalability of the solution?

It scales pretty easily. At this time, I am not aware of any plans to increase its usage.

How are customer service and support?

Their support is great. I would rate them a ten out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did not use a similar solution previously.

How was the initial setup?

It is a private cloud. We have it in both our private Azure and private AWS restricting access between the individual BDCs and on-prem environment and between the two different cloud environments as well. 

It is primarily deployed by one team, but multiple clients use the cloud services.

What was our ROI?

I believe we have seen an ROI. We are able to manage it from an already existing management server that we are using for on-prem. Not having to have another product that we are managing outside of Check Point is a big plus.

Which other solutions did I evaluate?

We looked at cloud-native firewalls. They were not able to meet the security standards that we were able to get by using CloudGuard.

We looked at their IPS solutions with the cloud-native firewalls, but we could not go as granular. With CloudGuard Network Security, we could see the individual protection and fine-tune it.

CloudGuard Network Security is also easier to use than other solutions.

What other advice do I have?

I would rate CloudGuard Network Security a ten out of ten.

Which deployment model are you using for this solution?

Private Cloud


    Fabio Fukushima

Offers seamless deployment, rapid scalability, and user-friendly management, providing robust protection against threats with ease

  • March 15, 2024
  • Review provided by PeerSpot

What is our primary use case?

We utilize CloudGuard Network Security as virtual appliances deployed within virtual machines, acting as firewalls at the perimeter of our data center in QSaver. These virtual appliances safeguard all internet access originating from the virtual machines at our factory in Curitiba, Brazil.

How has it helped my organization?

The challenges we sought to tackle through the implementation of CloudGuard Network Security were to ensure the protection of our servers against threats and attempts to breach them via internet-facing avenues.

We found it advantageous due to its ease of implementation and use. There were no delays in receiving customer devices, which enhances security within the environment.

We enjoy all the benefits typically associated with physical appliances, even while utilizing virtual machines. Although it took some time for customers to fully grasp the benefits, as they weren't immediately clear, over time, they began to recognize the value it brings to their security infrastructure.

It offers us unified security management across hybrid CloudGuard deployments, as well as on-premises. The option to manage it bridges physical devices onto the data center. With consolidated logs accessible on the same management interface, it becomes highly convenient and straightforward to operate.

Comparing CloudGuard's network security to other solutions in terms of ease of use is challenging. Additionally, since we're already utilizing Check Point solutions, integrating it with hardware network security proves to be very straightforward and user-friendly.

We have a high level of confidence in the effectiveness of CloudGuard Network Security.

What is most valuable?

The SSL spectrum proved to be the most valuable for our incoming connections. This feature enabled us, for instance, to successfully prevent Log4J attack attempts.

What needs improvement?

New features have been introduced recently, but they have not yet been integrated into CloudGuard Vsec. It would be advantageous to have them implemented as they would improve the performance.

For how long have I used the solution?

I have been using it for three years.

What do I think about the stability of the solution?

It provides excellent stability capabilities.

What do I think about the scalability of the solution?

It offers good scalability abilities. We have a plan to increase the utilization of CloudGuard Network Security and its services in the future.

How are customer service and support?

I am satisfied with the customer service and support provided. I would rate it eight out of ten.

How would you rate customer service and support?

Positive

What about the implementation team?

In our deployment environment, each instance is strategically positioned at the forefront of the web servers within the data center, effectively serving its purpose. Specifically, it functions to regulate internet access for the servers and manage inbound connections from internet customers to the servers.

It's remarkably easy to deploy, by far the simplest. For instance, it only took us a few minutes to transition to production. This capability is incredibly beneficial, as it allows us to swiftly assist customers during emergencies by deploying a firewall and addressing any threats they may encounter.

What was our ROI?

Determining the return on investment can be challenging; however, we've observed other companies operating in the same sector with similar approaches. Despite encountering attacks, we have yet to experience any incidents. This absence of incidents serves as a metric for us, indicating the reliability of our alternative solution.

What's my experience with pricing, setup cost, and licensing?

The pricing is highly competitive and advantageous, offering great value.

What other advice do I have?

I recommend others to give it a try because of its simplicity in deployment, scalability, and usability. Overall, I would rate it ten out of ten.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other


    Allan Vasquez

Makes policy management easy and helps to improve security score and uptime

  • March 07, 2024
  • Review provided by PeerSpot

What is our primary use case?

We use it to analyze all the traffic in our network. It is the main tool for security services and networking in our company.

How has it helped my organization?

We increased our security score by introducing the tool. We are continuing to grow and improve. In terms of policies, we have a lot of benefits in terms of the security cluster and how it works.

CloudGuard Network Security provides unified security management across hybrid-clouds as well as on-prem. We have a hybrid scenario in the company. We have 3% of services in the cloud, and we can use the same clusters and the same policies that we have on the on-premise side for our cloud services. We have the same benefits for both.

We are pretty confident in our cloud network security using CloudGuard Network Security. We are not exactly an Internet-exposure company, but we have a cloud setup. We are pretty confident with its configuration assessment. With Check Point as our partners, we are protected, and we can be confident in our security.

What is most valuable?

Microsegmentation is very useful for us because we minimize the surface attack. The easy management of the policies is great for us because we are a small team and having easy management is great and useful for us.

What needs improvement?

At this point, we are very happy with what is happening with their horizon. At CPX, we heard that we can see all the things on the same platform. That is what we have been asking for, and hopefully, we are going to start seeing it this year.

For how long have I used the solution?

I have been using CloudGuard Network Security since 2020.

What do I think about the stability of the solution?

It is stable. I cannot remember a time when we had any issues with it. Our operations are 24/7.

What do I think about the scalability of the solution?

It is scalable. We do not have any problems with it.

How are customer service and support?

We have had a good experience with the support and customer service, and we are happy with them.

I would rate them a nine out of ten. A unique issue that we have is related to the language. When the first level of support cannot resolve an issue and the issue needs to be escalated, we have a language challenge because the team is based in India. There are some limitations on both ends.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We used our cloud vendor's security but did not get as many details when we had any issues. We immediately moved to Check Point, and we are more confident of Check Point.

At first, we used Azure and Defender, and before we changed to CheckPoint, we used ESET. So, we had ESET and then we started rolling out Check Point. We had a mix with the cloud vendor solution, and then we went for Check Point.

How was the initial setup?

We have a mix of on-premises and cloud. We use the Infinity services.

My team deployed it. I have three security engineers on the team, and with the help of Check Point, we deployed it. We upgraded very recently in December, and it was a good experience. It has been running well.

What about the implementation team?

We used the services of a company based in Panama. With the Infinity contract, we had some professional time with Check Point, and they helped us set up some of the things. They reviewed some of the things that we deployed, so we have all the best practices.

What was our ROI?

I do not have a lot of details on that, but our uptime is pretty high. 

What's my experience with pricing, setup cost, and licensing?

It is an expensive product, but when you realize that you need it, it does not feel so expensive.

We have had a good experience with them as partners. They have helped us with designing and having good architecture and the best equipment at the best prices. We find it a good deal. 

Which other solutions did I evaluate?

We evaluated Microsoft's security suite. The thing that made us decide on Check Point was that Check Point had the least zero-day attack score. We have a lot of solutions from Check Point, and we stayed with Check Point.

We are now not evaluating other solutions because, since 2020, we have chosen Check Point as our partner. It continues to be the best solution for us to improve our score. We are not looking for software solutions from other vendors.

We always keep track of the service and the score, and with Check Point, there has always been the highest score.

What other advice do I have?

I would rate CloudGuard Network Security a ten out of ten. We are happy with the uptime and management. It is a good tool, and it provides a lot of value for us. We are happy.


    reviewer1832184

Provides virtual machine scale sets and multi-domain security management server

  • March 07, 2024
  • Review provided by PeerSpot

What is our primary use case?

When we began our digital transformation, we had already invested in on-premises Check Point firewalls. We desired the same level of security in the cloud along with the elasticity that the cloud demands.

How has it helped my organization?

We have a standard security policy across the organization. Our layered security, including North-South and East-West firewalls, is fantastic.

Compared to the other solutions for identity-based threat detection, the malware and threat prevention capabilities are key features that we have enabled – we actually use all the available features. 

On several occasions, we've benefited from zero-day protection. It acts immediately when something is discovered, while other solutions might take much longer to react.

I'm confident that as long as we keep up with the advancements that Check Point continues to make, our security posture is in good hands.

What is most valuable?

The virtual machine scale sets were crucial, offering the ability to scale up and down. 

It was very easy to install the solution, and the architecture meant we didn't have to worry about exceeding the solution's capacity.

CloudGuard Network Security provides unified security management across our cloud and on-premises environments.

We integrate our management servers with the Check Point Multi-Domain Security Management server. This allows it to interact with Check Point CASB and our SIEM. As alerts arise, we're able to triage them effectively.

What needs improvement?

In future releases, I would like to see the data loss prevention (DLP) feature could scale along with the virtual machine scale sets.

For how long have I used the solution?

I've been using CloudGuard Network Security since approximately 2019.

What do I think about the stability of the solution?

The overall stability is there. Our firewalls monitor our most crucial systems. If those firewalls went down, it would take out almost our entire cloud network.

What do I think about the scalability of the solution?

The scalability is great. 

How are customer service and support?

We have Check Point's Diamond support, and they have been fantastic. It's a true partnership, and we always work together to find solutions for anything that's needed.

We have weekly meetings with our sales team, our architecture team, and their team. They are truly integrated as part of our organization.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We had our native cloud firewall. Our native cloud firewalls lacked intrusion prevention and advanced malware protection. 

They offered basic stateful firewalling, and we wanted a more robust solution for our security needs.

When we designed our cloud architecture, Check Point was the primary solution we chose.

How was the initial setup?

It's simple to set up and easy to tear down or upgrade. This provides us with a lot of flexibility in testing.

What about the implementation team?


Which other solutions did I evaluate?

We did evaluate other solutions. We evaluated other web application firewalls (WAFs). 

The ease of use is great. Creating firewalls within templates is straightforward. 

The overall depth of features within the solution is one of the key reasons why we chose Check Point as a long-term partner.

What other advice do I have?

Overall, I would rate the solution a ten out of ten. 

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure


    Financial Services

Shielding Networks in the on cloud applications

  • March 06, 2024
  • Review provided by G2

What do you like best about the product?
Its comprehensive threat protection capabilities, which seamless integrate with cloud environment traffic logs, while offering robust threat analysis, network traffic visibility, and user account activities on all our applications.
What do you dislike about the product?
The cost of licensing and maintenance could be a drawback for organizations with budget constraints, especially for smaller businesses or startups.It has the limitations the network security is only supported on vpc traffic and cloud trail logs only.
What problems is the product solving and how is that benefiting you?
It will helps us to monitor and analyse cloud network logs continuously and will reduce the risk of traffics from the attackers and malicious requests.


    Jan Vobruba

Offers a user-friendly and efficient interface

  • March 03, 2024
  • Review provided by PeerSpot

What is our primary use case?

I can easily secure communication between our Azure Stack Hub and local Azure environments using CloudGuard gateways. This ensures that when I deploy applications in Azure, I can securely access databases and other resources in my local environment through a VPN channel. It is a straightforward way to keep everything protected as I work between the cloud and on-premises infrastructure.

What is most valuable?

The central management feature is a big plus, allowing us to manage both local and cloud gateways from one platform. Another advantage is the unified logging system, which makes it easy to track all communications. Index logs enable us to see all of the logs with all of the features in one place. Unlike other solutions like Palo Alto's Panorama, where checking logs can be cumbersome, CloudGuard's interface is user-friendly and efficient. I have to manually click on every log, one at a time. This helps streamline our deployment process, as I focus on the initial setup before handing it off to other departments for ongoing management.

CloudGuard's ease of policy creation and centralized logging are definite strengths.

What needs improvement?

There is room for improvement in addressing bugs and support issues. Communication with support, particularly with certain teams, can sometimes be challenging and slow, impacting problem resolution. 

For how long have I used the solution?

I have been working with CloudGuard Cloud Network Security for almost eight years.

What do I think about the scalability of the solution?

We use CloudGuard to manage 15,000 people. We have ten applications and 14 subscriptions.

How are customer service and support?

The Israel tech support is better than other regions because they respond quickly and help us resolve our issues.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

Check Point's management interface is easier to use compared to products like Palo Alto's Panorama and FortiManager. 

Palo Alto and FortiManager are more complicated than CloudGuard.

When it comes to identifying security threats, CloudGuard is on par with other solutions. While Palo Alto doesn't have zero-day protection, it ultimately depends on how customers configure their security rules.

How was the initial setup?

I'm quite pleased with CloudGuard because it is incredibly easy to deploy. Whether I'm using the marketplace or SmartConsole, setting up the gateway takes just a few seconds or minutes, and connecting to local or cloud management is seamless. 

Deploying Check Point CloudGuard has been generally straightforward, but we have encountered challenges with Azure Stack Hub due to feature discrepancies with public Azure. The absence of a console in Azure Stack Hub and outdated versions can pose issues. However, if project preparation and resource allocation are done correctly, deployments usually go smoothly. Typically, we purchase between two to six cores for our deployments.

If we prepare the right CPUs it's okay.

What's my experience with pricing, setup cost, and licensing?

The pricing is okay. I know the cost for the competitors and CloudGuard pricing is fine. It is cheaper than other firewalls.

What other advice do I have?

Overall, I would rate CloudGuard Cloud Network Security as a ten out of ten.


    Ajdin Heric

Comes with threat prevention, HTTPS inspection, and the Anti-Bot blade features

  • March 03, 2024
  • Review provided by PeerSpot

What is our primary use case?

The solution helps to protect our customers at the perimeter. We have integrated the solution into our NSX environment. 

What is most valuable?

The tool's most valuable features for us are threat prevention, HTTPS inspection, and the Anti-Bot blade. Threat prevention helps to protect our assets from threats. HTTPS inspection ensures secure communication, and the Anti-Bot blade is particularly helpful in detecting C2 servers, enhancing our ability to identify malicious activities and protect our network.

We can confidently assert that we are among the top cloud providers, protecting our customers from external threats. With Check Point's CloudGuard Network Security, we offer attack services protection. 

What needs improvement?

CloudGuard Network Security needs to include new features. One specific feature I would like to see is the ability to protect external resources using single sign-on integration with various identity providers, including custom identity providers. Its pricing could also be cheaper. 

For how long have I used the solution?

I have been using the product for six years. 

What do I think about the stability of the solution?

CloudGuard Network Security is stable. 

What do I think about the scalability of the solution?

CloudGuard Network Security is highly scalable in our virtual environment. We can easily add more ports, and it functions perfectly. We use it in cluster mode, deploying multiple Check Point clusters horizontally and vertically, making scalability easy and excellent.

How are customer service and support?

I find Check Point's technical support to be excellent. We have premium support, and whenever we open a case, especially for high-severity issues, we receive a phone call from their support team.

How would you rate customer service and support?

Positive

How was the initial setup?

CloudGuard Network Security's deployment is straightforward. 

What's my experience with pricing, setup cost, and licensing?

The product is expensive but also valuable. 

What other advice do I have?

CloudGuard Network Security provides unified security management across hybrid clouds as well as on-premises environments. It helps to manage everything from a single point. 

I have been exploring Harmony SASE for remote security and zero-trust access in some proof-of-concept activities. Also, I'm checking out the CloudGuard Web Application Firewall for safeguarding our applications on the internet.

I rate the product a ten out of ten. We have had a great experience with Check Point, and we haven't faced any major incidents or attacks compromising our organization. It has helped us detect activities on our endpoints. 

I would genuinely recommend it. Check Point is easy to manage, implement, and configure. The support is excellent, and the constant threat intelligence updates ensure protection against various threats. It's truly an amazing product for securing your environment.

Which deployment model are you using for this solution?

On-premises


    Paulo Lemos

Protects virtual data centers and offers savings on money

  • March 03, 2024
  • Review provided by PeerSpot

What is our primary use case?

We use the security gateways to protect the virtual data centers. 

What is most valuable?

The most valuable feature for us is the ability to run the gateways as virtual machines in our virtual data center. The tool protects the virtual data centers. 

What needs improvement?

The solution's integration with cloud providers has seen significant development in the past months, but there is room for improvement for better integration.

For how long have I used the solution?

I have been using the product for two years. 

What do I think about the stability of the solution?

CloudGuard Network security is stable. 

What do I think about the scalability of the solution?

Scaling up is straightforward, involving the purchase of additional licenses and allocating virtual CPUs to the client.

How are customer service and support?

CloudGuard Network Security's support is good. I would like the support to be faster. However, it is not possible all the time. 

How would you rate customer service and support?

Positive

How was the initial setup?

The tool's deployment is straightforward. 

What was our ROI?

My customers have experienced ROI with the tool's use. If there's a security issue, it can lead to downtime or loss of data, which means losing money. So, the main focus is on the financial aspect. Security is also one of the benefits of using the product. 

What other advice do I have?

We have both cloud and on-premises deployment models. The solution offers protection and full visibility of traffic on cloud solutions. It is rock solid and comes with proven technology. We can benefit from its detection rates and security. I rate the overall product a ten out of ten. It is a straightforward solution that uses existing technology. We don't have to learn new technology. We can use what we know and deploy it on to the cloud. 


    Hans Moggert

Comprehensive protection for cloud environments offering seamless scalability and consolidated logging for enhanced security

  • March 03, 2024
  • Review provided by PeerSpot

What is our primary use case?

We use it to protect cloud infrastructure, workloads, and applications from advanced threats and attacks.

How has it helped my organization?

For our operations team, CloudGuard proved to be the ideal solution. Troubleshooting became much simpler as all traffic—allowed or blocked—could be found in a single point, the SmartConsole. Integrating CloudGuard with VMware was straightforward; we established a connection between Check Point Management and VMware, allowing for the automated deployment of CloudGuard in NSX as a service. This automation made deployment and management a breeze, allowing us to easily specify the number of CloudGuard instances needed, which would then be deployed automatically.

CloudGuard's integration with the SmartConsole ensured continuity for our administrators, who could continue using familiar tools and methods. The ability to manage everything within the virtual environment provided speed and flexibility. With CloudGuard, we could define rules to control traffic with precision, redirecting or blocking as needed. 

Check Point's approach of preventing threats at the outset aligns with this perspective, eliminating the need to constantly battle against incoming threats. This proactive stance instills a strong sense of security, as it significantly reduces the likelihood of breaches. Given our positive experiences and lack of any negative encounters with the product, we feel extremely confident in its ability to safeguard our environment effectively.

One of the most crucial and beneficial aspects of Check Point is its ability to consolidate and present logs in a clear and easily accessible manner. This centralized approach offers immense value, as it allows users to access all network security information from a single point, eliminating the need to navigate through multiple tools and sources. With Check Point, users can conveniently find and manage all security-related data in one centralized location.

What is most valuable?

Its centralized control, ease of use, and flexibility are the most valuable for our data center security.

What needs improvement?

The licensing structure is unclear, so a transparent and flexible licensing structure would be preferable.

For how long have I used the solution?

We have been working with it for five years.

What do I think about the stability of the solution?

In terms of stability and reliability, the virtual machine running CloudGuard functions seamlessly and as anticipated, demonstrating no issues or disruptions.

What do I think about the scalability of the solution?

Regarding scalability, you have the flexibility to deploy as many instances as necessary. If additional instances are required, you can easily add them to production by obtaining the necessary licenses.

How are customer service and support?

While we haven't encountered significant issues necessitating support, we did face occasional challenges with perimeter gateways rather than CloudGuard itself.

Which solution did I use previously and why did I switch?

Before this project, we collaborated with a sister company that utilized Cisco ACI, but it didn't prove to be the right fit. Considering our longstanding partnership with Check Point as our security provider, particularly for network and cloud traffic, choosing CloudGuard for East-West traffic inspection seemed like a natural extension. Additionally, observing our sister company's positive experience with CloudGuard on Cisco ACI further reinforced our confidence in the product as the best solution for our needs.

What about the implementation team?

Initially, we sought the help of a partner for deployment, but for upgrades and migrations, we largely handled them ourselves. Fortunately, these processes weren't overly complex, and we found helpful documentation on the Check Point website to guide us through them.

What's my experience with pricing, setup cost, and licensing?

When we initially adopted CloudGuard, we operated under a different licensing model based on the number of hosts. The licensing model has since transitioned to a cluster-based variant.

Which other solutions did I evaluate?

Overall, I would rate it ten out of ten.

What other advice do I have?

For any private cloud data center leveraging software-defined networking through VMware or Cisco ACI, CloudGuard stands out as the optimal choice. It offers unparalleled flexibility and ease of management, making it the ideal solution for customers already utilizing Check Point in conjunction with virtual networks within their data centers.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other


    reviewer2350659

Does what it is designed for and matches what we have on-prem

  • February 26, 2024
  • Review from a verified AWS customer

What is our primary use case?

We are using it for perimeter inbound and outbound detection.

It is running in an EC2 instance in AWS.

How has it helped my organization?

For the move to the cloud, normally, you adopt a cloud solution, but big companies like ours have to control the roles in place and keep the standards that we have on-prem. We adjust it to the way the cloud works, but we still have the traditional firewall, similar to on-prem. We have the same management capabilities. We have the logins. It is just a central way of managing. 

It saves time for us. We adopted the cloud solution as much as we could, but in terms of security, we wanted to keep the same method that we were using for security, and we wanted to use the knowledge that we already had.

What is most valuable?

It matches what we have on-prem. We kept the same management and the same functionality that we were having on-prem. It has simplified things for us because there is no new dashboard to touch.

What needs improvement?

The relationship between AWS and Check Point could be better. We had issues related to the type of instance and how it interconnects with AWS or cloud-native solutions. We overcame the pain points that we had, and now, AWS is evolving in a way that will facilitate how Check Point works. Our pain points were minimized, but they were there.

There could be more capabilities around the management protocol itself. We deploy the boxes very easily with the software. We want automation. We are already using it to deploy instances in AWS regardless of whether it is Check Point or something else we use. Integration is already there, but there is a possibility to have more functionalities. We are in a good state, but there can be new features.

For how long have I used the solution?

I have been using CloudGuard Network Security for two years.

What do I think about the stability of the solution?

It is tricky to distinguish because we have the software and we have the instance. There is the tricky part of AWS not sharing some information around the instances where the software runs and then saying that it is a software issue and not sharing deeper details. Check Point struggles with having that information directly from AWS. 

So, there is room for improvement if Check Point wants to be a native-use solution in AWS, for example, which is our main provider. It is tricky, and I understand. It is also about how Amazon or AWS manages their data centers. They do not disclose some information. In terms of throughput, performance, etcetera, they do have the numbers, but when it comes to some issues, nobody can explain or when an issue is from a network background, there is no explanation. Finger-pointing is not a solution. 

There should be more sharing of information between them directly, not involving the customer. In the end, we were able to sort things out. We had to read between the lines. They were not disclosing exactly what was the problem. Check Point did not see any issues with the software, and in the end, it was about how the instances in a shared environment inside the AWS run and how they control the resources on each virtual machine that the customer runs. That is their way of doing business. AWS wanted to run it on a bigger box. In the end, I was able to overcome all the issues with a different instance type that was never proposed to us. It was a matter of the CPU generation that was being used on the instance. It was not the fact that the machine was not able to cope with it.

What do I think about the scalability of the solution?

That goes back to how the AWS services run because the software runs in any virtual box. It is exactly the same software that you can use in a physical box. We never had a need to use Autoscale so far. We have tested Autoscale. We have seen it working, but we never had the need. We are in a stable environment, and we foresee when it is needed ahead of time to avoid any bottleneck. It has been running without issues.

We have 12 active AWS versions worldwide. Three of them are the main data centers that we use. In every data center where we have AWS, we have at least different architectures of products, so our environment is quite big.

The management is standardized between all regions. They run exactly the same way with exactly the same purpose. It is standardized. We define the architecture and when there is a need, we have the solution already available.

How are customer service and support?

Over the last three years, I rarely used them. We did not face issues that needed support from Check Point. We were able to fix all the issues we had because there was either an upgrade available or a knowledge article available showing how to fix it. All our support cases are more around RMA.

How would you rate customer service and support?

Positive

What was our ROI?

The added value is not the software itself. The added value is the way we can easily change the capacity of a virtual box that we run the software on. Keeping the same software, we can change the VM capacity to higher or lower depending on the needs. The return on investment is the simplicity of being flexible in that way.

What's my experience with pricing, setup cost, and licensing?

It is the most expensive part of the product. There is a lot of room for improvement. Security comes with a price, but it is still a big chunk just for the service.

Which other solutions did I evaluate?

We tested the native solution of AWS, but we decided to go ahead with our own existing solution on-prem being reflected in the cloud environment. We already had the knowledge and expertise internally. The central management platform and logging were already there. A multitude of features that we were already using were common.

In terms of ease of use, everything in the cloud is new, so there is a learning curve. They are adjusting the layer features in AWS native tools, but Check Point has the advantage of knowledge. We already had familiarity with it, and Check Point itself has a good knowledge of the market. They are experienced in security solutions.

We have not been that exposed to AWS. We are very happy with the availability of Check Point and so forth. So far, when the biggest threats came, Check Point always reacted faster than any other.

What other advice do I have?

There is no real issue with the software itself. It does the job. It does what it was designed for. I can rate it a ten out of ten because it is exactly like the on-prem software physical appliance. There is no difference for us.