Sign in
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

CloudGuard Network Security All-In-One

Check Point Software Technologies

Reviews from AWS customer

22 AWS reviews

External reviews

201 reviews
from and

External reviews are not included in the AWS star rating for the product.


4-star reviews ( Show all reviews )

    reviewer2353149

Offers central console management that ensures we have uniform threat prevention policies

  • March 03, 2024
  • Review provided by PeerSpot

What is our primary use case?

I use it to protect our public cloud workloads today. It safeguards them directly from the internet and also from the corporate network. We have interconnected our Azure environments with our on-premises network, including our data centre. CloudGuard Network Security helps protect workloads within Azure from both the corporate network and the internet.

How has it helped my organization?

CloudGuard Network Security has significantly improved our operations. Its automatic scaling capability, based on the network load, eliminates the need for capacity planning. 

We don't need capacity planning anymore or do proactive actions in order to always have that capacity planning, it does it automatically. Our network engineers now focus on administering the entire cluster rather than managing individual members and their loads.

Our confidence in our cloud network security is pretty high, largely because of central console management. It ensures that we have uniform threat prevention policies applied globally, which significantly boosts our confidence in the system.

What is most valuable?

The most valuable feature for us is the scale set, which allows us to scale horizontally, vertically and dynamically depending on the traffic load.

It provides us with unified security management across both CloudGuard and on-premises environments. We use CloudGuard Network Security for Azure and have a single management console that allows full visibility into logs and consolidated logs across all environments. This ensures we maintain consistent IPS, IDS, and threat prevention policies across all regions and data centres.

What needs improvement?

There is room for improvement in the integration with PaaS services from the public cloud. It would be very helpful. A more cloud-native approach is needed because even it is PaaS services require public cloud resources, even if the traffic load is low. These resources are still required for high availability and resiliency.

So, a full PaaS solution with improvements on that end, basically.

For how long have I used the solution?

I have been using it for five years now. 

How are customer service and support?

We have many different firewalls worldwide in our environment. Check Point support provides direct, 24/7 support, even when some components may be outdated. Since almost 95% of our hardware is supported, they're still able to provide support for the remaining 5%, which is greatly appreciated.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We opted for CloudGuard primarily due to two factors, which ultimately became three. 

  • First was the Azure consumption cost, which was lower compared to competitors. 
  • Secondly, its plug-and-play capability is straight out of the box, as deployment is directly made from the Azure Cloud Marketplace. In contrast, with competitors, you have to manually import and deploy the image they provide, which isn’t off the shelf. 
  • The third factor was the scaling solution offered by CloudGuard, which we found to be the fastest.

How was the initial setup?

I was involved. It was straightforward, out of the box, plug and play. 

What about the implementation team?

We didn’t use a reseller or integrator; it’s really simple to deploy, and we had the capability to set it up on our own.

What was our ROI?

I haven't calculated it because we deployed CloudGuard Network Security as part of our cloud journey. The ROI wasn't calculated solely on that part; it was more about the overall process of closing the data centre and moving to the cloud.

What's my experience with pricing, setup cost, and licensing?

The licesning has some good features. For example, the scaling feature is free of charge, allowing multiple scale-ups and scale-downs over a two-week period, which is pretty good. 

However, since we are still on an IaaS infrastructure, we end up paying for firewalls that are operational without actually handling traffic loads. This is why a PaaS approach would yield more benefits for us.

What other advice do I have?

Overall, I would rate the solution an eight out of ten. The reason it's not a ten relates to the need for a more cloud-native solution that fits today's requirements. The deployment was five years ago, and we're still waiting for Check Point to evolve to truly have cloud-native capabilities.

I'd advise looking into the scale set feature and the out-of-the-box capability, which were really the silver bullets for us. It was a strong requirement, and if anyone is seeking that kind of solution, I would greatly recommend it.


    reviewer2350719

Helps to manage cloud traffic locally without routing it through data centers

  • February 26, 2024
  • Review from a verified AWS customer

What is most valuable?

I like the tool's ability to manage cloud traffic locally without routing it through our data centers.

What needs improvement?

The product needs to improve technical support.

For how long have I used the solution?

I have been using the product for four years. 

How are customer service and support?

The tool's support has been excellent. We can maintain our Check Point Firewalls effectively, both on-premises and in the cloud.

How would you rate customer service and support?

Positive

What's my experience with pricing, setup cost, and licensing?

The tool's monthly costs have undergone a significant reduction, dropping from approximately 12,000 euros to around 4,000. This represents a cost reduction of over 60 percent. However, it's essential to note that while costs decreased in some areas, they increased in others due to shifts in our environment. As our overall environment has grown, currently connecting 50 accounts to the cloud, it's challenging to directly compare costs with the state of our setup three years ago.

What other advice do I have?

Initially, we faced some challenges, especially with the AWS transit gateway, involving manual routing configurations and complex setup tasks. I rate the overall product a nine out of ten. 


    Achim Buettner

Protects the file server on the cloud and comes with threat prevention features

  • February 26, 2024
  • Review from a verified AWS customer

What is our primary use case?

Our use case for the product is to prevent or protect the file server in the Cloud. The plan is to gradually integrate more solutions behind it. We work with Azure and AWS. 

What is most valuable?

The tool's most valuable features are threat prevention and protection mechanisms. 

What needs improvement?

The connection to the on-premises management requires using the CLI. It's not just a click, and you cannot edit in the management to prepare everything. You need to do it online and in real time. After that, you must execute a script, and then you should be happy that it appears in the management.

For how long have I used the solution?

I have been using the product for five years. 

What do I think about the stability of the solution?

CloudGuard Network Security is stable. I haven't encountered any issues with its stability. 

What do I think about the scalability of the solution?

The tool is scalable. 

Which solution did I use previously and why did I switch?

Choosing between Palo Alto and Check Point is more of a personal preference based on the management you prefer. However, in terms of protection, both provide a comparable level of security, making you feel equally safe. The choice between Palo Alto and Check Point often depends on the customer. If a customer is already using Palo Alto, it might be challenging to convince them to switch to Check Point. 

How was the initial setup?

Deploying the product on different cloud platforms, like Azure or AWS, poses challenges due to variations in terminology and identification methods among platforms.

What's my experience with pricing, setup cost, and licensing?

CloudGuard Network Security's pricing is fine. 

What other advice do I have?

In most cases, we use the smart management on-premises. With the hybrid solution, we have one log visibility of every single management, which is an advantageous concept. I rate it an eight out of ten. 


    Darren Fine

Appreciate the CME plugin for automatically understanding assets within the cloud

  • February 26, 2024
  • Review from a verified AWS customer

What is our primary use case?

We use the solution for the ingress and egress, often for VMSS auto-scaling groups. This involves linking on-premises to the cloud and managing incoming traffic within the same cloud environment.

What is most valuable?

Customers appreciate the CME plugin for automatically understanding assets within the cloud. This information appears in the manager, allowing users to tag the assets and adjust policies and rules accordingly.

The IT personnel who transition from on-premises to the cloud experience the same understanding, knowledge, and comfort with the cloud environment, using the familiar interface they had on-premises.

What needs improvement?

People don't know about the tool's features. There's a lack of skill. Users require more knowledge on how to integrate it into the cloud environment and orchestrate routing. So, it's not necessarily a CloudGuard Network Security or Check Point issue but more about integration, knowledge, and understanding.

For how long have I used the solution?

I have been using the product for six years. 

What do I think about the stability of the solution?

The product's stability is good. 

What do I think about the scalability of the solution?

The solution's scalability is good. 

How are customer service and support?

The solution's support is good. 

How would you rate customer service and support?

Neutral

What's my experience with pricing, setup cost, and licensing?

The tool's pricing is good. Customers want it to be cheap. I consider the pricing to be elastic. CloudGuard Network Security is perceived as cost-effective compared to using the built-in tools provided by the cloud. Specifically, the VPN functionality is more economical in CloudGuard Network Security, where users can create multiple VPNs without additional charges for each VPN, paying only for the bandwidth. This is contrasted with cloud providers that may charge for each VPN on a per-minute basis, including Ingress and Egress costs.

What other advice do I have?

Unified Security Management provides a consistent interface and knowledge base, allowing those who were trained in Check Point for on-premise use to apply that same understanding across various cloud environments such as Google, AWS, Alibaba, Oracle, and more.

I rate the product an eight out of ten. There is always work to be done. However, some customers may find other technologies more understandable, and there could be a perceived difficulty in the human-computer interaction with Check Point. This might create challenges in comparison to competitors, as customers may find competitors' solutions easier to use.


    Erez Zelikovitz

Has features like next-generation firewall features, including anti-spam, IPS, and URL filtering

  • February 26, 2024
  • Review provided by PeerSpot

What is our primary use case?

We offer a full security and connectivity solution leveraging SD-WAN and SASE technologies. We partner with service integrators and providers who, in turn, sell the solution to business customers. Our solution is built on SD-WAN and SASE, facilitating the connection of offices and home users to the organization through various WAN connections. By aggregating multiple connections over the Internet, we deliver security and connectivity to meet the needs of retail and finance. We can help any vertical that needs a connection between the branch and the cloud.

What is most valuable?

We primarily secure our network using CloudGuard Network Security's next-generation firewall features, including anti-spam, IPS, and URL filtering. Our chosen package for the go-to-market strategy is NGTP. For customers seeking more features, we provide options to upgrade to the tool's advanced packages.

The product serves as a complement to our solution. While we integrate some firewall functionality into our edge device, we do not develop complete security solutions for the cloud. The combination of CloudGuard Network Security with SD-WAN connectivity allows us to offer a holistic solution.

What needs improvement?

The product needs to offer multi-tenancy. 

For how long have I used the solution?

Eight months ago, we initiated the integration with CloudGuard Network Security, and currently, we are taking it to the market and presenting it to customers. We have three customers who are on the verge of signing agreements with us.

How are customer service and support?

Currently, the technical support we receive is from the US. While there is a team in the US supporting us, there is a need for this support to extend to other regions.

How would you rate customer service and support?

Positive

Which other solutions did I evaluate?

We got discounts on pricing. 

What other advice do I have?

We utilize the tool's SmartConsole integrated into our management system. However, we encounter challenges with multi-tenancy. Since we integrate it as an application on the cloud we can integrate it with any other provider. We do think that the synergy with Check Point is very good because we also allow Check Point to move from the edge to the cloud while we provide security connectivity from the edge to the cloud. So we can support its transition from on-prem security solutions to the cloud. It looks like a very good win-win situation for both Check Point and BBT, and we see it in the market, bringing us big deals in Japan and France.

We can go with others as well in terms of architecture because our architecture is very open. We are a small company and cannot engage with everyone. We have good connections with Check Point in Israel. We also have some connections abroad. So far, we are getting good support. 

We have an application that is running on our cloud. Normally, our main cloud provider is Google, but we can run over any cloud. It could be a private cloud or any data center that provides virtual machines and connectivity. We are agnostic.

We are in several POCs in France, Japan, and Thailand, and they are progressing well. However, we need more presales support. There is a lack of knowledge about the solution in the regions, and we are finding it challenging to get sufficient support from those regions. There seems to be a gap in support that needs to be addressed.

It seems that the product is the answer that we need. We haven't identified any missing components in the security suite, apart from the operational challenges related to working in a multi-tenancy environment. I rate the product an eight out of ten. 


    reviewer2350698

Helps to inspect internet traffic

  • February 26, 2024
  • Review provided by PeerSpot

What is most valuable?

The tool's most valuable features are inspecting internet traffic and IPS. We can manage the firewall using shared policies from a single management server. 

What needs improvement?

The challenge mainly revolves around the slower functionality of virtual IP switching in Azure Virtual Network compared to on-premise solutions. On-premise, switching between clusters is faster, taking only a few seconds, while in Azure, it can extend up to five minutes. The downtime is a concern for us. 

What do I think about the stability of the solution?

CloudGuard Network Security's stability is good. 

How are customer service and support?

Overall, my experience with Check Point support has been positive. There were instances where basic questions were asked, even though I had already provided the information in the ticket. One ticket took two years to resolve. 

How would you rate customer service and support?

Positive

How was the initial setup?

The tool's deployment is more complicated than an on-prem setup. Setting up and managing CloudGuard Network Security in Azure presents some challenges. There are complexities in handling downtime in on-premise and cloud firewalls. Additionally, difficulties arise in deploying a new cluster for an upgrade, as the in-place upgrade might not function as expected.

The process of exchanging virtual machines in Check Point is currently complex. You cannot simply deploy a new machine and use it; instead, you need to navigate through several steps. This involves associating the new machine with a network group, entering various details, and sometimes providing the entire path to locate the object in the cloud.

What other advice do I have?

The tool is working well so far for normal use cases. I rate it an eight out of ten. 


    reviewer2178546

Helps to secure the Azure environment

  • February 26, 2024
  • Review provided by PeerSpot

What is our primary use case?

I use the product to secure the Azure environment. 

What is most valuable?

The tool's most valuable features are firewalls and IPS. 

What needs improvement?

There is room for improvement, especially concerning the integration with the management center. It would be beneficial if tasks that currently require scripts could be performed directly from the GUI. 

For how long have I used the solution?

I have been using the product for a year. 

What do I think about the stability of the solution?

The product is stable. 

What do I think about the scalability of the solution?

We faced issues with scalability. 

How are customer service and support?

The solution's support is good but can be improved. 

How would you rate customer service and support?

Neutral

What's my experience with pricing, setup cost, and licensing?

The product is too expensive. 

What other advice do I have?

We have moved our security level from on-prem to the cloud. The security posture is consistent. We can use the same storage system, monitoring system, and objects both on-prem and in the cloud. 

I am quite confident with CloudGuard Network Security. The primary reason for choosing the product over other cloud firewall vendors was to maintain the same solution as on-premises. Additionally, it offered a good level of security functionalities. 

I rate the overall product an eight out of ten. You should define your requirements before choosing the product. 

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure


    reviewer2350695

Provides cost and resource savings with faster deployment time

  • February 26, 2024
  • Review provided by PeerSpot

What is our primary use case?

We use CloudGuard Network Security to protect our customer's Azure environments. 

What is most valuable?

The tool's deployment is rapid. Its dashboard is also useful. It's easy to deploy both on-premises and in Azure. In an office with VMware running, deployment is a simple process. Similarly, in Azure, deployment is easy and scalable. Adding more CPUs is a straightforward task – just shut it down, modify the security, and restart. This ease of use translates into cost and resource savings, and faster deployment times.

What needs improvement?

Clustering in Azure is a bit different, not using the Check Point cluster but relying on load balancing. It's not as instant as I'm used to; in Azure, it might take around half a minute to a minute, and during this time, services could be down. The delay is attributed to Azure using its load balancing mechanisms instead of the Check Point cluster.

For how long have I used the solution?

I have been using the product for three to four years. 

How are customer service and support?

The tool's technical support is generally good. While there might be occasional delays, they usually manage to resolve issues. 

How would you rate customer service and support?

Neutral

What other advice do I have?

In Azure, when we refer to "size," it could be in terms of factors like the number of instances, bandwidth, or users. We use cloud-native platforms but prefer Check Point solutions. It is easier to manage since we know Check Point is on-prem. I have a high level of confidence in CloudGuard Network Security. I am familiar with Check Point and Azure. I rate the overall product a nine out of ten. 


    reviewer2350692

Helps save time with automation

  • February 26, 2024
  • Review provided by PeerSpot

What is our primary use case?

We place our CloudGuard Network Security gateways at the front on Azure, positioned with a load balancer. The configuration includes a load balancer and gateways on a virtual automation scale set in Azure. 

What is most valuable?

The solution is easier to manage than an on-premise firewall. It is easy to manage. The use of dynamic objects for these gateways made it easy to create the right rules and the right policies. Integration with Azure is also easy where we have to just add the subnets. In an on-premise setup, we have to add everything from scratch. We can automate a lot of actions.

What needs improvement?

We have the product deployed on Azure China. One crucial concern is the version limitation; unfortunately, in Azure China, we are restricted to running version R80. Our architecture has a Load Balancer, VMSS CloudGuard, etc. The duplication in this setup prevents the application from seeing the original client IP. This poses a problem for certain applications that require the original IP for login purposes. Although we managed a workaround with a different architecture involving a WAF, it is not as straightforward as the standard Azure setup.

For how long have I used the solution?

I have been using the product for two years. However, my company has been using it for five to six years. 

What do I think about the stability of the solution?

CloudGuard Network Security's stability is high. 

What do I think about the scalability of the solution?

The solution's scalability is good. 

How are customer service and support?

We typically open tickets with our partner, but there was one instance where they couldn't provide a solution. In that case, we opened a ticket with Check Point directly, and they responded within four hours, resolving the issue.

Which solution did I use previously and why did I switch?

We initially used on-premise solutions, starting with Juniper firewalls. However, when we migrated to Check Point for IPS protection, the experience was really good.

What was our ROI?

We have seen ROI with the product's use. It helps us reduce the manhours with upgrades and odd fixes. We can automate the process. It takes only a small amount of time. On-premise solutions require informing users about potential interruptions and, in worst-case scenarios, significant disruptions. The process involves extensive preparation, including ensuring that the necessary conditions are met for updating the cluster members one at a time. In contrast, on Azure, automation simplifies everything.

Which other solutions did I evaluate?

We tried to use Azure Firewall for one application as a proof of concept. However, Check Point is easier for us. 

What other advice do I have?

We operate in a hybrid cloud environment with both on-premises and Azure, but we don't currently use other cloud providers like Amazon. Our on-premises SmartConsole remains in use, and overall, everything is running smoothly. Our confidence in the product is high. We believe that we can do better with its help. I would rate it a nine out of ten because it's very good with high potency and potential. However, it's not perfect. I faced issues with Azure China, and it's not as straightforward on other cloud platforms.


    Matej Kacic

Offers flexible licensing options since every project requires different pricing

  • February 26, 2024
  • Review provided by PeerSpot

What is our primary use case?

Our primary use case is for segmentation and next-generation protection. 

What is most valuable?

Our clients choose CloudGuard as a natural progression of their solutions. They understand Microsoft and CloudGuard fits. They are vendor-oriented. They stick with Microsoft. They have a lot of experience with Check Point and this fits in. 

Check Point Management is the best and Azure management is also very good. It's simple and has high security. There are no additional costs which is one of the advantages. 

Compared to other solutions, CloudGuard is easier to use. 

What needs improvement?

I don't see much need for improvement. 

In Czech, we are a little behind the USA and Germany so we have matured in our mentality to move towards the cloud. 

Check Point could show us use cases that would help us in Czech and could help us with security threats in our specific country.

The level of confidence our clients have in their cloud network security using CloudGuard Network Security depends. Some are very confident but some are worried about information being exploited. When compared to other vendors, CloudGuard is the best when it comes to threat protection.

For how long have I used the solution?

I have been implementing CloudGuard for our clients for four years. 

What do I think about the stability of the solution?

It's stable.

What do I think about the scalability of the solution?

It scales well for our clients' needs. We have deployed over 2,000 servers.

How are customer service and support?

Support is good for CloudGuard. It could depend on the support person who is helping us. Different regions offer different levels of support. Israel and US offer the best support.

How would you rate customer service and support?

Positive

How was the initial setup?

It's easy for me to deploy. 

What's my experience with pricing, setup cost, and licensing?

Every project needs different pricing. I believe that when we talk with the particular guys, we will find a price for the customer. They are flexible in terms of that because we need to be flexible, and we have many companies who are aggressive with discounts. 

What other advice do I have?

I rate the overall product an eight out of ten.