Check Point CloudGuard WAF
What do you like best about the product?
What I like best about Check Point CloudGuard WAF is that it gives solid protection for our web applications without being hard to use. It automatically detects and blocks threats like SQL injection, cross-site scripting, and other attacks, so we don’t have to worry about constant monitoring. It also keeps everything running smoothly without slowing things down. The setup is straightforward, and the dashboard makes it easy to see what’s happening.
What do you dislike about the product?
Some advanced settings can be a bit complex at first, but it works well once set up.
What problems is the product solving and how is that benefiting you?
Check Point CloudGuard WAF helps protect our web applications from common threats like SQL injection, cross-site scripting, and bot attacks. It blocks harmful traffic before it reaches our systems, which keeps our apps safe and running smoothly. This saves us time, reduces the risk of downtime, and gives us peace of mind knowing our web services are protected without needing constant manual monitoring.
Effective and User-Friendly Web Application Firewall
What do you like best about the product?
What I like best about Check Point CloudGuard WAF is its strong integration with cloud-native environments. It works seamlessly with our AWS deployment, and the automated protections help us stay ahead of evolving threats without constant manual tuning. The UI is intuitive, which makes managing policies and viewing logs much easier, even for team members who aren't deep into security. I also appreciate how responsive the threat intelligence updates are—there's a clear sense that we're being protected with real-time data. Overall, it gives us peace of mind knowing our web applications are secure without creating unnecessary complexity.
What do you dislike about the product?
While Check Point CloudGuard WAF is a solid solution overall, there are a few areas that could be improved. Occasionally, the initial configuration can be a bit time-consuming, especially for more complex environments. Also, while the documentation is helpful, some sections could benefit from a bit more clarity or real-world examples. That said, once everything is set up, the platform runs smoothly and delivers reliable protection.
What problems is the product solving and how is that benefiting you?
Check Point CloudGuard WAF helps us protect our web applications from common threats like SQL injection, cross-site scripting, and bot attacks. It’s particularly valuable in our cloud environment, where scalability and automation are key. By automatically adapting to new threats and integrating smoothly with our DevOps workflows, it reduces the need for manual intervention and speeds up our response time. This not only strengthens our security posture but also frees up our team to focus on other priorities without worrying about constant monitoring or complex rule updates.
WAF for Daily Life
What do you like best about the product?
facilitate the administration and it is very intuitive
What do you dislike about the product?
how easy it is to handle it, plus the interface is very easy to learn quickly
What problems is the product solving and how is that benefiting you?
Protection of applications
Has provided real-time protection against web attacks and improved visibility across hybrid environments
What is our primary use case?
The main use case of Check Point CloudGuard WAF is for application protection.
Check Point CloudGuard WAF provides protection from OWASP threats, and secures web applications from common vulnerabilities, such as SQL injection, cross-site scripting, cross-site request forgery, and remote file inclusions.
What is most valuable?
The best feature of Check Point CloudGuard WAF is advanced threat prevention integrated with Check Point threat cloud intelligence, which provides real-time protection against web application attacks including zero-day threats, automatically receiving updates from the threat cloud and analyzing millions of indicators of compromise daily.
Cloud intelligence means that Check Point CloudGuard continuously collects threat data from global resources such as firewalls and sandboxes, analyzing billions of IPs, URLs, and behaviors using machine learning, distributing updates, security signatures, and threat profiles to CloudGuard WAF in real-time, automatically applying updated protection without manual interventions.
For how long have I used the solution?
We have been using Check Point CloudGuard WAF for the last two years, and this is a very useful product.
What other advice do I have?
I monitor the volume of the type of traffic our web applications receive and understand the types and threats targeting our environment.
Check Point CloudGuard WAF effectively detects or blocks malicious SQL queries in real-time, protecting our web application from exploitation. To block SQL injection in Check Point CloudGuard WAF, I access the CloudGuard WAF console, log into the Check Point CloudGuard WAF management console using administrative credentials, then navigate to the security policies or application security section of the console, where the firewall rules of the protection are configured. In the web security policy setting, I verify that the SQL injection protection is enabled, which is typically a predefined feature within the WAF rule set activated to detect and block SQL injection attacks. Check Point CloudGuard WAF comes with predefined SQL injection attack signatures based on known patterns and payloads commonly used in SQL injection attacks, and I ensure the SQL injection signature set is enabled so that CloudGuard can detect and block common SQL injection techniques.
I find no issues in software testing details with our predefined feature-rich template, providing automated security incident handling with real-time visibility and control across multi-cloud environments.
Achieved improved security compliance with comprehensive visibility across cloud environments
What is our primary use case?
We have over ten root domains that we need to protect through the firewall. All our hosts are in
EC2 instances, and it is challenging to protect them by using any
AWS load balancer or shields. Therefore, we have implemented
Check Point CloudGuard WAF as a solution to protect all these domains from the open internet. It supports all environments, including on-premises,
Azure,
AWS, and we have also implemented it for
CDN URLs as well.
How has it helped my organization?
It has improved the overall security posture of our organization. Earlier, our security score was around eight to nine, which increased after implementing
Check Point CloudGuard WAF. We have achieved NIST compliance, and now ninety-five percent of the environment compliance level is equal to ninety-five percent.
What is most valuable?
The support of the root domain is one of the best features, as is the support for the
CDN and advanced load balancer. These are key features that differentiate Check Point CloudGuard
WAF from other vendors. Additionally, rate limiting is another significant feature of the
WAF.
What needs improvement?
The UI interface needs improvement because there are a number of bugs. Integration with the
SIEM platform is currently one of the key challenges that need to be addressed.
For how long have I used the solution?
We have been using Check Point CloudGuard WAF for the last six months.
What do I think about the stability of the solution?
I think Check Point CloudGuard WAF is stable.
What do I think about the scalability of the solution?
It is a SaaS-based model, and we have not encountered any scalability issues. They have sufficient resources, and there are no challenges from a scalability perspective.
How are customer service and support?
The customer support is good. They have skilled personnel to provide support.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We did not use a different solution prior to this.
What was our ROI?
The return on investment is reflected in the improvement of the overall security posture. While it does not have a direct monetary impact, it enhances security with an improved NIST compliance score and better overall security scores for our organization.
What's my experience with pricing, setup cost, and licensing?
Pricing and setup costs are fine. It is less costly than
Cloudflare, Fortinet, and other vendors. Additionally, it is less costly than the OEM.
Which other solutions did I evaluate?
We evaluated
Cloudflare and Fortinet.
What other advice do I have?
I would advise others to use and implement Check Point CloudGuard WAF as a solution in the firewall segment. Check Point has been in this segment for two decades and is more stable than other firewall vendors. I recommend using it and implementing all the features it offers. Overall, it's a good solution, and it fulfills all our core purposes, providing complete visibility and security. That's why I rate it ten out of ten.
AI/ML engine reduces false positives and improves workflow efficiency
What is our primary use case?
The primary use case for Check Point CloudGuard WAF is for protecting web applications and APIs. We use it for web apps and APIs we want to protect.
How has it helped my organization?
Check Point CloudGuard WAF has improved our organization by providing protection against web application attacks such as SQL injection, cross-site scripting, and bot threats. Its automated threat prevention and real-time traffic analysis reduced manual intervention and response time. Integration with our cloud infrastructure enabled seamless deployment and scalability, while centralized visibility helped enforce consistent security policies across all environments.
What is most valuable?
The most valuable feature is the AI/ML engine, which does the job for us and mainly reduces the number of false positives and adapts accordingly. It significantly impacts workflow efficiency, allowing us to focus more on other fields. After implementing it, we have better results in vulnerability and penetration testing and scanning.
What needs improvement?
CloudGuard WAF could improve UI simplicity, reduce false positives, and enhance policy management. Future releases should include better bot mitigation, behavioral anomaly detection, compliance templates, advanced threat intel integration, and streamlined multi-cloud support to boost protection and usability.
For how long have I used the solution?
I have been using the solution for one year.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
Its scalability is inherent to its SaaS solution.
How are customer service and support?
The customer support is great.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We did not have any other solution before using Check Point CloudGuard WAF.
How was the initial setup?
The initial setup was positive, and we did not face any problems.
What was our ROI?
There is potential money-saving regarding some successful attacks if we did not have Check Point CloudGuard WAF.
What's my experience with pricing, setup cost, and licensing?
Our experience with pricing, setup costs, and licensing was positive. We did not have any issues.
Which other solutions did I evaluate?
Before choosing Check Point CloudGuard WAF, we did not evaluate other options.
What other advice do I have?
I recommend implementing it easily, onboarding services quickly, and utilizing its policy blocking. It is very useful and efficient. I rate Check Point CloudGuard WAF a ten out of ten. The AI/ML engine, which greatly reduces false positives so that we do not have to manage them manually, stands out the most.
unified gateway level security solution for All Web, API application.
What do you like best about the product?
Easy to integrate, support of all use case like root domain mapping, auto discover of API endpoints, Rate limiting of web traffic, customization based on integrated assets. easy to Integrate.
What do you dislike about the product?
Quick Support is a only pain for checkpoint
What problems is the product solving and how is that benefiting you?
Protection of all incoming web traffic, DDoS Attack, securing over exposed API.
Reliable Threat Prevention for Web Apps and APIs
What do you like best about the product?
I really like how easy it is to deploy in the cloud and how it just works with AWS and Azure. It blocks threats before they get near our apps, and the real-time alerts are super helpful.
What do you dislike about the product?
While CloudGuard WAF is effective, the initial configuration and policy tuning can be complex, especially in environments with custom applications. The user interface could also be more intuitive when managing large rule sets or viewing logs.
What problems is the product solving and how is that benefiting you?
"Check Point CloudGuard WAF helps us secure our web applications and APIs against common and advanced threats like SQL injection, cross-site scripting, and bot attacks. It addresses the challenge of protecting dynamic, cloud-native workloads by integrating directly with AWS and Azure. The benefit is real-time protection with automated scaling and consistent policy enforcement across our cloud environments, significantly reducing the risk of breaches and downtime.
Provides robust protection against web attacks with detailed reporting capabilities
What is our primary use case?
I use it on our websites and web servers, and it is protecting against malicious code and injection code, as well as any type of attacks.
How has it helped my organization?
Check Point CloudGuard WAF enhances web application security with AI-driven threat prevention and seamless cloud integration.
What is most valuable?
The Check Point WAF gives me a view that I did not have that occurs on the web servers.
It allows me to show results and reports to demonstrate the attacks, the number of attacks, and prevention measures.
It protects against threats without relying on signatures. The zero-day attacks could be bad. Without this, we wouldn't know al the attacks we're getting. It allows us to save time manually analyzing on the web servers. It frees us up.
It helps against zero-day attacks and protects against anomalies. It's one of the factors that made us choose this solution.
What needs improvement?
For now, the product is doing all that I need, however, I need the support of IPv6.
For how long have I used the solution?
I have used the solution for three months.
What do I think about the stability of the solution?
It is very stable, never crashing or giving me an error that I can see. It responds very quickly and allows me to enter the menu and set up and configure everything without problems.
How are customer service and support?
The customer service is very good. I have opened one or two cases and received quick responses.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I have not used any other solutions for a while.
How was the initial setup?
The initial setup is very easy. We use it for our on-prem web servers. It only takes five minutes to deploy.
What about the implementation team?
I used an integrator to help with the implementation the first time. They explained the phases, and it was very simple and quick. The person who helped was from Portugal.
What was our ROI?
I don't have an exact number in terms of ROI.
What's my experience with pricing, setup cost, and licensing?
The setup cost is very simple. It is a really good price considering the functionalities of the product and the price of the license. It is very well-calibrated.
Which other solutions did I evaluate?
We did not evalute another solution. I'm a Check Point customer.
What other advice do I have?
If someone is only using a cloud-native product and not using something like CloudGuard, I'd advise buying it. It is a very good product. Now with WAF, I see many attacks being prevented. It is a good solution for me. I have five million requests per month on our web server. The last results I saw showed maybe 50% to 60% of attacks being prevented.
I rate it ten out of ten. I am very satisfied.
Great Protection with Check Point CloudGuard WAF
What do you like best about the product?
Check Point CloudGuard WAF excels in providing robust security features for web applications and APIs. One of its standout strengths is its advanced threat protection, powered by Check Point’s ThreatCloud threat intelligence. This allows it to effectively block malicious attacks like SQL injection, XSS, and DDoS.
Great tool, I prefer using this tool for my work also
What do you dislike about the product?
initial setup and configuration can be complex for newbies that might me optimized
What problems is the product solving and how is that benefiting you?
It solved alot of problems like protection
against web app security, DDos attacks , API security and much more
