I have been using Check Point WAF (formerly CloudGuard WAF) on a public cloud.
Check Point WAF as a Service (Advanced/Premium, Contract)
Check Point Software TechnologiesExternal reviews
104 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Cloud security has improved and delivers live threat visibility and reduced attack surface
What is our primary use case?
What is most valuable?
The features of Check Point WAF (formerly CloudGuard WAF) relate to addressing global attacks that we require. The threat map, which displays information on a live basis, helps us understand the types of points logs, and that is the best part.
I utilize Check Point WAF (formerly CloudGuard WAF) alongside other Check Point products. They integrate with internal systems-level security devices, which we are using to communicate internally. The integration makes the tools work better and is helping us significantly.
Beyond user-level benefits, we are receiving some advantages that are really helping us. Check Point WAF (formerly CloudGuard WAF) did reduce my total cost of ownership for my web application firewall, though not by a substantial amount, but it is acceptable.
What needs improvement?
In my opinion, there is some room for improvement regarding pricing, which we require, and much of it relates to the license base and support.
For how long have I used the solution?
I have been using it for more than two to three years, and I confirm that I am currently running on it.
What do I think about the stability of the solution?
Regarding my experience with the deployment, sometimes we encounter difficulties, but overall it is good, and we achieve our time-based objectives. I would rate the stability as eight to nine.
How are customer service and support?
I rate the technical support from one to ten as eight to nine.
Which solution did I use previously and why did I switch?
I did not work with other WAFs before Check Point WAF (formerly CloudGuard WAF).
How was the initial setup?
The initial setup is simplified, and I confirm that it is good for understanding.
What about the implementation team?
As of now, I have not integrated with third-party solutions because it is not required.
What was our ROI?
The investment regarding return on investment is not yet realized, but we are considering that investment base.
What's my experience with pricing, setup cost, and licensing?
The pricing is reasonable, and I believe it is acceptable. I am satisfied with the timing.
What other advice do I have?
Check Point WAF (formerly CloudGuard WAF) is the best option on the market, and it is good for us. The potential attack surface level involves asking about vulnerabilities across the networks, which is why we confirm that it is really helping us.
I find Check Point WAF (formerly CloudGuard WAF) to be good, though I cannot say it is popular in my region.
I would recommend Check Point WAF (formerly CloudGuard WAF) to others, but it depends on the environment. I think it is currently suitable for any types of companies, specifically in the database, which we require.
I confirm that I do not require additional features for Check Point WAF (formerly CloudGuard WAF), and it is currently adequate. I rate this product nine out of ten overall.
Excellent Traffic Insights for Securing Web Apps and APIs
What do you like best about the product?
Check Point WAF was mostly used for monitoring and securing internet-facing applications and APIs receiving traffic from outside clients. The majority of daily operations entailed examining rejected requests, analyzing security events post-deployment, and tuning protection rules in case legitimate traffic was impacted.
The main asset in terms of operational activities was insight provided at the HTTP and API level. This allowed for examination of request patterns, header details, path and URL parameters and, if needed, the actual contents of blocked requests, rather than looking at basic network data. It made things more clear whether strange behavior was caused by legitimate application operation, automated scanning, or attack attempts against available services.
Post-updates policy tuning was done occasionally because even minor front-end or API changes were affecting some protection settings.
The main asset in terms of operational activities was insight provided at the HTTP and API level. This allowed for examination of request patterns, header details, path and URL parameters and, if needed, the actual contents of blocked requests, rather than looking at basic network data. It made things more clear whether strange behavior was caused by legitimate application operation, automated scanning, or attack attempts against available services.
Post-updates policy tuning was done occasionally because even minor front-end or API changes were affecting some protection settings.
What do you dislike about the product?
The tuning phase can be a lengthy one due to traffic fluctuations or custom APIs. Initially, I had to spend quite some time ensuring that blocked calls were indeed malicious or a result of the application's normal activity misinterpreted as something else.
Additionally, there is a need for constant tuning when dealing with multiple applications as well as keeping a balance between tight protection and not interrupting the production traffic.
Only after acquiring a good understanding of how signature definitions, exceptions, and policies worked internally did troubleshooting become easier.
Additionally, there is a need for constant tuning when dealing with multiple applications as well as keeping a balance between tight protection and not interrupting the production traffic.
Only after acquiring a good understanding of how signature definitions, exceptions, and policies worked internally did troubleshooting become easier.
What problems is the product solving and how is that benefiting you?
The reliance on traditional firewall filtering and manual monitoring for web application security was much higher before the deployment of Check Point WAF, as these methods were insufficient when detecting potential attacks on application layer.
With the implementation of the new system, security monitoring became more application-focused, allowing us to detect malicious activity targeted at our web applications and web APIs, as well as minimizing vulnerability to standard web attacks and gaining more control over incoming traffic.
With the implementation of the new system, security monitoring became more application-focused, allowing us to detect malicious activity targeted at our web applications and web APIs, as well as minimizing vulnerability to standard web attacks and gaining more control over incoming traffic.
Strong and reliable WAF for modern web and API security
What do you like best about the product?
What I like best about Check Point CloudGuard WAF is its strong AI-driven threat protection and ability to handle modern web and API security challenges. It does a great job at blocking common attacks like XSS and SQL injection, as well as more advanced threats like zero-day vulnerabilities without relying heavily on manual rule updates. The real-time detection and low false positives make it reliable in production environments, and it reduces a lot of manual effort for security teams.
Another thing I appreciate is how well it fits into cloud environments. Deployment is relatively smooth, and once configured properly, it provides good visibility into traffic, threats, and application behavior. The automated learning and tuning capabilities also help in reducing the overhead typically required in traditional WAF solutions.
Another thing I appreciate is how well it fits into cloud environments. Deployment is relatively smooth, and once configured properly, it provides good visibility into traffic, threats, and application behavior. The automated learning and tuning capabilities also help in reducing the overhead typically required in traditional WAF solutions.
What do you dislike about the product?
What I dislike about Check Point CloudGuard WAF is that the initial setup and fine-tuning can take time, especially for teams that are new to the platform. Some advanced configurations require deeper understanding, and integration with other tools is not always as seamless as expected. Cost can also be a factor, particularly for smaller teams or organizations.
What problems is the product solving and how is that benefiting you?
Check Point CloudGuard WAF solves the problem of securing web applications and APIs against evolving cyber threats without heavy manual intervention. It automates threat detection and prevention, reduces operational workload, and ensures continuous protection against both known and unknown attacks. For me, it helps in improving overall application security posture while saving time on manual monitoring and rule management.
Overall, my experience has been positive, especially in terms of strong protection, automation, and reduced manual effort in managing application security.
Overall, my experience has been positive, especially in terms of strong protection, automation, and reduced manual effort in managing application security.
AI-Driven Protection with Complex Setup
What do you like best about the product?
I really appreciate the AI-driven protection of Check Point CloudGuard WAF. It helps in protecting web apps and APIs from SQL injections, XSS, and DoS attacks by analyzing incoming traffic and blocking malicious activity in real-time. This reduces the need for manual security management.
What do you dislike about the product?
The setup was a little bit complex, requiring me to understand specifications and documentation.
What problems is the product solving and how is that benefiting you?
I use Check Point CloudGuard WAF for protecting web apps and APIs from SQL injections, XSS, and DoS, analyzing and blocking malicious activity, and reducing the need for manual security management.
Robust AI-Driven Security with Room for UI Enhancement
What do you like best about the product?
I like Check Point CloudGuard WAF for its ability to combine intelligent automation with strong visibility, making it a reliable solution for securing cloud applications while reducing operational overhead. It balances advanced security capabilities with usability and scalability effectively, which is great for both security operations and compliance-focused teams. It also integrates well with broader security and cloud ecosystems, which enhances visibility, monitoring, and incident response. The AI-driven protection, excellent visibility, and scalability for cloud environments are strong points, making it a solution I recommend for strengthening application security.
What do you dislike about the product?
I think there are a few areas where Check Point CloudGuard WAF could be improved. I would appreciate more guided onboarding and configuration support. Also, an enhanced UI/UX for policy management and log analysis would be beneficial. I'd like to see greater flexibility in custom rule creation and deeper integration with SIEM and GRC platforms. Expanded documentation and real-world use cases would also be helpful, along with better cost transparency and scalability options. While the setup was moderately easy, there is a learning curve during initial configuration, and the documentation and guidance could improve.
What problems is the product solving and how is that benefiting you?
I use Check Point CloudGuard WAF to secure cloud-hosted apps, handle web threats, reduce false positives, improve traffic visibility, simplify multi-cloud security, support compliance, and lower operational overhead.
Effortless Cloud Security with Automated Protection
What do you like best about the product?
I like how Check Point CloudGuard WAF delivers strong automated threat prevention with minimal tuning, making cloud app protection feel both powerful and effortless. I also really appreciate how seamlessly CloudGuard WAF integrates with cloud-native workflows, applying protections automatically as new services spin up so security never slows down development. It's great how CloudGuard automatically applies security policies to every new cloud resource as it's created, so nothing ever launches unprotected and you don't have to slow down development to keep things secure.
What do you dislike about the product?
CloudGuard WAF could improve by making advanced configuration and log analysis faster and less cumbersome. It would benefit from clearer, more intuitive advanced settings and a faster, more searchable log viewer that makes deep dive investigation less time-consuming.
What problems is the product solving and how is that benefiting you?
I use Check Point CloudGuard WAF to protect cloud applications by detecting, blocking, and mitigating web attacks. It solves the headache of constantly monitoring web defenses by automatically blocking threats like OWASP Top 10, bot attacks, and zero-day exploits, making protection feel both powerful and effortless.
AI-driven protection has reduced attack impact and now secures web apps and APIs in real time
What is our primary use case?
I use Check Point CloudGuard WAF for web application and API protection. I can provide a scenario where I used Check Point CloudGuard WAF to defend against an SQL injection attack on a web app. It detects query patterns via machine learning and then blocks requests instantly without needing any rule writing.
What is most valuable?
Check Point CloudGuard WAF offers various capabilities including AI-based threat prevention, API security, DDoS protection at multi-layer, L3 and L7 protection, bot protection, behavioral analysis, and fingerprinting.
AI-based threat prevention stands out for me because instead of relying on static signatures that have been added in the cloud, it uses behavioral baselines. For example, if I'm using an application with behavioral application capabilities, it provides me high security using AI-based threat prevention. Behavioral learning mode has been divided into various phases. The first phase is the learning mode where it automatically learns. Whenever I onboard any app, it observes the traffic for a short duration or builds a statistical model for that application, and no manual training is required. In phase two, enforcement mode, any new request is evaluated against known attack patterns via machine learning.
Real-time response is really helpful when onboarding any application with Check Point CloudGuard WAF. When we onboard any application, it creates a statistical model of that application, and according to that, it observes known attack patterns, then blocks them instantly, providing another layer of security.
Check Point CloudGuard WAF has really reduced the headache of IT engineers and has helped me in security through machine learning.
What needs improvement?
Check Point CloudGuard WAF can be improved in several ways. We have faced slowness issues in our network after onboarding it on any application. The cost can be higher than traditional WAF solutions, and its heavy reliance on AI also means we have less manual control. Maximum work is done via AI, so that can be reduced.
The cost can be decreased, and regarding manual controls, I just wanted to say that relying directly on AI is not good for our environment because AI is copying our data.
According to other traditional OEMs, we experience a few issues with pricing. The pricing is high compared to other vendors, and I have already mentioned the high reliance on AI, which can be a concern.
Customer support can be improved because we have to reach out to the distributors for support. That could be directly controlled by the OEM.
For how long have I used the solution?
I have been using Check Point CloudGuard WAF for more than a year.
What do I think about the stability of the solution?
Check Point CloudGuard WAF is really stable.
What do I think about the scalability of the solution?
Its scalability is strongly stable. It allows cloud-native elastic scaling and is delivered via SaaS and a deployment agent.
The performance of Check Point CloudGuard WAF has improved compared to other traditional OEMs, and it is easy to use due to AI and machine learning. Management is also straightforward, but it can be improved for new users by providing specific training.
Which solution did I use previously and why did I switch?
I was not using any solution previously. Check Point CloudGuard WAF is my first solution.
What was our ROI?
It has saved me time.
What's my experience with pricing, setup cost, and licensing?
Pricing is a little bit high compared to other OEMs, and the setup cost was handled by a partner.
Which other solutions did I evaluate?
I have not evaluated any other options.
What other advice do I have?
I want to strongly advise this product to other users. Not because of pricing—while the pricing is a little high, the level of security provided is much more critical. I would rate this product an 8.
Centralized Protection with Seamless Cloud Integration
What do you like best about the product?
I like most about Check Point CloudGuard WAF is its seamless integration with cloud environments and the ability to enforce consistent security policies across multiple platforms through a single console. It also provides strong centralized protection and cloud-native integration. The initial setup was relatively simple thanks to the cloud-native integration and automated policy template.
What do you dislike about the product?
One area that could be improved is the initial setup and policy tuning, which can feel complex and time-consuming, especially for teams without deep prior experience with Check Point's ecosystem.
What problems is the product solving and how is that benefiting you?
I use Check Point CloudGuard WAF to protect our cloud-native applications from web attacks, centralize security policy management, automate defense, and solve the challenge of securing distributed cloud applications with unified visibility, automated threat prevention, and simplified compliance management.
Centralized Security with a Learning Curve
What do you like best about the product?
I like the single pane of glass management that Check Point CloudGuard WAF offers, providing consistent policies across all cloud environments. I appreciate how it enforces granular, context-aware security policies across multi-cloud, protecting my cloud-native applications from web exploits and bots. I also find its centralized security management across multi-cloud environments valuable, as it eliminates the complexity of maintaining disparate WAF solutions and stops sophisticated attacks like SQL injection and zero-day exploits. Additionally, I use it with SIEM platforms like Splunk for centralized logging and threat correlation, and I integrate it with CI/CD pipelines such as Jenkins to automate security policy deployment. Overall, it delivers powerful security.
What do you dislike about the product?
The setup and policy tuning have a steep learning curve, and the reporting dashboard could be more intuitive.
What problems is the product solving and how is that benefiting you?
I use Check Point CloudGuard WAF to protect my applications from web exploits and bots, centralize security across multi-cloud environments, and reduce manual effort for consistent compliance.
Cloud protection has reduced manual effort and now improves web and API security operations
What is our primary use case?
Check Point CloudGuard WAF's primary use is protecting web applications and APIs from application layer attacks in the cloud. I also use it to protect public-facing apps.
What is most valuable?
Check Point CloudGuard WAF offers the best features through its dual ML engine with attack-based and context-based capabilities. The dual engine directly reduces the operational load and improves detection quality for my team on a day-to-day basis.
Additionally, it allows for less policy tuning. Check Point CloudGuard WAF has positively impacted my organization by reducing my manual effort. It reduces up to 2x my operational effects, leading to lower false positives.
What needs improvement?
While Check Point CloudGuard WAF is a strong solution, it could be improved in a few areas such as simplifying and customizing the user interface and reporting database. Improving API security depth is also necessary.
For how long have I used the solution?
I have been using Check Point CloudGuard WAF for the last one year.
What do I think about the stability of the solution?
Check Point CloudGuard WAF is stable in my experience.
What do I think about the scalability of the solution?
Check Point CloudGuard WAF is highly scalable and designed for cloud-native environments.
How are customer service and support?
The customer support is really good. I would rate the customer support an eight on a scale of one to ten.
Which solution did I use previously and why did I switch?
Before Check Point CloudGuard WAF, we did not use any WAF solution.
What was our ROI?
I have seen a return on investment as it is a time-saver product.
What other advice do I have?
Check Point CloudGuard WAF delivers clear efficiency gains over traditional WAFs in three main areas: operations, accuracy, and cost optimization. I do utilize Check Point CloudGuard WAF alongside other Check Point products. We use Check Point firewalls, security gateway, and load balancer, and they work together with Check Point CloudGuard WAF in our environment. My advice for others looking into using Check Point CloudGuard WAF is to first validate the use case and plan the deployment architecture. I would rate this product a nine on a scale of one to ten.
showing 1 - 10