Agent Mode
English
    Check Point WAF (formerly CloudGuard WAF) logo

    Check Point WAF (formerly CloudGuard WAF)

    Sold by
    Check Point Software Technologies 
    As your organization expands its web applications, generative AI tools, and APIs, the attack surface grows, increasing exposure to sophisticated cyber threats. Check Point WAF for AWS is a prevention-first, AI-powered web application firewall (WAF) solution designed to deliver robust web application, generative and agentic AI, and API security without compromising efficiency or ease of management.
    Leave a review

    Ratings and reviews

    4.4
    124 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    60%
    39%
    2%
    0%
    0%
    13 AWS reviews
    |
    111 external reviews
    External reviews are from G2  and PeerSpot .

    Filters

    Review type

    AWS Marketplace reviews
    External reviews
    Reviews (124)
    Computer Software

    Easy to Use, Affordable, and Accessible for New Users

    Reviewed on Jun 04, 2026
    Review provided by G2
    What do you like best about the product?
    It's ease of use and accessibility for new users. Genuinely helpful products with affordable price. Makes sense for enthusiasts and companies. Not much else to say.
    What do you dislike about the product?
    Nothing in particular, I would continue to use the service if I was doing anything at the moment that required it. It's a good product, nothing comes to mind as a dislike
    What problems is the product solving and how is that benefiting you?
    It was handling security of my endpoints that i created personally as enthusiast. Benefits me by keeping me assured that my data is safe from attacks.
    Syed M.

    Strong Web Protection with Easy Management

    Reviewed on Jun 02, 2026
    Review provided by G2
    What do you like best about the product?
    I like the strong protection Check Point WAF offers against web application attacks. Its easy-to-manage interface is a big plus for me, as is the real-time threat detection that it provides. I also appreciate the detailed visibility into web traffic and security events, which makes it easier to monitor and respond to potential threats. The documentation was helpful during the initial setup, allowing for a straightforward configuration. Additionally, it integrates well with other security tools, which enhances its effectiveness in our security infrastructure.
    What do you dislike about the product?
    One area that could be improved is reducing false positives and making policy tuning more straightforward. The reporting and dashboard customization options could also be more flexible and user-friendly.
    What problems is the product solving and how is that benefiting you?
    Check Point WAF protects web applications from cyberattacks, detects malicious traffic, reduces security risks, and improves application security without affecting user experience.
    Bala_Krishna

    Security has improved for cloud-native apps and now protects APIs with low latency and minimal tuning

    Reviewed on Jun 01, 2026
    Review provided by PeerSpot

    What is our primary use case?

    Any cloud-native application is where my clients might be using Check Point WAF (formerly CloudGuard WAF) to secure Layer 7 with low latency. It is one of the best in Layer 7 security.

    What is most valuable?

    The biggest advantages of Check Point WAF (formerly CloudGuard WAF) are that it is lightweight and the integration into cloud-native applications is very easy. Check Point WAF (formerly CloudGuard WAF) produces false positives that are minimal. It has a learning process that is unique, adopting an education model approach. Ease of deployment and efficiency, particularly for API security, are phenomenal. The console is key, with Infinity Portal offering access to all kinds of Check Point products and a unique dashboard and reporting system.

    Scaling is easy; once deployed, it takes care of everything without causing any concern for improving hardware or configurations. Check Point WAF (formerly CloudGuard WAF) reduces total cost of ownership, being cheaper compared to any other software.

    What needs improvement?

    As a reseller, the most difficult part is the lack of awareness. Check Point does not provide any kind of awareness programs to the customers, requiring partners to educate customers.

    There are indeed some features missing, particularly connected with integration or with artificial intelligence. Check Point WAF (formerly CloudGuard WAF) faces certain issues with dual ISP tagging on entry-level devices since SD-WAN features were added.

    For how long have I used the solution?

    I have been selling Check Point WAF (formerly CloudGuard WAF) for almost three to four years.

    What do I think about the stability of the solution?

    Regarding stability, I am not finding any issues; it is very stable.

    What do I think about the scalability of the solution?

    Check Point WAF (formerly CloudGuard WAF) is very easy to scale. Once deployed, you forget it; it takes care of everything.

    How are customer service and support?

    My impression of technical support for Check Point WAF (formerly CloudGuard WAF) is that it is adequate. The technical support team is really good.

    If I were to rate support from zero to ten points, I would give them a ten, as they are the best.

    Which solution did I use previously and why did I switch?

    Check Point WAF (formerly CloudGuard WAF) is good; there are no questions asked.

    What was our ROI?

    In terms of pricing, Check Point WAF (formerly CloudGuard WAF) is not expensive; it is worth the investment. If there is no downtime or bottlenecks while accessing your application from the internet, that itself is the return on investment.

    Which other solutions did I evaluate?

    I can tell you specific issues or advantages with products such as FortiGate or Check Point perimeter firewall.

    What other advice do I have?

    From a technical perspective, I do not think Check Point is leading in the web application firewall space. Cloudflare, F5, and Barracuda WAFs are noteworthy. Check Point WAF (formerly CloudGuard WAF) can be configured with no prior training.

    When I compare Check Point WAF (formerly CloudGuard WAF) with traditional WAFs, I find its learning curve to be simple.

    Check Point has an excellent intelligence engine for zero-day attacks, unmatched by Palo Alto. I would rate this review a ten overall.

    Luciano P.

    Strong OWASP Protection and AI-Driven Threat Prevention That Scales

    Reviewed on May 29, 2026
    Review provided by G2
    What do you like best about the product?
    Strong protection against OWASP Top 10 attacks
    Easy integration with cloud environments
    Good real-time threat prevention and bot protection
    Centralized management and visibility
    AI-driven threat intelligence from Check Point
    Scalable for enterprise workloads
    Helpful automation and policy tuning feature
    What do you dislike about the product?
    Initial setup can be complex
    Can be expensive for smaller companies
    Some advanced configurations require expertise
    Dashboard/UI can feel overwhelming at first
    Occasional false positives that need tuning
    Support response time may vary depending on the plan
    What problems is the product solving and how is that benefiting you?
    Check Point CloudGuard WAF is solving web application security problems by blocking attacks such as SQL injection, XSS, bots, and API threats. It helps secure cloud applications, reduce security incidents, improve visibility into traffic, and support compliance requirements. The benefits include stronger protection for business applications, reduced downtime, lower risk of data breaches, faster threat response, and improved operational efficiency through centralized management and automation.
    Merin K O.

    Powerful Security with a Complex Setup

    Reviewed on May 29, 2026
    Review provided by G2
    What do you like best about the product?
    I use Check Point WAF to protect our internet-facing web application and APIs from web-based threats like SQL injection and cross-domain issues. The solution provides advanced threat prevention and automated policy cleaning. I appreciate the traffic inspection and reverse migration capabilities that ensure application availability and maintain security compliance. It supports both community and hybrid environments. We also integrate it with our broader security ecosystem, which helps in monitoring and provides better visibility for threat detection. Cloud integration capabilities have simplified development, providing better visibility to application networks and stronger protection against top vulnerabilities.
    What do you dislike about the product?
    While Check Point WAF provides strong application security and configuration capabilities, there are some areas that could be improved. The initial set of policy tuning process can be complex for new administrators, requiring a good understanding of web application traffic patterns. The interface could be more user-friendly, and the reporting and dashboard customization options could be enhanced to provide more actionable insights. Additionally, licensing can be challenging for smaller organizations, I assume. Faster deployment templates for cloud-native applications would further simplify the implementation.
    What problems is the product solving and how is that benefiting you?
    I use Check Point WAF to protect our web application and APIs from threats like SQL injection and ensure security compliance. It offers advanced threat prevention, automated policy cleaning, and supports hybrid environments, though initial setup needs expertise.
    Ivan D.

    Modern WAF that actually reduces tuning, not perfect but solid

    Reviewed on May 28, 2026
    Review provided by G2
    What do you like best about the product?
    I appreciate how quickly you can get it up and running. Compared to older WAFs that take time to tune, this one is much faster to deploy and requires less ongoing maintenance, which makes a real difference in day-to-day operations.
    What do you dislike about the product?
    The platform is also not the most intuitive at first. While the core functionality is strong, getting familiar with some of the advanced features and configuration options takes time, especially if you’re used to simpler WAF solutions.
    What problems is the product solving and how is that benefiting you?
    It helps a lot with handling modern threats like API abuse, OWASP-type attacks, and zero-days without waiting for signatures or manual rule updates. That means you’re not always reacting after the fact — it blocks things much earlier in the cycle.
    Rithin m.

    Catches Zero-Day Attacks with Low False Positives and a Unified Security Dashboard

    Reviewed on May 27, 2026
    Review provided by G2
    What do you like best about the product?
    The AI engine catches zero-day attacks without throwing false positives at us all day. Bot protection killed our scraping problem, and managing cloud plus on-prem from one dashboard saves real time.
    What do you dislike about the product?
    The initial learning curve is steeper than I'd like. Documentation could be clearer for advanced policy tuning, and the console can feel sluggish when pulling reports across larger time ranges.
    What problems is the product solving and how is that benefiting you?
    It solves the problem of constant manual tuning that older WAFs needed. Now our APIs are shielded from injection attacks and credential stuffing automatically, and our team spends way less time triaging noise.
    NasseerQureshi

    Unified security has reduced alert fatigue and improved zero-day protection for our applications

    Reviewed on May 27, 2026
    Review from a verified AWS customer

    What is our primary use case?

    The customers I have worked with were primarily using Check Point WAF (formerly CloudGuard WAF) as an application security solution, mostly leveraging Check Point CloudGuard for various purposes such as protecting their application servers from the top 10 OWASP attacks and for Zero-Day protection.

    My clients were not working separately with Check Point WAF (formerly CloudGuard WAF); they were receiving a unified platform that included firewall, email security, and endpoint security, so the integration effectively eliminated silos in their environment.

    What is most valuable?

    Check Point WAF (formerly CloudGuard WAF) was valuable primarily because the data center was in Dubai, making it convenient for customers in the region, and the user interface was really helpful and easy to understand.

    Check Point WAF (formerly CloudGuard WAF) helps my clients reduce total cost of ownership, and the return on investment was really high for Check Point WAF (formerly CloudGuard WAF), and it was the only product with GenAI security features compared to other WAF products.

    Check Point WAF (formerly CloudGuard WAF) provides benefits such as reduction in alert fatigue with fewer false positives, Zero-Day protection, and the introduction of GenAI LLM features that customers really appreciate.

    What needs improvement?

    A gap for improvement for Check Point WAF (formerly CloudGuard WAF) is the learning curve, as better training modules could help end customers, and pricing and reporting functionality could also be improved.

    For how long have I used the solution?

    I have been working with Check Point WAF (formerly CloudGuard WAF) for almost two years.

    What do I think about the stability of the solution?

    I can rate stability at approximately 8.5.

    What do I think about the scalability of the solution?

    I can say scalability is a 9.

    How are customer service and support?

    Technical support is rated at 10.

    Which solution did I use previously and why did I switch?

    I am currently working with Palo Alto as the product I replaced Check Point WAF (formerly CloudGuard WAF) with. I totally moved to Palo Alto from Check Point WAF (formerly CloudGuard WAF).

    How was the initial setup?

    The initial setup for Check Point WAF (formerly CloudGuard WAF) is simple; it is not that complex as long as a customer has a basic understanding of how WAF works.

    Deployment was really easy for Check Point WAF (formerly CloudGuard WAF); it does not have any complex deployment requirements.

    Which other solutions did I evaluate?

    Barracuda is the main competitor of Check Point WAF (formerly CloudGuard WAF), along with Fortinet, but Barracuda excels in application security and is doing great in this space.

    What other advice do I have?

    No product can provide 100% protection, but Check Point WAF (formerly CloudGuard WAF) uses multi-method protection with AI machine learning to detect abnormalities, alongside features like ThreatCloud for real-time analysis of potential zero-day threats. I will highly recommend Check Point WAF (formerly CloudGuard WAF) to other users. I have given this review an overall rating of 8.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    ІгорКузьменко

    Security has improved for critical web services and supports complex protection needs

    Reviewed on May 26, 2026
    Review from a verified AWS customer

    What is our primary use case?

    Check Point WAF (formerly CloudGuard WAF) is required by customers who have web resources and assets that are important to them and in production. These resources include internet shops, services, and financial services. Without a web application firewall, the business stops, and customers need to implement this solution. Insurance companies, banks, and similar organizations fall into this category.

    What is most valuable?

    Check Point WAF (formerly CloudGuard WAF) is easy to deploy and provides a complete solution.

    Check Point's approach differs from others because it uses artificial intelligence elements and an AI-based approach. The WAF solution operates as a complex solution with multiple functionalities rather than a simple one.

    The solution helps reduce the false positive rate. Productivity shows that only 10 to 25 percent will be false positives.

    What needs improvement?

    The interface and deployment require qualified skills and a qualified engineer who knows this product very well.

    In general, Check Point products load the system somewhat and require more performance and better performance equipment on the customer side.

    When compared to solutions specialized only on WAF, such as Imperva or Cloudflare, Check Point WAF (formerly CloudGuard WAF) is a lighter version and does not have as well-performed a load balancer or anti-DDoS option.

    For how long have I used the solution?

    We started using Check Point WAF (formerly CloudGuard WAF) two years ago.

    What do I think about the scalability of the solution?

    Check Point WAF (formerly CloudGuard WAF) scores eight to nine points on a ten-point scale for scalability. This scalability is one of the top features of Check Point solutions in general and especially for Check Point WAF (formerly CloudGuard WAF). It is a main approach of the Check Point team.

    How are customer service and support?

    I cannot be objective in this question because we have our own service team with engineers on our staff. We handle most tickets and cases ourselves.

    What about the implementation team?

    We operate as a partner company in projects and serve as an integrator for different solutions, including security solutions.

    What's my experience with pricing, setup cost, and licensing?

    Regarding total cost of ownership, I cannot describe this accurately. Concerning the price for Check Point WAF (formerly CloudGuard WAF) and license costs, the pricing is good, and the approach could be better.

    Which other solutions did I evaluate?

    Regarding competitors, Cloudflare is the most popular and best-selling solution on the Ukrainian market now, and this trend will continue.

    What other advice do I have?

    Check Point WAF (formerly CloudGuard WAF) and more Check Point solutions are oriented toward cloud infrastructure, cloud, or hybrid infrastructure. I would give Check Point WAF (formerly CloudGuard WAF) an overall rating of nine points.

    Mohan Janarthanan

    Integrated web protection has reduced breaches and now prevents attacks across critical apps

    Reviewed on May 22, 2026
    Review from a verified AWS customer

    What is our primary use case?

    I want to protect my application hosted in my cloud by preventing attacks against my top OWASP Top 10 threats. I am enabling Check Point WAF (formerly CloudGuard WAF) as my application firewall.

    The integration is straightforward because I am hosting in the cloud, so Check Point WAF (formerly CloudGuard WAF) can be hosted in a public location wherever my cloud vendor is located as a service provider, and I can host the application within a change of DNS.

    What is most valuable?

    I have been using it for six months, and the biggest advantages for me are that Check Point WAF (formerly CloudGuard WAF) offers more than other F5 firewalls, which have only application protection called ASM (Application Security Monitoring). In contrast, Check Point WAF (formerly CloudGuard WAF) provides protection on IPS along with application protection.

    Check Point WAF (formerly CloudGuard WAF) itself provides an IPS function where I can protect against my Layer 7 traffic, which is not available in other vendors. The traditional WAF does not have the capacity of IPS functions.

    The intrusion prevention capability, I can only see in Layer 3 functions and stateful functions, which is the traditional firewall capability. Other vendors are keeping this in their Web Application Firewall, but Check Point WAF (formerly CloudGuard WAF) has integrated it differently.

    False positives are significantly less here compared to traditional Web Application Firewalls because they are more focused on the AI front. Check Point WAF (formerly CloudGuard WAF) integrates an AI platform within the Web Application itself using API protection with AI and what they call GenAI protection.

    They excel at creating the profile itself, which is the basic functionality of WAF. Normally, I deploy in preventive mode, which takes some time for learning, but I prefer to operate in preventing mode only.

    What needs improvement?

    The negative aspect is that Check Point WAF (formerly CloudGuard WAF) uses Check Point Harmony in its management console, which sometimes creates latency when connecting to or opening the platform. This is one function they are lagging in.

    The reporting functions need improvement. For example, I want to calculate traffic metrics, but I cannot see them in the current Check Point WAF (formerly CloudGuard WAF). To know the overall traffic for today on the application, I have to check multiple dashboards instead of one single dashboard.

    For how long have I used the solution?

    I have been using it for six months, and Check Point WAF (formerly CloudGuard WAF) offers more than other F5 firewalls, which have only application protection called ASM (Application Security Monitoring). Check Point WAF (formerly CloudGuard WAF) provides protection on IPS along with application protection. Check Point WAF (formerly CloudGuard WAF) itself provides an IPS function where I can protect against my Layer 7 traffic, which is not available in other vendors.

    What do I think about the stability of the solution?

    It is very stable.

    What do I think about the scalability of the solution?

    Scalability is very good.

    How are customer service and support?

    The support team is providing good support.

    How was the initial setup?

    It is easy to deploy and does not require much effort.

    What was our ROI?

    Return on Investment is a key factor for me in deciding to buy a solution on a major scale, so it is very important for me to consider it. I would say the ROI is about 15 to 20 percent.

    Which other solutions did I evaluate?

    I am comparing it to F5.

    What other advice do I have?

    I would definitely recommend this solution because I do not want to implement one more traffic function. I can eliminate the firewall and use Check Point WAF (formerly CloudGuard WAF) alone, thus eliminating Layer 3 traffic directly connecting to my Web Application Firewall.

    I would say the TCO is reduced by 20 to 22 percent. The reduction in false positives will definitely be more than 30 percent.

    Breach Reduction reduces the false positive part significantly. For example, I have multiple solutions from multiple vendors, and it definitely reduces my false positive alerts and aids in my Breach Reduction efforts. If a person is having a bot attack or if someone attacks with network anomalies on my application, I can identify that.

    I rate Check Point WAF (formerly CloudGuard WAF) overall as an 8 or 8.5 out of 10.

    Which deployment model are you using for this solution?

    Hybrid Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?