What is our primary use case?
We are a VAR. We use posture management in various client environments for different assessments.
We do not use it internally. We use it in multiple client environments. We have different types of client environments with different sizes.
How has it helped my organization?
It is great for identifying misconfigurations. That is the part that I love about it. It is very good at finding that needle in the haystack. It gives you an overall posture for every little thing, and if you dive into it and look at some of the findings, you start seeing that you have one or two servers that are misconfigured, and you have an open BLOB, open storage instance, unsecured web portal, or something else that you did not know about.
The effectiveness of its Cloud Security Posture Management for providing compliance rulesets and security best practices is great.
Its Cloud Security Posture Management helps identify the risks that are most critical to our clients relatively quickly. I cannot put a number on that, but not having to go through every little configuration on every asset would probably save a week's worth of effort for the smallest client.
Its traffic monitoring capabilities are good. Helps visualize traffic flows and possibly exposed assets.
The actual setup is pretty manual. It takes about an hour or two, depending on the client you are working with.
What is most valuable?
The rulesets and the findings are valuable. The actual core functionality of it and the efficacy of events are great. There is some triaging, but in terms of findings, it does seem to find the needle in the haystack.
The dashboards specifically are great. By just logging in and going into the portal, we can see the high-level dashboard views. We are able to dive into whatever we want to see there, and that is fantastic.
The network mapping and the traffic flow map, where it shows you which VMs might be possibly exposed, are also very valuable. It shows which systems might have direct access to the Internet and which systems do not. It shows you overall how the network flow is set up based on your security groups, routing, and everything. I have got a good use out of that.
What needs improvement?
The setup can be better. With every other Check Point SaaS product, the setup is scripted. You just approve deployment scripts, and then you are off. The setup for this solution is still very much manual. I would like to see that transition to more of a scripted setup. That has been an issue when I set up a client because every client has different skill sets.
The general reporting also needs improvement. It is very cumbersome to pull the reports for big environments. I had a client environment with 50 tenants, and I had to manually run a CIS report for each tenant and download it. There were 50 different reports. I wish there was a way to get the reports for all 50 tenants in one report and not 50 different reports.
For how long have I used the solution?
I have been working with posture management for 3 to 4 years.
What do I think about the stability of the solution?
I never had stability-related issues. That has always been fine.
What do I think about the scalability of the solution?
It is scalable. You can do it, but you need to redo the setup for each and every additional account and visibility. It is scalable. It is just not quickly scalable.
How are customer service and support?
I would rate their support for CloudGuard CNAPP a eight out of ten.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I have not used a posture management solution before.
How was the initial setup?
Its setup is very manual. I would like to see that transition to more of a scripted setup. It is a very manual process. For the most part it is fine however I have definitely had issues with it. Sometimes, it just does not work, and I have had to open tickets.
What about the implementation team?
I am an integrator and consultant.
What's my experience with pricing, setup cost, and licensing?
Which other solutions did I evaluate?
What other advice do I have?
To the new users of this solution, I would advise not following the built-in guide while setting it up. Always open the admin guide for the most up-to-date information.
Overall, I would rate this solution an eight out of ten. Even with all the issues, what you do get out of it is very valuable. The reporting and the setup are holding it back from a ten. That is where it can be improved greatly.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Reseller