Check Point CloudGuard CNAPP Reviews

As a manufacturing company, we always ensure our production and workloads are not being interrupted by anything. Therefore, we are making sure our automated processes are not hindered by any means. 

As we have many cloud-based applications, CloudGuard gives us prime support in terms of the security of the system. This includes securing cloud workloads, applications, and data by integrating threat prevention, detection, and response capabilities. 

It also ensures compliance and governance across multi-cloud environments.

It provides complete visibility and control over cloud-native applications and infrastructure, allowing our security teams to monitor and manage every part of their cloud environments. 

CloudGuard CNAPP also assures compliance with industry standards and regulatory requirements by automating governance and risk management procedures. This streamlines security management and lowers the operational strain on our IT teams, allowing them to focus on strategic goals. We are able to work freely by putting aside some additional stress.

The most useful element of Check Point CloudGuard CNAPP is its advanced threat prevention capabilities. This functionality is vital because it proactively addresses security issues before they affect cloud applications and notifies a real-time incident, ensuring the integrity and availability of critical services. 

Furthermore, the platform's full visibility and control across many cloud environments allows us to effectively monitor the security posture, uncover vulnerabilities, and consistently enforce security standards.

The management and monitoring of security regulations and incidents might be made easier by improving the user interface, which could be made more intuitive and user-friendly. 

For businesses with varied IT ecosystems, increasing the integration capabilities with additional third-party products and services would also increase flexibility and user-friendliness. 

To further reduce the amount of manual work required by security teams, the future release could benefit from more sophisticated automation capabilities, such as automated incident response and remediation workflows. 

In order to facilitate better decision-making and strategic planning, improved analytics and reporting capabilities would also be beneficial. These would provide deeper insights into security occurrences and patterns.

I've used the solution for two years. 

I'd rate stability nine out of ten.

I'd rate scalability nine out of ten.

Technical support has to be improved.

Neutral

We have not used a different solution previously.

The initial setup is complex.

We implemented it through the vendor. I'd rate the services eight out of ten.

Our inhouse IT department's workload has reduced considerably since using the product. 

Setup cost and licensing are quite expensive. 

We did not evaluate other solutions. 

For two years the product has done its job perfectly. 

Check Point CloudGuard Intelligence provides network security through machine learning analytics and visualization and detecting and spotting the threat entrant detection and providing threat intelligence security proactively for restricting the endpoints at the entry stage and securing the system in the best manner possible. 

The security application works proactively and diffuses the endpoints in real-time, ensuring swift action in restraining the threat entry into our IT system.

This application supports almost all kinds of cloud and hybrid platforms and is spot on during integration with other systems.

Check Point CloudGuard Intelligence has significantly improved the revenue stream for my organization. Earlier, we had a third party for overall IT security and it was costly for us. We were looking for something with less cost. 

The CloudGuard intelligence helps in the proactive detection of security threats across an IT device or server and immediately takes corrective and remedial action so that the data and security loss is not to minimal. It is one of the masterpieces which is quite advanced with current market requirements and is available at affordable prices.

The solution offers proactive threat detection and immediate remediation of the same.

Threat hunting is easy with this application as its false negative rate is extremely low, and its performance is fantastic.

It offers affordable costing and an easy renewal process for continuing the agreement.

It can work seamlessly with any kind of cloud servers and platform without any tech hassle or disturbance.

Multiple users can access and monitor the application working with a single login, which is quite advantageous and works really well for us.

There is no shutdown or slowdown of the application while in operation.

I strongly advise that the multi-layered security system of Check Point often undergoes updates and new versions keep coming. It is absolutely fantastic and is worth admiring. Every now and then, we feel that their team's training and orientation process on orienting the clients and partners is low and needs to be strengthened so that every single individual is completely aware and informed of the features and their utilities. They are not clueless in utilizing the services to their maximum. We just need more focused training.

I've been using the solution for almost foud to six months.

It is a stable product.

The solution is scalable.

They offer strong and supportive customer support.

Positive

We were using a third-party solution earlier, which was quite localized and was having limited utility in terms of system security. We switched to Check Point due to peer feedback and advice, as my peers were extremely happy after trial use and pushed us to try the solution due to its numerous utilities, which are customizable. It is quite affordable in comparison to its other competitors in the market.

The initial setup is easy and not complex at all.

We had assistance from the vendor team only.

We've seen an ROI of almost 70%.

We thoroughly examined the software and market offerings and found that CloudGuard solutions are reliable and dependable for their good work and globally accepted happy feedback by partners and users.

The setup cost is low and the implementation process is quite smooth.

Pricing is low in comparison to various competitors in the market.

Licensing and renewal of the agreement are effortless.

We evaluated other options, such as McAfee and Trend Security solutions. 

I'd advise potential users to go for the CloudGuard Intelligence solution and strengthen their IT security. It is the best available solution in the market with strong tech support and wider acceptability globally.

We have a hybrid environment so we use Check Point Cloud Guard to protect the cloud workload. On-prem, we are already using the Check Point Firewalls so we can manage both environment firewalls using the same management server, AKA the smart console, which saves time and effort to look for logs during any type of troubleshooting. It helps us avoid creating the same objects for each firewall but also provides a single pane of glass through which we can see all gateways, logs, policies, objects, user management, and traffic tracing. 

It is a next-generation firewall that helps a lot in many ways to protect my workloads from threats, such as: 

- firewall blade providing protection at Layer 3 and 4

- application filtering blade providing protection from unauthorized applications or services

- URL filtering providing protection on malicious URLs based on various categories as updated by Check Point on a daily basis

- threat prevention and sandboxing capability to actually help with unknown or zero-day threats (it tests, removes the malicious content, and then releases or blocks by itself)

Overall, it provides good security.

The threat extraction and emulation module is a savior for us from unknown threats. We know that daily millions of new threats emerge over the internet so we like that it provides protection from them all. It's good to have a sandboxing environment that can first assess the threat before releasing it to the production environment. These threats are called zero-day threats for which there is no signature or update available whether it be on an endpoint, machine, antivirus solution, or other software. Therefore, it becomes very useful to use this feature to stop threats from spreading right at the gateway itself.

Their service needs improvement. Their vendor doesn't provide good support. Also, there is no way to escalate it to Check Point so that Check Point can take action against their partner. I don't have direct support with Check Point. We have collaborative support with one of the Check Point partners who do not provide good support. When we reached out to Check Point to escalate; they denied taking any action against the vendor.

I've used the solution for five years.

Check Point CloudGuard Intelligence Security is one of the most robust tools on the market. That's why we decided to implement it in our company when all our operations were migrated to the Azure cloud area. 

We needed a tool that would provide security in the network and help analyze any vulnerabilities that we might face in these new environments. We wanted to be able to attack all the weak points that we have in the cloud in order to guarantee effective and stable security. We also have some applications in our systems that deserve excellent security.

Check Point CloudGuard Intelligence came to strengthen our security and has helped the IT department achieve excellent network security. 

In addition to that, it has helped us centralize all the security infrastructure in this tool and helped us a lot to counteract vulnerabilities that were present. With this product, we were able to reduce the rate of attacks that we had. The database that they have is in real-time and updated instantaneously. All these factors helped a lot to reduce vulnerabilities.

Check Point's CloudGuard Intelligence tool presents some features that should be highlighted. For example:

It presents a real-time database that is always updated.

The environment can be centralized within Check Point Infinity, and thus we can have several security tools.

It also presents a forensic analysis that helped us to determine the root of several issues. 

Integration with Sentinel can be made, which allows us to obtain more security data and analyze it.

It presents a portal that is relatively easy to use and configure.

The tool works perfectly and improvements should be made, if any, in various technical and administrative aspects.

It was implemented approximately one year ago.

Check Point CloudGuard Intelligence has good stability. We have not presented performance problems or any other that would lead to a forced restart of the tool.

The tool presents very good and functional scalability. To this day, we have not presented any problems.

The support it provides is not very good. They should improve it since we have had several setbacks due to support issues.

Positive

Previously, there was no tool in the company's infrastructure. We needed the solution when we moved to the cloud and decided to improve security.

The implementation of the tool is very easy. There are several steps in the wizard where it gets complicated around the configuration, however. If you do not have extensive knowledge of the tool, it becomes complicated.

The implementation was done through the vendor, who gave us a support engineer to help us with the implementation and configuration of the tool. We also received some training.

By making an investment in security tools, we are doing ourselves a great favor. With this tool, we are protecting our information while maintaining operations. It is always a great investment to acquire these tools. Also, afterward, there is a noticeable economic return.

Whenever an investment is made in a security tool, it is high due to many factors. that said, investing in security will provide economic returns in the short or long term since it will greatly lighten workloads and provide security.

We evaluated many options on the market, such as Fortinet, Sophos, and Cisco NGFW. However, Check Point had better features.

With the time that I have used this tool, we have noticed that it is a very good solution and that it has excellent features. It provides very secure connections.

We want network security through machine learning. The product offers threat detection and intelligence for the endpoints. It also provides real-time information on application security. 

Check Point CloudGuard CNAPP's initial configuration is very easy. It is plug-and-play. It also gives regular updates. 

The tool should incorporate more use cases like improving security scores. It should also improve documentation.  

I have been using the product for a year. 

The product is stable. 

Check Point CloudGuard CNAPP is scalable. My company has more than 1000 users. 

Check Point CloudGuard CNAPP's support is very good. 

Positive

The tool's deployment is very easy and takes two weeks to complete. We need engineers to install the product. You need to ensure the overall device landscape before the product's installation. Its maintenance is easy. 

I can get 50-60 percent ROI with the tool's use. 

The tool's pricing is moderate. Its licensing costs are yearly. 

The solution helps to improve security scores, which is important for auditing and compliance. I rate it a nine out of ten. 

We use Check Point CloudGuard Posture Management to increase our visibility into our environment and ensure that our policies are being followed.

The solution has helped us analyze the security of our Azure environment. Trend Micro and Check Point analyze the Azure environment with our tenants and clients to check for security vulnerabilities and misconfigurations. We need to correct these problems and alert our team and clients of any issues. The solution also compares these actions between two applications.

The most valuable feature is the separate environment. In the testing environment, we can have Client A, Client B, and Client C. We can check this information in one portal. It is possible to separate access to this information for my clients to review.

The license cost is expensive and has room for improvement.

I have been using Check Point CloudGuard Posture Management for three months.

I give the stability a nine out of ten.

I give the scalability a nine out of ten.

The technical support is great.

Positive

The initial setup is straightforward.

The license fee is high.

I give Check Point CloudGuard Posture Management a ten out of ten.

Check Point CloudGuard Posture Management is a good solution and I recommend it.

We use the Check Point CloudGuard IaaS within our company is for the protection of our cloud assets. It is deployed on Google Cloud Platform with the help of the Firewall, Application Control, and Intrusion Prevention System software blades.

In addition, we rely heavily on the GeoIP module to restrict undesired countries from accessing our services, as for now, you can't achieve it with the GCP firewall.

There are about 30 Google Cloud projects of different sizes ranging from 10 to 250 virtual machines, and they are used for development, staging, production, etc. For every project, there is one dedicated scalable instance group of the Check Point CloudGuard IaaS gateways.

Dome9 is used as an additional compliance tool to improve the security of these environments and avoid any configuration errors.

Initially, we had purchased the Dome9 solution just for its rich compliance possibilities. We have to provide the compliance reports on a regular basis to our partner companies and the regulators of the gambling and paying card areas, but now, we also rely heavily on the feature that "auto-heals" the configurations of the security groups and the firewall rules.

In addition, the Cloud infrastructure visualization feature is really good, especially for GP with its cumbersome firewall rules based on the instance tags and the service accounts.

1. This product provides a really nice visualization of the infrastructure, including network topology, firewalls, etc. It's cozy to configure stuff, and also to wander around the interface in general.
2. The Compliance Engine is powerful. We rely heavily on this feature since we must comply with the various security standards to work in the gambling sphere across the globe, and especially in the United States and European Union.
3. The solution continuously monitors config modifications and may alarm the relevant administrators, or even revert the configs automatically.

We were demotivated by the lack of native automation modules for the Terraform and Ansible tools. We think that in the era of the DevOps approach and practices, all the new products need to be released with such support, mandatorily.

In addition, we also hope that the Dome9 will eventually support the other Public Cloud platforms, like Alibaba, since we are planning to expand to the Asian market. Alibaba is the big player in this region due to the fact that Google Cloud and AWS are almost banned.

We have been using Dome9 for less than a year.

Dome9 is stable and works smoothly.

The solution is scalable. We have it run on about 30 projects without any issues.

No cases have been opened regarding Dome9 so far.

No, we are unfamiliar with the other solutions of the same kind.

The setup was straightforward, and the configuration was easy and understandable.

Our deployment was completed by our in-house team. We have a Check Point Certified engineer working in the engineering team.

I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you.

No, we did not evaluate other options before adopting Dome9.

Request a free demo directly from Check Point and see whether Dome9 suits you.

I work with the solution for patching over all the cloud vulnerabilities. We have a different monitoring team that monitors all the alerts on the solution. They send us a report, and we work on that report to patch all the vulnerabilities of our cloud environment, such as Azure and AWS.

The solution's main benefit is that it automates all the patching and reporting parts and generates an automated report. The solution automatically notifies you whenever any alert comes into your cloud environment via mail or message.

Sometimes, the solution provides us with false alerts of vulnerabilities that are not present in our cloud environment. The solution should include an auto-remediation feature, which most tools currently provide.

I have been using the solution for three years.

Apart from the occasional false positives in the reports, we haven't had any issues with the solution's performance or stability.

Check Point CloudGuard CNAPP is a scalable solution.

The solution is implemented in multiple locations, and each location has around 300 users.

We contacted the technical support team during the deployment phase, and their support was very good and responsive.

Positive

We previously used CrowdStrike. We switched to Check Point CloudGuard CNAPP because CrowdStrike lacked many features. Check Point CloudGuard CNAPP is a more advanced version of CrowdStrike, integrated with AI capabilities. It also provides different automatic reports, such as compliance reports.

Around three to four people were involved in the solution's deployment. Since there are multiple environments in the cloud, it takes an entire day to deploy the tool.

The solution's cloud security posture management scans your cloud environment and cloud-configured policies and gives you a report of all the loopholes in your cloud environment. You can also get compliance reports from the solution, and I am completely satisfied with its effectiveness.

The solution's cloud security posture management identifies risks most critical to the business and segregates them into low, medium, and high categories. The solution's workload protection capabilities provide protection for VMs. The scanning provided by the solution's workload protection capabilities helps us identify problems before they go live.

We can schedule the solution to scan our cloud environment daily for vulnerabilities. The solution takes 20 to 25 minutes to scan the entire cloud environment. Earlier, it used to take an entire day because we had to perform all the manual tasks to find out all the loopholes in our cloud environment.

Before using the solution, we used to spend an entire day finding all the loopholes in our cloud environment. Check Point CloudGuard CNAPP automated most of our tasks by providing automatic reports to our security team. We also use the solution's CDR capabilities.

The visibility we get from the solution's CDR capabilities helps simplify incident investigation time or process. After providing all the loopholes in our cloud environment, the solution provides a step-by-step remediation plan to fix particular vulnerabilities. We extract the report from the tool and work on the patching part.

We perform intrusion detection and threat hunting from the same console. Check Point CloudGuard CNAPP is a SaaS-based solution. All the configurations have gone through the secret key we fetch from the cloud environment and integrate with the solution. From there, it fetches all the configurations for the entire cloud environment.

I would recommend the solution to other users.

Overall, I rate the solution ten out of ten.