Coming October 25: PeerSpot Awards will be announced! Learn more
Buyer's Guide
Firewalls
September 2022
Get our free report covering Microsoft, VMware, Fortinet, and other competitors of Check Point CloudGuard Network Security. Updated: September 2022.
635,987 professionals have used our research since 2012.

Read reviews of Check Point CloudGuard Network Security alternatives and competitors

Manuel Gellida - PeerSpot reviewer
Owner at Dinamica en Microsistemas de Informatica, S.A. de C.V.
Reseller
Top 5
Easy to use and deploy with an improved pricing structure in place
Pros and Cons
  • "The initial setup is pretty easy."
  • "They need to allow their solution to integrate with other products and not just other Sophos solutions."

What is our primary use case?

My clients are mostly based in the government. They are my core clients. I install the solution for my clients.

What is most valuable?

The solution is very easy to use. 

Of course, we have the skills, however, it's very easy for us to deploy the solution. That's one of the valuable features. 

They have a communication between the endpoint and the firewall which is very, very useful for security purposes.

Pricing is now pretty good. They changed the pricing structure a few months ago.

The initial setup is pretty easy.

What needs improvement?

The integration could be a bit better. They need to allow their solution to integrate with other products and not just other Sophos solutions.

Sophos has a feature that in my opinion is very limited. They don't have enough VPNs on their models. They have the XG 750, which is a sizeable appliance. On those models, they used to have not enough VPNs. They always were short on that area. 

Pricing used to be very bad, however, they've adjusted their strategy recently. 

The product needs to improve its marketing in Mexico. It's not a well-recognized product in our country.

The solution's technical support is very bad.

There is an overall lack of documentation in relation to features and capabilities. We need these to help explain aspects of the solution to our clients. 

For how long have I used the solution?

I've used the solution since around 2014. I have about six years of experience at this point. It's been a while. I've definitely worked with the product in the last 12 months.

What do I think about the stability of the solution?

The solution is quite stable. There are no bugs and glitches. It doesn't crash and freeze. It's quite reliable. We don't have problems with it.

What do I think about the scalability of the solution?

The solution is very scalable. It is not a problem. Sometimes we have issues when we are trying to do something with a different traditional version of hardware as sometimes the new hardware has more ports. However, if we are talking about scalability in a huge customer, we can do it very easily. 

Mexico is very different than other countries and continents as here, when we say it's a big customer, we are talking about 2,000 to maybe 3,000 users. There aren't too many large-scale operations in the country. However, in general, for our area, we tend to deal with large-scale companies.

For a company that has maybe 1,000 users, Sophos seems to work very well. We have one operation with 10,000 endpoints and it is working quite well.

How are customer service and technical support?

Technical support from Sophos is very bad.

Sometimes we lose a project due to the fact that we need to solve some issues or answer questions. Things that may be technical but also involve the administrative side. I'm talking about licensing and the capabilities of the feature. We need some documentation, something we can show clients. They can better in those cases. They can either help us or supply us with what we need. 

In response time, they are terrible. In the area of technical knowledge, they are getting better, however, they aren't where they need to be. Right now, we are not satisfied with the level of support provided.

How was the initial setup?

The initial setup is not complex. However, here in Mexico, it's very complex to sell the product. The brand is not as well known.

That said, the process is pretty straightforward. 

The deployment times vary. It depends on the end-user and what they need. Sometimes, it's easy as they don't have too many policies. The more policies they have, the longer it takes.

In other cases, clients may have a lot of VPNs. We have to work on those VPNs, and we have to do a lot of routing. However, that depends on the customer. Not all are like that.

For one appliance, you just need one person for deployment and maintenance. If we are working a lot of VPNs, we would have to use more people. We need to involve maybe two or three individuals and re-apply the configuration in that case. 

What about the implementation team?

We handle the installation process ourselves. We do not need the assistance of consultants.

What's my experience with pricing, setup cost, and licensing?

The pricing has recently changed on Sophos. Their licensing and cost structures are much more clear now. It's much better than it was.

Which other solutions did I evaluate?

Clients, in many cases, evaluate for Check Point, Forcepoint, and sometimes Fortinet. Occasionally, they may look at SonicWall, or Palo Alto however, the others are the main big competitors. 

Palo Alto is very expensive as are Check Point and Forcepoint. That's why we sometimes win the projects. We find Fortinet, is very, very hard to beat as they have a lot of market share, have a lot of marketing. Sophos doesn't have that presence, that marketing. Also, when you have to think about prices, Fortinet gives customers everything and it's hard to beat.

The biggest issue I've found with Sophos is the small number of VPNs that we can do compared to a similar appliance with Fortinet or in the same level center. In fact, many other brands offer more VPNs than Sophos.

What other advice do I have?

I'm a Sophos reseller.

We use multiple versions. We have worked with XG 460 and XG 135 and some others -such as XG 230. In those cases, sometimes it has been Rev 1 and in other cases Rev 2 in terms of the hardware versions.

I mostly work with on-premise deployments. The only item I have installed in the cloud is an email solution by Sophos.

I'd recommend the solution to other organizations. Overall, I would rate it at a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Amith Rao - PeerSpot reviewer
Senior Network Security Engineer at a tech services company with 51-200 employees
Real User
Top 20
Get great visibility into vulnerabilities through micro-segmentation
Pros and Cons
  • "This tool greatly helps in understanding the footprint of the attacks."
  • "The interface and dashboard are amazing."
  • "The product needs a few features like enhanced user policies and payload-level inspection to improve the offering."

What is our primary use case?

We are a partner, not a customer. We would like to be in a position of trying to provide consultation for this solution and delivery of the product to clients. So, we have partnered with Guardicore in India and we are trying to sell this product and that is our primary use case. The primary use case that we are implementing this product for with clients is micro-segmentation.  

How has it helped my organization?

This particular product has a deployment model both in public and private clouds and on-premises. We are pitching it to all of our customers, irrespective of the regulations that they must follow. Some customers are in the government sector, for example, and they will need to go on-premises. There are some customers like IT service-based companies that have most of their infrastructure in the cloud, and those can use cloud-based services. What the client wants and needs totally depends on the type of client they are. We have an advantage with this product in offering it both ways — on cloud and on-premises — to meet the client's needs.

What is most valuable?

The most important feature or use case, because of micro-segmentation, is the visibility you get when you deploy this product. It will give you very good visibility of your whole data center. The second thing that is valuable is the lateral movement. Often when there is a compromise of vulnerabilities in the organization, this tool greatly helps in understanding the footprint of the attacks. It also helps in stopping the lateral movement of the attack.  

What needs improvement?

Predominantly I have been working with firewalls and the UTM (Unified Threat Management) solutions for some time. Guardicore has to do something to add on features that help to do a better job of inspection.  

They should have policies based on users. Often we can only add user groups. I think they should offer the ability to assign policies to individual users. The ability to assign policies to both users and groups would make the area of creating policies more flexible. They should also have time-based rules in the policies which they currently do not have.  

They should also get into payload-level inspection. As of now, what they do for threat inspection is to look at the metadata of a packet. This is not in depth enough for proper inspection. They need to start inspecting the payload-level information of a packet or offer this as an option.  

So they should have payload-level inspections to do some deep investigation. Then they should have more user-level control of policies. I think if these two things are introduced, then I could probably change my rating of Guardicore to a nine-out-of-ten.  

For how long have I used the solution?

We have just recently started working with Guardicore. Six months ago we began working on the POC (Proof of Concept) and we have still not finished so we have yet to deploy the product to production.  

What do I think about the stability of the solution?

I cannot comment on stability under higher loads because we have not yet deployed it and exposed it to live traffic. We are still in the testing and evaluation phase.  

What do I think about the scalability of the solution?

I think it is an amazing product in terms of scalability.  

How are customer service and technical support?

I have not had any experience with technical support because we are not in production. Once we deploy the solution to our customers, that is when I think we will be making more use of support resources.  

Which solution did I use previously and why did I switch?

Earlier we worked more in the firewall space. That is, we worked with Check Point a lot. It was maybe for a period of five years. Then from firewalls, which is a UTM solution, we are trying to move into the new world technologies. That would be things like dedicated security solutions that cover more than what firewalls do.  

As an employee, I am not sure what my organization has gone through in making evaluations and comparisons. I am sure that they have evaluated other products like Illumio, Cisco Tetration, and Guardicore. I do not know, out of all their testing and research, specifically why they found Guardicore to be more a valuable solution. I think these people may be more focused on what they are doing rather than how it is getting done.  

How was the initial setup?

The installation and setup are pretty straightforward.  

What other advice do I have?

Right now, I would definitely recommend Guardicore for someone who is looking into the micro-segmentation space or probably an internal firewall for the organization.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate Guardicore Centra as probably an eight-out-of-ten.  

The interface and dashboard are amazing. I would rate the user interface as a ten-out-of-ten. For other reasons having to do with features and functionality, I have to mark them down a few points.  

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Data Analyst at a hospitality company with 201-500 employees
Real User
Top 20
User-friendly, provides good access, and is fairly easy to implement
Pros and Cons
  • "It is a very user-friendly product."
  • "I don't have to see all the object groups that have been created on that firewall. That's just something that I would really appreciate on the CLA, even though it already exists on the GUI."

What is our primary use case?

We primarily use the solution in order to create access rules. That's what I use it for mostly. Sometimes, if I need to do some mapping, I may also leverage this product.  

What is most valuable?

In terms of access, the solution is great at making sure that the firewall has the right IPs, or that the right IPs are passing through where they should be. 

The product does a good job of making sure that the connection is one that the user can trust. It keeps everything secure.

From what I've already done with ASA, I've noted that it's a very simple solution. 

It is a very user-friendly product. I started with the GUI version. There are different versions. You could have the CLA, and the GUI version if you like. Both are really user-friendly and they're easy to learn. 

What needs improvement?

We haven't been working with the product for too long, and therefore I haven't really found any features that are lacking. So far, it's been pretty solid.

One of the things that would make my life easier on ASA, especially for the CLA, is if it had an ASBN feature, specifically for the CLA. This would allow you to be able to see at once where a particular object group is being used without having to copy out all the object groups that have already been created.

I don't have to see all the object groups that have been created on that firewall. That's just something that I would really appreciate on the CLA, even though it already exists on the GUI.

For how long have I used the solution?

I've been using the solution for six months now. It's been less than a year. It hasn't been too long just yet.

What do I think about the stability of the solution?

The solution has been quite stable.

Most of the clients that we deal with use this solution. No one has ever complained about having a breach or anything, to the best of my knowledge, even though we see some people combine different firewalls together, and use them alongside Cisco ASA. So far, we've not had any issue with Cisco ASA. It's reliable and keeps our clients safe.

What do I think about the scalability of the solution?

I've never tried to scale the product. I haven't worked with it too long at this point. I wouldn't be able to comment on its scalability potential.

How are customer service and technical support?

I've never dealt with technical support yet. I can't speak to their level or response or their knowledge of the product.

Which solution did I use previously and why did I switch?

In the past, I've worked with Check Point and Fortinet as well.

How was the initial setup?

I've been handling the implementation. So far, it's been good, even with no prior knowledge of the solution itself. It's my first time working with it.

On my team, lots of people are working on different aspects, and most of the setup is being done by those that have more knowledge about the firewall than we have. We don't have anything to do with the setup, we just make sure that we implement whatever connections the clients already have. It's already broken down that way, just to avoid as many mistakes as possible.

We already have a process for implementation based on the number of connections. The maximum we normally work on each connection is maybe 20 to 30 minutes. However, the process could be as little as one minute. It depends on how many connections we want to add at a time.

What about the implementation team?

We're handing the implementation via our own in-house team.

What's my experience with pricing, setup cost, and licensing?

I'm just handling the implementation and therefore don't have any insights on the pricing aspect of the solution. I wouldn't be able to say how much the company pays or if the pricing is high or low.

That said, the pricing isn't an issue. It's more about what's best for the customer or the client. We want to give the client the best service, and very good protection. If a client begins to worry about pricing, we can't exactly guarantee the same level of safety.

What other advice do I have?

Our company has a partnership with Cisco.

We have different clients and therefore use different versions of the solution. Nobody wants to use an out-of-date version, and therefore, we work to keep everything updated.

Overall, I would rate the solution at a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Andrea Andrea - PeerSpot reviewer
CTO at BE.iT SA
Reseller
Top 5Leaderboard
Feature-rich, robust, and easy to set up
Pros and Cons
  • "It's great for handling complex items."
  • "The price is a bit higher than other vendors."

What is our primary use case?

The last project was a project for a government, and it was to build a secure, private distributed system in two different countries.

What is most valuable?

In the last project, we choose this brand of firewall. Normally, customers are asking us which is the better solution. Normally, since Barracuda has many different features, it is quite easy to use Barracuda instead of something else, since it offers a full set of features. It has a full-feature license. It is easy to adapt the solution to the customer's needs.

It's great to have an unlimited VPN, advanced threat protection, many other features inside the proxy server, and so on. It's far easier than building out of Barracuda fiber than, for example, Check Point, where you have to buy every single module independently from the other.

It is a product that is very feature-rich.

It's quite robust.

The initial setup is very easy.

It's great for handling complex items. If you want to flag Facebook you can. If you want to create a cluster, it's easy. There are many things you can do using this product and they make it all very simple. 

What needs improvement?

The management program is something that only certain people understand. It does its own logic sometimes. It's very hard to use it. Barracuda is complex in terms of doing simple things. It could be more user-friendly. It needs to be more logical.

The price is a bit higher than other vendors.

For how long have I used the solution?

I've been using the solution for six to eight years It's been a while. 

What do I think about the stability of the solution?

It is a very stable product. I've never had a problem bad enough to reboot one firewall.

What do I think about the scalability of the solution?

The portfolio is quite broad. We can sell this firewall to very small companies or to big ones.

The scalability is easy. If you need to switch the file, you just need to contact them, switch with the IR model, pay the difference, and then you can load the old parameter file to the new one. So it's easy.

How are customer service and support?

I call support sometimes. I have to admit that customer support was better three or four years ago. Now, they switched their first level of support to India. Sometimes it's quite difficult to understand the technician. Then, if you go to the second level of support, it's far easier, since they are here in Austria. It's not a problem to talk with them. The second level of support is performed by people who are writing the software. They know the product very well.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We've also used Check Point in the past, however, it's not a full-feature solution. 

How was the initial setup?

The implementation process is a walk in the park. IT's just next, next, next and you are done. You change a couple of parameters, and then you are online. Then you just adapt the firewall to the customer's needs. The setup is very easy. It's even easier if you are using the control center, even if it's quite expensive.

The initial setup itself might take 15 minutes or so. 

It's a five out of five in terms of ease of setup. 

There is some maintenance, however, it is minimal. Maybe every four years you'll need to switch the firewall. That's it. The new firewall is sent directly to the customer site. Then we just need to download the configuration file from the old one and just turn off a switch and turn on the new one.

What about the implementation team?

We do the entire implementation by ourselves. 

What's my experience with pricing, setup cost, and licensing?

The cost of the solution is higher than other vendors, yet with the extra cost. 

For a low-level firewall, it's likely less than 1,00 Francs a year. They work on a yearly subscription model. 

We typically buy a full-featured package that has everything inside. 

I'd rate the pricing a three out of five in terms of affordability. 

What other advice do I have?

I'm working with the most recent update. 

We are reselling Barracuda to our customers.

I'd recommend the solution to others.

I would rate it eight out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
Flag as inappropriate
Project Manager at a tech services company with 51-200 employees
Real User
Top 10
Good pricing, good technical support, and fairly user-friendly
Pros and Cons
  • "The pricing is excellent. It's much less expensive than Cisco."
  • "The initial setup is complex."

What is our primary use case?

I'm primarily using the solution for security purposes, and also for managing the network for various companies. I am deploying it for uniting management statuses, in order to be able to manage everything inside and to control security policies. It can fight against attacks to the system or for email searches. It is basically a central management security appliance.

What is most valuable?

We find it's good for managing the network and offers good defense against attacks.

Technical support is great. It's really fast.

Overall the solution is pretty user-friendly. It has a good dashboard and is pretty easy to navigate.

The pricing is excellent. It's much less expensive than Cisco.

What needs improvement?

The only thing is sometimes you have to learn with CLI. For those not familiar with CLI it can be an issue. It would be ideal if we could avoid using CLI. If you make a mistake in the command line, it's harder to detect. It would be much better if they had a user-friendly GUI.

The initial setup is complex.

For how long have I used the solution?

I've been using the solution for five years.

What do I think about the stability of the solution?

The solution is very stable. You don't have to worry about bugs or glitches. I tend to wait and not upgrade to the latest version right away to ensure this is the case.

What do I think about the scalability of the solution?

The solution is scalable. If you need to expand it, you can. We have it at a variety of networks and sites with no problem.

We have 120 users that are connected to a minimum of 80 computers and a minimum of 15 servers, which is great. The solution is working and it is still stable even across all of these devices and servers. We have multiple networks inside as well, so we are not only on one network. We set them separately, which is why the initial setup for us was quite complex. We're through with that though.

How are customer service and technical support?

The technical support is pretty good. they're pretty knowledgeable and responsive, especially when you get to the Level 3 techs.

Which solution did I use previously and why did I switch?

We previously used CheckPoint. Unfortunately, they didn't have a very good service, especially in technical support, and therefore we decided to switch.

How was the initial setup?

For our organization, the initial setup was not straightforward. It was pretty complex. That's due to the fact that we had many networks to set up and many sites to take into account.

What about the implementation team?

We set up the solution ourselves, although we did work closely with Fortinet as part of their bundle package.

What's my experience with pricing, setup cost, and licensing?

The licensing is paid on a yearly basis.

Which other solutions did I evaluate?

I evaluated Palo Alto. They didn't have the complete solution we wanted. Neither did Juniper, which we also looked at. We looked into possible having Cisco, however, Cisco is too expensive. 

When we looked at Cisco, we also evaluated Meraki, which is a part of Cisco. It did not have what we needed either. 

What other advice do I have?

We are using the 200E in our environment. We had 200D before.

We're not using the latest version of the solution, which is 6.4. I like to wait on new versions to see if it is stable before deploying it. I like to take my time and avoid headaches where possible.

I would recommend the product to other organizations. It's got great bundle options which make it a very good choice - and it's much cheaper than Cisco.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Firewalls
September 2022
Get our free report covering Microsoft, VMware, Fortinet, and other competitors of Check Point CloudGuard Network Security. Updated: September 2022.
635,987 professionals have used our research since 2012.