Check Point CloudGuard Network Security Reviews

As per the solution's blade design, there are many options. For example, you have to buy a UTM blade and an advanced malware blade, etc. If the blade license is there, we can configure from the firewall GUI. 

The net policy and routing are also great features.

If you compare the GUI with the Palo Alto and Cisco, they're very easy. Check Point, due to its design, is a little bit complex. They should make the GUI easy to use so that anyone can understand it, like Fortinet's GUI. Many companies end up using Fortinet because the GUI is very easy, and there's no need for training. They just deploy the box and do the configuration.

Also, we have to inform customers that with Check Point there's no need to purchase any routing device. Check Point can do that routing as well as the Firewall and the IPS. The marketing should be stronger, to show that customers only need one box to handle all the features. It will be cost-effective and enhance the performance and value, but because of their poor marketing, customers don't realize this.

In the future, a color string would be powerful. Sandboxing should also be offered. Many people want the Trend Sandbox but not on the cloud. In the Middle East, there is a policy for Sandboxing that states it should be on Trend as per the government law. They have Sandboxing solutions on the cloud, but they have to bring the solution onto Trend also. Palo Alto has Wildfire, Cisco has Talos, and Forcepoint has one available as well.

In the future, routing protocols should be more supported like OSPF and BGP. There needs to be integration with the SDN. I don't know if SDN is there or not in Check Point, but SDN is one of the major requirements nowadays.

The solution is very stable.

We just deployed the solution, so scalability I cannot speak to right now. But, as per Gartner and NSS Lab, they're allegedly very good. I don't think there will be an issue with scalability.

I am currently also working on Cisco ASA, Fortinet, and Palo Alto.

I'm an Operation Engineer; I handle the deployments myself. 

Compared to Cisco Firepower Threat Defense, the solution is cheap. However, not as cheap as Fortinet or Palo Alto. If clients have smaller budgets, we would have to advise one of those instead.

There are two deployment model modes in Check Point. One is a gateway level and one is a no gateway all-in-one box solution. With the gateway level, only hardware will be there, all operating systems are stored in a VMware and if there are any issues in the hardware, you just replace the box; all of your policies will be saved into VMware.

The all-in-one box you have the GUI policies and also the gateway so it's secure. If there is an issue in the box - like failure or downtime - all of the networks will be affected.

I would rate the solution eight out of ten. We haven't been using it too long, so we haven't had a chance to look at all aspects of the solution. I would recommend Check Point to customers because it is an affordable option.

We are able to use the solution for cloud protection and in parallel with or just for network protection. In our scenario, we use it as a border network firewall, which is based on a virtual environment and we're using it for the border protection of our network. 

We find Check Point valuable because they are 100% focused on security. It totally closes the potential vulnerability channel. We can check our mail and our attachments and we can scan everything easily. We get an immediate report about the situation of the attachments. We can discover if the target's security attack was started from phishing, etc. We also enjoy using the additional features that protect our internal customer from targeted attacks.

The stability of the solution could be improved, but this is the problem of all the solutions in the market. This isn't just a problem specific to Check Point.

The stability is good. It's really good compared with Palo Alto, Fortinet, and Cisco, most of all. But it definitely can be better.

The scalability of the solution is good. Right now, the solution protects about 400 customers.

The solution's technical support is good. If we have problems, we can speak directly to Check Point, or we can speak to one of their partners or a local partner. The solution has a great community that surrounds it.

The initial setup was complex because we were using a complex networking architecture. It took us about two days to implement the solution. For administration of all of this infrastructure, we need two people. For deployment and maintenance, we need just one person.

We used the implementation guide provided by the company to assist with deployment.

Our licensing is yearly at a fixed cost.

The solution has a very flexible pricing model. It can provide the same level of security and performance, but in parallel, can be subscription-based.

The solution is the on-premises deployment model which we use in our server environment.

We are an integration company, and although we deal with other solutions, we mainly focus on Check Point.

The solution is a great mix of user experience, flexibility, security features, and cost. After five years, I believe the total cost ownership will be much cheaper than any competitor.

The advice I would give to others interested in implementing is that this solution does have security problems. Not Check Point, per se, but in the network environment. The security recommendation from the Check Point and from us is to use the VSX in the internal network. It should not protect your border because there are some issues around bugs, etc. It could cause vulnerabilities if it's used this way. 

I would rate this solution eight out of ten.

I use CloudGuard Network Security to enhance our cloud exchange points' security. Our customers can seamlessly connect across multiple clouds within the region, and CloudGuard provides next-generation firewall services to ensure their data and applications are protected.

CloudGuard Network Security has significantly improved our organization by helping us tap into the Check Point customer market.

The VPN features in CloudGuard Network Security have been the most valuable for us. It allows us to scale securely within our infrastructure, providing both strong security and VPN capabilities.

In the next release, including VRF support would be highly beneficial. Many customers have been requesting this feature, as it is currently lacking in Check Point's offerings, which can make architectural designs more cumbersome compared to competitors.

I have been working with CloudGuard Network Security for two and a half years.

As for scalability, it could be even better with VRF support, as it would allow for more efficient scaling without the need to deploy separate firewalls for different workloads.

CloudGuard Network Security has been quite stable.

I would rate technical support for CloudGuard as an eight out of ten.To make it a ten, I would expect more proactive assistance and smoother transitions between support levels.

Positive

When comparing CloudGuard Network Security to other solutions like Fortinet and Palo Alto Firewalls, they are similar in terms of identifying security threats. They all offer robust features such as antivirus, deep packet inspection, and IPS. Some of our customers have transitioned from Palo Alto to Check Point. While I don't have specific reasons, it could be related to factors like pricing.

We deployed it across multiple locations, utilizing AWS for SMS management. The environment was designed to ensure security and privacy, with all deployments being private despite being in the public cloud. Our implementation strategy was flexible, depending on the customer's needs, focusing on workload security first and then gradually migrating workloads. The initial deployment was straightforward.

One significant difference between CloudGuard Network Security and other solutions is the lack of VRF support. This means that when dealing with customers who have multiple segments and exchange points, deploying new firewalls becomes necessary. Competitors' solutions typically include VRF support, making scaling much easier and eliminating the need for additional firewall purchases.

We chose CloudGuard over other vendors because it allows us to provide unified security across multiple cloud providers like AWS, Azure, and Google Cloud. Unlike native cloud firewalls, CloudGuard offers scalability and the ability to expand across different platforms, meeting our customers' needs for consistent security across diverse cloud environments.

We implemented CloudGuard Network Security to meet our customers' demands for enhanced security features and centralized management. They specifically requested Check Point CloudGuard for its robust capabilities, including SMS and MDS for global management.

Using CloudGuard Duo Security has provided us with the ability to manage globally through MDS, which has been a valuable capability. It is convenient to have multiple pockets of global management from UniFi OS.

We realized the benefits of CloudGuard Duo Security quickly after deployment. Understanding the architecture, especially the MDS setup for higher-level organization control, allowed us to establish multiple pockets of management efficiently.

Unified security management allows us to streamline our security operations significantly. With centralized management through SMS and MDS, we can efficiently oversee not only the firewalls within our cloud exchange points but also on-premises devices, enabling a cohesive and unified security architecture across all environments.

I'm very confident in CloudGuard Network Security because it helps us secure our global network. With CloudGuard, we can set up rules to protect against risks from on-premises traffic and ensure security through various measures like single sign-on integration and VPN restrictions.

CloudGuard Network Security is a great product that fulfills firewall needs effectively and provides detailed insights. However, in multi-segment environments requiring multiple VRFs, it can be cumbersome and costly due to the need for separate firewalls.

The best lesson I have learned from using CloudGuard Network Security is to carefully consider the scalability requirements of each environment. While Check Point offers robust features, the lack of VRF support can lead to increased costs and complexity, especially in multi-segment setups where separate firewalls are needed for each segment.

Overall, I would rate CloudGuard Network Security as an eight out of ten.

We place our CloudGuard Network Security gateways at the front on Azure, positioned with a load balancer. The configuration includes a load balancer and gateways on a virtual automation scale set in Azure. 

The solution is easier to manage than an on-premise firewall. It is easy to manage. The use of dynamic objects for these gateways made it easy to create the right rules and the right policies. Integration with Azure is also easy where we have to just add the subnets. In an on-premise setup, we have to add everything from scratch. We can automate a lot of actions.

We have the product deployed on Azure China. One crucial concern is the version limitation; unfortunately, in Azure China, we are restricted to running version R80. Our architecture has a Load Balancer, VMSS CloudGuard, etc. The duplication in this setup prevents the application from seeing the original client IP. This poses a problem for certain applications that require the original IP for login purposes. Although we managed a workaround with a different architecture involving a WAF, it is not as straightforward as the standard Azure setup.

I have been using the product for two years. However, my company has been using it for five to six years. 

CloudGuard Network Security's stability is high. 

The solution's scalability is good. 

We typically open tickets with our partner, but there was one instance where they couldn't provide a solution. In that case, we opened a ticket with Check Point directly, and they responded within four hours, resolving the issue.

We initially used on-premise solutions, starting with Juniper firewalls. However, when we migrated to Check Point for IPS protection, the experience was really good.

We have seen ROI with the product's use. It helps us reduce the manhours with upgrades and odd fixes. We can automate the process. It takes only a small amount of time. On-premise solutions require informing users about potential interruptions and, in worst-case scenarios, significant disruptions. The process involves extensive preparation, including ensuring that the necessary conditions are met for updating the cluster members one at a time. In contrast, on Azure, automation simplifies everything.

We tried to use Azure Firewall for one application as a proof of concept. However, Check Point is easier for us. 

We operate in a hybrid cloud environment with both on-premises and Azure, but we don't currently use other cloud providers like Amazon. Our on-premises SmartConsole remains in use, and overall, everything is running smoothly. Our confidence in the product is high. We believe that we can do better with its help. I would rate it a nine out of ten because it's very good with high potency and potential. However, it's not perfect. I faced issues with Azure China, and it's not as straightforward on other cloud platforms.

We utilize CloudGuard Network Security for internet surfing and handle inter-sector traffic between VPCs. Specifically, we have over 200 accounts in AWS, each with its own VPC. The solution interconnects all the regions. 

The tool's most valuable feature is its scalability. You will only have to pay less for scaling up. Its notable benefit is deployment complexity. Regional deployment is simpler compared to on-premise setup. 

When upgrading the firewall, the old VPC containing the firewalls needs to be destroyed. After that, a new firewall is redeployed in the setup. Additionally, there's a need to separate the routing, and the routing from the old VPC has to be recreated in the new one.

I have been using the product for two years. 

We had issues with stability. We have an open ticket at the support regarding this. 

CloudGuard Network Security is scalable. 

The tool's support is good. 

Positive

CloudGuard Network Security is not too cheap. 

I don't see any difference in user experience between on-prem and the cloud setup. We have an MDS environment where we can manage the whole country. The tool enables us to manage policies on the same platform for branches and regions in the country. I rate the product an eight out of ten. 

What could be improved in this product is its architecture. Its user interface also needs improvement.

The user experience, particularly in the implementation, management, and operations of this product, also needs to be improved.

Operations management is difficult in Check Point CloudGuard Cloud Network Security.

I've been using Check Point CloudGuard Cloud Network Security for seven years.

I find this product stable. It's a good product.

Check Point CloudGuard Cloud Network Security has good scalability.

I'm giving technical support for this product a five out of ten.

My advice to people looking into implementing Check Point CloudGuard Cloud Network Security is that they should have technical expertise before deploying it.

I'm giving Check Point CloudGuard Cloud Network Security an eight out of ten.

The security features of Check Point CloudGuard Network Security are very good.

The solution could improve to have a DLP feature.

I have been using Check Point CloudGuard Network Security for approximately three years.

Check Point CloudGuard Network Security is stable.

The scalability is good.

The initial deployment is easy. However, the implementation can be complex.

My advice to others is to evaluate the products first and then proceed.

I rate Check Point CloudGuard Network Security an eight out of ten.

I have been using Check Point CloudGuard for 3 years now. I use it in the financial sector, and use the gateways for perimeter security, east-west traffic inspections, and internet access. We have gateways for production, development, and outbound (internet access). The blades for IPS, FW, And URL filtering have been enabled with no problems. All the gateways are stable. We mostly use it for VPN site to site, and we can establish VPNs with Azure and other services. 

Check Point CloudGuard Network Security has established communications with other devices and other cloud providers. CloudGuard has improved the passage of CIS and PCI regulations. The functions for autoscaling save costs for the company and the centralized management helps us with administration. CloudGuard complements the security model of the company. We only need one solution for all cloud providers as it offers good compatibility with lots of protection. the easy funtion of use the licence core in other gateways helmpe to save cost. And the easy VPN configuration helpme to stablish more than 100 VPN in an shortly time.

The most valuable features are the VPN Blade, IPS Blade, URL filtering, and Applications Control Blade. They help me to align with any compliance or regulations within our financial sector. The VPN blade has helped me to establish tactical communications. The logs help with troubleshooting and they are great. The IPS blade helps me to meet regulations and protect against intrusion. The applications control makes it easy to configure and created profiles. It blocks all the non-authorized applications. 

CheckPoint CloudGuard could be better at solving cases. In many cases, the client should be able to request or obtain a sufficient explanation or to obtain an appropriate answer. Check Point should improve the queue clients need to go through to obtain access to direct support chat. This should be for users with privileged access.  

CheckPoint features that should be included in the next release include the possibility to create a cluster on AWS and a Multi-region Cluster. They need to also include the possibility to use a managed web portal. 

I've been using the solution for about 3 years.

The scalability is very good.

Technical support is very good.

The initial setup is easy.

The team that helped us was very good.

The ROI we've had has been very good.