Check Point CloudGuard Network Security Reviews

Our primary use case is for segmentation and next-generation protection. 

Our clients choose CloudGuard as a natural progression of their solutions. They understand Microsoft and CloudGuard fits. They are vendor-oriented. They stick with Microsoft. They have a lot of experience with Check Point and this fits in. 

Check Point Management is the best and Azure management is also very good. It's simple and has high security. There are no additional costs which is one of the advantages. 

Compared to other solutions, CloudGuard is easier to use. 

I don't see much need for improvement. 

In Czech, we are a little behind the USA and Germany so we have matured in our mentality to move towards the cloud. 

Check Point could show us use cases that would help us in Czech and could help us with security threats in our specific country.

The level of confidence our clients have in their cloud network security using CloudGuard Network Security depends. Some are very confident but some are worried about information being exploited. When compared to other vendors, CloudGuard is the best when it comes to threat protection.

I have been implementing CloudGuard for our clients for four years. 

It's stable.

It scales well for our clients' needs. We have deployed over 2,000 servers.

Support is good for CloudGuard. It could depend on the support person who is helping us. Different regions offer different levels of support. Israel and US offer the best support.

Positive

It's easy for me to deploy. 

Every project needs different pricing. I believe that when we talk with the particular guys, we will find a price for the customer. They are flexible in terms of that because we need to be flexible, and we have many companies who are aggressive with discounts. 

I rate the overall product an eight out of ten. 

We utilize CloudGuard Network Security as virtual appliances deployed within virtual machines, acting as firewalls at the perimeter of our data center in QSaver. These virtual appliances safeguard all internet access originating from the virtual machines at our factory in Curitiba, Brazil.

The challenges we sought to tackle through the implementation of CloudGuard Network Security were to ensure the protection of our servers against threats and attempts to breach them via internet-facing avenues.

We found it advantageous due to its ease of implementation and use. There were no delays in receiving customer devices, which enhances security within the environment.

We enjoy all the benefits typically associated with physical appliances, even while utilizing virtual machines. Although it took some time for customers to fully grasp the benefits, as they weren't immediately clear, over time, they began to recognize the value it brings to their security infrastructure.

It offers us unified security management across hybrid CloudGuard deployments, as well as on-premises. The option to manage it bridges physical devices onto the data center. With consolidated logs accessible on the same management interface, it becomes highly convenient and straightforward to operate.

Comparing CloudGuard's network security to other solutions in terms of ease of use is challenging. Additionally, since we're already utilizing Check Point solutions, integrating it with hardware network security proves to be very straightforward and user-friendly.

We have a high level of confidence in the effectiveness of CloudGuard Network Security.

The SSL spectrum proved to be the most valuable for our incoming connections. This feature enabled us, for instance, to successfully prevent Log4J attack attempts.

New features have been introduced recently, but they have not yet been integrated into CloudGuard Vsec. It would be advantageous to have them implemented as they would improve the performance.

I have been using it for three years.

It provides excellent stability capabilities.

It offers good scalability abilities. We have a plan to increase the utilization of CloudGuard Network Security and its services in the future.

I am satisfied with the customer service and support provided. I would rate it eight out of ten.

Positive

In our deployment environment, each instance is strategically positioned at the forefront of the web servers within the data center, effectively serving its purpose. Specifically, it functions to regulate internet access for the servers and manage inbound connections from internet customers to the servers.

It's remarkably easy to deploy, by far the simplest. For instance, it only took us a few minutes to transition to production. This capability is incredibly beneficial, as it allows us to swiftly assist customers during emergencies by deploying a firewall and addressing any threats they may encounter.

Determining the return on investment can be challenging; however, we've observed other companies operating in the same sector with similar approaches. Despite encountering attacks, we have yet to experience any incidents. This absence of incidents serves as a metric for us, indicating the reliability of our alternative solution.

The pricing is highly competitive and advantageous, offering great value.

I recommend others to give it a try because of its simplicity in deployment, scalability, and usability. Overall, I would rate it ten out of ten.

Primarily, we are using it for deploying cloud firewalls on Azure to protect our applications. We are using TerraForm.

CloudGuard Network Security helps to streamline bringing in the hardware and putting the effort upfront to do the automation. It takes all that effort away from a human. It streamlines the process and provides security on the cloud.

CloudGuard Network Security provides us with unified security management across hybrid clouds as well as on-prem. It gives us one place to look. Security teams have common logging, and our SIEM integration is already built in. We have a gateway. It is logging for SIEM log servers, and they are being sent to our SIEM. No additional changes are required by anyone to know where to look. It is all integrated into our existing solution.

We are pretty confident in our cloud network security using CloudGuard Network Security. I would rate our confidence level a nine out of ten.

The ease of administration with the cloud management extension and the cloud licensing model is valuable.

I have not dealt with it enough to find any pitfalls.

We have been using CloudGuard Network Security for about four months.

So far, it is great. We use scale sets. We have deployed two gateways per region with the scale set settings of two to ten. We do not have much workload yet, so I cannot say how the scaling is working, but overall, I am sure we will be able to scale the gateways.

I did not need support for much of what we have been working on.

We mostly have a public cloud in Azure. Over the next few months, we are looking to port the same functionality we have in Azure to AWS. 

The deployment is simple as well as complex. The ARM template to deploy in Azure is very simple, but we have taken that and extracted it to do it via TerraForm. The migration to TerraForm is a little more complicated, but we made it work.

We have not gone far enough to know.

We are using our BYOL. We are using our existing Check Point discounts to work with licensing. Overall, it is very competitive. Its pricing is reasonable to me.

I have not evaluated other solutions.

I would advise taking a look at the solution. It performs well and integrates with our existing solutions. It streamlines processes. It is definitely worth a look.

Overall, I would rate it a nine out of ten. The solution is very similar to what we are doing everywhere else. It integrates well with the Azure services, but nothing is perfect, so I cannot give it a ten.

The solution is a core operating system, and we use it for threat intelligence.

CloudGuard has a better catch rate with respect to any attack which is happening. We once faced an attack in a customer's environment on one of our data centers, and Check Point Firewall blocked that attack. The solution's performance is on the higher side.

The feature most valuable to me is the NDTX blade that Check Point provides, and I like how the solution is not vulnerable. We haven't had any vulnerabilities in Check Point in the last six months, which is a plus point because the OS Check Point provides is hardened enough that it's not vulnerable to the newer issues, so the network security solution is given in a proper way. These features are an advantage for our customers.

The solution is easy to use once deployed if the administrators have a basic understanding of firewalling. Administrators just have to check the traffic passing through the solution, which will log the traffic properly. And if anything gets dropped, the solution will showcase that to you. The management server Check Point uses is a gold standard.

Check Point CloudGuard is not a feature-centric product because Check Point concentrates on security. For example, if a customer asks for reporting, it might not be available, like a bandwidth report. At most, the reports are given with respect to security, not infrastructure.

I've used CloudGuard for the last three years.

We have more than 50 customers.

Customer support needs to think about what the customer is talking about. They need to improve on that.

CloudGuard is not a plug-and-play product and requires proper technical knowledge to deploy it. You need the help of a proper professional to deploy it. Deployment hardly takes four hours, but that's only if you know what you're doing. You need to plan the deployment with respect to AWS. You have to know what exactly the customers have deployed in AWS or Azure, or any cloud solution, and based on the review, you need to do their architecture before you can start the deployment. The first step, then, is to understand the customer's data because everything is on a template when it comes to the cloud. You should understand which template you need to use on any cloud. It is impossible to deploy if you're not aware of the customer's environment and how the cloud infrastructure is made. After selecting the proper template, you have to do the implementation. The implementation will go smoothly if you understand the customer's requirements and infrastructure.

I would not say Check Point is very expensive, but when customers compare it with Sophos or any other products, the price is on the higher side.

In terms of features, FortiGate has more features in terms of routing.

Our customers use Check Point solutions both on-premise and on the cloud.

Check Point's research and development happening in terms of threat intelligence is better than its competitors, and Check Point's vulnerabilities are fewer. Check Point CloudGuard Network Security has proper security in place with respect to the vulnerabilities. They do not have any vulnerabilities right now. And the research and development happening on Check Point is on the higher side. Most zero-day attacks are protected against. Customers should go for Check Point because of these two points.

If a customer wants FortiGate instead, it's all about whether they can map the budget with Check Point or any other security solution. I cannot compare Check Point and FortiGate, though, because each has its own market.

I rate Check Point CloudGuard Network Security a nine out of ten.

Check Point CloudGuard Network Security is the best security software for protecting IT systems inside out. There is no compromise with system security if the CloudGuard Network solution is intact. It provides threat prevention and protection from malware and enables system and server security up to 100%.

We have numerous API integration of our internal IT systems with outside servers and network systems, where security lapses are a huge concern. CloudGuard helped in providing complete security and protected entry of threat entrants in our system from outside servers.

CloudGuard Network Security has enabled the security system to operate safely without any trouble. It has resulted in saving on huge expenses for organizations as it's a cost-effective and cheap alternative compared to its market competitors. It brings a secure IT environment for a workforce, which leads to boosting productivity and an increased revenue stream for the organization. This leads to increased productivity and prosperity.

Also, it's the one-stop solution for preventing systems from security threats and all kinds of endpoints in the IT space.

There are no security lapses and 100% restriction of threat entrants in the system or server.

It's a cost-effective solution with no false positive cases.

The product helps in bringing productivity and enhanced customer experience for users.

We have a happy workforce and more workforce retention and increased IT environment sustainability.

There is 100% proactive detection of root causes and root sources.

It is dynamic and agile, and its features and utilities continuously improve and evolve.

It's the best-unified endpoint management solution for IT systems globally. The product is available for all kinds of business users.

We really believe in ongoing improvements for emerging business needs. The business and product development team should introduce a high-end feedback collection mechanism and analyze the customer requirements constructively.

The feedback mechanism is best to understand the user and market needs. All kinds and sizes of businesses should be approached to provide feedback so that unanimous decisions and unbiased reviews/feedback can be collected.

Also, more customized strategic pricing can be involved and introduced so that more and more businesses can be attracted for trial and usage of the software. 

We've used the solution for almost a year now.

The product offers amazing stability and we had no discomfort or hassle in the setup.

The solution is scalable and attractive.

The solution has strong customer support and agile service experience.

Positive

We use McAfee solutions earlier due to the company and parent organization's long-term association with McAfee.

After subsequent years of usage, we felt a dire need of usage of advanced security solutions. After receiving continuous good feedback from peer organizations, we landed at Check Point.

It's been a great experience so far.

The setup is effortless and not complicated at all.

We implemented the solution through vendor team management.

We've seen an ROI of 80% to 85%.

In my book, Check Point comes as quite a handy and cost-effective alternative for the security enablement of IT systems. It's cheap and easy for deployment and is the best solution so far. Its signing of SLA and maintaining long-term key association and collaboration with service partners is really effortless and easy. We've had a highly professional partner experience.

Licensing is usually annual.

Setup and deployment costs are offered with discounts that are attractive and  sustainable.

We analyzed and did trials for Cisco Secure Firewall and other security solutions like Trend Micro, etc.

I would strongly recommend everyone to go for a trial of this security solution ASAP. It is one of the best experiences ever.

My customers use the solution for technical and internal Azure resources, including remote access VPN.

Some retail customers find the scale-up and scale-down features valuable, particularly with scale sets. This is useful for handling increased loads on devices and utilizing firewalls, similar to on-premises setups with active standby configurations.

The solution allows customers to migrate workloads securely into the cloud space with a trusted vendor, maintaining everything under a single platform. This ensures visibility into their cloud environments similar to on-premises setups, all managed through a single smart console. 

Unified security management simplifies operations by providing visibility into both cloud and on-premises infrastructure. The skill set required to manage it remains the same for both environments.

The level of confidence in CloudGuard Network Security, both for myself and my customers, is very high. The product operates familiarly, consistent with what customers are used to, and it is a trusted name in the space.

Based on my previous experience, there were improvements, especially in in-place upgrades. Regarding cost, it might be potentially cheaper considering resource utilization in Azure and VM costs, but licensing could be improved, possibly moving towards a simpler model.

I have been using the product for four to five years. 

CloudGuard Network Security has improved its stability. It is a stable platform. 

The tool has improved its scalability over the four years. 

The support experience can be hit or miss. It depends on the expertise of the support representative. Some are highly skilled and knowledgeable, while others require more guidance. There might be room for improvement in this aspect.

Neutral

The tool's deployment is straightforward, whether through the marketplace or templates. It offers flexibility for making amendments before deployment. 

On a scale of one to ten, I would rate the solution an eight. The ease of deployment, the single management function, and the features it provides, especially in terms of scale sets and scaling, contribute to it being a solid platform. Many customers are increasingly interested in using it to protect their assets within Azure and AWS, which are the two main areas of operation.

If a colleague is considering purchasing the solution for its security features and licensing, my advice would be to ensure correct deployment. While the solutions are generally straightforward to deploy, there are nuances, especially in Azure infrastructure, that can make troubleshooting more challenging. It's crucial to either use a knowledgeable partner for deployment or ensure a clear understanding of the process before proceeding, as it may be more complicated than anticipated.

The solution helps to protect our customers at the perimeter. We have integrated the solution into our NSX environment. 

The tool's most valuable features for us are threat prevention, HTTPS inspection, and the Anti-Bot blade. Threat prevention helps to protect our assets from threats. HTTPS inspection ensures secure communication, and the Anti-Bot blade is particularly helpful in detecting C2 servers, enhancing our ability to identify malicious activities and protect our network.

We can confidently assert that we are among the top cloud providers, protecting our customers from external threats. With Check Point's CloudGuard Network Security, we offer attack services protection. 

CloudGuard Network Security needs to include new features. One specific feature I would like to see is the ability to protect external resources using single sign-on integration with various identity providers, including custom identity providers. Its pricing could also be cheaper. 

I have been using the product for six years. 

CloudGuard Network Security is stable. 

CloudGuard Network Security is highly scalable in our virtual environment. We can easily add more ports, and it functions perfectly. We use it in cluster mode, deploying multiple Check Point clusters horizontally and vertically, making scalability easy and excellent.

I find Check Point's technical support to be excellent. We have premium support, and whenever we open a case, especially for high-severity issues, we receive a phone call from their support team.

Positive

CloudGuard Network Security's deployment is straightforward. 

The product is expensive but also valuable. 

CloudGuard Network Security provides unified security management across hybrid clouds as well as on-premises environments. It helps to manage everything from a single point. 

I have been exploring Harmony SASE for remote security and zero-trust access in some proof-of-concept activities. Also, I'm checking out the CloudGuard Web Application Firewall for safeguarding our applications on the internet.

I rate the product a ten out of ten. We have had a great experience with Check Point, and we haven't faced any major incidents or attacks compromising our organization. It has helped us detect activities on our endpoints. 

I would genuinely recommend it. Check Point is easy to manage, implement, and configure. The support is excellent, and the constant threat intelligence updates ensure protection against various threats. It's truly an amazing product for securing your environment.

We use it to protect cloud infrastructure, workloads, and applications from advanced threats and attacks.

For our operations team, CloudGuard proved to be the ideal solution. Troubleshooting became much simpler as all traffic—allowed or blocked—could be found in a single point, the SmartConsole. Integrating CloudGuard with VMware was straightforward; we established a connection between Check Point Management and VMware, allowing for the automated deployment of CloudGuard in NSX as a service. This automation made deployment and management a breeze, allowing us to easily specify the number of CloudGuard instances needed, which would then be deployed automatically.

CloudGuard's integration with the SmartConsole ensured continuity for our administrators, who could continue using familiar tools and methods. The ability to manage everything within the virtual environment provided speed and flexibility. With CloudGuard, we could define rules to control traffic with precision, redirecting or blocking as needed. 

Check Point's approach of preventing threats at the outset aligns with this perspective, eliminating the need to constantly battle against incoming threats. This proactive stance instills a strong sense of security, as it significantly reduces the likelihood of breaches. Given our positive experiences and lack of any negative encounters with the product, we feel extremely confident in its ability to safeguard our environment effectively.

One of the most crucial and beneficial aspects of Check Point is its ability to consolidate and present logs in a clear and easily accessible manner. This centralized approach offers immense value, as it allows users to access all network security information from a single point, eliminating the need to navigate through multiple tools and sources. With Check Point, users can conveniently find and manage all security-related data in one centralized location.

Its centralized control, ease of use, and flexibility are the most valuable for our data center security.

The licensing structure is unclear, so a transparent and flexible licensing structure would be preferable.

We have been working with it for five years.

In terms of stability and reliability, the virtual machine running CloudGuard functions seamlessly and as anticipated, demonstrating no issues or disruptions.

Regarding scalability, you have the flexibility to deploy as many instances as necessary. If additional instances are required, you can easily add them to production by obtaining the necessary licenses.

While we haven't encountered significant issues necessitating support, we did face occasional challenges with perimeter gateways rather than CloudGuard itself.

Before this project, we collaborated with a sister company that utilized Cisco ACI, but it didn't prove to be the right fit. Considering our longstanding partnership with Check Point as our security provider, particularly for network and cloud traffic, choosing CloudGuard for East-West traffic inspection seemed like a natural extension. Additionally, observing our sister company's positive experience with CloudGuard on Cisco ACI further reinforced our confidence in the product as the best solution for our needs.

Initially, we sought the help of a partner for deployment, but for upgrades and migrations, we largely handled them ourselves. Fortunately, these processes weren't overly complex, and we found helpful documentation on the Check Point website to guide us through them.

When we initially adopted CloudGuard, we operated under a different licensing model based on the number of hosts. The licensing model has since transitioned to a cluster-based variant.

Overall, I would rate it ten out of ten.

For any private cloud data center leveraging software-defined networking through VMware or Cisco ACI, CloudGuard stands out as the optimal choice. It offers unparalleled flexibility and ease of management, making it the ideal solution for customers already utilizing Check Point in conjunction with virtual networks within their data centers.