Check Point CloudGuard Network Security Reviews

We were providing infrastructure security. Our corporate headquarters at the time was overseas, so we had GDPR compliance regulations. It was helping us to keep in line with our compliance.

It saved us resources. We were a lean IT department, so I was able to reassign some staff to other projects because it didn't require so much hands-on manpower.

The notifications, the visibility, and the deployment are the most valuable. It could be packaged in such a way that it took a lot of time and resources off our hands, so it was more efficient. I don't know how to quantify the time saved. It would have saved us at least two to three hours a day just because the traditional IT department has a lot of other tasks and duties. It didn't require a lot for us to become experts on the product. It was seamless. It didn't require too much learning. It was easy to use.

With the incorporation of a lot of AI and machine learning, they can build some sort of a matrix for low-level threats or low-level things that require attention. There can be automation of those tasks so that we don't have to take more time and effort. There should be machine learning to eliminate level-one types of tasks.

I used this solution for six years. I'm a Cybersecurity Instructor. I used it in my previous role. I'm not using it in my current role.

I thought it was extremely stable. I didn't see any downtime. Any of the maintenance windows were either on weekends or in time frames that didn't affect our organization. It was very good.

It would be able to scale up even bigger and beyond what our local site needed. There were about a hundred and fifty employees. It was a manufacturing organization in San Antonio, Texas, but we were just one of twenty sites all throughout the US and Europe.

They were helpful in total. I'd rate them an eight out of ten.

I believe we had a WatchGuard firewall with other services coupled around it. It didn't necessarily do all of the protection that we needed, but that's what we had at the time.

I was involved in its deployment. It wasn't too challenging. It was easy to medium. Configuration with the compliance side was what took time and effort and was challenging, but it didn't have anything to do with the way the software is built. It was about getting our settings and configurations to be in alignment with the compliance.

I believe headquarters had Check Point support. 

The return on the investment was probably more beneficial to the headquarters or the mother corporation because we were just one of the remote sites that had the checkpoint infrastructure sent to us to build up our site. The bigger benefit was for the headquarters because they could manage all these individual sites from one platform. The consolidation and the standardization would have made their lives easier, but I didn't sit in a seat, so I don't know what that looked like.

We have seen time to value with this solution. It provided us with great benefits across the entire organization. We could see its value within about a month. That was probably enough time to let all of the initial shakeout and other things take place. We created a baseline after those thirty days, and we could see where we no longer needed to spend time. We could also see things where we had to take some action but were not apparent to us.

They're a little high in price. The price could be lower.

I wasn't that high in the chain to be able to make that decision. Corporate pushed it down to our site, and that's what we had to go with.

Attending an RSA Conference provides the ability to connect with others in the industry. It allows me to have a line of communication where I can reach out to them in person rather than just a digital introduction. 

In terms of the impact of attending an RSA Conference on the cybersecurity purchases made throughout the year afterward, I don't necessarily think about our purchases, but considering I'm a Cybersecurity Instructor, the people that attend our classes are going to be able to benefit because I can provide them more solutions and answers to the questions that they have.

I enjoyed it as a product. It works well. Overall, I'd rate it an eight out of ten.

In our Azure deployment, CloudGuard Network Security serves as our cloud firewall.

Using CloudGuard Network Security has streamlined our transition to Azure by providing continuity with our on-premises setup, ensuring seamless management, and allowing us to maintain our existing security protocols without disruption.

We find all the features valuable, particularly the firewall, application control, URL filtering, and HTTPS detection, as they cover our primary security needs effectively. We realized the benefits right away upon deployment.

Improvements needed include better integration with Azure features to match on-premises capabilities, particularly in areas like identity awareness, to ensure seamless functionality across both environments.

I have been working with CloudGuard Network Security for a few months.

We haven't had any stability issues with the product so far.

We haven't had to scale much yet, but we are confident CloudGuard Network Security can meet our needs effectively if required in the future. I would rate the scalability as a nine out of ten.

Overall, Check Point's service and technical support are good, with an effective resolution of issues, although there is currently one open ticket, they typically address root causes efficiently. I would rate the support as an eight out of ten.

Positive

We have seen ROI in time saved due to our familiarity with deployment, integration, and policy creation, avoiding the need for extensive learning or adjustments.

We wanted to maintain familiarity with Check Point while transitioning to the cloud, opting for CloudGuard Network Security in Azure over Azure's native firewall for its effectiveness and seamless integration with our existing network infrastructure.

CloudGuard Network Security offers unified security management across hybrid clouds and on-premises environments, ensuring comprehensive protection across all assets.

Unified security management simplifies our security operations by consolidating all aspects, like web filtering, application control, and firewall management, into a single, easy-to-use platform, enhancing efficiency and effectiveness.

I have high confidence in CloudGuard Network Security because it runs seamlessly like our previous setup and offers robust protection. I chose it over Azure's firewall because Check Point focuses solely on security, providing more features, logs, and insights.

CloudGuard Network Security is deployed across multiple departments and business units, with various consultants connecting in, although the user count isn't high yet, it is set to expand across multiple businesses.

I would advise evaluating CloudGuard Network Security based on what is most effective and familiar, rather than just what's convenient or included, prioritizing what suits your needs best.

Overall, I would rate CloudGuard Network Security as a nine out of ten.

We primarily use it for egress internet traffic for four clouds, as well as between clouds to on-prem. Those are the main use cases. We have another small use case for ingress traffic, but it is a very small use case right now.

By implementing CloudGuard Network Security, we wanted to get network visibility in our clouds. That was the main point. We also wanted to provide a segregation layer with stateful inspection with all the next-generation features, such as IPS.

CloudGuard Network Security certainly has made our organization more secure. Our business partners cannot inadvertently open up the access that they should not be just to get things done. They now have to go through our firewall. We have got the inspection layer. Our security organization can see threats if they come in and take action on them. We were able to realize its benefits almost instantly.

CloudGuard Network Security provides unified security management across hybrid-clouds as well as on-prem. We heavily use global policy to join on-prem and the cloud, as well as multiple clouds. It is a huge benefit for us as we can set a global standard for policy and then push that across all the different security zones.

We are very confident in our cloud network's security. We have had many years of experience developing it, so we were very aware of the design and the solution within each cloud. We are confident with how we deploy it, and we have plans to make it more efficient as we go.

Most recently, it would be the dynamic objects or datacenter objects. The query feature is going to be a game-changer for us as we move forward. It simplifies our policy, and it gives us a way to dynamically learn and discover things in the cloud instead of having a static way.

Currently, we are struggling with licensing just because of the pace and growth of our cloud. Keeping up with licensing for new regions and new gateway usage is certainly something we are looking into. We are working with our accounting to figure out how we can improve. The licensing piece is big for us.

We are at the place where we are looking at better integration with the management system. We use an MDS today, and it is self-deployed. We want to get to the Smart-1 Cloud, but we do not know what that looks like today because it does not support a multi-domain setup. Smart-1 should either be able to do multi-domain or there should be some form of taking a multi-domain environment and putting it in Smart-1.

I have been using CloudGuard Network Security for probably five years.

From our experience in five years, it has been very stable.

It seems to be very scalable. We have plans to increase the usage of CloudGuard Network Security.

We do scale sets across our clouds and across many regions globally. The number of applications behind it is in the hundreds if not thousands.

It is an excellent service. I would rate their support a nine out of ten. Improving a little bit in the smaller clouds such as Oracle and Google would help a lot.

Positive

We did not specifically use any similar solution in the cloud. It was brand new.

We have a public cloud and then a hybrid with on-prem. We have AWS, Azure, Google, and Oracle.

In terms of the version, on-prem, we use Maestro, and in the cloud, we use the latest CloudGuard. We use the software version R80.40 and are about to upgrade to R81.20.

Its deployment was a little complex for us because we have a very large cloud environment and we are multi-cloud. We had an existing estate, so it was hard to put a firewall in the path and not break things.

We are still implementing it because we are taking a cloud-by-cloud approach. We have done AWS and Azure. It took probably two years to do that, so I would assume that for Google and Oracle, it is going to take at least a year.

In terms of the implementation strategy, we first develop the IEC for the code to deploy it, and then we deploy it and test it in a sandbox environment. We then deploy it to non-prod and roll it out to those regions, and after that, we would do the same with prod.

We implemented it ourselves.

We have seen an ROI, but I do not have any metrics.

Pricing-wise, it is pretty competitive. However, I would like to see more flexible licensing. There should be more of a consume what you need and true-up type of model.

In the past, we have evaluated other solutions. When we tested them, they did not have the same feature set or functionality that CloudGuard had. When I initially tested years ago, the scaling probably was not as efficient. The support was also a big factor. The support that we got from those vendors was not as good as from our account team with Check Point. 

When we looked at the cloud provider firewalls, they did not match up to what Check Point could do with the various deep packet features and functions like IPS. The feature set was the main difference. At the time, the cloud providers could not provide IPS or deep packet features. That was a big driver for us with Check Point. The fact that we could not integrate policy with our on-prem firewalls, which were from Check Point, was another big driver because we wanted a unified policy. Our existing relationship with Check Point helped as well.

To those evaluating CloudGuard Network Security, I would advise certainly engaging with the Check Point account team. Get their solutions team to help you walk through the solution and talk to others in the industry about their experiences.

The biggest lesson that I have learned from using this solution is to deploy it as soon as you can in your cloud journey.

I would rate CloudGuard Network Security a nine out of ten. 

We are primarily using it for access control for our various cloud environments from our on-prem resources.

By implementing CloudGuard Network Security, we wanted granularity and control of the traffic going through our different BDCs within AWS. We use one there. We also wanted identity awareness for going into cloud resources.

CloudGuard Network Security gives us access and visibility into what is going on in our cloud environments. Previously, we did not have any cloud instances. We were just managing the on-prem and then letting it go. It gives a lot of visibility. We could realize its benefits instantly.

CloudGuard Network Security provides us with unified security management across hybrid-clouds as well as on-prem. We were able to manage all of our cloud environments from one central place. We have got CloudGuard in Azure and AWS restricting traffic between those hybrid cloud environments.

We feel very confident in our cloud network security by using CloudGuard Network Security. We get what we would expect with an on-prem firewall. We get all of the functionality and security that we would expect from an on-prem firewall in the cloud. We did not go with our cloud vendor's cloud firewall because they were not able to meet a lot of the security standards that we needed.

The ease of deployment has been nice. It is like managing any of our on-prem firewalls.

The only pain points we have had with it were when we did major version upgrades. Rather than being able to do incremental upgrades on those, we had to completely redeploy. I know that has changed recently, but we had some hiccups when we did the upgrades. This is the only issue we have had.

We have been using CloudGuard Network Security for over four years.

It is very stable. I would rate it a ten out of ten for stability.

It scales pretty easily. At this time, I am not aware of any plans to increase its usage.

Their support is great. I would rate them a ten out of ten.

Positive

We did not use a similar solution previously.

It is a private cloud. We have it in both our private Azure and private AWS restricting access between the individual BDCs and on-prem environment and between the two different cloud environments as well. 

It is primarily deployed by one team, but multiple clients use the cloud services.

I believe we have seen an ROI. We are able to manage it from an already existing management server that we are using for on-prem. Not having to have another product that we are managing outside of Check Point is a big plus.

We looked at cloud-native firewalls. They were not able to meet the security standards that we were able to get by using CloudGuard.

We looked at their IPS solutions with the cloud-native firewalls, but we could not go as granular. With CloudGuard Network Security, we could see the individual protection and fine-tune it.

CloudGuard Network Security is also easier to use than other solutions.

I would rate CloudGuard Network Security a ten out of ten.

Check Point CloudGuard Network Security has a beautiful threat emulation different from the market. They have a threat extraction feature. The solution's zero phishing feature is pretty much commendable. The solution has one of the best reporting any vendor has in network security. The solution also has a CSPM or posture management tool inbuilt into CGNS or network security.

The solution’s technical support, DNS security and training could be improved. Check Point CloudGuard Network Security's training and reachability to the customer can be done a bit better. One recommendation from my side is that the handover of the tasks can be a bit better. If an engineer is on a ticket and their shift gets over, the smooth handshake between the two engineers can be a bit better.

I have been using Check Point CloudGuard Network Security for more than one and a half years.

Check Point CloudGuard Network Security is a stable product.

Check Point CloudGuard Network Security is a scalable product. I would recommend the solution to small, medium, and enterprise companies because it has a scalable model. The solution is over the cloud and can be integrated with any company.

Previously, I worked with Palo Alto, a direct competitor of Check Point CloudGuard Network Security. CloudGuard Network Security's threat extraction features, reporting features, and threat emulation are better than Palo Alto's. Check Point CloudGuard Network Security is more user-friendly than Palo Alto. On the other hand, Palo Alto has a bit better DNS security than Check Point CloudGuard Network Security.

Check Point CloudGuard Network Security is easy to deploy, and if you are unable to do it, you can get support from the OEM.

The solution's implementation depends on the customer's network scenario and policies. The initial setup doesn't take more than 30 minutes, and the rest can be done later.

Check Point CloudGuard Network Security's pricing is far better than Palo Alto's because Palo Alto is very expensive. Check Point CloudGuard Network Security comes at a price that even a small business can manage to buy, whereas Palo Alto would restrict you to enterprise customers. Check Point CloudGuard Network Security's licensing cost changes from country to country. The solution has different discount models across the globe in regions like Asia and Ireland.

People who want to implement Check Point CloudGuard Network Security should focus during the planning phase. If planning is done correctly and the prerequisites are matched perfectly, they won't face any challenges during deployment. But it's very important to check the prerequisites' limitations.

Overall, I rate Check Point CloudGuard Network Security nine and a half out of ten.

My main use cases for CloudGuard Network Security are to scale the technology for protecting and filtering traffic within AWS and Azure environments.

The main challenge I was looking to address by implementing CloudGuard Network Security was the need to establish a firewall on our cloud perimeter for enhanced security.

The flexibility to rebuild the firewall in CloudGuard Network Security has helped our organization eliminate downtime.

CloudGuard Network Security has improved our organization by allowing us to easily deploy firewalls from the cloud wherever we might need them.

The most valuable feature I have found in CloudGuard Network Security is the flexibility to rebuild the firewall as needed.

CloudGuard Network Security could be improved in the area of upgrading in place.

I have been working with CloudGuard Network Security for five years.

The scalability of CloudGuard Network Security is very good and we can scale it as needed.

Check Point's service and tech support are very good, especially since we have access to their Diamond-level support. I would rate the support as a ten out of ten.

Positive

I find the pricing and licensing of CloudGuard Network Security to be pretty straightforward.

The main benefit we have seen from using CloudGuard Network Security is the ability to filter traffic by URL. We realized these benefits approximately six months after deployment.

Unified management of the firewall has positively affected our security operations by making it easy to manage from one place.

My advice for those evaluating CloudGuard Network Security is to remember that licensing is critical, so ensure that central licensing is configured properly.

Overall, I would rate CloudGuard Network Security as a ten out of ten.

We use Check Point firewalls and SMS servers in on-prem DC and in multi-cloud environments extensively. These are used to protect the perimeter, DMZ, and internal network to protect and inspect network traffic.

The firewalls are best of breed and provide extensive rich features and a diverse range of protection against DDoS, malware, ransomware, and zero-day attacks. Also, it is used for terminating client and mobile VPN tunnels, URL filtering, IDP, DLP, etc. 

The environment is Internal and a multi-tenant hosted for external clients which is a complex setup.

The new Check Point firewalls are best-of-breed and provide next-gen firewall features with AI and ML capabilities. This helps to reduce the operational support overhead and protects against new emerging threats.

Previously we used Juniper, Cisco, and other firewall platforms which have very limited capabilities and offer no inspection or threat-prevention features at all. 

Check Point has changed this dynamic completely and offers a complete security solution to protect all digital assets which is immensely helpful.

Identity awareness, URL filtering, IDS, DLP, Content Filtering, VPN, and Application Control are all excellent. They provide features to inspect internet traffic, data protection compliance, and DDoS attack detection and protection.

The Check Point firewall product that we picked up has an excellent feature set and all the required licenses, it's a nicely engineered firewall technology and has a great support team to escalate.

Features like threat prevention and protection are good to have to protect against zero-day attacks, malware, and ransomware.

Software bugs and OS releases can be very fast to keep up with. Check Point has a history of moving fast with software release and upgrade cycles which are difficult to keep up with at times.

New features should have a single-pane-of-glass view for on-prem DC and cloud environments. 

Licensing costs are very high compared to other vendors. Check Point needs to be competitive to keep the cost down for the customers and partners. 

The previous Check Point OS model had to support multiple OSs which was difficult and cumbersome (i.e. SPLAT, IPSO, GAIA).

I've used the solution for ten years.

We did use a different solution and wanted to have better security capability and visibility.

The solution is expensive but feature-rich.

We looked at other options and checked if the firewalls had all the security and compliance features required by the organization.

Our use case is simple. We utilize CloudGuard Network Security with a bridge to connect all components in the cloud directly to the on-premise. By establishing peering with the bridge, we route traffic to the Google Cloud-based cluster. We apply our standard on-premise environment rules to CloudGuard, utilizing threat prevention, EPS, etc.

The most valuable feature for us is the simplicity of creating this environment. Even though our current cloud usage is limited, the process of setting up machines in the product and establishing an HR system was straightforward. 

CloudGuard Network Security helped us create stable VPN connections from our Google Cloud to our data center. This was important because we had issues with dependencies between Google, the data center, etc.

We have an on-premise management system, and it's straightforward. We use it within the same management of our other files. 

In the past year, I noticed that the challenging part, especially in the cloud, is upgrading to the next release of the firewall. Unlike on-premise upgrades, it's not as simple in the cloud. You need to recreate the machine, which makes the process more complex.

We have been using CloudGuard Network Security for four years now. We initially adopted it when we began using the Google Cloud platform. It helps us enable connections between the cloud, data center, and hybrid infrastructure. 

The solution is stable. 

The tool's pricing is not cheap. 

I rate the solution a nine out of ten.