Cloud Solution Architect at Network Thinking Solutions
User
Top 10
A complete solution that's reasonably priced, with good data security
Pros and Cons
  • "The solution offers an excellent price, benefit, and installation relationship."
  • "Currently, worldwide, there are many companies of all sizes that do not understand the value that their data has, but even with all existing clouds, they also do not understand what the shared responsibility model is. They only assume that by having a cloud, the provider must ensure safety, when the truth is that the providers only secure their sites. Everything we do in the cloud and how we configure it is actually our responsibility."

What is our primary use case?

I have been using it in my AWS-Azure multi-cloud schema in order to monitor and protect transactions and data from all escalations - not only what we have at the database level. It helps us protect the data of our big data. 

It has been the complete solution to help cover our lack of security at the infrastructure level. Not only does it cover the servers, but at the workstation level, it is monitoring what users are doing. It identifies actions and can make automatic remediation at a user level. 

How has it helped my organization?

The solution has helped us to detect possible attacks or access that is not allowed. It also has helped us to identify the configurations that do not meet the company standards and allows us to improve security practices. As a result, we were able to make the necessary adjustments to be more armored and work safely. 

It gives us the peace of mind we need to continue exploring areas of our scheme that will help us with our projects in the short, medium, and long term. It will help us to continue innovating and reinventing ourselves with greater and greater security.

What is most valuable?

Data security has been very valuable because data is the soul of a company and if the data is not protected, the company has no possibility of existing. 

In all areas of an organization, Check Point CloudGuard is not only in the cloud, as its name implies. It goes beyond. The areas of importance from the most important to the least important are: infrastructure, technological security, data administration, legal department, etc. Check Point solutions can provide a complete 360 security scheme to the entire cloud infrastructure. It transfers its vision to the entire peripheral network.

What needs improvement?

Today, globally, there are many companies of all sizes that do not understand the value of their data, but even with all the existing clouds, they also do not understand what the shared responsibility model is. They only assume that by having a cloud, the provider must ensure security, when the truth is that providers only protect their sites. Everything we do in the cloud and how we configure it is actually our responsibility, in this sense we can evaluate many solutions that help us protect our clouds, however, and after trying 5 different solutions, the checkpoint solution is by far The most complete
Buyer's Guide
Check Point CloudGuard Posture Management
December 2022
Learn what your peers think about Check Point CloudGuard Posture Management. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
655,994 professionals have used our research since 2012.

For how long have I used the solution?

I have been using the solution for 3 months.

Which solution did I use previously and why did I switch?

If we were using a similar but not as extensive solution. We were using Darktrace.

What's my experience with pricing, setup cost, and licensing?

The solution offers an excellent price, benefit, and installation relationship. Thus far, Check Point has offered us this very successful relationship.

Which other solutions did I evaluate?

We were evaluating several options before choosing Check Point. What we identified would be important aspects of the new provider were: simplicity in the installation and 360 vision of all our infrastructure. When we were evaluating, we looked at Palo Alto, Check Point, and Cloud Security.

What other advice do I have?

If you are looking for a complete solution for your cloud or clouds, with Check Point you can have everything from one place.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
alvarado - PeerSpot reviewer
Cloud Support Leader at a tech company with 51-200 employees
User
Top 5Leaderboard
Easy to implement with good security posture and allows for multi-cloud management
Pros and Cons
  • "Its easy implementation against Microsoft Azure was quite satisfactory."
  • "Check Point's support, customer service, SLAs, and schedules can be improved a little."

What is our primary use case?

Our company manages hybrid environments in which we also have a Microsoft Azure Cloud and a hybrid approach, however, you have to navigate between them and carry out separate implementations. Instead, we were looking for a unified validation. We found it with the Check Point Dome9 solution, an incredible evaluation of our environments with a simple implementation was what the company was looking for to cover the security flaws that existed, in the face of any modern threat that could harm our services.

How has it helped my organization?

Through Check Point Infinity Portal - and Dome9 managed through it - its implementation was simple. The environment was reviewed in order to later make improvements to the current infrastructure, avoiding future attacks.

Our cloud environments have grown a lot. It was necessary to be able to have the peace of mind that this cloud infrastructure was safe, even in our country there have been many cyber attacks in recent times, for which it is important to protect yourself.

Our vendor explained the solution to us very well, in times that we had this need, when implementing it, it totally suited our needs.

What is most valuable?

One of the most valuable features for me is the use of a unified review portal. That way, Check Point Infinity Portal can be managed in the best way,

Its easy implementation against Microsoft Azure was quite satisfactory. It did not waste time. It was simple in terms of looking up the appropriate documentation to be able to implement it correctly.

Even though we only manage one cloud, this technology can review several clouds, which makes it one of the best proposals on the market.

We are quite happy with the security posture of Check Point.

What needs improvement?

I can't really imagine improvements for Check Point. They have been doing very well for years in modern security fields. Currently, Check Point is very well placed compared to its competitors - and this is not by chance. Check Point has taken security to a higher level.

Check Point's support, customer service, SLAs, and schedules can be improved a little. Among some of the qualities to improve, would be even to copy from other companies that have more highly polished services. For example, something important is that they always promptly include the official documentation of the manufacturer in order to carry out correct implementations.

For how long have I used the solution?

The tool is used to make a security assessment in recent months.

Managing a security posture has been made really easy via truly comprehensive Azure Cloud assessments. A unified environment for administration through the infinity portal and without the use of a secure server is helpful.

Which solution did I use previously and why did I switch?

Since I joined this company I have not seen any similar application implemented.

What's my experience with pricing, setup cost, and licensing?

The best advice that can be given is to find a responsible and good partner that can help you with the validation of your security requirements, accompany you, and help you with documentation and support.

Which other solutions did I evaluate?

The documentation and scope were validated. We were not wrong to go with Check Point.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Check Point CloudGuard Posture Management
December 2022
Learn what your peers think about Check Point CloudGuard Posture Management. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
655,994 professionals have used our research since 2012.
Security Admin at a tech company with 1-10 employees
User
Top 5Leaderboard
Good governance and identity protection - CheckPoint Cloud Guard PM
Pros and Cons
  • "The administration portal panel is very intuitive."
  • "The guidelines to implement or to link with the clouds are not complete."

What is our primary use case?

In the company I work for, it was implemented to be able to have governance in addition to good practices in our Microsoft Azure environment. It's a somewhat expensive tool, however, it is worth it to be able to solve all those improvements and avoid so many modern vulnerabilities, which have their point in cloud attacks.

It helped us a lot in improving the regulations and security of our cloud environments. We still manage an on-premise environment, however, many companies at the beginning believe that the cloud is invulnerable or that the manufacturer must ensure everything, which is not correct. With this implementation, it is possible to improve all current cloud security.

How has it helped my organization?

As in our company we have environments that are hybrid in some cases and others totally cloud. We find in Check Point a reliable tool to improve security, implement regulations, and generate governance in cloud environments. In our case, we have a Microsoft Azure public cloud with enough resources which we need to protect. We achieved it together with  Check Point.

It was possible to provide greater security to identities with admin access to the cloud - a critical part of IT management.

What is most valuable?

The most striking features are:

1- Identity protection generated through Check Point posture management, which is helping to prevent user theft or unauthorized access.

2- The governance that can be provided with this tool is very good since we have been able to implement good practices to avoid vulnerabilities.

3- The administration portal panel is very intuitive. It also generates scores based on regulations and good practices to go little by little with the recommendations, significantly improving security.

What needs improvement?

Some general improvement characteristics can be made, including the following:

1- Cost improvement. Some tools are quite expensive, and some non-equal manufacturers offer more comfortable capabilities at the cost level.

2- The guidelines to implement or to link with the clouds are not complete. Following them sometimes the task of implementing under the best practices of the manufacturer is not achieved.

3- Many Check Point guides are only available to partners and not to the general public. They can make a better impression by having them public and thereby helping the client.

For how long have I used the solution?

It's an excellent tool and is available in the Infinity Check Point Portal. Its main function is to centralize governance in the same administration portal and has been tested for more than a year to validate our cloud security.

Which solution did I use previously and why did I switch?

Previously we used only Microsoft with Defender for Cloud. However, we wanted to have our security centralized. Check Point through the infinity portal achieves that feature.

What's my experience with pricing, setup cost, and licensing?

It's very important to have a reliable and good partner. The proactivity helps us to see the existing needs and check with Check Point what characteristics are required.

Which other solutions did I evaluate?

We chose Check Point as it provides integrated and centralized security, improving the effectiveness of security reviews.

What other advice do I have?

Even though the cost is somewhat expensive. I recommend this solution for users who use the public cloud.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
PeerSpot user
Support at a tech services company with 51-200 employees
Real User
Top 5Leaderboard
Easy to use with good security and good reporting
Pros and Cons
  • "We really liked its ease of implementation against our Microsoft Azure environment."
  • "The support must be more effective."

What is our primary use case?

We required a centralized, modern, and easy-to-use tool. After validating the technology of the available security applications, we found the correct tool in Check Point CloudGuard.

It helped us with the security posture to follow best practices. The recommendations and the automated implementations are through a multi-cloud portal that was easily linked with the cloud that we manage. All those previous virtues plus an effective dashboard full of graphs have helped us with decision making. It's been very helpful for the company's security requirements.

We have been able to comply with the recommendations and improvements in our cloud infrastructure using this product.

How has it helped my organization?

Thanks to the best practices recommended in the CloudGuard Posture Management, we were able to provide an incredible layer of security to our Microsoft Azure environment. We required a great layer of security to be able to certify ourselves with security regulations.

Also, all its reports are very useful to be able to carry out good work of improvements and avoid vulnerability within the multi-cloud perimeter.

Another requirement was not to have different security environments. The CloudGuard Posture Management correctly met the business needs.

What is most valuable?

We really liked its ease of implementation against our Microsoft Azure environment.

In addition, its centralized portal, which showcases multiple security solutions in one place, is very helpful.

Another feature that we really liked is the score function for improvements and good practices. You can take a security posture that complies with regulations or company policies.

What needs improvement?

Areas that can be improved are few. However, some can be mentioned, such as the costs for this solution going down a bit. Not all clients, despite the great power of the tool, can afford it.

The support must be more effective. Sometimes they take several days to resolve an issue. However, it must be mentioned, they always resolve it correctly.

Finally, I think that the solution meets all expectations but can also improve the performance of the administrator portal a little so that it does not sometimes stop.

For how long have I used the solution?

This is a very good cloud tool and has been used in the last quarter with surprising results.

What do I think about the stability of the solution?

We have witnessed very good performance with the solution.

What do I think about the scalability of the solution?

The solution offers excellent performance.

Which solution did I use previously and why did I switch?

We have not found a more centralized, powerful, or complete solution than Check Point Cloud Guard Posture Management, neither before nor now.

What's my experience with pricing, setup cost, and licensing?

It is essential to validate the costs and have a good representative for Check Point that can provide security in the tools. They need to be able to understand your needs as clients.

Which other solutions did I evaluate?

We continuously evaluate various options and manufacturers, however, on its own merits, the Check Point solution became our first choice.

What other advice do I have?

It's an excellent tool that is a bit expensive yet worth it.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Chief Technical Officer at a government with 1,001-5,000 employees
Real User
Top 20
Intuitive dashboard but it needs to be more customizable
Pros and Cons
  • "The dashboard is intuitive. You know if you're compliant or not, and then it gives you a remediation plan."
  • "CloudGuard could be more customizable. It has built-in standards for things like GDPR compliance. But depending on your business lane, you might want to build your own controls based on your own standards."

What is our primary use case?

We use CloudGuard for compliance and auditing. About 20 people in our company use it, including our cloud administrators use it and security personnel. And now even our managers, our scrum masters are using it.

How has it helped my organization?

CloudGuard makes the management of our security controls in AWS more transparent. 

What is most valuable?

The dashboard is intuitive. You know if you're compliant or not, and then it gives you a remediation plan.

What needs improvement?

CloudGuard could be more customizable. It has built-in standards for things like GDPR compliance. But depending on your business lane, you might want to build your own controls based on your own standards. 

For how long have I used the solution?

I've been using CloudGuard Posture Management for at least six months.

What do I think about the stability of the solution?

CloudGuard is pretty stable. It's rock-solid.

What do I think about the scalability of the solution?

In terms of scalability, CloudGuard requires a little bit of work. Sometimes it does take longer for the checks to come through, but it depends on how busy you are in the cloud. 

How are customer service and support?

Check Point tech support in North America is pretty good.

Which solution did I use previously and why did I switch?

We really liked this other solution offered by a smaller company, and then a larger company bought it. I forgot the company's name, but the roadmap just went to pieces when it was bought out. All the tech people left the company then the chief technical officer resigned. It was terrible.

How was the initial setup?

Setting up CloudGuard is pretty straightforward. The initial setup only took a few minutes. It's essentially turnkey. However, the total deployment took about half a day. For maintenance, we have two cloud administrators. That's two in case one goes on vacation, resigns, or gets sick. So you need backup.

What's my experience with pricing, setup cost, and licensing?

The license for CloudGuard Posture Management is about $80 a year, and it's based on your cloud footprint, not the number of users. So you could have a million users, and it doesn't matter. 

What other advice do I have?

I rate CloudGuard Posture Management seven out of 10. I would rate it higher, but I think the price point is pretty high for what it does. However, I know it's a burgeoning market. So I think the price point and some of the other features that I already mentioned, like customization, are pretty lacking. Still, if you want some cover for an internal or external audit, this is a tool for you. 

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Kirtikumar Patel - PeerSpot reviewer
Network Engineer at LTTS
Real User
Top 5Leaderboard
Secure, gives us complete visibility of cloud traffic, and the support is excellent
Pros and Cons
  • "We can monitor each activity from our mobile devices, so there is complete visibility of our cloud traffic flows, with threat intelligence provided by Check Point."
  • "In Dome9, there should be a policy validation option where we can validate the policy before we push it into production."

What is our primary use case?

CheckPoint Dome9 is a cloud security management solution for our Azure cloud environment, and we have Azure for our cloud services. With this solution, we manage our network security policy management and automation for our cloud environment across providers, accounts, and regions.

Dome9 provides us policy compliance based on our requirements. If we request SOX or HIPPA, based on that we will enable the policy and we will get the reports as well.

We also create users and set policies and we can monitor the logs.

How has it helped my organization?

Dome9 is a very good product for us as we are using a hybrid solution. We have some of the services on-premises and some of the services on the cloud. With Dome9, we very well manage our security policies and also set the compliance policies based on requirements.

Now, we can also support the asset management of our cloud resources, posture management, and many more.

What is most valuable?

IAM is a very good and unique feature of Dome9. IAM gives us complete control of our cloud environment. For example, if someone tries to bypass the policy and attempts to configure or create some users, then it will not allow them to do so. Also, it sends a notification to the concerned person.

We can monitor each activity from our mobile devices, so there is complete visibility of our cloud traffic flows, with threat intelligence provided by Check Point. The IAM provides us complete safety and security.   

What needs improvement?

In Dome9, there should be a policy validation option where we can validate the policy before we push it into production. This option is very important, as we are working in a critical and complex environment. This option would give us more confidence in our activities or policy pushing.

We could see the option is available for on-premises devices. 

Automatic remediation requires read/write access.

Otherwise, overall this product is very good for our cloud environment, and we are satisfied with this.  

For how long have I used the solution?

We have been using Dome9 for the past six months.

What do I think about the stability of the solution?

It's a very stable product.

What do I think about the scalability of the solution?

Dome9 is very good in terms of scalability.

How are customer service and technical support?

The technical support is excellent.

Which solution did I use previously and why did I switch?

We did not use another solution prior to Dome9.

How was the initial setup?

The initial setup is straightforward.

What about the implementation team?

We implemented using a vendor team.

Which other solutions did I evaluate?

We did not evaluate other options.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Security Engineer at a tech company with 1,001-5,000 employees
User
Good reporting and alerts but needs more comprehensive investigations into security events
Pros and Cons
  • "Alerts of cloud activity happening across all accounts is helpful."
  • "Reporting should have more options."

What is our primary use case?

We primarily use this solution for:

  1. Posture management and compliance for the complete cloud environment (AWS).
  2. Centralized visibility of our cloud assets across multiple accounts in our cloud environment.
  3. Monitoring and alerting of cloud activity (API calls) happening across all the accounts.
  4. Reviewing security configuration (network configuration of security groups).
  5. Scanning serverless functions for existing vulnerabilities.
  6. The baseline for security policy as per workload based on services such as S3, EC2, et cetera.

How has it helped my organization?

This solution helped us improve by:

  1. Improving the overall security posture of our cloud environment.
  2. Maintaining Asset inventory for Cloud.
  3. Continuously reporting and alerting for reactive approach.
  4. Providing a best practice policy helping in strengthening security of workloads. 
  5. The biggest lesson that I have learned from using this product is that organizations are very uninformed about their cloud presence, what assets they have, and what shape it's in which this solution is capable of and provides better visibility.

What is most valuable?

  1. The queries for detecting any type of incident are great.
  2. The solution provides a granular level of reports - along with issues based on compliance.
  3. Alerts of cloud activity happening across all accounts is helpful.
  4. Customization of rulesets as per our cloud security policy is useful and strengthens the security.
  5. Reporting against compliance is an important feature that helps you comply with policies and standards within our organization.
  6. Assets Management is excellent as it provides complete visibility of our workload in our EC2 instance. 

What needs improvement?

The following things can be improved:

  1. Reporting should have more options.
  2. Investigation of security events should be more comprehensive be it for cloud activity or traffic activity.
  3. The false positives can be annoying at times.
  4. We do not use remediation at the moment. We do the remediation manually, since we are still using Dome9 in read-only mode. I don't know if we will use the remediation in the future as we prefer to do it ourselves.
  5. The price of this solution should be reduced so that it is more affordable to scale.

For how long have I used the solution?

We have been using this solution for last year.

Which solution did I use previously and why did I switch?

This was the first time we used any CSPM solution.

What's my experience with pricing, setup cost, and licensing?

The price of this solution should be reduced so that it is more affordable to scale - specifically for features like Intelligence Pro.

Which other solutions did I evaluate?

We evaluated Prisma Cloud, however, we found many of the features that we won't be using we would still be paying for unnecessarily.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Basilio Alcantara - PeerSpot reviewer
IT Security Engineer at Bayview
Real User
Provides us with good infrastructure visibility and facilitates compliance
Pros and Cons
  • "The most valuable feature is the CloudBots for auto-remediation of security findings."
  • "The tool has a lot of potential, but today, it lacks a lot of Scripts/Bots for Azure."

What is our primary use case?

We currently have hybrid cloud environments, so different cloud platforms are being used by the business for different use cases and systems are being deployed at a very fast pace. It's very challenging to enforce security and have eyes on everything that exists in the cloud unless you have centralized tools helping you accomplish this goal.

Today Dome9 is helping us analyze what we have out there and what our priorities should be from a remediation perspective. We do have multiple accounts today with the different cloud providers, so it's imperative to use a tool like Dome9.

How has it helped my organization?

We have been able to expand our visibility and security enforcement into all of our cloud environments by leveraging Dome9. The features allow us to constantly scan and take action on any configurations implemented, that aren't meeting compliance regulatory requirements.

This tool has also allowed us to keep an inventory of assets and an overall picture of what infrastructure exists today on the different cloud platforms we own. It helps to avoid unnecessary misconfigurations due to the lack of knowledge on what has been deployed.

What is most valuable?

The most valuable feature is the CloudBots for auto-remediation of security findings. It is helpful because my team handles so many security tools that it would be almost impossible with the current staff we have to support the on-premise network and have enough time to go in and maintain the desired/required security postured on the different cloud environments we own today.

One of the main reasons why we started looking into a centralized tool is so that could help us bridge that gap, and Dome9 so far has been very helpful from that perspective.

What needs improvement?

The tool has a lot of potential, but today, it lacks a lot of Scripts/Bots for Azure. This is one of the main cloud providers, so it's imperative to make this a priority in order to bring a lot of value to this tool.

The idea is to leverage Dome9 as the main central place for auto-remediation of all cloud environments so that customers don't have to spend a lot of time manually remediating. Manual remediation is very challenging once you have so many cloud accounts to support on a regular basis, and Dome9 can help do part of the job.

For how long have I used the solution?

I have been using Dome9 for about one year.

Which solution did I use previously and why did I switch?

We did not use another solution prior to this one.

Which other solutions did I evaluate?

We did not evaluate other options before choosing Dome9.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Check Point CloudGuard Posture Management Report and get advice and tips from experienced pros sharing their opinions.
Updated: December 2022
Buyer's Guide
Download our free Check Point CloudGuard Posture Management Report and get advice and tips from experienced pros sharing their opinions.