Coming October 25: PeerSpot Awards will be announced! Learn more

Check Point CloudGuard Posture Management Valuable Features

Advisory Information Security Analyst at a financial services firm with 501-1,000 employees

All the features are very valuable. The policy compliance piece is probably the most valuable. It provides monitoring of your environment and whether you are actively looking at it. So, if I have a user who will try to spin up a network in the cloud that isn't inline with our policies, it will automatically stop that from being able to be created, then delete it. Therefore, it will take action whether or not we are explicitly looking at the platform, keeping it in compliance with the rest of the company at all times.

Dome9 enables customizable governance using simple, readable language. It comes with a robust tool set that they have already created with their own rules that they have already built. However, you do have the capability of going in to write your own stuff. We haven't had to do too much of that because the prebuilt stuff that they have is really good, but it is there if you need it.

Dome9's accuracy when it comes to compliance checking is tremendous. It finds issues in the environment pretty quickly when you run a scan. It will do it on an automated basis as well, so you don't have to manually scan your environment all the time. It will be constantly doing it in the background for you.

Security visibility accuracy is tremendous. A lot of that comes in as flow logs and lets us see who is trying to access what almost on a real-time basis. That is not something you usually get easily from cloud providers.

It works great at identifying, prioritizing, and auto-remediating events. Whatever scenario or set of criteria you feed Dome9, it will quickly and efficiently look for those issues in your environment and correct them.

View full review »
Schillebeeks Bart - PeerSpot reviewer
Owner at AD Internet Consulting

The two most valuable features for us are the central firewall administrator and the real-time cloud compliance monitoring. The vendor has been building on these features, but they are the two that are most important for us.

With respect to how the compliance frameworks affect our security and compliance operations, it is important to consider that first of all, in the cloud, anybody can change a firewall. We wanted to have a central firewall administrator, with our more than 100 firewalls, so that we could make sure that our platform would stay secure. Dome9 alerts if somebody replaces something and puts it back, which is the biggest feature that we wanted.

Then, as an added feature, they have a real-time audit platform where you constantly have audits of your clouds to see that engineers don't forget to put all of the compliance in place.

Dome9's accuracy when it comes to compliance checking is very good, and it is done in real-time. I would rate it a nine out of ten. It is not perfect because sometimes you have false positives, although I don't think that you can get rid of them entirely. Overall, for compliance and diverse compliance methodologies, I would rate it a nine.

On the topic of accuracy, I would rate remediation a nine out of ten as well. It is easy to do because it is written in plain language, and also because there is a manual on how to remediate.

View full review »
Senior Security Engineer at a insurance company with 10,001+ employees

The audit feature is the most valuable for compliance reasons. It gives you a full view of the whole environment, no matter how many accounts you have in AWS or Azure. You have it all under one umbrella.

We use solution’s security rule sets and compliance frameworks and, again, for compliance purposes, we do have the full view. We see all of our vulnerable, open ports and open IPs. Its comprehensiveness for cloud compliance and governance is good. If it was not a good product that defines all aspects of cloud security, we would not be using it.

Also, Dome9’s accuracy when it comes to compliance checking is a nine out of 10. I would not give it a ten because sometimes the report is returning something and when we look at it on the AWS side, it's not exactly the way it showed on the report, because of the layout of the report. The accuracy of the security visibility is a nine out of 10. I give it a high score because we have full security visibility over the incidents and the groups, everything that is related to AWS. It's not a ten because sometimes you have to look in different places to get the full visibility, as it's not all gathered in the same place.

View full review »
Buyer's Guide
Check Point CloudGuard Posture Management
October 2022
Learn what your peers think about Check Point CloudGuard Posture Management. Get advice and tips from experienced pros sharing their opinions. Updated: October 2022.
635,987 professionals have used our research since 2012.
Mantu Shaw - PeerSpot reviewer
Sr. Technology Architect at Incedo Inc.

The baseline policy and the integration with the public cloud are very easy.

The number of compliance rulesets along with the baseline policy, support of cloud-native services, and license management are easy. Support of the CI/CD pipeline security (Code Security), Kubernetes, et cetera, is useful. 

There are very helpful and various types of reports. Reporting features are very good and anyone from the compliance team can view/generate a report according to compliance support.

Auto remediation is a very effective feature that helps ensure less manual intervention.

Support of AWS Lamda and Azure Functions helps for any potential breaches.

View full review »
Adriamcam - PeerSpot reviewer
Consultant at ITQS

Check Point CloudGuard Posture Management presents great values, such as the IAM role control, since if it does not meet the established parameters, these controls will not allow the creation of users, and policies that are not allowed.

It presents great visibility of the traffic flow of our cloud, providing information on what data and users are circulating and in the event of a threat, it immediately identifies them by providing detailed and granular information from our entire environment. 

It also has and provides the ability to provide recommendations of the errors that exist and thus be able to correct them as soon as possible

View full review »
Chris Dagal - PeerSpot reviewer
Senior Consultant at a tech services company with 11-50 employees

The assessment history lets you test each environment for each rule you set. You can see if the security tests have passed or failed, then plan a roadmap ahead on how to strengthen your security to defend against attacks on your cloud environment.

View full review »
Basil Dange - PeerSpot reviewer
Senior Manager at a financial services firm with 10,001+ employees

The most valuable features of this product are:

  1. IAM Role gives complete control over the cloud environment. In case someone tries to bypass and create a user or policy locally, which is not allowed or defined in Dome9, the changes will be rolled back and a notification will be sent to the concerned team.
  2. It is always on and even available on a mobile device using the app.
  3. Provides complete visibility of traffic flow with threat intel provided from Check Point. It even provides communication details for any suspicious IP.
  4. Provides detailed information if a workload is allowed direct access, bypassing any firewall policy.
  5. Provides a granular level of reports, along with issues based on compliance. The standard is defined, depending upon organizational requirements.
  6. Task delegation, as a particular incident can be assigned to a particular individual, and the same can be done manually or in an automated fashion.
  7. Customize queries for detecting any type of incident.
View full review »
Cloud Solution Architect at Network Thinking Solutions

Data security has been very valuable because data is the soul of a company and if the data is not protected, the company has no possibility of existing. 

In all areas of an organization, Check Point CloudGuard is not only in the cloud, as its name implies. It goes beyond. The areas of importance from the most important to the least important are: infrastructure, technological security, data administration, legal department, etc. Check Point solutions can provide a complete 360 security scheme to the entire cloud infrastructure. It transfers its vision to the entire peripheral network.

View full review »
alvarado - PeerSpot reviewer
Cloud Support Leader at a tech company with 51-200 employees

One of the most valuable features for me is the use of a unified review portal. That way, Check Point Infinity Portal can be managed in the best way,

Its easy implementation against Microsoft Azure was quite satisfactory. It did not waste time. It was simple in terms of looking up the appropriate documentation to be able to implement it correctly.

Even though we only manage one cloud, this technology can review several clouds, which makes it one of the best proposals on the market.

We are quite happy with the security posture of Check Point.

View full review »
Cloud Support - Security Admin at a tech company with 1-10 employees

The most striking features are:

1- Identity protection generated through Check Point posture management, which is helping to prevent user theft or unauthorized access.

2- The governance that can be provided with this tool is very good since we have been able to implement good practices to avoid vulnerabilities.

3- The administration portal panel is very intuitive. It also generates scores based on regulations and good practices to go little by little with the recommendations, significantly improving security.

View full review »
Support at a tech services company with 51-200 employees

We really liked its ease of implementation against our Microsoft Azure environment.

In addition, its centralized portal, which showcases multiple security solutions in one place, is very helpful.

Another feature that we really liked is the score function for improvements and good practices. You can take a security posture that complies with regulations or company policies.

View full review »
Chief Technical Officer at a government with 1,001-5,000 employees

The dashboard is intuitive. You know if you're compliant or not, and then it gives you a remediation plan.

View full review »
Kirtikumar Patel - PeerSpot reviewer
Network Engineer at LTTS

IAM is a very good and unique feature of Dome9. IAM gives us complete control of our cloud environment. For example, if someone tries to bypass the policy and attempts to configure or create some users, then it will not allow them to do so. Also, it sends a notification to the concerned person.

We can monitor each activity from our mobile devices, so there is complete visibility of our cloud traffic flows, with threat intelligence provided by Check Point. The IAM provides us complete safety and security.   

View full review »
Security Engineer at a tech company with 1,001-5,000 employees
  1. The queries for detecting any type of incident are great.
  2. The solution provides a granular level of reports - along with issues based on compliance.
  3. Alerts of cloud activity happening across all accounts is helpful.
  4. Customization of rulesets as per our cloud security policy is useful and strengthens the security.
  5. Reporting against compliance is an important feature that helps you comply with policies and standards within our organization.
  6. Assets Management is excellent as it provides complete visibility of our workload in our EC2 instance. 
View full review »
Basilio Alcantara - PeerSpot reviewer
IT Security Engineer at Bayview

The most valuable feature is the CloudBots for auto-remediation of security findings. It is helpful because my team handles so many security tools that it would be almost impossible with the current staff we have to support the on-premise network and have enough time to go in and maintain the desired/required security postured on the different cloud environments we own today.

One of the main reasons why we started looking into a centralized tool is so that could help us bridge that gap, and Dome9 so far has been very helpful from that perspective.

View full review »
Jonathan Ramos G. - PeerSpot reviewer
Cloud Engineer at ITQS

We like the ability to investigate, analyze, and generate reports.

Its most notable feature is to extend the analytics it performs to teams in any available cloud. 

We can collect analysis and be able to transform in such a way that the data provided allows us to find great value in institutional security. We can support each other to be better and more efficient daily. 

View full review »
Cloud Security Lead at a computer software company with 5,001-10,000 employees

The reporting is quite good. It is the most powerful aspect of this solution.

It's user-friendly.

View full review »
Cloud Security Architect at Kontex

The most valuable feature of Check Point CloudGuard Posture Management is the training.

View full review »
Managing Director at a tech services company with 5,001-10,000 employees

I very much like the interface and visibility is good. 

View full review »
Buyer's Guide
Check Point CloudGuard Posture Management
October 2022
Learn what your peers think about Check Point CloudGuard Posture Management. Get advice and tips from experienced pros sharing their opinions. Updated: October 2022.
635,987 professionals have used our research since 2012.