We changed our name from IT Central Station: Here's why

Check Point CloudGuard Posture Management OverviewUNIXBusinessApplication

Check Point CloudGuard Posture Management is #2 ranked solution in top Cloud Security Posture Management (CSPM) tools and #3 ranked solution in Cloud Workload Security Solutions. PeerSpot users give Check Point CloudGuard Posture Management an average rating of 8 out of 10. Check Point CloudGuard Posture Management is most commonly compared to Prisma Cloud by Palo Alto Networks: Check Point CloudGuard Posture Management vs Prisma Cloud by Palo Alto Networks. Check Point CloudGuard Posture Management is popular among the large enterprise segment, accounting for 69% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 36% of all views.
What is Check Point CloudGuard Posture Management?

Check Point CloudGuard provides cloud native security for all your assets and workloads, across multi-clouds, allowing you to automate security everywhere, with unified threat prevention and posture management. The only solution that provides context to secure your cloud with confidence.

Check Point CloudGuard Posture Management was previously known as Dome9.

Check Point CloudGuard Posture Management Buyer's Guide

Download the Check Point CloudGuard Posture Management Buyer's Guide including reviews and more. Updated: January 2022

Check Point CloudGuard Posture Management Customers

Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners

Check Point CloudGuard Posture Management Video

Archived Check Point CloudGuard Posture Management Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Paul Liversidge
Owner at Liversidge Consulting Ltd
Real User
A powerful solution for our clients to effectively deal with problems unique to AWS
Pros and Cons
  • "People implementing this solution are concerned with addressing a significant risk, and within the AWS realm, this tool does de-risk substantially."
  • "I would like to see some AI on the back-end, just to assist with doing analysis and making recommendations."

What is our primary use case?

We have been researching this solution as something to provide for clients who are interested in implementing a high-security AWS environment.

How has it helped my organization?

This solution provides some security around holes that are uniquely present on AWS. We try to convey to clients and customers that when you move to AWS, the whole attack surface is different, and therefore you can't take your existing tools to AWS and then secure it in the same way as you can your traditional environment. You need to have tools that understand the nuance of AWS, and that's the reason we use Dome9. It has these unique skills and attributes in the AWS world.

Specifically, we are interested in securing IAM. It controls everything in AWS such as who can create computing instances and who can destroy them. Given that all of the power is with IAM, you have to make sure that you haven't over-privileged, or through the combination of people being users, groups, or roles, that they haven't collected too many privileges that you weren't aware of.

What is most valuable?

The feature that I found most valuable is the ability to scan IAM, the Identity and Access Management tool, for all of the privileged accounts.

What needs improvement?

Integration with other security tools would be of benefit.

I would like to see some AI on the back-end, just to assist with doing analysis and making recommendations.

For how long have I used the solution?

Trial / evaluation.

What do I think about the stability of the solution?

The stability is rock solid.

What do I think about the scalability of the solution?

I have no concerns with the scalability of this solution.

How are customer service and technical support?

Technical support for this solution is excellent.

Which solution did I use previously and why did I switch?

We did not use another solution prior to this one.

How was the initial setup?

This solution is easy to get going, although it requires a lot of training to get the best out of it.

It took us weeks to set it up, which was very quick. In terms of setting it up for a client, the strategy would depend on what holes they have in their security infrastructure, and how we can use this solution to close them.

What about the implementation team?

We implemented the solution in-house and would assume this role for our customers.

What was our ROI?

This is the sort of tool for which ROI is not really considered. People implementing this solution are concerned with addressing a significant risk, and within the AWS realm, this tool does de-risk substantially.

What's my experience with pricing, setup cost, and licensing?

It is a standard licensing fee, with no additional costs.

Which other solutions did I evaluate?

We evaluated another solution called Evident.io, but it had a lot of overlap with traditional tools, whereas Dome9 was unique in its approach.

What other advice do I have?

This is a product that I would recommend because it does unique things that I'm not aware any other product can solve those issues. It is incredibly powerful and gives our customers a lot of assurance that we're taking AWS security seriously.

My advice for those implementing this product is to use every piece of it. Explore every option and feature and leverage it to the max.

I would rate this solution a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Cloud Infrastructure Architect at Maxis Berhad
Real User
Enables us to have a centralized view of all our visible assets ECs and inventories
Pros and Cons
  • "Dome9 has improved our organization; we have a centralized view of all of our assets, our visible assets our ECs, our inventories. And then all the policies are centralized, and it is easier to manage because everything is one component console."
  • "I would like to see Test B functions at the application access level."

What is our primary use case?

The primary use case for this solution is associated with a challenge whereby we have multiple cloud computing platforms. We have our past cloud platforms in AWS and ECP. Therefore, we can configure management and policy governance tools to deployment across all sites.

How has it helped my organization?

Dome9 has improved our organization in the way that we have a centralized view of all of our assets, our visible assets our ECs, our inventories. Then all the policies are centralized and it is easier to manage because everything is one component console. 

What needs improvement?

I would like to see Test B functions at the application access level.

For how long have I used the solution?

More than a year.

What do I think about the stability of the solution?

The stability is good.

What do I think about the scalability of the solution?

The scalability is good.

How are customer service and technical support?

Technical support is excellent; they are quite supportive.

How was the initial setup?

The inial setup was straightforward.

The deployment took us about six months because we had issues while integrating. The issues weren't with Dome9.

What about the implementation team?

We implemented Dome9 ourselves, in-house. We used our own set of experts.
I think there is less than six staff required for deployment and maintenance.

What's my experience with pricing, setup cost, and licensing?

The licensing costs for this solution are on a yearly basis.

What other advice do I have?

My advice is to try to get the trial period first because this will allow them to see if this is a suitable solution or not for their environment. They have to remember that this solution can only be compared to Test B, but it's not Test B. The trial allows for appropriate compatibility and suitability evaluations.

On a scale from one to ten, ten being the best, I would gladly rate this product an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about Check Point CloudGuard Posture Management. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
564,599 professionals have used our research since 2012.
ElieIfrah
Cloud & DevOps Team Leader at a tech company with 501-1,000 employees
Real User
Wraps our FTP infrastructure with network security and allows us to monitor FTP activity
Pros and Cons
  • "Dome9 wraps our FTP infrastructure with its network security configurations, and this also gives us the ability to monitor FTP activity."
  • "Gives us centralized firewall management for both Windows and Linux distros. Also provides a clear view of the security configurations and connections across environments (DMZ, external and internal networks)."
  • "The user interface is responsive and quite intuitive; when selecting an object it automatically shows the relevant actions."
  • "I’d like to see more integration with third-party tools. For example, it would be helpful to have an integration between Dome9 and ServiceNow to manage security incidents and security changes."

How has it helped my organization?

We have an FTP infrastructure that is accessed by customers. As FTP service is quite vulnerable if not secured properly, before implementing Dome9 we had to apply multiple security solutions on the FTP servers.

Dome9 wrapped the FTP infrastructure with its network security configurations. This gives us the ability to monitor FTP activity as well.

What is most valuable?

  • Centralized firewall management for both Windows and Linux distros - This is something that everyone is looking for. The initial version of Dome9 was one where you managed all the rules centrally in Linux and Windows, which was quite challenging. Now, to see in a single pane of glass, all the agents, all the rules, everything that is going on in out datacenters, is quite valuable.
  • Visibility of the security configurations
  • Clear view of the security configurations and connections across environments (DMZ, external and internal networks)
  • The user interface is responsive and quite intuitive; when selecting an object it automatically shows the relevant actions

What needs improvement?

I’d like to see more integration with third-party tools. For example, it would be helpful to have an integration between Dome9 and ServiceNow to manage security incidents and security changes.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

I don’t recall any stability issue from the first time we used it. It has been solid and reliable.

What do I think about the scalability of the solution?

I didn’t encounter any scalability challenges. According to the vendor, we are far from the limit that has been tested by the vendor so far.

How are customer service and technical support?

The technical support has been very professional and helpful. They are knowledgeable and answer our questions in a timely fashion.

Which solution did I use previously and why did I switch?

We had been using iptables on Linux servers but it was missing centralized management. Also, configuring firewall security rules was quite a nightmare, especially testing.

How was the initial setup?

The initial setup was straightforward, as the solution is quite intuitive.

What's my experience with pricing, setup cost, and licensing?

In order to obtain better pricing, I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two. The company has multiple modules that you purchase independently or in groups, depending on your needs.

Which other solutions did I evaluate?

When we did market research five years ago, there were not many alternatives in the market for our purposes. We looked at Kaspersky Lab and Trend Micro but they didn’t address our needs.

We ran a PoC with Dome9 and it was transformed quickly into production.

What other advice do I have?

My advice would be:

  • Share your project goal(s) with the vendor to help you map the functionalities and modules needed, to be implemented in phases, during implementation.
  • Map your existing security configurations and create a lab to test them with and without Dome9.
  • Implement the solution progressively and look at the logs in the Dome9 application to learn about the network activity.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Director, Information Security & Service Transformation at a insurance company with 1,001-5,000 employees
Real User
Continues to be a major piece of our cloud security architecture
Pros and Cons
  • "Dome9 continues to be a major piece of our cloud security architecture and has given our senior leadership team a high degree of confidence in our ability to protect our cloud environment."
  • "We have more visibility than ever before, appreciating the valuable and proactive insight that we receive from the platform."
  • "The Compliance engine has helped put our auditors and senior executives at ease, as we can quickly and accurately measure ourselves against hundreds of compliance checks to include CIS benchmarks, PCI, and other best practices."
  • "I would like to see tighter integration with other compliance tools, like Chef Compliance, in addition to Inspector."

What is our primary use case?

We use Dome9 to control our AWS security groups, evaluate and map security group traffic, and conduct compliance checks of our cloud environment regularly.

How has it helped my organization?

Dome9 continues to be a major piece of our cloud security architecture and has given our senior leadership team a high degree of confidence in our ability to protect our cloud environment. We have more visibility than ever before, appreciating the valuable and proactive insight that we receive from the platform.

What is most valuable?

Clarity and Compliance have become two of our favorite features. Clarity allows us to visually depict our security groups and effective policy for both our current environment and can do predictive visualization based on cloud formation templates. The Compliance engine has helped put our auditors and senior executives at ease, as we can quickly and accurately measure ourselves against hundreds of compliance checks to include CIS benchmarks, PCI, and other best practices.

What needs improvement?

Dome9 continues to enrich its features at a blazingly fast pace. I would like to see tighter integration with other compliance tools, like Chef Compliance, in addition to Inspector. Also, I would love to add more richness to the Splunk add-on for Dome9.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

None, it has been a solid performer for us, and well within the SLA.

What do I think about the scalability of the solution?

We have yet to encounter any issues with scalability.

How is customer service and technical support?

We have not needed it much, but when we have, they have been very responsive and they truly are helpful.

How was the initial setup?

Initial setup was super easy. We were integrated in 15 minutes, then it was just another hour or so of tuning and kicking the tires.

What's my experience with pricing, setup cost, and licensing?

They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. 

Which other solutions did I evaluate?

We evaluated native AWS features and a competitor, Evident.io, but found that Dome9 was able to do all of what we needed in one tool instead of two.

What other advice do I have?

Start with read-only and move to full-control slowly. When you go to full control, there will need to be good communications with your AWS teams, so they know it is there. Do not do full-control on your lab environment.

They are a great partner to work with. Not only is the product solid, but we have loved having a good relationship with their leadership and seeing our feedback manifest into real product updates and features!

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
President at a tech services company with 1-10 employees
Real User
We have been able to empower our development team to work with the infrastructure in a managed, foolproof way.
Pros and Cons
  • "Compliance is becoming an important tool for us as well."
  • "Addressing the large amount of compliance information and benchmarks we need to observe, the tools are becoming our goto dashboards."

What is most valuable?

We started long ago with the dynamic access and protected assets, and it has always been a cornerstone for our highly mobile, distributed development team. We require tight control on access, and when our team travels it helps us gain access as needed in a protected manner.

Compliance is becoming an important tool for us as well.

How has it helped my organization?

We have been able to empower our development team to work with the infrastructure in a managed, foolproof way to insure testing and other efforts don't leave unintended holes.

What needs improvement?

The governance and compliance areas are becoming very useful, and continue to expand in very user-friendly ways. Addressing the large amount of compliance information and benchmarks we need to observe, the tools are becoming our goto dashboards.

For how long have I used the solution?

Many years, so many I forget. Not too long after I discovered them at AWS the first or second year of RE: Invent.

What was my experience with deployment of the solution?

None. Just follow the easy instructions for IAM Policies.

What do I think about the stability of the solution?

Rock solid.

What do I think about the scalability of the solution?

Never a problem.

How are customer service and technical support?

Customer Service:

Highly engaged at all levels of the organization, and truly helpful, which cannot be said for many others in their space.

Technical Support:

Helpful and usually spot on early in the request.

Which solution did I use previously and why did I switch?

We have assessed several, and Dome9 is the only one that we have used continuously, and it has begun to replace other solutions as Dome9 rolls out new features.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Marketing at a tech vendor with 51-200 employees
Vendor
Dome9 Cloud Street View for AWS Security: The Exponential Cloud Growth Visualization
Confidence is key when it comes to managing large IT systems. The tricky part is when a CIO tries to generate the trust and confidence of a company’s IT environment. Complete transparency is the answer. As you may recall, I’ve written about the need for transparency concerning Newvem’s services in the past. As the cloud industry market matures, the AWS cloud continues to grow at ground-breaking speeds, in addition to the usual individual cloud deployment. In either respect, transparency becomes an issue. Cloud management vendors recognize the need for transparency and are taking the necessary steps to enhance their solutions to better support active visibility. The natural evolution of a typical management system begins with gathering data and presenting it in report tables. While…

Confidence is key when it comes to managing large IT systems. The tricky part is when a CIO tries to generate the trust and confidence of a company’s IT environment. Complete transparency is the answer. As you may recall, I’ve written about the need for transparency concerning Newvem’s services in the past. As the cloud industry market matures, the AWS cloud continues to grow at ground-breaking speeds, in addition to the usual individual cloud deployment. In either respect, transparency becomes an issue.

Cloud management vendors recognize the need for transparency and are taking the necessary steps to enhance their solutions to better support active visibility. The natural evolution of a typical management system begins with gathering data and presenting it in report tables. While traditional IT tools have had a similar evolution, the infinite cloud resources and dynamic manner of the environment take the lack of controllability issue to the extreme. This, makes visualization more crucial than in a traditional, finite data center.

This week, I met my good old `cloud friends` from Dome9 that released their new cloud security visualization solution, Dome9 Clarity –

“Think Street-view for AWS security. Transparency into on-premise security has been around for the last 15 years, we are simply extending this value to the cloud.” Zohar Alon, Co-Founder and CEO at Dome9.

Dome9 Clarity - each box it's an AWS security group

Dome9 Clarity – Visualizing the data flows between AWS security groups

The value of IT management features has more than proven itself over the last two decades. Issues concerning systems’ availability, security and performance are anything but new in the world of IT services. Despite the fact that the cloud doesn’t eliminate any of these concerns, it does force a change to the key methodologies and processes. As an ex-Check Point employee, Zohar Alon, Dome9’s Co-Founder and CEO, built and led the security giant’s security firewall management systems. With this experience, the natural next step was to apply his knowledge to the world of the cloud.

Dome9’s Cloud Clarity provides cloud network security visualization within the AWS cloud. It is the sensible solution for optimized cloud security management. Controlling an environment with hundreds or thousands of EC2 instances that are grouped into as many as hundreds of security groups, not to mention the rapid and dynamic growth of inter-dependencies is far from an easy DevOps’ task. With Dome9, AWS users get a visual picture of their AWS VPCs and security group configurations. According to Alon, their new capability reduces such security audit efforts significantly and has been proven to condense four hours of auditing work into a mere 15 minutes – quite impressive!

As cloud deployments become more and more complex, consequently, the overall stack complicates as well. DevOps models evolve to be able to regain control supported by distributed systems’ methodologies. With the help of Clarity’s real visibility feature, customers are enabled with a clear understanding of their security system, which in turn enables control and support of the modern application stack.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Check Point CloudGuard Posture Management Report and get advice and tips from experienced pros sharing their opinions.
Quick Links