Check Point WAF (formerly CloudGuard WAF) Reviews

My use case is mainly for new products that come up in the marketing field, products that are fast and need quick assimilation.

We connected protections, mainly of the WAF for products that do not need too much scam validation or more complex functions. The aim was to provide a quick response to marketing campaigns, customer transportation, and things that need very fast implementation.

Check Point CloudGuard WAF has helped our organization in time-to-market manners; the time to market is very short. Unlike other products we tested, which were a bit more complex, they would take a day's process. Check Point CloudGuard WAF only takes a few minutes of assimilation and then goes live.

Its ability to protect our applications against threats without relying on signatures is one of the benefits I liked about this product. It does not depend on signatures. It looks at the anomaly in behavior. This is what we call a modern application. It saves us the headache of these updates and also the fact that the zero day usually has no signature.

The ability to preemptively block zero day attacks and detect hidden anomalies is exactly its advantage. The zero day does not wait for a signature but looks at behavior. This is how a modern app should be. If you wait for the unknown, your application will be affected, but with this solution, even if you don't know where the attack could come from, the product protects it because of the behavior. That's the advantage.

The assimilation time is short, about a few minutes only, so it is very simple for us and shortens the time of our functions. I'd say it has lowered 30% of our time.

In a product like this, there are not many false positive cases, at least not in our type of implementations, which are not complex. When you do not hear about any false positives, it is a sign that the solution is doing its job.

This product is very simple, it does not require complexity in its implementation. Its ability to deploy our materials quickly is what we appreciate the most.

I would like it to be able to analyze more complex functions, although I did not examine the case study of more complex implementations. Things like forum fields, etc seem to need a little more focused protection of the fields scheme validation. I would say that the more automation this product has, the easier it will be to work with it.

I have been using Check Point CloudGuard WAF for six months.

There were never any server issues, they're very stable.

I am not really sure about its scalability since our framework is very limited at the moment. I am guessing that after we try to deepen our use cases, we may scale then.

Check Point is known for providing really good service. If a ticket is opened, it is addressed and not neglected. The emphasis is on the Israeli team, which knows how to achieve escalations and provide a response. We were never left without an answer.

We have had several protections from other WAF products that we have tested. Their implementations were longer, more complex, and sometimes, because of the speed we would implement it after it went live because of the times. The time to market was short, and we didn't have time to achieve the desired time window.

Today, with Check Point CloudGuard WAF, there is no way we'll go live without protection.

We used and evaluated Radware and Reblaze. They were very expensive and also dependent on third-party services. With Check Point CloudGuard WAF, everything was done easily in-house.

I'm in charge of the regulations, the SECOPS team is the one involved in the deployment. I'm more of a policy guide, and from what I've noticed, the experience was good.

We always have a business partner who accompanies us in projects of this type. We have always had a good experience with them, the're very professional.

The biggest ROI is that the time to market is good; I am not holding back the business. I do not look that much at attack prevention because that's something that every product usually does. The ROI is the time to assimilate and the short time to market. Those are its benefits.

I am less knowledgeable with prices because I only define the requirements and look at the execution. I know that its price is relatively expensive compared to other products but it gives benefits that are worth it.

My advice would be to use this solution since it's cloud-based and the deployment is quick and easy.

Overall, the platform is great. I would consolidate it from the usual infrastructures, though. Every platform requires someone to focus on it, so it would be good if an integrator would be more involved in this specific solution.

I use CloudGuard WAF for our exposed customer-facing servers.

It provides security for our customers and our products.

This solution not require training. It has its own mechanisms, eliminating the need for training for our applications. The learning curve is quick.

It provides security for our services to customers. As a financial institution, we provide security to our customers and products.

The solution preemptively blocks zero-day attacks and detects hidden anomalies effectively.

The solution reduced the cost to the company when considering that we,with a previous solution, spent many hours on configurations.

It reduced our false positive rate significantly - by 90%.

The reporting can be improved. Currently, it is not 100% accurate, however, it is at a good level. I cannot see many logs for our application that are posted under CloudGuard WAF, and sometimes I cannot identify the issues I have with CloudGuard.

I have been using the solution for three years.

The stability is 100%. I did not have any issues in the last three years during which I had more than ten critical services running on CloudGuard.

Customer support is usually needed during the implementation of the solution. After that, I have only opened a case two or three times, and the response time is very good.

Positive

I had the same solution with the same company, however, it was on-premise. I moved to a cloud-based solution with CloudGuard WAF, and it is very different.

When considering my previous solution, I spent many hours on the configuration.

Pricing and licensing are really expensive for this product. While it provides a very good security level, the price for each service is high. Small organizations might not be able to afford the price.

I would rate the solution nine out of ten. Overall, it is a very good solution. 

The primary use case for Check Point CloudGuard WAF is for protecting web applications and APIs. We use it for web apps and APIs we want to protect.

Check Point CloudGuard WAF has improved our organization by providing protection against web application attacks such as SQL injection, cross-site scripting, and bot threats. Its automated threat prevention and real-time traffic analysis reduced manual intervention and response time. Integration with our cloud infrastructure enabled seamless deployment and scalability, while centralized visibility helped enforce consistent security policies across all environments.

The most valuable feature is the AI/ML engine, which does the job for us and mainly reduces the number of false positives and adapts accordingly. It significantly impacts workflow efficiency, allowing us to focus more on other fields. After implementing it, we have better results in vulnerability and penetration testing and scanning.

CloudGuard WAF could improve UI simplicity, reduce false positives, and enhance policy management. Future releases should include better bot mitigation, behavioral anomaly detection, compliance templates, advanced threat intel integration, and streamlined multi-cloud support to boost protection and usability.

I have been using the solution for one year.

Check Point CloudGuard WAF is very stable.

Its scalability is inherent to its SaaS solution.

The customer support is great.

Positive

We did not have any other solution before using Check Point CloudGuard WAF.

The initial setup was positive, and we did not face any problems.

There is potential money-saving regarding some successful attacks if we did not have Check Point CloudGuard WAF.

Our experience with pricing, setup costs, and licensing was positive. We did not have any issues.

Before choosing Check Point CloudGuard WAF, we did not evaluate other options.

I recommend implementing it easily, onboarding services quickly, and utilizing its policy blocking. It is very useful and efficient. I rate Check Point CloudGuard WAF a ten out of ten. The AI/ML engine, which greatly reduces false positives so that we do not have to manage them manually, stands out the most.

I have dealt with a very complex situation. We are fortunate to have a global presence in 98 countries. We have about 400 people working worldwide. 

Our challenge is to support our customers and protect our infrastructure, which is quite different from normal ones. Unlike a typical company that centralizes everything in a data center, we work in countries with strict legal restrictions. This requires us to create a separate infrastructure for each country. I need something to support us and provide compliance.

I am a very exposed company, and this solution helps prevent attacks.

I have thousands of exposed websites and APIs. Being able to control what is happening and try to prevent any attack is the best feature. 

I provide gamification, and if one wants to acquire services like Netflix, they can go through my application. Some people try to find tokens to sell on the black market; however, with the WAF, I'm able to understand what's happening and block it in real-time.

It's important to protect against threats without relying on signatures. If it sees any anomaly, it just blocks it.

Check Point CloudGuard Network Security helps guard against zero-day attacks. Luckily, we haven't had any.

Check Point CloudGuard Network Security helped reduce the cost of ownership for our web application firewall by 50%. We have everything centralized and we can configure everything centrally.

We've been able to reduce our false positive rate by 80%. It's easier to have something automated instead of a person working on this, checking everything. 

I'm not sure what can be improved. I don't manage the solution. It seems to be a product that runs all the time. They might be able to add more integrations. Security could always be improved. Overall, it's very good. 

I have used the solution for the last three years.

I would give stability a nine out of ten for sure. It is very stable. As an evolved product, there are always areas to mature, of course, however, it provides a very good and mature experience.

I enjoy it the scalability. I can scale up or down based on workload, so I'm very fortunate with that.

I have a great partnership with Check Point. I know a lot of people who work there. For me, it's a very positive and beneficial relationship.

Positive

I did not use any previous solutions.

The initial setup was very intuitive. I had minor issues, however, that was due to not reading the documentation properly. Overall, it was a very satisfying and straightforward experience.

I did the implementation by myself, however, I have a partner as well. They can do things first; however, I managed it on my own since it was easy to do.

We have yet to see an ROI.

For me, the pricing and licensing is a fair value for what they provide.

I did not consider alternate solutions. This was included in my subscription. I have a full suite of Check Point products, so I just use this.

I would rate the solution a seven out of ten. I'm not the one managing it. From what I've heard about the challenges we face, I would rate it a seven. In one project, we had to use mutual certificates, and it wasn't the best experience to configure. It is doable, however, it can be improved. This causes some issues for our customers. 

If someone is only using a cloud-native option WAF, they are missing out on agility. We're more agile since we can protect everything we have. And multi-cloud is a real thing. Everyone has multiple clouds, so centralizing everything into one place is the greatest, in my opinion. 

I use it on our websites and web servers, and it is protecting against malicious code and injection code, as well as any type of attacks.

Check Point CloudGuard WAF enhances web application security with AI-driven threat prevention and seamless cloud integration.

The Check Point WAF gives me a view that I did not have that occurs on the web servers. 

It allows me to show results and reports to demonstrate the attacks, the number of attacks, and prevention measures.

It protects against threats without relying on signatures. The zero-day attacks could be bad. Without this, we wouldn't know al the attacks we're getting. It allows us to save time manually analyzing on the web servers. It frees us up.

It helps against zero-day attacks and protects against anomalies. It's one of the factors that made us choose this solution. 

For now, the product is doing all that I need, however, I need the support of IPv6.

I have used the solution for three months.

It is very stable, never crashing or giving me an error that I can see. It responds very quickly and allows me to enter the menu and set up and configure everything without problems.

The customer service is very good. I have opened one or two cases and received quick responses.

Positive

I have not used any other solutions for a while.

The initial setup is very easy. We use it for our on-prem web servers. It only takes five minutes to deploy.

I used an integrator to help with the implementation the first time. They explained the phases, and it was very simple and quick. The person who helped was from Portugal.

I don't have an exact number in terms of ROI.

The setup cost is very simple. It is a really good price considering the functionalities of the product and the price of the license. It is very well-calibrated.

We did not evalute another solution. I'm a Check Point customer. 

If someone is only using a cloud-native product and not using something like CloudGuard, I'd advise buying it. It is a very good product. Now with WAF, I see many attacks being prevented. It is a good solution for me. I have five million requests per month on our web server. The last results I saw showed maybe 50% to 60% of attacks being prevented. 

I rate it ten out of ten. I am very satisfied.

I am currently evaluating a hybrid solution for our infrastructure since some of our services are hosted on-premises while others are processed through the cloud. We have multiple websites, applications, and some non-web-based applications that we need to protect.

The solution's ability to handle multiple websites and applications without needing more expensive hardware is a key advantage. 

The communication between the on-premises device and the cloud for analysis and feedback is a valuable feature. It also supports legacy applications and improves security access. Upon implementation and evaluation with third-party penetration testing, it meets rigorous security standards required for dealing with financial institutions and provides necessary protection between our central office and peripheries through VPN access. 

The solution allows for proactive support and parts replacement.

The learning curve was a challenge due to initially incorrect configurations. It took approximately a month and a half to understand how the solution works because of inadequate documentation. The provider could improve by providing better guidance and support during the configuration process.

I am happy with their support. They were responsive even before we committed to buying their solution. The support rating is about seven and a half to eight out of ten.

Positive

We looked at FortiGate and some open-source solutions, however, they either did not fully meet our requirements or required a dedicated person for administration, making them cost-prohibitive.

We collaborated with our vendor, A1, which also offers parts replacement and support as part of the package.

The base solution costs approximately 30,000 euros, with an additional 2,000 euros per year for licenses and support.

The price is fair for the features offered. For us, it is cost-effective compared to hiring a dedicated person for administration.

Prior to choosing the current solution, we considered FortiGate and other open-source solutions.

I would rate the solution eight out of ten. 

Protecting our websites or our customers' websites is our top priority. We transitioned to Check Point WAF from on-premises WAF to safeguard our external perimeter. Essentially, I am focused on protecting our external infrastructure and web services.

It helps me sleep at night, providing peace of mind. It saves time, money, troubleshooting, and maintenance and reduces the need to hire people to manage the technology because it is so easy to use.

The WAF is the best feature. The application firewall's ability to block and recognize all attacks in real-time, such as DDoS, is invaluable. Identifying attacks and integrating with the rest of the ecosystem are features I am very fond of.

It's a pretty robust product.

CloudGuard protects against threats without relying on signatures. This is one of the best features. As an engineer, I don't have to review signatures one by one by one. 90% of the other players use signatures. So you have to review the attack, the signature, and how to mitigate it, etcetera. Removing the signatures from the equation removes a lot of time required for an engineer to review signatures, apply signatures, verify that these are applied to the infrastructure, etcetera. So removing that from the equation and protecting the infrastructure at all times is very cost-effective. 

Signature-based also causes a lot of false positives. So having no signature also helps remove a lot of the false positives. 

I cannot think of any needed features.

Pricing is high, although possibly justified by the service received. Reducing prices would be welcome. 

Integration with more technologies or Check Point products, or on-prem products, could improve robustness. Many organizations are moving to the cloud. Some cannot fully transition and require solutions similar to on-prem devices. 

I have used the solution for the past two years.

Support is the same with on-premise devices, and it is very good. Since it is cloud-based, I do not need them as much. 

Positive

I have used CloudGuard, Imperva Cloud WAF, and Barracuda Cloud WAF. I have experience with all of the major players.

I have seen what we were used to before and how much time we spent. We used to manage on-prem devices for other partners that could run from other vendors. When you migrate to the cloud, it feels like saving 90% of your time.

If the price could come down, I would be very happy with the product.

I will not disclose which vendor is the best. In specific cases, some vendors perform well, while others are competitive at the high end. Check Point is one vendor that I really appreciate, and I will not mention the other, however the competition is very close.

I would rate the solution nine out of ten. Nobody is perfect. 

I have a team that manages CloudGuard for me. We have different research centers using various cloud accounts and are trying to consolidate everything into a single landing zone to protect those areas. From a use-case perspective, I have different laboratories or research centers utilizing it for various purposes. We are mostly focused on AI, and some of those requirements cater to the AI segment as well.

From a protection perspective, Check Point is a well-renowned name. We are also using other products from Check Point, such as Harmony, Infinity, and XDR. We have a consolidated view of the overall security posture, which I find quite interesting.

CloudGuard WAF protects our applications against threats without relying on signatures. This is crucial for us to maintain application security and stop the threats coming into our environment, keeping our production part secure.

Check Point CloudGuard WAF works well for preemptively blocking Zero Day attacks and detecting hidden anomalies. It is the best. That is why I am paying for it.

Check Point CloudGuard WAF helps us with overall application and cloud API security. The consolidated view of the security posture that Check Point provides is very useful from an upper management perspective.

CloudGuard WAF has helped reduce our false positive rate by 30%.

From a security perspective, it is quite good. I am not very familiar with the detailed features of it because I have a team that manages it. 

I am pretty happy with the current version. I have not yet used it to its full potential, but there could be improvements as I explore it further. I am content with what I have in terms of features and support, but if I start expanding the usage, I might need more help from them. I already have the best consultants from Check Point. 

I have been using this solution for around seven or eight months now.

I have not observed any stability issues yet. It has been pretty reliable.

The scalability is excellent and is one of its best features.

Customer service is one of the best in the market right now.

Positive

We did not use a similar solution previously. 

We have a hybrid deployment model with AWS as the cloud provider. 

Its deployment was smooth. We did not have any issues. 

We used Check Point for the implementation.

It has been only six or seven months now. I am hoping that by the time I complete one year, I will see the return on investment.

It has reduced the total cost of ownership for our web application firewall to a certain extent, but I do not have the numbers.

The sales team or account managers from Check Point are top-notch. As I am using other products as well, my pricing was competitive compared to others.

I considered other solutions. I decided on Check Point because of its comprehensive suite of applications and the integration with my tools, providing a consolidated view of my security posture.

I would rate Check Point CloudGuard WAF a nine out of ten. I believe there is always room for improvement, but there are use cases I have not yet explored.