"Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"The customer service/technical support is very good with this solution."
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"The feature set is fine and is rarely a problem."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"It's possible to sync the Check Point Management with the cloud portal, therefore allowing automated rules to be set in place whenever creating a new VM."
"The main benefit of the Check Point Virtual Systems solution is its ability to split up the hardware appliances that we have into several logical, virtual devices with separate traffic handling policies, as well as the switching and routing."
"I find it really useful that CloudGuard supports all the main players on the Public Clouds market including AWS, GCP, and Azure, as well as some exotic ones like Alibaba Cloud, Oracle Cloud, and IBM Cloud."
"I like the firewall and the virtual machine. I also like that it's compatible with Amazon Web Services and Azure."
"The initial setup is pretty easy."
"The most valuable feature is that we can use the same manager server that we use on our own Check Point firewalls. We integrated CloudGuard on that manager and we can use the same kind of protections that we use on the on-prem firewalls, like the IPS and antivirus policy. We can have the same kind of protection on the Cloud environment that we have on-premise."
"The comprehensiveness of the CloudGuard’s threat prevention security is great, especially once they integrate Dome9 in the whole thing. That really ties the whole thing together, so you can tie your entire cloud environment together into one central location, which is nice. Previously, we had three or four different tools that we were trying to leverage to do the same stuff that we are able to do with CloudGuard."
"One of the main characteristics that Check Point CloudGuard Network Security has given us is granularity and visibility."
"The solution is scalable."
"The most valuable features are that it is very simple to configure and to manage."
"The scalability of Fortinet FortiGate is good."
"The base firewall features are quite valuable to us."
"Initial setup is straightforward. There weren't too many issues with setting it up. It takes one hour or so."
"It is quite easy to handle."
"The most valuable features are the possibility of having one fabric for switching on security."
"It is very flexible to use."
"The performance should be improved."
"The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"An area of improvement for this solution is the console visualization."
"We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."
"The initial setup could be simplified, as it can be complex for new users."
"This application can be more integrated with web application firewalls. Better integrations would provide more granularity, which would be helpful for focusing on the application itself and preventing attacks. It would be good to include the cross-domain search. If you have multiple firewalls that are managed on the same platform and you want to check who is using some particular objects or where a specific ID is being used, it should provide an option for this kind of search instead of having to check one by one on each firewall."
"I hope that Check Point continues to improve its technical documentation regarding the Check Point CloudGuard IaaS gateway and management system."
"The biggest room for improvement is that, for a long time now, they've moved everything over to R80 but they still maintain some of the stuff in the old dashboard. They need to "buy in" and move everything to the modern dashboard so that you don't have to go to one place and to another place, at times, to configure the environment. It's time they just finish what they started and put everything in the new, modern dashboard."
"Most clients nowadays tend to move to the cloud and their data security is key. If CloudGuard could be able to give the client that full visibility of how their data is protected on the cloud, then that would be a great selling point for Check Point."
"The convergence time between cluster members is still not perfect. It's far away from what we get in traditional appliances. If a company wants to move mission-critical applications for an environment to the cloud, it somehow has to accept that it could have downtime of up to 40 seconds, until cluster members switch virtual IP addresses between themselves and start accepting the traffic. That is a little bit too high in my opinion. It's not fully Check Point's fault, because it's a hybrid mechanism with AWS. The blame is 50/50."
"Micro-Segmentation functionality for EAST-WEST traffic is not native and requires integration with a third-party OEM."
"It's meeting our needs at this time. If I could make it better, it would be by making it more standalone. That would be beneficial to us. I say that because our current platform for virtualization is VMware. The issue isn't any fault of Check Point, it's more how the virtualization platform partners allow for that partnership and integration. There has to be close ties and partnerships between the vendors to ensure interoperability and sup-portability. There is only so far that Check Point, or any security vendor technology can go without the partnership and enablement of the virtualization platform vendor as it relies on "Service Insertion" to maintain optimal performance."
"Its architecture and user interface need improvement. The user experience for this solution also needs to be improved, particularly in implementation, management, and operations."
"There are some cloud-based features that could be much more flexible than they currently are."
"Backup can be improved."
"Some of the software stability could improve."
"Some of the web policy reports could be improved."
"The way everything is set up could be easier. Currently, people need a lot of experience and knowledge to administer it and to link it to devices."
"The support structure needs to be improved because every time we contact them, there is a delay in the response."
"The captive portal could be improved."
"Price, of course, can always be more competitive or better."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
More Check Point CloudGuard Network Security Pricing and Cost Advice →
Check Point CloudGuard Network Security is ranked 8th in Firewalls with 28 reviews while Fortinet FortiGate is ranked 1st in Firewalls with 163 reviews. Check Point CloudGuard Network Security is rated 8.4, while Fortinet FortiGate is rated 8.4. The top reviewer of Check Point CloudGuard Network Security writes "Unified Security Management has enabled us to combine our on-prem appliances and cloud environments". On the other hand, the top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". Check Point CloudGuard Network Security is most compared with Azure Firewall, VMware NSX, Palo Alto Networks NG Firewalls, Cisco ASA Firewall and Sophos XG, whereas Fortinet FortiGate is most compared with pfSense, Cisco ASA Firewall, Sophos XG, Check Point NGFW and SonicWall TZ. See our Check Point CloudGuard Network Security vs. Fortinet FortiGate report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.