We performed a comparison between Check Point CloudGuard Network Security and WatchGuard Firebox based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"FortiGate is very simple to manage and easy to use."
"The solution is easy to configure and maintain remotely."
"It's an easy solution to set up."
"The most valuable feature is the FortiManager for centralized management."
"I like Fortinet's cloud management. It allows me to manage all my devices in different branches for three cloud accounts. Even though I use on-prem devices, I can manage everything on the cloud."
"The scalability of Fortinet FortiGate is good."
"Good performance, stability, and virtual domain ability."
"The security features that they have are quite good. On top of that, their licensing model is quite nice where they don't charge you anything for the SD-WAN functionality for the firewall."
"I like the firewall and the virtual machine. I also like that it's compatible with Amazon Web Services and Azure."
"The tool's most valuable feature is its scalability. You will only have to pay less for scaling up. Its notable benefit is deployment complexity. Regional deployment is simpler compared to on-premise setup."
"Identity awareness, URL filtering, IDS, DLP, Content Filtering, VPN, and Application Control are all excellent."
"The endpoint VPN is super stable. The routing is also very good. We tried a competing product first, but we could not make it work. We came across CloudGuard. The network routing across different virtual networks in Azure and AWS was way ahead of any of the other technologies. That helped us be able to cover the whole network using one single cluster."
"The most valuable feature for us is the ability to run the gateways as virtual machines in our virtual data center. The tool protects the virtual data centers."
"Auto-scaling and zero touch are valuable features."
"Its integration and use of features, such as advanced threat prevention, have helped us a lot with malware prevention and also with avoiding exposure to false positives."
"The security configuration features have enhanced the reliable coordination of programs and data safety."
"The solution has increased productivity with our outside salespeople being able to connect into their computers and use those remotely."
"The most valuable feature is the GUI, especially the real-time bandwidth usage report. Also, its integration with WiFi access points is nice."
"WatchGuard has a very easy VPN and branch office VPN setup, so we use those pretty extensively."
"It has everything we need in terms of functionality."
"If you just plan to use WatchGuard Firebox in your office and not publicly, then it is okay to purchase it. With WatchGuard Firebox, you can manage your users and permissions while also taking care of the basic setup phase in your office."
"I could still keep the data rates really high, up near the two gigahertz data speeds, without compromise on the security perimeters being acted simultaneously."
"Efficient to setup, run, and maintain. Saving man hours and cost in the process."
"The throughput is great. It's perfect. We have no issues whatsoever. The management features are very powerful..."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"FortiGate should have a better way of detecting and managing the system memory because otherwise if the memory is too low, a system restart is required."
"Fortinet FortiGate is not very easy to use. The navigation could be improved to make it easier to use."
"There are some cloud-based features that could be much more flexible than they currently are."
"The web-cache feature which was previously on the FortiGate device, but was deleted with the recent upgrade should be returned. It was a very valuable feature for us."
"My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."
"Fortinet FortiGate could improve by adding enhancements to FortiMail, FortiSOAR, and FortiDeceptor."
"It should have a better pricing plan. It is too expensive. It should also have a more granular view of the attack. I don't have FortiAnalyzer, and it is difficult for me to have a complete view when there is an attack on my server."
"With the incorporation of a lot of AI and machine learning, they can build some sort of a matrix for low-level threats or low-level things that require attention. There can be automation of those tasks so that we don't have to take more time and effort. There should be machine learning to eliminate level-one types of tasks."
"Most clients nowadays tend to move to the cloud and their data security is key. If CloudGuard could be able to give the client that full visibility of how their data is protected on the cloud, then that would be a great selling point for Check Point."
"The stability of the solution could be improved, but this is the problem of all the solutions in the market. This isn't just a problem specific to Check Point."
"From the policy optimization point of view, they can do better. This is not just for CloudGuard. CloudGuard is one little piece managed by Check Point. They can also integrate a third-party policy management solution to improve that. For example, Tufin is focused on policy optimization and management."
"They can improve their security features to the next advanced level so that their efficiency in catching the malware can become 100%, and there is no scope for any data loss or leakage from the system due to any issue."
"The migration to TerraForm is a little more complicated, but we made it work."
"The solution needs to improve the interruptions that happen during gateway upgrades."
"We did not use the AWS Transit Gateway, and that's one of the things that we're currently using. I believe we will be working with Check Point again, in the near future, to implement it, once they start having proper support for a single customer with multiple accounts. When we were using them, we had to install Check Point on each and every single account."
"The level of support from WatchGuard is not as good."
"The solution can improve by adding a feature to tag a MAC address of a computer system in the policy and more IP configuration settings."
"Its documentation could be improved. Sometimes, you need to search a bit longer to find what you are looking for."
"The data loss protection works well, but it could be easier to configure. The complexity of data loss protection makes it a more difficult feature to fully leverage. Better integration with third-party, two-factor authentication would be advantageous."
"Sometimes, the writing rules are a little confusing in how am I doing them."
"The pricing could be improved. It is definitely one of the more expensive products."
"Sometimes I would like to copy a rule set from one box to another box in a direct way. This is a feature that is not present at the moment in WatchGuard."
"The scalability of the solution needs improvement."
More Check Point CloudGuard Network Security Pricing and Cost Advice →
Check Point CloudGuard Network Security is ranked 8th in Firewalls with 119 reviews while WatchGuard Firebox is ranked 13th in Firewalls with 78 reviews. Check Point CloudGuard Network Security is rated 8.6, while WatchGuard Firebox is rated 8.6. The top reviewer of Check Point CloudGuard Network Security writes "The solution has good threat emulation, threat extraction, and reporting features". On the other hand, the top reviewer of WatchGuard Firebox writes "Offers a streamlined deployment, intuitive interface and robust security features". Check Point CloudGuard Network Security is most compared with Azure Firewall, VMware NSX, Cisco Secure Firewall, Akamai Guardicore Segmentation and Palo Alto Networks VM-Series, whereas WatchGuard Firebox is most compared with Netgate pfSense, Sophos XG, OPNsense, SonicWall TZ and Meraki MX. See our Check Point CloudGuard Network Security vs. WatchGuard Firebox report.
See our list of best Firewalls vendors, best Unified Threat Management (UTM) vendors, and best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
