2019-05-13T08:56:00Z
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
  • 0
  • 16

What needs improvement with Check Point CloudGuard Posture Management?

Please share with the community what you think needs improvement with Check Point CloudGuard Posture Management.

What are its weaknesses? What would you like to see changed in a future version?

24
PeerSpot user
24 Answers
SW
Human Resources Executive at Randstad Nederland
User
Top 20
2022-10-20T09:24:00Z
Oct 20, 2022

There is no full support for bot management, and the company can work on that to enhance faster service delivery and enhance reliable security checkups. The reporting dashboard responds slowly, which leads to late report compilation. The next release can be equipped with robust dashboards and highly responsive data models. The performance was more stable compared to a few challenges we faced, but with new upgrades, it could be even more stable. The enhancement of cloud servers' security and management of dataflows has been a great achievement, and I highly recommend this solution.

Search for a product comparison
DH
Support at a tech services company with 51-200 employees
Real User
Top 5Leaderboard
2022-09-22T06:45:00Z
Sep 22, 2022

Areas that can be improved are few. However, some can be mentioned, such as the costs for this solution going down a bit. Not all clients, despite the great power of the tool, can afford it. The support must be more effective. Sometimes they take several days to resolve an issue. However, it must be mentioned, they always resolve it correctly. Finally, I think that the solution meets all expectations but can also improve the performance of the administrator portal a little so that it does not sometimes stop.

Jonathan Ramos G. - PeerSpot reviewer
Cloud Engineer at ITQS
Real User
Top 5Leaderboard
2022-09-21T15:23:00Z
Sep 21, 2022

Currently, I would like this solution extended to cellular devices or tablets. This will be able to allow us to be more efficient.

RL
Security Admin at a tech company with 1-10 employees
User
Top 5Leaderboard
2022-08-02T06:59:00Z
Aug 2, 2022

Some general improvement characteristics can be made, including the following: 1- Cost improvement. Some tools are quite expensive, and some non-equal manufacturers offer more comfortable capabilities at the cost level. 2- The guidelines to implement or to link with the clouds are not complete. Following them sometimes the task of implementing under the best practices of the manufacturer is not achieved. 3- Many Check Point guides are only available to partners and not to the general public. They can make a better impression by having them public and thereby helping the client.

GD
Cloud Security Architect at Kontex
Real User
2022-07-07T17:18:12Z
Jul 7, 2022

The security of Check Point CloudGuard Posture Management could improve. There are always new security issues coming out.

alvarado - PeerSpot reviewer
Cloud Support Leader at a tech company with 51-200 employees
User
Top 5Leaderboard
2022-06-01T04:31:00Z
Jun 1, 2022

I can't really imagine improvements for Check Point. They have been doing very well for years in modern security fields. Currently, Check Point is very well placed compared to its competitors - and this is not by chance. Check Point has taken security to a higher level. Check Point's support, customer service, SLAs, and schedules can be improved a little. Among some of the qualities to improve, would be even to copy from other companies that have more highly polished services. For example, something important is that they always promptly include the official documentation of the manufacturer in order to carry out correct implementations.

Learn what your peers think about Check Point CloudGuard Posture Management. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
655,994 professionals have used our research since 2012.
VV
Cloud Security Lead at a computer software company with 5,001-10,000 employees
Real User
Top 20
2021-12-21T09:50:00Z
Dec 21, 2021

In general, we abandoned this solution this year. Each component of this solution, in my opinion, could be improved. Integration with ticketing systems, as well as the most important noise and completeness over findings, are definitely in need of improvement. They didn't take into account some additional context. The UI is very slow. There is room for improvement. Consider the entire context of the findings and try to avoid making a comparison between the rule and the entity's state. In general, for the product to be successful, they need to improve security, and configuration detection.

SJ
Chief Technical Officer at a government with 1,001-5,000 employees
Real User
Top 20
2021-10-11T15:39:00Z
Oct 11, 2021

CloudGuard could be more customizable. It has built-in standards for things like GDPR compliance. But depending on your business lane, you might want to build your own controls based on your own standards.

Chris Dagal - PeerSpot reviewer
Senior Consultant at a tech services company with 11-50 employees
Consultant
Top 10
2021-09-10T15:00:00Z
Sep 10, 2021

I would be great to have additional features when it comes to vulnerability assessments in terms of how the solution discovers vulnerabilities or compromised workloads and not just on security configurations with customizable reports would be nice.

HS
Security Engineer at a tech company with 1,001-5,000 employees
User
2021-09-01T16:28:00Z
Sep 1, 2021

The following things can be improved: * Reporting should have more options. * Investigation of security events should be more comprehensive be it for cloud activity or traffic activity. * The false positives can be annoying at times. * We do not use remediation at the moment. We do the remediation manually, since we are still using Dome9 in read-only mode. I don't know if we will use the remediation in the future as we prefer to do it ourselves. * The price of this solution should be reduced so that it is more affordable to scale.

JP
Cloud Solution Architect at Network Thinking Solutions
User
Top 10
2021-07-30T14:32:00Z
Jul 30, 2021

Today, globally, there are many companies of all sizes that do not understand the value of their data, but even with all the existing clouds, they also do not understand what the shared responsibility model is. They only assume that by having a cloud, the provider must ensure security, when the truth is that providers only protect their sites. Everything we do in the cloud and how we configure it is actually our responsibility, in this sense we can evaluate many solutions that help us protect our clouds, however, and after trying 5 different solutions, the checkpoint solution is by far The most complete

DC
Managing Director at a tech services company with 5,001-10,000 employees
Reseller
Top 20
2021-04-09T16:13:19Z
Apr 9, 2021

I'd like to see improvements with the configuration.

Basilio Alcantara - PeerSpot reviewer
IT Security Engineer at Bayview
Real User
2021-01-19T02:21:00Z
Jan 19, 2021

The tool has a lot of potential, but today, it lacks a lot of Scripts/Bots for Azure. This is one of the main cloud providers, so it's imperative to make this a priority in order to bring a lot of value to this tool. The idea is to leverage Dome9 as the main central place for auto-remediation of all cloud environments so that customers don't have to spend a lot of time manually remediating. Manual remediation is very challenging once you have so many cloud accounts to support on a regular basis, and Dome9 can help do part of the job.

Kirtikumar Patel - PeerSpot reviewer
Network Engineer at LTTS
Real User
Top 5Leaderboard
2021-01-06T12:16:00Z
Jan 6, 2021

In Dome9, there should be a policy validation option where we can validate the policy before we push it into production. This option is very important, as we are working in a critical and complex environment. This option would give us more confidence in our activities or policy pushing. We could see the option is available for on-premises devices. Automatic remediation requires read/write access. Otherwise, overall this product is very good for our cloud environment, and we are satisfied with this.

Schillebeeks Bart - PeerSpot reviewer
Owner at AD Internet Consulting
Real User
Top 10
2020-12-15T08:57:00Z
Dec 15, 2020

The false positives can be annoying at times.

KW
Advisory Information Security Analyst at a financial services firm with 501-1,000 employees
Real User
Top 5
2020-11-24T07:57:00Z
Nov 24, 2020

The biggest thing is the documentation aspect of Dome9 is a little lacking. They were purchased by Check Point about a year and a half to two years ago. When they integrated into Check Point's support system, a lot of the documentation that they had previously got mangled in the transition, e.g., linking to stuff on the Dome9 website that no longer exists. There are still a lot of spaces with incomplete links and stuff that is not as fully explained as it could be. However, the product itself is really easy to use, so there is not too much of an issue with that. Also, it's not too hard to get on with the actual Check Point support to go over this stuff.

RR
Senior Security Engineer at a insurance company with 10,001+ employees
Real User
Top 5Leaderboard
2020-10-22T05:36:00Z
Oct 22, 2020

The accuracy of its remediation is a 7.5 out of 10. Before, I would have given it a ten but now, to handle remediation for fully qualified domain names, it's not working as it did in the past. We're finding some difficulties there. Also, as soon as Check Point took over the solution, the feature that identifies and creates security groups based on fully qualified domain names, instead of IP addresses, was degraded.

JM
Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees
Real User
2020-09-16T08:18:00Z
Sep 16, 2020

The main issue that we found with Dome9 is that we have a default rule set with better recommendations that we want to use. So, you do a clone of that rule set, then you do some tweaks and customizations, but there is a problem. When they activate the default rule set with the recommendations and new security measures, it doesn't apply the new security measures to your clones profile. Therefore, you need to clone the profile again. We are already writing a report to Check Point. I think they have solution to this issue.

Oleg Pekar - PeerSpot reviewer
Senior Network/Security Engineer at Skywind Group
Real User
Top 5
2020-08-23T20:46:00Z
Aug 23, 2020

We were demotivated by the lack of native automation modules for the Terraform and Ansible tools. We think that in the era of the DevOps approach and practices, all the new products need to be released with such support, mandatorily. In addition, we also hope that the Dome9 will eventually support the other Public Cloud platforms, like Alibaba, since we are planning to expand to the Asian market. Alibaba is the big player in this region due to the fact that Google Cloud and AWS are almost banned.

BasilDange - PeerSpot reviewer
Sr Manager IT Security at a financial services firm with 10,001+ employees
Real User
2020-08-03T06:11:00Z
Aug 3, 2020

* Policy validation should be available before it is deployed in a production environment using a cloud template. * Automatic remediation requires read/write access. When providing read/write access to third-party applications, this can add risk. It should have some options of triggering API calls to the cloud platform, which in turn, can make the required changes. * A number of security rules need to be added in order to identify more issues. * The reporting should have more options. The reports should be more granular. * It should support all container platforms for visibility of a complete infrastructure single console, such as, PCF.

reviewer1398609 - PeerSpot reviewer
Senior Manager at a financial services firm with 10,001+ employees
Real User
2020-07-29T10:19:00Z
Jul 29, 2020

1) More number of Security Policy to have more number of detection 2) It should capture more information in metadata including communication detail. Also, Internal IP addresses should not be tracked as this might be having some compliance issues. 3) Should have support for VMware Pivotal Cloud Foundry 4) Should maintain configuration information which will help in case forensic need to be performed in term of changes 5) Should allow Policy to be deployed using a template and the same should be getting reviewed before deployment. This will help us to provide secure deployment CI/CD

Naveen Govindappa - PeerSpot reviewer
Solution Architect Cloud Security at MindTree
Vendor
2020-02-09T08:17:08Z
Feb 9, 2020

Dome9 should also support deployments that are on-premises and in a hybrid cloud. This solution needs DLP support.

it_user731871 - PeerSpot reviewer
Owner at Liversidge Consulting Ltd
Real User
2019-05-22T07:18:00Z
May 22, 2019

Integration with other security tools would be of benefit. I would like to see some AI on the back-end, just to assist with doing analysis and making recommendations.

YY
Cloud Infrastructure Architect at Maxis Berhad
Real User
2019-05-13T08:56:00Z
May 13, 2019

I would like to see Test B functions at the application access level.

Related Questions
it_user434868 - PeerSpot reviewer
Senior Director of Delivery at a tech services company with 51-200 employees
Oct 20, 2022
How do you or your organization use this solution? Please share with us so that your peers can learn from your experiences. Thank you!
2 out of 24 answers
YY
Cloud Infrastructure Architect at Maxis Berhad
May 13, 2019
The primary use case for this solution is associated with a challenge whereby we have multiple cloud computing platforms. We have our past cloud platforms in AWS and ECP. Therefore, we can configure management and policy governance tools to deployment across all sites.
it_user731871 - PeerSpot reviewer
Owner at Liversidge Consulting Ltd
May 22, 2019
We have been researching this solution as something to provide for clients who are interested in implementing a high-security AWS environment.
it_user434868 - PeerSpot reviewer
Senior Director of Delivery at a tech services company with 51-200 employees
Oct 20, 2022
Hi, We all know it's really hard to get good pricing and cost information. Please share what you can so you can help your peers.
2 out of 20 answers
YY
Cloud Infrastructure Architect at Maxis Berhad
May 13, 2019
The licensing costs for this solution are on a yearly basis.
it_user731871 - PeerSpot reviewer
Owner at Liversidge Consulting Ltd
May 22, 2019
It is a standard licensing fee, with no additional costs.
Related Articles
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
May 4, 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias. Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why. You can read user reviews for the Top 5 Cloud Workload Security Software T...
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
May 3, 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias. Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why. You can read user reviews for the Top 5 Cloud Security Posture Management ...
Related Articles
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
May 4, 2022
Top 5 Cloud Workload Security Software 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to...
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
May 3, 2022
Top Cloud Security Posture Management Solutions
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to...
Download Free Report
Download our free Check Point CloudGuard Posture Management Report and get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
DOWNLOAD NOW
655,994 professionals have used our research since 2012.