Listing Thumbnail

    Check Point Cloud Firewall (formerly CloudGuard Network Security)

     Info
    Deployed on AWS
    Free Trial
    Check Point Check Point Cloud Firewall is a cloud-native security gateway that delivers automated, advanced threat prevention and multi-layered network security for assets that customers migrate to or store on AWS. Try it free for 30 days.
    4.4

    Overview

    Play video

    Check Point Check Point Cloud Firewall is a cloud-native security gateway that delivers industry-leading threat prevention and multi-layered network security for workloads migrated to or deployed in AWS environments.

    Comprehensive Cloud Network Security: Check Point Cloud Firewall for AWS protects cloud assets with a full suite of advanced security capabilities, including: firewall, Data Loss Prevention (DLP), Intrusion Prevention System (IPS), application control, IPsec VPN, URL filtering, antivirus, and anti-bot. These features enable proactive defense against known and unknown threats, ensuring robust protection for cloud workloads.

    Industry-Leading Threat Prevention: Check Point Cloud Firewall for AWS provides advanced threat prevention to secure AWS environments from sophisticated threats, unapproved access, and application-layer Denial of Service (DoS) attacks with industry-leading catch rates.

    Full Control of Network Traffic: Check Point Cloud Firewall for AWS ensures secure, encrypted data flows between your on-premises network and your AWS VPCs. It inspects traffic entering and exiting private subnets in the VPC ("North-South") as well as between VPCs ("East-West").

    Unified Security Management: Extend on-premises security policies into the AWS cloud with unified, centralized management via Check Point Security Management Server. Manage policies, logs, and reports consistently across AWS, hybrid, and on-premises environments from a single pane of glass. This listing includes the gateway only. For management, use Check Point Smart-1 Cloud: https://www.checkpoint.com/quantum/unified-cyber-security-platform/smart-1-cloud/ 

    Automated, Scalable Cloud Security: Integrates with infrastructure-as-code tools like Terraform and Ansible for policy automation and cloud-native scaling. Cloud Firewall dynamically adapts security policies based on real-time cloud metadata and changes. Supports AWS Transit Gateway, auto-scaling, high availability, and multi-AZ redundancy.

    Flexible Licensing and Seamless AWS Integration: Deploy within minutes as either a single gateway, as a high availability cluster, or as an auto scaling group via Check Point CloudFormation templates (sk111013). Recommended deployment on a 4 vCPU instance for optimal performance. Check Point Cloud Firewall integrates with a broad range of AWS services, including Gateway Load Balancer, AWS Security Hub, VPC Ingress Routing, AWS Traffic Mirroring, AWS Transit Gateway, AWS Outposts, and Amazon Macie.

    Getting Started: Supports both Pay-As-You-Go (PAYG) and Bring Your Own License (BYOL) models with a flexible pricing model that supports both usage-based billing and contract-based subscriptions. Start your free 30-day trial to gain full access to Cloud Firewall's features and capabilities. At the end of the trial, your subscription will automatically convert to a paid, usage-based plan, unless canceled beforehand. Request a private offer for custom pricing and terms. For a guided walkthrough, you may request a product demo through this listing.

    Highlights

    • Advanced Protection with Security Features: Firewall, DLP, IPS, Application Control, IPsec VPN, URL Filtering, Antivirus and Anti-Bot.
    • Industry-Leading Threat Prevention: Cutting-edge threat prevention with industry-leading catch rate of malware, ransomware and other types of attacks (per Miercom and Cyberratings, 2025).
    • Unified Security Management: Provides consistent visibility, policy management, logging, reporting and control across hybrid-clouds and on-premises from a single pane of glass.

    Details

    Delivery method

    Delivery option
    64-bit (x86) Amazon Machine Image (AMI)

    Latest version

    Operating system
    OtherLinux Gaia 3.10

    Deployed on AWS
    New

    Introducing multi-product solutions

    You can now purchase comprehensive solutions tailored to use cases and industries.

    Multi-product solutions

    Features and programs

    Buyer guide

    Gain valuable insights from real users who purchased this product, powered by PeerSpot.
    Buyer guide

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Free trial

    Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.

    Check Point Cloud Firewall (formerly CloudGuard Network Security)

     Info
    Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    Usage costs (211)

     Info
    • ...
    Dimension
    Cost/hour
    c6in.xlarge
    Recommended
    $0.96
    r5a.2xlarge
    $1.58
    c7a.12xlarge
    $9.23
    c7i-flex.16xlarge
    $12.08
    m6a.large
    $0.84
    c5n.4xlarge
    $3.15
    m6a.8xlarge
    $6.16
    c6in.8xlarge
    $6.16
    c6in.large
    $0.84
    r7a.4xlarge
    $3.15

    Vendor refund policy

    Terminate the instance at any given time to stop incurring charges.

    Custom pricing options

    Request a private offer to receive a custom quote.

    How can we make this page better?

    Tell us how we can improve this page, or report an issue with this product.
    Tell us how we can improve this page, or report an issue with this product.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    64-bit (x86) Amazon Machine Image (AMI)

    Amazon Machine Image (AMI)

    An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.

    Additional details

    Usage instructions

    Once the instance is running, connect to it using SSH, set an admin password using: 'set user admin password' followed by 'save config'. Then connect to https://[instance] using Internet Explorer (IE) to finalize the configuration. Notes:

    1. SSH password authentication is disabled in /etc/ssh/sshd_config
    2. For information regarding Firefox and Chrome refer to sk121373.

    Support

    Vendor support

    This offer includes Premium Support. For the full list of included support services visit: https://www.checkpoint.com/support-services/support-plans/  To open a support ticket, you would need to have a Check Point user center account. If you do not have a user center account, you can sign up for one here: https://accounts.checkpoint.com . Need support? Contact us at https://www.checkpoint.com/support-services/contact-support/ 

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Product comparison

     Info
    Updated weekly

    Accolades

     Info
    Top
    10
    In Log Analysis, Network Infrastructure
    Top
    10
    In Network Infrastructure, Security
    Top
    50
    In Migration

    Customer reviews

     Info
    Sentiment is AI generated from actual customer reviews on AWS and G2
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Advanced Threat Prevention Capabilities
    Includes firewall, Data Loss Prevention (DLP), Intrusion Prevention System (IPS), application control, IPsec VPN, URL filtering, antivirus, and anti-bot features for multi-layered network security.
    Traffic Inspection and Control
    Inspects and controls encrypted data flows between on-premises networks and AWS VPCs, including North-South traffic entering and exiting private subnets and East-West traffic between VPCs.
    Infrastructure-as-Code Integration
    Integrates with infrastructure-as-code tools including Terraform and Ansible for policy automation, with dynamic security policy adaptation based on real-time cloud metadata.
    AWS Service Integration
    Supports integration with Gateway Load Balancer, AWS Security Hub, VPC Ingress Routing, AWS Traffic Mirroring, AWS Transit Gateway, AWS Outposts, and Amazon Macie.
    Centralized Security Management
    Provides unified, centralized management through Check Point Security Management Server with consistent policy, logging, and reporting across AWS, hybrid, and on-premises environments.
    Advanced Threat Prevention
    Safeguards network from known and zero-day threats including exploits, malware, spyware, and command and control attacks using researcher-grade signatures and machine learning inspection engine.
    Advanced URL Filtering
    Defends against phishing, ransomware, and web-based attacks using inline machine learning-based web security engine with real-time detection of previously unseen threats and dynamic policy controls.
    File-Based Threat Detection
    Identifies file-based threats through inline static and dynamic analysis in the cloud with proprietary hypervisor technology for detection of sandbox-resistant malware.
    DNS Security
    Detects and prevents sophisticated DNS-layer network attacks and data exfiltration attempts.
    Dynamic Policy Management
    Applies policy definitions to cloud assets based on AWS tags, Application IDs, User IDs, geographies, or zones with automatic adaptation to infrastructure changes without manual intervention.
    Next Generation Firewall Architecture
    High-performance firewall solution with core firewall, VPN, NAT, and advanced L4-L7 security services including application security, IPS, and anti-virus capabilities.
    Anti-Virus and Malware Protection
    Cloud-based anti-virus protection that detects and blocks spyware, adware, viruses, keyloggers, and other malware over POP3, HTTP, SMTP, and FTP protocols.
    Intrusion Detection and Prevention
    Intrusion detection and prevention (IPS) system integrated with application visibility and control through AppSecure for threat detection and workload protection.
    VPN and Secure Connectivity
    IPsec and full mesh VPN termination services enabling secure connectivity from on-premises data centers, campuses, and branches to AWS cloud across geographically dispersed VPCs.
    AWS Cloud Service Integration
    Native integration with AWS services including Elastic Load Balancer, Auto-Scaling Groups, CloudWatch, Security Hub, Key Management Service, Elastic Network Adapter support, and Gateway Load Balancer with L3 gateway and L4 load balancer capabilities.

    Contract

     Info
    Standard contract
    No
    No
    No

    Customer reviews

    Ratings and reviews

     Info
    4.4
    398 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    66%
    30%
    3%
    1%
    0%
    38 AWS reviews
    |
    360 external reviews
    External reviews are from G2  and PeerSpot .
    Pavan R.

    Strong Multi-Cloud Security with Centralized Management and Powerful Automation

    Reviewed on Jul 08, 2026
    Review provided by G2
    What do you like best about the product?
    What I like most about Check Point Cloud Firewall is its strong security capabilities combined with centralized management across multiple cloud environments. It provides advanced threat prevention, granular access control, and excellent visibility into network traffic. The integration with public cloud platforms is smooth, making it easier to enforce consistent security policies across AWS, Azure, and Google Cloud. The user interface is intuitive, logging and monitoring are comprehensive, and the automation features help reduce manual effort while improving overall security posture. It is a reliable solution for organizations looking to secure hybrid and multi-cloud deployments.
    What do you dislike about the product?
    While Check Point Cloud Firewall offers strong security features, the initial setup and configuration can be complex, especially for teams that are new to the platform. The management console has a learning curve, and troubleshooting policy-related issues can sometimes take longer than expected. Licensing and pricing can also be expensive for smaller organizations. Improving the user interface, simplifying deployment, and providing more intuitive documentation and guided configuration would make the overall experience much better.
    What problems is the product solving and how is that benefiting you?
    Check Point Cloud Firewall helps us secure cloud workloads and network traffic across multiple cloud environments from a single management console. It improves visibility into traffic, enforces consistent security policies, and provides advanced threat prevention to reduce the risk of cyberattacks. The solution has helped simplify firewall management, strengthen compliance, minimize manual configuration efforts through automation, and improve our overall cloud security posture while reducing operational overhead.
    Information Technology and Services

    Flexible SMS and MDS Models Make Check Point Cloud Firewall Stand Out

    Reviewed on Jul 03, 2026
    Review provided by G2
    What do you like best about the product?
    The best about checkpoint cloud firewall is its two models, sms and mds. The checkpoint sms is the end firewall and mds is the top one which manages sms
    What do you dislike about the product?
    The dislike about check point is its not up to date like palo alto/fortinet as they are the market leaders with lot of capabilities which are lacking in checkpoint
    What problems is the product solving and how is that benefiting you?
    The problem that checkpoint cloud firewall solving is security rule creation and rule placement. I use checkpoint smart console to access checkpoint sms device and creates rule. I used to automate these kind of usecases using external scripting to avoid manual errors
    Anonymous

    Centralized Cloud Security with a Learning Curve

    Reviewed on Jun 25, 2026
    Review provided by G2
    What do you like best about the product?
    I like how Check Point Cloud Firewall strikes a balance between strong security and ease of management. It provides comprehensive visibility into network traffic and cloud workloads, making it much easier to identify potential risks and investigate issues before they become serious problems. I also appreciate the centralized control it offers over network security, allowing us to enforce policies consistently and gain better visibility into traffic flows. Additionally, the integration with other tools like Microsoft Sentinel as our primary SIEM platform and Microsoft Defender for Endpoint helps us correlate network-level threats with endpoint-level activity, which is really beneficial for our security operations.
    What do you dislike about the product?
    The initial setup and configuration can be quite complex, especially for organizations that are new to cloud security or have multi-cloud environments. Some advanced features also require a deeper learning curve before teams can take full advantage of them. When we first deployed Check Point Cloud Firewall in our environment, the initial configuration of security policies and rules sets took considerably longer than expected. For teams without prior Check Point experience, mapping existing on-premises firewall rules to the cloud environment required significant planning and expertise. A more guided, wizard-driven setup process for common deployment scenarios, particularly for AWS and Azure environments, would have reduced that initial friction considerably. Honestly, the initial setup of Check Point Cloud Firewall was one of the more challenging aspects of the overall deployment. I would rate it moderately complex, and I think it's important to be transparent about that for any organisation considering the platform.
    What problems is the product solving and how is that benefiting you?
    I use Check Point Cloud Firewall to secure our cloud environment, ensuring consistent security controls and better visibility into network traffic and threats, solving our challenge of maintaining network security.
    Sandip K.

    Strong Cloud Security and Easy Policy Creation with Check Point Cloud Firewall

    Reviewed on Jun 17, 2026
    Review provided by G2
    What do you like best about the product?
    I like check point cloud firewall because it has very strong cloud security and also it is very easy to use and also it has a very effective threat prevention capacity and also we can easily create policy in check point cloud firewall.
    What do you dislike about the product?
    I dislike most about check point cloud firewall is that the setup is little bit complicated at first, so new users need more time to get familiar with product and also requires guidance for new users to understand the features of it.
    What problems is the product solving and how is that benefiting you?
    The check point cloud firewall helps us to protect cloud environment from attack and also prevent from unauthorized access from the internet. It helps us to improve network security in our cloud environment and also gives visibility of network and easy policy.
    Financial Services

    Top-Notch Cloud Firewall with Powerful Threat Prevention

    Reviewed on Jun 16, 2026
    Review provided by G2
    What do you like best about the product?
    Excellent cloud firewall! The main benefits are powerful Threat Prevention and centralized policy management. Deployment is seamless, and the security is top-notch.
    What do you dislike about the product?
    Heavy and complex tool. SmartConsole has a steep learning curve. Setting up auto-scaling in the cloud is tricky, and premium licensing is costly.
    . But overall is ok
    What problems is the product solving and how is that benefiting you?
    It solves cloud security gaps with advanced threat prevention and central control. It benefits me by blocking complex attacks and easing policy management.
    View all reviews