Sold by: Check Point Software Technologies
Deployed on AWS
Free Trial
Check Point CloudGuard Network Security is a cloud-native security gateway that delivers automated, advanced threat prevention and multi-layered network security for assets that customers migrate to or store on AWS. Try it free for 30 days.
Overview
Video
Video 1
Video
Product video
Check Point CloudGuard Network Security is a cloud-native security gateway that delivers industry-leading threat prevention and multi-layered network security for workloads migrated to or deployed in AWS environments.
Comprehensive Cloud Network Security: CloudGuard Network Security for AWS protects cloud assets with a full suite of advanced security capabilities, including: firewall, Data Loss Prevention (DLP), Intrusion Prevention System (IPS), application control, IPsec VPN, URL filtering, antivirus, anti-Bot, threat emulation, and threat extraction. These features enable proactive defense against known and unknown threats, ensuring robust protection for cloud workloads.
Industry-Leading Threat Prevention: CloudGuard Network Security for AWS provides advanced threat prevention to secure AWS environments from sophisticated threats, unapproved access, and application-layer Denial of Service (DoS) attacks with industry-leading catch rates.
Full Control of Network Traffic: CloudGuard Network Security for AWS ensures secure, encrypted data flows between your on-premises network and your AWS VPCs. It inspects traffic entering and exiting private subnets in the VPC ("North-South") as well as between VPCs ("East-West").
Unified Security Management: Extend on-premises security policies into the AWS cloud with unified, centralized management via Check Point CloudGuard Security Management Server. Manage policies, logs, and reports consistently across AWS, hybrid, and on-premises environments from a single pane of glass. This listing includes the gateway only. For management, use Check Point Smart-1 Cloud: https://www.checkpoint.com/quantum/unified-cyber-security-platform/smart-1-cloud/
Automated, Scalable Cloud Security: Integrates with infrastructure-as-code tools like Terraform and Ansible for policy automation and cloud-native scaling. CloudGuard dynamically adapts security policies based on real-time cloud metadata and changes. Supports AWS Transit Gateway, auto-scaling, high availability, and multi-AZ redundancy.
Flexible Licensing and Seamless AWS Integration: Deploy within minutes as either a single gateway, as a high availability cluster, or as an auto scaling group via Check Point CloudFormation templates (sk111013). Recommended deployment on a 4 vCPU instance for optimal performance. CloudGuard Network Security integrates with a broad range of AWS services, including Gateway Load Balancer, AWS Security Hub, VPC Ingress Routing, AWS Traffic Mirroring, AWS Transit Gateway, AWS Outposts, and Amazon Macie.
Getting Started: Supports both Pay-As-You-Go (PAYG) and Bring Your Own License (BYOL) models with a flexible pricing model that supports both usage-based billing and contract-based subscriptions. Start your free 30-day trial to gain full access to CloudGuards features and capabilities. At the end of the trial, your subscription will automatically convert to a paid, usage-based plan, unless canceled beforehand. Request a private offer for custom pricing and terms. For a guided walkthrough, you may request a product demo through this listing.
Highlights
- Advanced Protection with Security Features: Firewall, DLP, IPS, Application Control, IPsec VPN, URL Filtering, Antivirus, Anti-Bot, Threat Emulation and Threat Extraction.
- Industry-Leading Threat Prevention: Cutting-edge threat prevention with industry-leading catch rate of malware, ransomware and other types of attacks (per Miercom and Cyberratings, 2025).
- Unified Security Management: Provides consistent visibility, policy management, logging, reporting and control across hybrid-clouds and on-premises from a single pane of glass.
Details
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux Gaia 3.10
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c6in.xlarge Recommended | $0.91 |
r5n.24xlarge | $16.41 |
r5b.4xlarge | $3.00 |
r7a.large | $0.80 |
c5n.large | $0.80 |
r7a.8xlarge | $6.27 |
m5.xlarge | $0.91 |
m6i.4xlarge | $3.00 |
c5n.9xlarge | $7.06 |
r5.2xlarge | $1.50 |
Vendor refund policy
Terminate the instance at any given time to stop incurring charges.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Additional details
Usage instructions
Once the instance is running, connect to it using SSH, set an admin password using: 'set user admin password' followed by 'save config'. Then connect to https://[instance] using Internet Explorer (IE) to finalize the configuration. Notes:
- SSH password authentication is disabled in /etc/ssh/sshd_config
- For information regarding Firefox and Chrome refer to sk121373.
Support
Vendor support
This offer includes Premium Support. For the full list of included support services visit: https://www.checkpoint.com/support-services/support-plans/ To open a support ticket, you would need to have a Check Point user center account. If you do not have a user center account, you can sign up for one here: https://accounts.checkpoint.com . Need support? Contact us at https://www.checkpoint.com/support-services/contact-support/
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Check Point Software Technologies
By Palo Alto Networks
Top
10
In Log Analysis, Network Infrastructure
Top
10
In Network Infrastructure
Top
10
In Network Infrastructure, Security
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Network Traffic Inspection
Inspects traffic entering and exiting private subnets in VPC ("North-South") and between VPCs ("East-West")
Advanced Threat Prevention
Provides multi-layered security capabilities including firewall, IPS, threat emulation, and threat extraction with advanced catch rates
Cloud Infrastructure Integration
Supports infrastructure-as-code tools like Terraform and Ansible, dynamically adapts security policies based on cloud metadata
Security Protocol Coverage
Comprehensive security features including Data Loss Prevention, application control, IPsec VPN, URL filtering, antivirus, and anti-Bot protection
Cloud Service Compatibility
Integrates with AWS services including Gateway Load Balancer, AWS Security Hub, VPC Ingress Routing, AWS Traffic Mirroring, and AWS Transit Gateway
Network Traffic Protection
Advanced cloud-native firewall service powered by FortiOS and FortiGuard Labs threat intelligence for securing cloud network traffic
Threat Intelligence
AI-powered intrusion prevention (IPS), data leak prevention (DLP), and advanced filtering capabilities to block malicious traffic and potential security breaches
Dynamic Policy Management
Security policies that dynamically use cloud metadata tags to follow cloud workloads without requiring static IP updates
Geo-Specific Security Control
Enforcement of compliance policies through geo-IP blocking and traffic restrictions to/from specified countries
Multi-Account Security Aggregation
Capability to consolidate security across multiple VPCs and accounts within an AWS region using a single firewall instance
Threat Prevention
Advanced machine learning-powered inspection engine that detects known and zero-day threats including exploits, malware, spyware, and command and control attacks
Web Security
Inline machine learning-based web security engine for real-time detection of phishing, ransomware, and evasive web-based attacks
File Analysis
Proprietary cloud-based hypervisor for static and dynamic file-based threat detection using advanced sandbox analysis techniques
Protocol Layer Security
Comprehensive security coverage across network layers including DNS-layer attack prevention and network data exfiltration detection
Traffic Visibility
Complete application layer-7 traffic inspection and control with dynamic policy management based on AWS tags, application IDs, and user contexts
Standard contract
No
No
No
Customer reviews
4.3
22 ratings
22 AWS reviews
|
194 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Marko K.
Great integration with cloud platforms, easy to use, centralized management on-prem or in cloud.
Reviewed on Jul 11, 2025
Review provided by G2
What do you like best about the product?
Centralized management and integration with other Check Point products.
What do you dislike about the product?
Installation process can sometimes be a tricky if you are not prepared well.
What problems is the product solving and how is that benefiting you?
It is protecting data centar services at microsegmentation level. It also enhances visibility into virtual infrastructure.
Etsub A.
Defending the Cloud: An In-Depth Review of Check Point CloudGuard Network Security
Reviewed on May 15, 2025
Review provided by G2
What do you like best about the product?
1. Offers advanced threat prevention capabilities, safeguarding the cloud environments from a variety of threats
2. Designed to scale with the cloud workloads, ensuring that security measures grow alongside your business needs
3. Provides detailed insights and visibility into cloud security posture
2. Designed to scale with the cloud workloads, ensuring that security measures grow alongside your business needs
3. Provides detailed insights and visibility into cloud security posture
What do you dislike about the product?
1. Initial setup and configuration can be complex
2. Higher cost
3. Limited customization
2. Higher cost
3. Limited customization
What problems is the product solving and how is that benefiting you?
Check Point CloudGuard Network Security addresses several key problems:
1. Protect against threats specific to cloud environments
2. Provides comprehensive visibility into cloud resources and security posture
3. Adapts to dynamic cloud workloads, ensuring consistent security as applications scale or change
1. Protect against threats specific to cloud environments
2. Provides comprehensive visibility into cloud resources and security posture
3. Adapts to dynamic cloud workloads, ensuring consistent security as applications scale or change
Nasseer q.
Checkpoint CloudGuard Network Security: Powerful Protection for Cloud Environments
Reviewed on May 07, 2025
Review provided by G2
What do you like best about the product?
What I like best about Check Point CloudGuard Network Security is its ability to provide consistent, advanced threat protection across multi-cloud environment. It offers seamless integration with major cloud providers, ensuring comprehensive visibility and control. Additionally its automated security policies help reduce manual efforts while enhancing overall security posture.
What do you dislike about the product?
Setting up and configuration of Checkpoint CloudGuard security can be complex particularly if you have limited cloud security expertise.
What problems is the product solving and how is that benefiting you?
Checkpoint CloudGuard Network Security solves the problem of securing cloud infrastructure by providing advanced threat prevention and traffic inspection across hybrid cloud environments. It benefits us by ensuring that cloud workloads are protected from cyberattacks maintaining compliance and simplifying security management with automated policy enforcement and centralized visibility.
Computer & Network Security
Best autoscaling solution for multiple CSP
Reviewed on Apr 03, 2025
Review provided by G2
What do you like best about the product?
Autoscaling is super efficient and easy to configure.
Deploys actually take less than 2 days, even less with terraform deployments.
Support is actually really fast, even on the lowest severity.
I manage cloudguards in aws, azure, gcp, oci every day, and i am completely satisfied.
Deploys actually take less than 2 days, even less with terraform deployments.
Support is actually really fast, even on the lowest severity.
I manage cloudguards in aws, azure, gcp, oci every day, and i am completely satisfied.
What do you dislike about the product?
We need c2s and s2s vpns on A/A scalesets.
What problems is the product solving and how is that benefiting you?
Check Point CloudGuard is a lifesaver for our dynamic cloud environment. The auto-scaling feature automatically adjusts security coverage as traffic volumes change, eliminating those throughput bottlenecks we used to face. When traffic spikes, it scales up instantly, and scales down when things quiet down. This means we're never overpaying for unused capacity or scrambling when traffic surges.
James Arscott
User-friendly interface and reliable security empower financial institutions
Reviewed on Mar 13, 2025
Review provided by PeerSpot
What is our primary use case?
I am based in Jamaica for the most part. Not a lot of people use Check Point CloudGuard Network Security due to pricing issues, but most banks still use it.
What is most valuable?
I think it is secure and user-friendly. The interface is easy to understand and the Check Point CloudGuard Network Security history assures me of its trustworthiness.
What needs improvement?
They could improve the documentation. The interface is fine for me since I have been using it for some time.
For how long have I used the solution?
I have been using network security from around 2003 or 2004.
What was my experience with deployment of the solution?
Deployment usually takes about two days depending on the network.
What do I think about the stability of the solution?
I have not experienced any issues with stability such as lagging, crashing, or downtime.
What do I think about the scalability of the solution?
The scalability is fine. In Jamaica, the networks tend to be relatively small.
How are customer service and support?
I have not had to contact technical support or customer support for Check Point CloudGuard Network Security specifically, but I have contacted them for other Check Point products.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I work with Cisco and FortiGate . FortiGate is popular in Jamaica, partly due to pricing. Users often choose cheaper options even if Check Point is considered better.
How was the initial setup?
The initial setup is fine. It is not difficult.
What about the implementation team?
I usually work with a team of about two or three people for deployment, totaling three or four including me.
What's my experience with pricing, setup cost, and licensing?
Pricing in Jamaica is a major issue, with users often citing it as a reason for not using Check Point.
Which other solutions did I evaluate?
I have experience with Cisco and FortiGate solutions.
What other advice do I have?
I advise new users to carefully look at the documentation and do their homework before starting deployments. Proper planning and preparation, supported by the documentation, are crucial. I would rate the solution about nine out of ten.