Listing Thumbnail

    Check Point WAF (formerly CloudGuard WAF)

     Info
    Deployed on AWS
    As your organization expands its web applications, generative AI tools, and APIs, the attack surface grows, increasing exposure to sophisticated cyber threats. Check Point WAF for AWS is a prevention-first, AI-powered web application firewall (WAF) solution designed to deliver robust web application, generative and agentic AI, and API security without compromising efficiency or ease of management.
    4.4

    Overview

    The growth of web applications, generative AI, and APIs introduces new vulnerabilities that traditional security solutions struggle to address. Check Point WAF provides web application, generative and agentic AI, and API Protection. The product leverages deep application contextual analysis and an AI-driven machine learning firewall to profile users, monitor application behavior, and detect both known and unknown threats. With over 90% of customers operating in prevention mode and 100% requiring fewer than 10 exception rules, Check Point WAF delivers precise API security while minimizing false positives and simplifying operations.

    Advanced Threat Prevention Without Manual Overhead

    Check Point WAF provides protection against OWASP Top 10 vulnerabilities, DDoS attacks, API-based threats, and zero-day vulnerabilities - all without requiring ongoing signature updates. Its advanced machine learning firewall capabilities and contextual analysis ensure accurate detection and seamless protection, allowing your security team to focus on strategic priorities rather than managing exceptions.

    Optimized for Dynamic Cloud Environments

    Built specifically for cloud-native deployments, Check Point WAF integrates natively with AWS services to automate scaling and management. As your applications and APIs evolve, Check Point WAF delivers consistent and reliable web application security without increasing operational overhead. It also supports CI/CD pipeline integration and infrastructure-as-code, enabling API security directly into your development workflows.

    Flexible Licensing and Seamless AWS Integration

    Check Point WAF is offered as a BYOL (Bring Your Own License) solution, with pricing and entitlements managed directly through Check Point. The underlying AWS infrastructure is billed separately based on standard AWS pricing. This flexibility ensures that CloudGuard aligns with your organizations unique operational and financial needs while maintaining strong integration with AWS services.

    Getting Started

    To deploy Check Point WAF, click on the "View Usage Instructions" and "Usage Information" below for next steps. For licensing and private offers, contact your Check Point trusted advisor or sales team. AWS infrastructure billing is handled directly through AWS and follows standard pricing models.

    Highlights

    • AI-Driven Application Security: Protects against both known and unknown cyberattacks including OWASP Top 10 vulnerabilities, DDoS attacks, API threats, AI-driven attacks, and zero-day exploits using AI-powered machine learning. Delivers high efficacy, reduces false positives, and minimizes operational complexity.
    • Rapid Deployment and Scalability: Move from setup to active protection within days and gain flexibility for growth for web application, APIs, AI applications and worloads with AWS-native scaling and pay-as-you-go pricing.
    • Seamless AWS Integration: Designed for dynamic cloud environments, automates scaling, simplifies management, and integrates natively with AWS services to deliver consistent, reliable web, AI and API security at scale.

    Details

    Delivery method

    Delivery option
    Auto Scaling Group
    Single Gateway into existing VPC
    Single Gateway into new VPC

    Latest version

    Operating system
    OtherLinux Gaia 3.10

    Deployed on AWS
    New

    Introducing multi-product solutions

    You can now purchase comprehensive solutions tailored to use cases and industries.

    Multi-product solutions

    Features and programs

    Buyer guide

    Gain valuable insights from real users who purchased this product, powered by PeerSpot.
    Buyer guide

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Check Point WAF (formerly CloudGuard WAF)

     Info
    Pricing and entitlements for this product are managed through an external billing relationship between you and the vendor. You activate the product by supplying a license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. AWS Subscriptions have no end date and may be canceled any time. However, the cancellation won't affect the status of the external license.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    Vendor refund policy

    Please see seller website for refund details.

    Custom pricing options

    Request a private offer to receive a custom quote.

    How can we make this page better?

    Tell us how we can improve this page, or report an issue with this product.
    Tell us how we can improve this page, or report an issue with this product.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Auto Scaling Group

    A number of AppSec instances in an Auto Scaling Group. Load balanced by an ELB.

    CloudFormation Template (CFT)

    AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."

    Additional details

    Usage instructions

    Navigate to https://portal.checkpoint.com ; if you do not have an existing account, open a new account. Open the main menu (icon is in the top left corner), choose APPLICATION SECURITY under the CloudGuard column, then select Cloud on the left. The Getting Started page will open. After defining the asset, you will be redirected to the Profile page. Note: Obtain the Token for CloudGuard WAF from the Profile page.

    Support

    Vendor support

    To open a support ticket, send an email to infinity-next-support@checkpoint.com  CloudGuard WAF

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    4.4
    135 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    60%
    39%
    1%
    0%
    0%
    14 AWS reviews
    |
    121 external reviews
    External reviews are from G2  and PeerSpot .
    Nekkala Nagendra

    Ai-driven cloud security has strengthened threat prevention and improved security posture

    Reviewed on Jul 13, 2026
    Review provided by PeerSpot

    What is our primary use case?

    The main purpose is to have network security through machine learning, which can offer threat detection and intelligence for my endpoints, and I am looking for application security.

    I am looking for an AI-based solution that can strengthen my cloud-native security, automate security, and better prevent threats.

    I am looking for an AI-based solution and unified cloud-native security from the SaaS platform to improve my security posture.

    What is most valuable?

    Check Point WAF (formerly CloudGuard WAF)  is a SaaS platform that gives unified cloud-native security across my applications, workloads, and network, allowing me to automate security, prevent threats, ensure compliance, and manage my security posture well across all my cloud environments.

    It conducts security scoring and risk scoring, which helps prioritize my security needs, and the advanced threat detection is also very fine, providing actionable information for my current security threats by collecting and analyzing data through threat actors and IOCs, offering tactical, technical, and operational features.

    What needs improvement?

    The false positive rate is a concern, but I could recommend improvements where false positives have to be minimized better.

    This all depends on how the rules are customized and configured, and it can also improve with planning during the initial configuration, including threat intelligence and APIs, so it could enhance how it defends against attacks and prompts injections.

    It can find the threat actors behind it, and I find that strategically and technically it is effective, although the AI-related features could improve, especially as global AI capabilities evolve, which are advancing more than what Check Point WAF (formerly CloudGuard WAF)  provides compared to competitors.

    There are no glitches; I believe improvement could be made primarily in API Gateway and API security, especially by enabling enhanced AI-related features for better fine-tuning.

    For how long have I used the solution?

    I have experience of two years with the product.

    What do I think about the stability of the solution?

    It is stable.

    What do I think about the scalability of the solution?

    It is definitely a highly scalable solution without any doubt.

    How are customer service and support?

    The customer support is very good.

    Which solution did I use previously and why did I switch?

    Earlier, we had Microsoft Defender, which we replaced with Check Point WAF  (formerly CloudGuard WAF ), and we are now ensuring that policy enforcement and threat protection are better.

    How was the initial setup?

    The deployment and initial setup are really straightforward; they provide enough documentation, videos, and deployment documents that are really helpful to complete it faster.

    What was our ROI?

    The return on investment is very good as it has increased my security posture and the operational efficiency of my engineers.

    What's my experience with pricing, setup cost, and licensing?

    It is a little bit expensive, but the pricing model is acceptable, though a reduction would make it more competitive with leaders such as Palo Alto.

    Which other solutions did I evaluate?

    I purchased from a different source.

    What other advice do I have?

    The configurations are pretty easy, and it is plug-and-play, which gives me regular updates.

    I would assess the solution as positive in this regard.

    All the integrations are pretty easy through API connectivity, which I can recommend more, and it also helps with modern AI-based vulnerabilities to conduct token tests and improve detection.

    I would rate this review a 9 out of 10.

    Ejaz Ahmad

    AI-driven protection has strengthened our API security and reduced successful web attacks

    Reviewed on Jul 13, 2026
    Review provided by PeerSpot

    What is our primary use case?

    I am using Check Point WAF (formerly CloudGuard WAF) . I am also using multiple FortiGate products. I am using the product for URL filtering, security, WAF , and VRF. Check Point WAF  improves our ability to discover, monitor, and protect APIs.

    What is most valuable?

    I appreciate that Check Point WAF (formerly CloudGuard WAF)  is an enterprise-grade service and a very good product that we have used. It offers smart AI protection as well. Since implementing Check Point WAF (formerly CloudGuard WAF), I have seen measurable outcomes; it has mostly stopped attacks through bots and API integrations. I see Check Point WAF (formerly CloudGuard WAF) as a good product in blocking zero-day attacks and detecting anomalies. It helps us a lot because the AI engines evaluate behavior on a real-time basis, and it can detect threats without signatures based on historical data.

    I believe AI-driven threat detection and prevention capabilities help in identifying, blocking, and responding to application threats more effectively. The AI helps in Check Point WAF (formerly CloudGuard WAF) because it creates a targeted exclusion list based on its learning period. It can detect and stop or prevent threats based on context tuning and historical data.

    What needs improvement?

    For Check Point WAF (formerly CloudGuard WAF), the negative aspects include the very high price, complex licensing, and the need for specialized trained people to configure it, which is comparatively more complicated than other firewalls like Palo Alto and FortiGate. The two areas for improvement are the price and the complexity of configuration.

    For how long have I used the solution?

    I started using Check Point WAF (formerly CloudGuard WAF) approximately four to five years ago.

    What do I think about the stability of the solution?

    I would give a score of nine for the stability of Check Point WAF (formerly CloudGuard WAF).

    What do I think about the scalability of the solution?

    I perceive scalability as limited due to challenges faced during DNS migration and HA mode.

    How are customer service and support?

    I find Check Point WAF (formerly CloudGuard WAF) support helpful, but it is not proficient. It is often reliant on the site engineer's involvement, and it does not match the support offered by leaders like Fortinet, who deploy their own trained personnel ready to help anytime.

    How was the initial setup?

    I find installation challenging, complex, and not easy, as it requires skilled professionals to configure the rules and threats, including AI configurations. The biggest challenge when deploying it is its architectural constraints, including limited synchronization during configuration, and there are many challenges involved in integration.

    What other advice do I have?

    I am mostly using firewall solutions. I am using a firewall with IT, OT, and enterprise-grade services. We deal with Check Point WAF (formerly CloudGuard WAF) products. I am speaking about Check Point WAF (formerly CloudGuard WAF), Web Application Firewall. We are just a user of Check Point WAF (formerly CloudGuard WAF). A context-based tooling helps more here because while the AI capabilities are learning, they could reduce the false positive rate. I have not integrated Check Point WAF (formerly CloudGuard WAF) with any other products.

    Despite the complex nature and high price, I think the product is worth buying because it is effective. The configuration is complex, so it is not as easy as with other products. However, I believe it is worth the investment because the security is excellent. For security, Check Point WAF (formerly CloudGuard WAF) is a leader without a doubt. Check Point WAF (formerly CloudGuard WAF) is a very good, highly secure enterprise-level product, but it does have limitations, including the price and the need for trained personnel. I also encounter many errors during HA mode configuration, which can be tricky. I have a hybrid model for deployment. I would rate this review an eight overall.

    Ayodeji A.

    Strong, Easy-to-Manage Web App Protection with Smart Automation

    Reviewed on Jul 07, 2026
    Review provided by G2
    What do you like best about the product?
    I like Check Point WAF because it provides strong protection against web application attacks while being easy to deploy and manage. Its automated policy generation, AI-driven threat detection, and low false positive rate reduce administrative effort without compromising security. I also appreciate its support for cloud environments, API protection, and centralised management, making it a reliable solution for securing modern web applications.
    What do you dislike about the product?
    One area that could be improved is making the platform even more intuitive for new users, especially when configuring advanced security policies. However, the available documentation and automation features help reduce the learning curve, and overall the solution provides strong security capabilities and flexibility.
    What problems is the product solving and how is that benefiting you?
    Check Point WAF helps me solve the challenge of protecting web applications from security threats while reducing the effort required to monitor and manage protection rules. I benefit from its automated threat detection, clear visibility into traffic, and ability to identify and block malicious activity. It gives me greater confidence that applications are better protected while making security management more efficient.
    Ijlal K.

    Good protection and easy to manage web security

    Reviewed on Jun 30, 2026
    Review provided by G2
    What do you like best about the product?
    I like that Check Point WAF is easy to use and gives good protection without needing too much manual work all the time. It helps to block common web attacks and gives clear visibility about what is happening. The managed rules are also useful, and it is good that we can still adjust things when needed.
    What do you dislike about the product?
    One thing I dislike is that sometimes the setup and tuning can feel a bit complicated, especially in the start. Some alerts or rules need extra checking to avoid false positives, and it can take time to understand why something was blocked. The interface is good overall, but few parts could be more simple and easier to follow.
    What problems is the product solving and how is that benefiting you?
    Check Point WAF is solving the problem of protecting web applications from common attacks like bad bots, injection attempts and other unwanted traffic. It helps to block many threats before they reach the application, so we dont have to check everything manually. It also gives better visibility about what kind of requests are coming and what was blocked. The benefit is that security becomes more easy to manage and it saves time for the team.
    Hazem H.

    Strong Protection with Room for Onboarding Improvement

    Reviewed on Jun 20, 2026
    Review provided by G2
    What do you like best about the product?
    I use Check Point WAF to protect web applications and APIs from a wide range of cyber threats like SQL injection and cross-site scripting (XSS). What I like most about Check Point WAF is its ability to provide strong, automated protection for web applications while remaining easy to manage on a day-to-day basis. The platform effectively detects and blocks traffic. The initial setup of Check Point WAF was relatively straightforward, especially with the available documentation and guided configuration options. It provides strong protection against modern web application threats and offers good visibility through a centralized management interface.
    What do you dislike about the product?
    One challenge is the initial onboarding and policy tuning process. For organizations with complex or highly customized web applications, achieving the right balance between strong protection and minimizing false positives can require additional time and expertise.
    What problems is the product solving and how is that benefiting you?
    I use Check Point WAF to protect web applications and APIs from cyber threats like SQL injection and XSS. It offers strong, automated protection while being easy to manage daily. It effectively detects and blocks traffic, solving security challenges by defending against common and complex attacks.
    View all reviews