The solution helps to protect our customers at the perimeter. We have integrated the solution into our NSX environment. 

The tool's most valuable features for us are threat prevention, HTTPS inspection, and the Anti-Bot blade. Threat prevention helps to protect our assets from threats. HTTPS inspection ensures secure communication, and the Anti-Bot blade is particularly helpful in detecting C2 servers, enhancing our ability to identify malicious activities and protect our network.

We can confidently assert that we are among the top cloud providers, protecting our customers from external threats. With Check Point's CloudGuard Network Security, we offer attack services protection. 

CloudGuard Network Security needs to include new features. One specific feature I would like to see is the ability to protect external resources using single sign-on integration with various identity providers, including custom identity providers. Its pricing could also be cheaper. 

I have been using the product for six years. 

CloudGuard Network Security is stable. 

CloudGuard Network Security is highly scalable in our virtual environment. We can easily add more ports, and it functions perfectly. We use it in cluster mode, deploying multiple Check Point clusters horizontally and vertically, making scalability easy and excellent.

I find Check Point's technical support to be excellent. We have premium support, and whenever we open a case, especially for high-severity issues, we receive a phone call from their support team.

Positive

CloudGuard Network Security's deployment is straightforward. 

The product is expensive but also valuable. 

CloudGuard Network Security provides unified security management across hybrid clouds as well as on-premises environments. It helps to manage everything from a single point. 

I have been exploring Harmony SASE for remote security and zero-trust access in some proof-of-concept activities. Also, I'm checking out the CloudGuard Web Application Firewall for safeguarding our applications on the internet.

I rate the product a ten out of ten. We have had a great experience with Check Point, and we haven't faced any major incidents or attacks compromising our organization. It has helped us detect activities on our endpoints. 

I would genuinely recommend it. Check Point is easy to manage, implement, and configure. The support is excellent, and the constant threat intelligence updates ensure protection against various threats. It's truly an amazing product for securing your environment.

We use the product to protect Azure workloads. 

The solution's most valuable feature is scalability. We can increase the number of CPUs, memory, and firewalls throughout easily. Using CloudGuard Network Security for managing cloud firewall rules is considered easier than using the normal security groups provided by Azure or AWS.

The solution needs to support more hypervisors. 

I have been using the product for two years. 

The solution's stability is good. 

The tool's scalability is good. 

Sometimes Check Point's technical support takes a long time when you need assistance with developing or fixing issues.

Positive

CloudGuard Network Security's deployment is straightforward. 

It took around a year to see the benefits of using CloudGuard Network Security. If you have CloudGuard Network Security managed by the same management server used for on-premises, you can control all policies in one management tool. I am confident in using the product. 

We are a Check Point partner, hence we trust the product and the company. I rate the overall product a nine out of ten. 

We use the security gateways to protect the virtual data centers. 

The most valuable feature for us is the ability to run the gateways as virtual machines in our virtual data center. The tool protects the virtual data centers. 

The solution's integration with cloud providers has seen significant development in the past months, but there is room for improvement for better integration.

I have been using the product for two years. 

CloudGuard Network security is stable. 

Scaling up is straightforward, involving the purchase of additional licenses and allocating virtual CPUs to the client.

CloudGuard Network Security's support is good. I would like the support to be faster. However, it is not possible all the time. 

Positive

The tool's deployment is straightforward. 

My customers have experienced ROI with the tool's use. If there's a security issue, it can lead to downtime or loss of data, which means losing money. So, the main focus is on the financial aspect. Security is also one of the benefits of using the product. 

We have both cloud and on-premises deployment models. The solution offers protection and full visibility of traffic on cloud solutions. It is rock solid and comes with proven technology. We can benefit from its detection rates and security. I rate the overall product a ten out of ten. It is a straightforward solution that uses existing technology. We don't have to learn new technology. We can use what we know and deploy it on to the cloud. 

We use it to protect cloud infrastructure, workloads, and applications from advanced threats and attacks.

For our operations team, CloudGuard proved to be the ideal solution. Troubleshooting became much simpler as all traffic—allowed or blocked—could be found in a single point, the SmartConsole. Integrating CloudGuard with VMware was straightforward; we established a connection between Check Point Management and VMware, allowing for the automated deployment of CloudGuard in NSX as a service. This automation made deployment and management a breeze, allowing us to easily specify the number of CloudGuard instances needed, which would then be deployed automatically.

CloudGuard's integration with the SmartConsole ensured continuity for our administrators, who could continue using familiar tools and methods. The ability to manage everything within the virtual environment provided speed and flexibility. With CloudGuard, we could define rules to control traffic with precision, redirecting or blocking as needed. 

Check Point's approach of preventing threats at the outset aligns with this perspective, eliminating the need to constantly battle against incoming threats. This proactive stance instills a strong sense of security, as it significantly reduces the likelihood of breaches. Given our positive experiences and lack of any negative encounters with the product, we feel extremely confident in its ability to safeguard our environment effectively.

One of the most crucial and beneficial aspects of Check Point is its ability to consolidate and present logs in a clear and easily accessible manner. This centralized approach offers immense value, as it allows users to access all network security information from a single point, eliminating the need to navigate through multiple tools and sources. With Check Point, users can conveniently find and manage all security-related data in one centralized location.

Its centralized control, ease of use, and flexibility are the most valuable for our data center security.

The licensing structure is unclear, so a transparent and flexible licensing structure would be preferable.

We have been working with it for five years.

In terms of stability and reliability, the virtual machine running CloudGuard functions seamlessly and as anticipated, demonstrating no issues or disruptions.

Regarding scalability, you have the flexibility to deploy as many instances as necessary. If additional instances are required, you can easily add them to production by obtaining the necessary licenses.

While we haven't encountered significant issues necessitating support, we did face occasional challenges with perimeter gateways rather than CloudGuard itself.

Before this project, we collaborated with a sister company that utilized Cisco ACI, but it didn't prove to be the right fit. Considering our longstanding partnership with Check Point as our security provider, particularly for network and cloud traffic, choosing CloudGuard for East-West traffic inspection seemed like a natural extension. Additionally, observing our sister company's positive experience with CloudGuard on Cisco ACI further reinforced our confidence in the product as the best solution for our needs.

Initially, we sought the help of a partner for deployment, but for upgrades and migrations, we largely handled them ourselves. Fortunately, these processes weren't overly complex, and we found helpful documentation on the Check Point website to guide us through them.

When we initially adopted CloudGuard, we operated under a different licensing model based on the number of hosts. The licensing model has since transitioned to a cluster-based variant.

Overall, I would rate it ten out of ten.

For any private cloud data center leveraging software-defined networking through VMware or Cisco ACI, CloudGuard stands out as the optimal choice. It offers unparalleled flexibility and ease of management, making it the ideal solution for customers already utilizing Check Point in conjunction with virtual networks within their data centers.

I use it to protect our public cloud workloads today. It safeguards them directly from the internet and also from the corporate network. We have interconnected our Azure environments with our on-premises network, including our data centre. CloudGuard Network Security helps protect workloads within Azure from both the corporate network and the internet.

CloudGuard Network Security has significantly improved our operations. Its automatic scaling capability, based on the network load, eliminates the need for capacity planning. 

We don't need capacity planning anymore or do proactive actions in order to always have that capacity planning, it does it automatically. Our network engineers now focus on administering the entire cluster rather than managing individual members and their loads.

Our confidence in our cloud network security is pretty high, largely because of central console management. It ensures that we have uniform threat prevention policies applied globally, which significantly boosts our confidence in the system.

The most valuable feature for us is the scale set, which allows us to scale horizontally, vertically and dynamically depending on the traffic load.

It provides us with unified security management across both CloudGuard and on-premises environments. We use CloudGuard Network Security for Azure and have a single management console that allows full visibility into logs and consolidated logs across all environments. This ensures we maintain consistent IPS, IDS, and threat prevention policies across all regions and data centres.

There is room for improvement in the integration with PaaS services from the public cloud. It would be very helpful. A more cloud-native approach is needed because even it is PaaS services require public cloud resources, even if the traffic load is low. These resources are still required for high availability and resiliency.

So, a full PaaS solution with improvements on that end, basically.

I have been using it for five years now. 

We have many different firewalls worldwide in our environment. Check Point support provides direct, 24/7 support, even when some components may be outdated. Since almost 95% of our hardware is supported, they're still able to provide support for the remaining 5%, which is greatly appreciated.

Positive

We opted for CloudGuard primarily due to two factors, which ultimately became three. 

• First was the Azure consumption cost, which was lower compared to competitors. 
• Secondly, its plug-and-play capability is straight out of the box, as deployment is directly made from the Azure Cloud Marketplace. In contrast, with competitors, you have to manually import and deploy the image they provide, which isn’t off the shelf. 
• The third factor was the scaling solution offered by CloudGuard, which we found to be the fastest.

I was involved. It was straightforward, out of the box, plug and play. 

We didn’t use a reseller or integrator; it’s really simple to deploy, and we had the capability to set it up on our own.

I haven't calculated it because we deployed CloudGuard Network Security as part of our cloud journey. The ROI wasn't calculated solely on that part; it was more about the overall process of closing the data centre and moving to the cloud.

The licesning has some good features. For example, the scaling feature is free of charge, allowing multiple scale-ups and scale-downs over a two-week period, which is pretty good. 

However, since we are still on an IaaS infrastructure, we end up paying for firewalls that are operational without actually handling traffic loads. This is why a PaaS approach would yield more benefits for us.

Overall, I would rate the solution an eight out of ten. The reason it's not a ten relates to the need for a more cloud-native solution that fits today's requirements. The deployment was five years ago, and we're still waiting for Check Point to evolve to truly have cloud-native capabilities.

I'd advise looking into the scale set feature and the out-of-the-box capability, which were really the silver bullets for us. It was a strong requirement, and if anyone is seeking that kind of solution, I would greatly recommend it.

I like the tool's ability to manage cloud traffic locally without routing it through our data centers.

The product needs to improve technical support.

I have been using the product for four years. 

The tool's support has been excellent. We can maintain our Check Point Firewalls effectively, both on-premises and in the cloud.

Positive

The tool's monthly costs have undergone a significant reduction, dropping from approximately 12,000 euros to around 4,000. This represents a cost reduction of over 60 percent. However, it's essential to note that while costs decreased in some areas, they increased in others due to shifts in our environment. As our overall environment has grown, currently connecting 50 accounts to the cloud, it's challenging to directly compare costs with the state of our setup three years ago.

Initially, we faced some challenges, especially with the AWS transit gateway, involving manual routing configurations and complex setup tasks. I rate the overall product a nine out of ten. 

Our use case for the product is to prevent or protect the file server in the Cloud. The plan is to gradually integrate more solutions behind it. We work with Azure and AWS. 

The tool's most valuable features are threat prevention and protection mechanisms. 

The connection to the on-premises management requires using the CLI. It's not just a click, and you cannot edit in the management to prepare everything. You need to do it online and in real time. After that, you must execute a script, and then you should be happy that it appears in the management.

I have been using the product for five years. 

CloudGuard Network Security is stable. I haven't encountered any issues with its stability. 

The tool is scalable. 

Choosing between Palo Alto and Check Point is more of a personal preference based on the management you prefer. However, in terms of protection, both provide a comparable level of security, making you feel equally safe. The choice between Palo Alto and Check Point often depends on the customer. If a customer is already using Palo Alto, it might be challenging to convince them to switch to Check Point. 

Deploying the product on different cloud platforms, like Azure or AWS, poses challenges due to variations in terminology and identification methods among platforms.

CloudGuard Network Security's pricing is fine. 

In most cases, we use the smart management on-premises. With the hybrid solution, we have one log visibility of every single management, which is an advantageous concept. I rate it an eight out of ten. 

We use the solution for the ingress and egress, often for VMSS auto-scaling groups. This involves linking on-premises to the cloud and managing incoming traffic within the same cloud environment.

Customers appreciate the CME plugin for automatically understanding assets within the cloud. This information appears in the manager, allowing users to tag the assets and adjust policies and rules accordingly.

The IT personnel who transition from on-premises to the cloud experience the same understanding, knowledge, and comfort with the cloud environment, using the familiar interface they had on-premises.

People don't know about the tool's features. There's a lack of skill. Users require more knowledge on how to integrate it into the cloud environment and orchestrate routing. So, it's not necessarily a CloudGuard Network Security or Check Point issue but more about integration, knowledge, and understanding.

I have been using the product for six years. 

The product's stability is good. 

The solution's scalability is good. 

The solution's support is good. 

Neutral

The tool's pricing is good. Customers want it to be cheap. I consider the pricing to be elastic. CloudGuard Network Security is perceived as cost-effective compared to using the built-in tools provided by the cloud. Specifically, the VPN functionality is more economical in CloudGuard Network Security, where users can create multiple VPNs without additional charges for each VPN, paying only for the bandwidth. This is contrasted with cloud providers that may charge for each VPN on a per-minute basis, including Ingress and Egress costs.

Unified Security Management provides a consistent interface and knowledge base, allowing those who were trained in Check Point for on-premise use to apply that same understanding across various cloud environments such as Google, AWS, Alibaba, Oracle, and more.

I rate the product an eight out of ten. There is always work to be done. However, some customers may find other technologies more understandable, and there could be a perceived difficulty in the human-computer interaction with Check Point. This might create challenges in comparison to competitors, as customers may find competitors' solutions easier to use.

We offer a full security and connectivity solution leveraging SD-WAN and SASE technologies. We partner with service integrators and providers who, in turn, sell the solution to business customers. Our solution is built on SD-WAN and SASE, facilitating the connection of offices and home users to the organization through various WAN connections. By aggregating multiple connections over the Internet, we deliver security and connectivity to meet the needs of retail and finance. We can help any vertical that needs a connection between the branch and the cloud.

We primarily secure our network using CloudGuard Network Security's next-generation firewall features, including anti-spam, IPS, and URL filtering. Our chosen package for the go-to-market strategy is NGTP. For customers seeking more features, we provide options to upgrade to the tool's advanced packages.

The product serves as a complement to our solution. While we integrate some firewall functionality into our edge device, we do not develop complete security solutions for the cloud. The combination of CloudGuard Network Security with SD-WAN connectivity allows us to offer a holistic solution.

The product needs to offer multi-tenancy. 

Eight months ago, we initiated the integration with CloudGuard Network Security, and currently, we are taking it to the market and presenting it to customers. We have three customers who are on the verge of signing agreements with us.

Currently, the technical support we receive is from the US. While there is a team in the US supporting us, there is a need for this support to extend to other regions.

Positive

We got discounts on pricing. 

We utilize the tool's SmartConsole integrated into our management system. However, we encounter challenges with multi-tenancy. Since we integrate it as an application on the cloud we can integrate it with any other provider. We do think that the synergy with Check Point is very good because we also allow Check Point to move from the edge to the cloud while we provide security connectivity from the edge to the cloud. So we can support its transition from on-prem security solutions to the cloud. It looks like a very good win-win situation for both Check Point and BBT, and we see it in the market, bringing us big deals in Japan and France.

We can go with others as well in terms of architecture because our architecture is very open. We are a small company and cannot engage with everyone. We have good connections with Check Point in Israel. We also have some connections abroad. So far, we are getting good support. 

We have an application that is running on our cloud. Normally, our main cloud provider is Google, but we can run over any cloud. It could be a private cloud or any data center that provides virtual machines and connectivity. We are agnostic.

We are in several POCs in France, Japan, and Thailand, and they are progressing well. However, we need more presales support. There is a lack of knowledge about the solution in the regions, and we are finding it challenging to get sufficient support from those regions. There seems to be a gap in support that needs to be addressed.

It seems that the product is the answer that we need. We haven't identified any missing components in the security suite, apart from the operational challenges related to working in a multi-tenancy environment. I rate the product an eight out of ten. 

The tool's most valuable features are inspecting internet traffic and IPS. We can manage the firewall using shared policies from a single management server. 

The challenge mainly revolves around the slower functionality of virtual IP switching in Azure Virtual Network compared to on-premise solutions. On-premise, switching between clusters is faster, taking only a few seconds, while in Azure, it can extend up to five minutes. The downtime is a concern for us. 

CloudGuard Network Security's stability is good. 

Overall, my experience with Check Point support has been positive. There were instances where basic questions were asked, even though I had already provided the information in the ticket. One ticket took two years to resolve. 

Positive

The tool's deployment is more complicated than an on-prem setup. Setting up and managing CloudGuard Network Security in Azure presents some challenges. There are complexities in handling downtime in on-premise and cloud firewalls. Additionally, difficulties arise in deploying a new cluster for an upgrade, as the in-place upgrade might not function as expected.

The process of exchanging virtual machines in Check Point is currently complex. You cannot simply deploy a new machine and use it; instead, you need to navigate through several steps. This involves associating the new machine with a network group, entering various details, and sometimes providing the entire path to locate the object in the cloud.

The tool is working well so far for normal use cases. I rate it an eight out of ten.