External reviews are not included in the AWS star rating for the product.
We are using it for in and out of our cloud from on-premises. Security from our SD-WAN and express route connectivity is our main use case.
We also have vendor integrations. SAP RISE was the big one that we recently had where we were using dedicated CloudGuard network gateways for straight vendor implementations.
The ease of deployment has been a benefit. Having Check Point on-premises definitely helped with moving to the cloud. It feels very similar after you migrate. It was not as cumbersome as on-premises, and it was a little less scary for others. It enabled others within our company to adopt.
We have unified security management across hybrid clouds as well as on-prem. We are using just gateways to the cloud, and we have the same management server and the same console as on-prem gateways. It definitely allows you to have unified policies across the board. This seamless integration is a huge plus. Smart-1 Cloud is the next portion to go up to, so we can remove the complexity of management, such as login and whatnot, from our responsibilities.
By using CloudGuard Network Security, we have a good foundation. The history of Check Point has a reliability that I trust. Most of the improvements we do are more internal. There are actions that we, as customers, need to do. It helps to have vendors like Check Point who will go out of their way to help you make their product seamless. It is only as good as how you use it. That has been a big positive, and we have had a good accounts team that has been able to bring proper resources to us, and we encourage those additional resources they provide to us to help us be successful.
For identifying security threats, our company uses a portfolio of different kinds of vector spots and inspection spots. Some of that is handled by another team, and I do not have direct insight into that. However, it has definitely added some automatic reaction with our on-premise setup, which has helped us integrate cross-platform. That portion has been great because no one wants to be too vendor-dependent. You want to be vendor-agnostic. The fact that we can utilize it across multiple vendors has been a positive for us.
We are using gateways, and I appreciate the high-availability gateways they have. They stand out more than the competitors.
The Check Point architecture team adapting fluently to the architecture that each cloud has is valuable. They are adaptive to customer solutions, which is a big advantage.
Some more built-in marketplace templates would be nice. It would be nice to see more vendor assistance in deployments and backup of recoveries versus having customers rely upon that themselves. That would make it a lot more seamless and aligned with the standard on-premise model that is there. Check Point can extend the same posture that they have to CloudGuard and make that transition very seamless.
Check Point does not have as big a footprint in engineering teams as Cisco or Palo Alto has, especially in the US market. Therefore, finding someone who understands Check Point is a lot harder. If Check Point can make it easier for seamless transitions, it will build the confidence of engineers and help with the adoption of a new vendor for those engineers. Anything they can do to help with that is a competitive advantage, and it works for any company looking into it.
I have been using CloudGuard Network Security for about three years.
It is very stable, but in any virtualized environment, you are still dependent on your cloud provider. If Amazon, Microsoft, Google, or any other cloud provider reboots the gateway because they are doing some maintenance and did not tell you about it, it is not Check Point's fault. It is something where you have to correlate whether you had an outage or lost a node. You still have to report that. It still looks like that your Check Point firewall went down, so guilty until proven innocent type of deal comes into play. That has been a little bit more challenging than when it is your hardware on-premises. Outside of a power issue or an upstream switch, if something goes wrong in the box, it is not on Check Point. At that point, you can hammer down to the cloud. Having shared resources makes it a little bit difficult to delineate. You have to go case by case.
I have not directly experienced the need for scaling, particularly horizontally. Based on studies, presentations, documentation, and architecture, scalability is definitely there, so I have confidence that if my business needs to shift to high throughput and high sessions, Check Point will have a solution for me to do that seamlessly.
I have always had challenges with TAC. There still seems to be a difference in the type or level of tech support you get based on the region you call into. That has been a little bit more challenging. We have had issues with getting the same candid answers where they were regurgitating without looking through. At the support level, we have had some challenges back and forth, but when we talk to our account team or our sales engineer and say that we have a problem, their reaction is very quick. Their escalation internals take care of that. They get us the right people.
For additional deployments from the cloud perspective, we have always had great contacts to get to. I have been very happy with the level of support Check Point has given us for new deployments' design ideas and problems. The feature roadmap they chose has been excellent.
Overall, I would rate their customer service and support an eight out of ten. I am dropping points because of the TAC issues that I have had.
We do use another vendor that does a similar function. The vendor is Fortinet. Both vendors have their own pros and cons. The big difference between the two from a cloud network security perspective is that the high availability model that Check Point has is not what the competitor has. So, you are still relying upon load balancers, and you are still relying upon cloud failover, which adds a little bit of complexity. This high availability has been a huge plus. We have not seen our current vendors or other vendors be able to do so.
We, as such, have not switched. We have a different vendor we use, and we have not made the decision to switch. We are still at that deciding factor because we are seeing where things fit with both platforms. From an ROI perspective, switching would not be advantageous to us at this point based on what we are getting, but it is definitely something that is looked upon as we look at life cycles. We can then make a decision one way or the other to meet our business needs.
The decision to go for CloudGuard instead of our cloud vendor's cloud firewall was predated. There were some implementations that were already there. We have made additional investments where we did go between vendor A and vendor B and made a decision. I made the decision and chose Check Point, not just for the single pane of glass and ease of management but also for the high availability. For the high availability that we were deploying, there was no other solution that could give us the seamlessness we were looking for. We could not get that from other vendors, so it became evident that going for Check Point was the right decision to make.
We are a Microsoft Azure Shop, and the deployment model would be high-availability gateways. We are not using gateway low balancers. We are just using the high-availability deployments.
In terms of ease of deployment, I cannot speak for the earlier years, but I did hear that there were some pain points. That was more of a combination of cloud maturity in Microsoft and Check Point integrations. There were other challenges related to intermixing and the knowledge base. This was when Check Point was new to our company, and we probably did not have the right MSP support. A lot of those gaps and failures were due to the support and not having that strong knowledge base and operating support afterward. Recent deployments, from 2020 to 2024, are different. There is a night and day kind of difference. We had instant Check Point support. They walked us through and sat on the call while we deployed in real-time with our CloudOps teams. It was seamless. We ran into a gap, and we were easily able to fix it right then and there. They were very collaborative. It has just been a night-and-day type of scenario.
For the first implementation, we used an MSP consultant in collaboration with Check Point. We did the recent deployment in-house directly with Check Point.
We are yet to figure that part out. There is a lot of tuning on our side, and we have definitely seen its remediation and prevention capabilities help us in very critical situations. Knowing that we could be proactive instead of constantly being reactive has definitely put me at much more ease at night. There are some improvements to that.
Investment-wise, this is where you look at the consolidation and realize that you might have different vendor technologies that might be doing the same thing. This is something we will have to look at. It is not necessarily a Check Point problem. It is something that we, as an enterprise, have to look into.
My experience has been extremely positive. It was not a concern because I had an account team that fought for pricing for our company. They were not pushing me to professional services for certain help. I was instantly getting a CloudGuard architect to help us out. They understood our environment and bridged the gap where we needed that help with our public cloud provider and with Check Point, in this case. That is what made the experience. They allowed us to scale it well, and that is where Check Point has done very well.
They realize that customers need to be adaptive in their cloud deployments, and they are much quicker than on-prem. They know that in the end, their product speaks for itself, so pricing has always been very competitive compared to other vendors. I have always had account teams no matter what company I have worked for, and they have always done a good job of meeting that gap. So, its pricing was not the reason we made the decision.
I would rate CloudGuard Network Security a nine out of ten. The ease of template deployment would have been nice. There was also a little bit of weirdness with the licensing models for our on-premise management. That is pretty much it. Otherwise, I am extremely happy with it. They are not negatives. It is still great.
Our use case is simple. We utilize CloudGuard Network Security with a bridge to connect all components in the cloud directly to the on-premise. By establishing peering with the bridge, we route traffic to the Google Cloud-based cluster. We apply our standard on-premise environment rules to CloudGuard, utilizing threat prevention, EPS, etc.
The most valuable feature for us is the simplicity of creating this environment. Even though our current cloud usage is limited, the process of setting up machines in the product and establishing an HR system was straightforward.
CloudGuard Network Security helped us create stable VPN connections from our Google Cloud to our data center. This was important because we had issues with dependencies between Google, the data center, etc.
We have an on-premise management system, and it's straightforward. We use it within the same management of our other files.
In the past year, I noticed that the challenging part, especially in the cloud, is upgrading to the next release of the firewall. Unlike on-premise upgrades, it's not as simple in the cloud. You need to recreate the machine, which makes the process more complex.
We have been using CloudGuard Network Security for four years now. We initially adopted it when we began using the Google Cloud platform. It helps us enable connections between the cloud, data center, and hybrid infrastructure.
The solution is stable.
The tool's pricing is not cheap.
I rate the solution a nine out of ten.
My customers use the solution for technical and internal Azure resources, including remote access VPN.
Some retail customers find the scale-up and scale-down features valuable, particularly with scale sets. This is useful for handling increased loads on devices and utilizing firewalls, similar to on-premises setups with active standby configurations.
The solution allows customers to migrate workloads securely into the cloud space with a trusted vendor, maintaining everything under a single platform. This ensures visibility into their cloud environments similar to on-premises setups, all managed through a single smart console.
Unified security management simplifies operations by providing visibility into both cloud and on-premises infrastructure. The skill set required to manage it remains the same for both environments.
The level of confidence in CloudGuard Network Security, both for myself and my customers, is very high. The product operates familiarly, consistent with what customers are used to, and it is a trusted name in the space.
Based on my previous experience, there were improvements, especially in in-place upgrades. Regarding cost, it might be potentially cheaper considering resource utilization in Azure and VM costs, but licensing could be improved, possibly moving towards a simpler model.
I have been using the product for four to five years.
CloudGuard Network Security has improved its stability. It is a stable platform.
The tool has improved its scalability over the four years.
The support experience can be hit or miss. It depends on the expertise of the support representative. Some are highly skilled and knowledgeable, while others require more guidance. There might be room for improvement in this aspect.
Neutral
The tool's deployment is straightforward, whether through the marketplace or templates. It offers flexibility for making amendments before deployment.
On a scale of one to ten, I would rate the solution an eight. The ease of deployment, the single management function, and the features it provides, especially in terms of scale sets and scaling, contribute to it being a solid platform. Many customers are increasingly interested in using it to protect their assets within Azure and AWS, which are the two main areas of operation.
If a colleague is considering purchasing the solution for its security features and licensing, my advice would be to ensure correct deployment. While the solutions are generally straightforward to deploy, there are nuances, especially in Azure infrastructure, that can make troubleshooting more challenging. It's crucial to either use a knowledgeable partner for deployment or ensure a clear understanding of the process before proceeding, as it may be more complicated than anticipated.
We use the product for network security and cloud workload protection.
It's easy to set up in Azure Cloud. The ease of setup helps us save time.
It offers an easy and nice way to manage the gateways, similar to on-prem hardware. It has packet filtering features. Our security operations are faster and less prone to errors. We selected CloudGuard Network Security due to its visibility.
CloudGuard Network Security more or less provides us with unified security management across hybrid-clouds as well as on-prem. We manage both environments on the same console. It makes our security operations faster and less prone to error.
The solution needs to improve the interruptions that happen during gateway upgrades.
I have been using the product for two years.
There were no major stability issues, although switching gateways could cause some downtime, approximately a minute until the new gateway is fully deployed.
CloudGuard Network Security's scalability is good.
The tool's support is good. Their responses can get delayed due to time zone differences.
Positive
I have only used the built-in solutions from Azure.
CloudGuard is easier to understand. CloudGuard is very easy to translate and easy to incorporate features. CloudGuard has better features like packet filters, EPS, threat prevention, and filtering.
We chose CloudGuard because of the visibility. It's much better.
The setup process saves us time, especially in the Azure cloud, as the system continually improves.
We have seen ROI through its visibility and through understanding attacks on the workloads.
For us, the solution was easy to understand. The syncing of the CloudGuard Network Security is like that of the gateway on-prem. Translating in a very easy path to bring the features is very easy. I rate the product a nine out of ten.
The solution helps protect network security by offering threat prevention, addressing vulnerabilities, and utilizing blades.
We use it for the protection of our internal services. We're a Telco company, our internal users are on the machines. We also have some external services that we protect. We protect our customers and our public cloud with it.
VMware is our public cloud provider.
Threat prevention is the biggest benefit we see from it.
The network security is the most valuable aspect of CloudGuard. I am a network engineer so it's the most relevant feature to me.
CloudGuard Network Security provides us with unified security management across hybrid-clouds and on-prem. We manage all of those environments through this one solution.
It's user-friendly. It's a multi-domain solution. CloudGuard is really, really good.
I have experience with FortiGate and Cisco. I worked with them at previous jobs. FortiGate is easy and user-friendly when it comes to the configuration, but it is unstable in some countries and the routing tables have problems. The configuration of the network is in the same management platform, which might be better for some.
In comparison, CloudGaurd is very stable.
Cisco is hard to use, FortiGate is easy and CloudGuard is somewhere in the middle when it comes to ease of use.
When it comes to identifying security threats, CloudGuard is really good compared to its competition.
I am confident that CloudGuard's Network Security can protect us. It enables me to sleep very well at night.
We utilize logging systems, and geolocation is crucial for us as some applications must only be accessible from our country. However, there have been occasional issues with this feature. It drops requests. It's not always precise.
I have been using the product for two years.
My team has been using it for five to six years.
CloudGuard Network Security is very stable.
We have 28 licenses. We have 800 servers on our private cloud.
Their support is fast. They answer quickly.
Positive
We integrate with NSX. The setup wasn't hard.
We have seen ROI. It saves us time because it's stable. It's easily administered. We have time to do other tasks. It is easy.
Licensing is complicated. When a license expires, we have to renew it and the process is complicated. They should make the process easier.
Using CloudGuard Network Security saves time due to its stability and ease of administration. The solution is not complex, allowing administrators to focus on other tasks. The configuration process is straightforward. It can integrate with NSX.
I rate the product a nine out of ten. We manage a total of 800 servers that host a variety of components, including our infrastructure, customer applications, databases, application sites, and disaster recovery systems
We use the product to protect Azure workloads.
The solution's most valuable feature is scalability. We can increase the number of CPUs, memory, and firewalls throughout easily. Using CloudGuard Network Security for managing cloud firewall rules is considered easier than using the normal security groups provided by Azure or AWS.
The solution needs to support more hypervisors.
I have been using the product for two years.
The solution's stability is good.
The tool's scalability is good.
Sometimes Check Point's technical support takes a long time when you need assistance with developing or fixing issues.
Positive
CloudGuard Network Security's deployment is straightforward.
It took around a year to see the benefits of using CloudGuard Network Security. If you have CloudGuard Network Security managed by the same management server used for on-premises, you can control all policies in one management tool. I am confident in using the product.
We are a Check Point partner, hence we trust the product and the company. I rate the overall product a nine out of ten.
I use it to protect our public cloud workloads today. It safeguards them directly from the internet and also from the corporate network. We have interconnected our Azure environments with our on-premises network, including our data centre. CloudGuard Network Security helps protect workloads within Azure from both the corporate network and the internet.
CloudGuard Network Security has significantly improved our operations. Its automatic scaling capability, based on the network load, eliminates the need for capacity planning.
We don't need capacity planning anymore or do proactive actions in order to always have that capacity planning, it does it automatically. Our network engineers now focus on administering the entire cluster rather than managing individual members and their loads.
Our confidence in our cloud network security is pretty high, largely because of central console management. It ensures that we have uniform threat prevention policies applied globally, which significantly boosts our confidence in the system.
The most valuable feature for us is the scale set, which allows us to scale horizontally, vertically and dynamically depending on the traffic load.
It provides us with unified security management across both CloudGuard and on-premises environments. We use CloudGuard Network Security for Azure and have a single management console that allows full visibility into logs and consolidated logs across all environments. This ensures we maintain consistent IPS, IDS, and threat prevention policies across all regions and data centres.
There is room for improvement in the integration with PaaS services from the public cloud. It would be very helpful. A more cloud-native approach is needed because even it is PaaS services require public cloud resources, even if the traffic load is low. These resources are still required for high availability and resiliency.
So, a full PaaS solution with improvements on that end, basically.
I have been using it for five years now.
We have many different firewalls worldwide in our environment. Check Point support provides direct, 24/7 support, even when some components may be outdated. Since almost 95% of our hardware is supported, they're still able to provide support for the remaining 5%, which is greatly appreciated.
Positive
We opted for CloudGuard primarily due to two factors, which ultimately became three.
I was involved. It was straightforward, out of the box, plug and play.
We didn’t use a reseller or integrator; it’s really simple to deploy, and we had the capability to set it up on our own.
I haven't calculated it because we deployed CloudGuard Network Security as part of our cloud journey. The ROI wasn't calculated solely on that part; it was more about the overall process of closing the data centre and moving to the cloud.
The licesning has some good features. For example, the scaling feature is free of charge, allowing multiple scale-ups and scale-downs over a two-week period, which is pretty good.
However, since we are still on an IaaS infrastructure, we end up paying for firewalls that are operational without actually handling traffic loads. This is why a PaaS approach would yield more benefits for us.
Overall, I would rate the solution an eight out of ten. The reason it's not a ten relates to the need for a more cloud-native solution that fits today's requirements. The deployment was five years ago, and we're still waiting for Check Point to evolve to truly have cloud-native capabilities.
I'd advise looking into the scale set feature and the out-of-the-box capability, which were really the silver bullets for us. It was a strong requirement, and if anyone is seeking that kind of solution, I would greatly recommend it.
I like the tool's ability to manage cloud traffic locally without routing it through our data centers.
The product needs to improve technical support.
I have been using the product for four years.
The tool's support has been excellent. We can maintain our Check Point Firewalls effectively, both on-premises and in the cloud.
Positive
The tool's monthly costs have undergone a significant reduction, dropping from approximately 12,000 euros to around 4,000. This represents a cost reduction of over 60 percent. However, it's essential to note that while costs decreased in some areas, they increased in others due to shifts in our environment. As our overall environment has grown, currently connecting 50 accounts to the cloud, it's challenging to directly compare costs with the state of our setup three years ago.
Initially, we faced some challenges, especially with the AWS transit gateway, involving manual routing configurations and complex setup tasks. I rate the overall product a nine out of ten.
Our use case for the product is to prevent or protect the file server in the Cloud. The plan is to gradually integrate more solutions behind it. We work with Azure and AWS.
The tool's most valuable features are threat prevention and protection mechanisms.
The connection to the on-premises management requires using the CLI. It's not just a click, and you cannot edit in the management to prepare everything. You need to do it online and in real time. After that, you must execute a script, and then you should be happy that it appears in the management.
I have been using the product for five years.
CloudGuard Network Security is stable. I haven't encountered any issues with its stability.
The tool is scalable.
Choosing between Palo Alto and Check Point is more of a personal preference based on the management you prefer. However, in terms of protection, both provide a comparable level of security, making you feel equally safe. The choice between Palo Alto and Check Point often depends on the customer. If a customer is already using Palo Alto, it might be challenging to convince them to switch to Check Point.
Deploying the product on different cloud platforms, like Azure or AWS, poses challenges due to variations in terminology and identification methods among platforms.
CloudGuard Network Security's pricing is fine.
In most cases, we use the smart management on-premises. With the hybrid solution, we have one log visibility of every single management, which is an advantageous concept. I rate it an eight out of ten.
We use the solution for the ingress and egress, often for VMSS auto-scaling groups. This involves linking on-premises to the cloud and managing incoming traffic within the same cloud environment.
Customers appreciate the CME plugin for automatically understanding assets within the cloud. This information appears in the manager, allowing users to tag the assets and adjust policies and rules accordingly.
The IT personnel who transition from on-premises to the cloud experience the same understanding, knowledge, and comfort with the cloud environment, using the familiar interface they had on-premises.
People don't know about the tool's features. There's a lack of skill. Users require more knowledge on how to integrate it into the cloud environment and orchestrate routing. So, it's not necessarily a CloudGuard Network Security or Check Point issue but more about integration, knowledge, and understanding.
I have been using the product for six years.
The product's stability is good.
The solution's scalability is good.
The solution's support is good.
Neutral
The tool's pricing is good. Customers want it to be cheap. I consider the pricing to be elastic. CloudGuard Network Security is perceived as cost-effective compared to using the built-in tools provided by the cloud. Specifically, the VPN functionality is more economical in CloudGuard Network Security, where users can create multiple VPNs without additional charges for each VPN, paying only for the bandwidth. This is contrasted with cloud providers that may charge for each VPN on a per-minute basis, including Ingress and Egress costs.
Unified Security Management provides a consistent interface and knowledge base, allowing those who were trained in Check Point for on-premise use to apply that same understanding across various cloud environments such as Google, AWS, Alibaba, Oracle, and more.
I rate the product an eight out of ten. There is always work to be done. However, some customers may find other technologies more understandable, and there could be a perceived difficulty in the human-computer interaction with Check Point. This might create challenges in comparison to competitors, as customers may find competitors' solutions easier to use.