Positive

We use Check Point CloudGuard Network Security to replace an Azure Firewall, securing the network flow in our organization.

The URL filtering provides a lot of added value compared to the Azure Firewall. It is easier to use and offers much more visibility on the network activities. It helps us manage our security operations by reusing on-prem solutions with the cloud, therefore improving ease of use.

The reporting needs enhancement. Currently, we are not always aware of the gateways' status, like CPU and RAM usage. It would be beneficial to have a report that manages everything and gives an overall view of what is going on.

I have been using it for six to ten months.

I have experienced a few issues where connectivity is lost temporarily, however, it does not affect traffic processing. It is more about not having management information for a few seconds.

The scalability is really good and relies totally on CloudGuard, whether it is on Azure or AWS. At least on Azure, it works fine.

The customer service is good. They helped me with the few issues I had, meeting my expectations. Their support for traditional security projects is good, and I found the same support quality for cloud projects.

Neutral

I have used solutions for on-prem security management, yet not for the cloud.

The initial deployment was easy, taking about a week.

I rate the overall solution an eight out of ten. It would be ideal to have improved reporting features for a comprehensive overview.

Neutral

We primarily use the solution for protecting the network perimeter and monitoring incoming and outgoing packets. Over the years, the product has evolved significantly by inspecting HTTPS and IPS and having antivirus and anti-bot capabilities. It has been interesting to observe how Check Point keeps pace with global security challenges and addresses them efficiently through policies on CloudGuard gateways.

In addition to blocking attacks and protecting the network, we benefit from the visibility into the logs, the simplicity, and the accuracy of reaching the events. All the capabilities are inside the solution. Unlike its competitors, it does not require extra licenses. It is well-integrated and very detailed. We can pinpoint the details to minutes, seconds, or milliseconds, and see what is going on. We can also see smart events and smart reports with pictures, graphs, etc. Through a single pane, we can see how our network environment is behaving. We can see any changes in the attack patterns, the number of logs, or any new events, which may give insights into an attack going on. We can also see if a new application was released by DevOps teams without telling us.

A big benefit of Check Point is that the same policy can be installed on-premises, on the cloud, with Kubernetes, with Dockers, etc. It works on huge devices or gateways on the cloud. It can work with Azure, Google Cloud, and others. The SmartConsole view helps handle all the environments with a single policy which makes it very easy. It enables working with a small team. A small team of five to ten people is enough for a global, worldwide network.

I found the access control policy through SmartConsole, which was formerly SmartDashboard, to be very valuable. It deeply explores source, destination, and port protocols. Competitors struggle to match this simplicity and effectiveness. The evolution of HTTPS inspections, threat prevention, and autonomous threat prevention are commendable. The consistent interface across versions ensures familiarity despite minor tweaks, maintaining a long-standing valid approach.

The visibility provided through logs, charts, and graphs, without requiring extra licensing, is excellent.

I believe that presentations on artificial intelligence indicate that analyzing logs via SmartEvent and SmartLog Security Event Information Management can offer insights into emerging trends and potential next steps. By correlating logs related to BYOD, BYOL, and Shadow IT, it will become easier to manage and hopefully mitigate or understand risks.

I have used Check Point solutions since NGX R65, which was a lot of years ago.

In my experience, recent versions with recommended jumbo hotfixes offer remarkable stability. There have been no unexplained reboots reported by customers.

While working with a customer using 561k gateways, handling 140 gigabits of peak traffic was successful. After that, they changed the product but maintained the same big picture while enhancing throughput and scalability. Adding more devices to security groups is straightforward. The complexity managed by Check Point developers is amazing. Check Point developers in Israel are ninjas. They have built a complete solution with amazing throughput and details. With a few clicks, there is elastic and protected network growth.

Sometimes I find that the VPN teams provide exceptional service, identifying issues promptly. Occasionally, ticket handling delays arise due to repetitive questions despite detailed notes. However, overall, my experience is positive, achieving a more than 75% success rate. Issues are eventually resolved through hotfixes or innovative solutions, supported by a robust knowledge base.

Positive

As an integrator and partner, we have the opportunity to see how other products work. SmartConsole itself is an excellent idea, and the management aspect of Check Point products significantly differentiates them. However, my opinion will be biased because I have been working with Check Point products for a long time, but I find Check Point's approach more simple and integrated. We do not need several devices or appliances to do verification at various layers. A simple gateway can deliver everything and secure the network.

On the perimeter of the network, it works as an employee hired to allow or deny based on the policies. It is able to follow the rules. There is simplicity. The capability of SmartDashboard to create rules, receive logs back from the gateway, generate all those insights, and pinpoint the events is amazing.

Compared to open-source solutions, there is more than 95% security. It does not handle only access controls; it has the capability of deep packet inspection to see what is going on and have insights into the intention of the malicious activity.

Its deployment model is a mix-and-match. Sometimes it is better to have it on the cloud because of the elasticity, but sometimes it is better to have it on-premises due to regulations. With the single configuration on SmartConsole, it can deploy policies on the cloud and on-premises. Some customers use Azure, and some use AWS. Having a Check Point solution makes them more comfortable because they know that it is a robust and mature product. It is not something built by a startup six months or one year ago.

I can set it up with my eyes closed, though typing the IP address is necessary. I am very comfortable handling initial client configurations and cabling. Although some view configuration as tedious, the results are satisfying once complete.

I believe that the return on investment largely revolves around network protection. An investment, such as 10,000 euros, aims to prevent costly outages or security breaches, which could be more expensive than the solution itself. Despite views on cost, the value lies in maintaining operational integrity with zero downtime or incidents, facilitating secure, ongoing business operations.

As a partner and solution provider for the last fifteen years, I have distanced myself from specific numbers. However, customer trust in the product is evident due to its comprehensive protective capabilities. Centralized appliances have mitigated previous CPU usage concerns, thanks to multi-threading and processing enhancements. Correct sizing assures minimal CPU usage, even at high traffic levels.

I would rate the solution a nine out of ten. A ten might impede progress. They might relax and stop the progress. They should keep doing a good job.

Our end customer is using Azure to host a few applications in the cloud, and we utilize CloudGuard Network Security to secure those assets.

CloudGuard Network Security provides unified security management across hybrid-clouds as well as on-prem. Our customer is also using Check Point on-premises, so we have one place to create all of our policies. It is a lot easier than doing it at different places. We have the same policy in different clouds and on-premises. That is a great thing. There is a seamless experience and the same management. That is a great advantage over using Azure's native firewall.

CloudGuard Network Security has helped reduce our organizational risk by about 15%. That is because of the ease of working with one big policy that spans the entire organization.

With CloudGuard Network Security, we get a unified solution. It does not matter if we are on AWS, Azure, or Google Cloud. The migration with Scale Set is nice to work with. It is very easy to upgrade and so on.

Scale Set is highly beneficial. It is easy to upgrade and maintain. 

It is pretty great in all aspects, but the integration could be easier, especially with Scale Set and related features. It was somewhat challenging a few years ago to set it up, but once completed, it worked well. Easier integration with on-premises solutions could be beneficial.

I have used the solution for about three years.

The track record is excellent, with nothing to complain about.

The scalability is great.

Their support is great. We get quick responses. The customer support consists of very talented people. They are nice to work with.

Positive

I have used Azure Firewall. I have not extensively worked on AWS. In Sweden, our focus is primarily on Azure.

We went with CloudGuard because we have been working with Check Point products for quite some time. It is an easy choice. We are already familiar with on-premises network security, so choosing the same in the cloud is a big benefit.

Maintaining the policy is not difficult at all with CloudGuard. In fact, it is easier compared to Azure Firewall, which seems a few years behind Check Point. The solution is effective for utilizing all security features Check Point provides. Although I have not used all CloudGuard features yet, its network security is akin to an on-premises firewall.

We have a CloudGuard in the cloud, and we use normal quantum gateways.

It was not as simple as on-premises, but there were good guides on how to do it, so we managed in the end.

We are the integrator in this case. We managed the implementation for one of the end customers. However, we had support from local Check Point representatives.

The main return on investment has been in the time spent working with the solution. Since everything is unified in both cloud and on-premises environments, troubleshooting is faster.

It has saved about 50% of the time. If we had two solutions, we would have to troubleshoot two solutions.

Handling costs is not my department. Licensing has been quite acceptable. It is a bit easier now, but when I began working with CloudGuard, it was a bit too technical.

My overall product rating is a nine out of ten. A slightly easier setup process would be great. Check Point is performing well. The cloud is evolving rapidly, and Check Point is keeping up efficiently. 

We have been using Scale Set with Check Point. We use it to scale up and down in Azure depending on the workload. It is scalable, and it is easy to scale up and down depending on the usage. If we have a lot of traffic, it automatically adds a new firewall, and if the traffic slows down, it just removes the firewall. I do not need to worry about the load because it would not be an issue when scaling.

The management server provides unified management. We save a lot of time by not having to log in to different platforms. It is good to have everything in the same place. It saves maybe half an hour a day.

We get good insights into security, and we are more secure because we have more insights than we would get from other products.

We are having issues with updatable objects in the Scale Set solution. It needs to be fixed by Check Point.

The setup instructions are not correct. They should be corrected. We sent the product feedback last week. Several things were misspelled and incorrect in the documentation, and it got updated.

We have been using Scale Set with Check Point for about four years.

We do not have any issues with the product. Usually, the issues are with the Azure platform, such as an Azure host going down. It is not a Check Point issue.

I have been working with Azure Firewall for five years. It is a lot smoother to work with Check Point. When it comes to rule sets and IPS, Azure Firewall does not have too many functions. It does not look nice, and it is not easy to make rules. It is a lot of a headache to work with Azure Firewall. It also costs a lot more.

We cannot get any fancy reports from Azure Firewall the way we can from Check Point. We do not have any insights with Azure Firewall. We get a lot better insights with Check Point.

It is easy if you know what to do. If you follow Check Point instructions, it is hard because the instructions are not correct.

I do not have too much to compare to, but if I compare it with Azure Firewall, Scale Set is quite good. It has quite a good price.

I can only speak for Scale Set. I would rate it an eight out of ten because it is a good solution. I like it.