Check Point CloudGuard CNAPP Reviews

Check Point CloudGuard Intelligence provides network security through machine learning analytics and visualization and detecting and spotting the threat entrant detection and providing threat intelligence security proactively for restricting the endpoints at the entry stage and securing the system in the best manner possible. 

The security application works proactively and diffuses the endpoints in real-time, ensuring swift action in restraining the threat entry into our IT system.

This application supports almost all kinds of cloud and hybrid platforms and is spot on during integration with other systems.

Check Point CloudGuard Intelligence has significantly improved the revenue stream for my organization. Earlier, we had a third party for overall IT security and it was costly for us. We were looking for something with less cost. 

The CloudGuard intelligence helps in the proactive detection of security threats across an IT device or server and immediately takes corrective and remedial action so that the data and security loss is not to minimal. It is one of the masterpieces which is quite advanced with current market requirements and is available at affordable prices.

The solution offers proactive threat detection and immediate remediation of the same.

Threat hunting is easy with this application as its false negative rate is extremely low, and its performance is fantastic.

It offers affordable costing and an easy renewal process for continuing the agreement.

It can work seamlessly with any kind of cloud servers and platform without any tech hassle or disturbance.

Multiple users can access and monitor the application working with a single login, which is quite advantageous and works really well for us.

There is no shutdown or slowdown of the application while in operation.

I strongly advise that the multi-layered security system of Check Point often undergoes updates and new versions keep coming. It is absolutely fantastic and is worth admiring. Every now and then, we feel that their team's training and orientation process on orienting the clients and partners is low and needs to be strengthened so that every single individual is completely aware and informed of the features and their utilities. They are not clueless in utilizing the services to their maximum. We just need more focused training.

I've been using the solution for almost foud to six months.

It is a stable product.

The solution is scalable.

They offer strong and supportive customer support.

Positive

We were using a third-party solution earlier, which was quite localized and was having limited utility in terms of system security. We switched to Check Point due to peer feedback and advice, as my peers were extremely happy after trial use and pushed us to try the solution due to its numerous utilities, which are customizable. It is quite affordable in comparison to its other competitors in the market.

The initial setup is easy and not complex at all.

We had assistance from the vendor team only.

We've seen an ROI of almost 70%.

We thoroughly examined the software and market offerings and found that CloudGuard solutions are reliable and dependable for their good work and globally accepted happy feedback by partners and users.

The setup cost is low and the implementation process is quite smooth.

Pricing is low in comparison to various competitors in the market.

Licensing and renewal of the agreement are effortless.

We evaluated other options, such as McAfee and Trend Security solutions. 

I'd advise potential users to go for the CloudGuard Intelligence solution and strengthen their IT security. It is the best available solution in the market with strong tech support and wider acceptability globally.

We use the Check Point CloudGuard IaaS within our company is for the protection of our cloud assets. It is deployed on Google Cloud Platform with the help of the Firewall, Application Control, and Intrusion Prevention System software blades.

In addition, we rely heavily on the GeoIP module to restrict undesired countries from accessing our services, as for now, you can't achieve it with the GCP firewall.

There are about 30 Google Cloud projects of different sizes ranging from 10 to 250 virtual machines, and they are used for development, staging, production, etc. For every project, there is one dedicated scalable instance group of the Check Point CloudGuard IaaS gateways.

Dome9 is used as an additional compliance tool to improve the security of these environments and avoid any configuration errors.

Initially, we had purchased the Dome9 solution just for its rich compliance possibilities. We have to provide the compliance reports on a regular basis to our partner companies and the regulators of the gambling and paying card areas, but now, we also rely heavily on the feature that "auto-heals" the configurations of the security groups and the firewall rules.

In addition, the Cloud infrastructure visualization feature is really good, especially for GP with its cumbersome firewall rules based on the instance tags and the service accounts.

1. This product provides a really nice visualization of the infrastructure, including network topology, firewalls, etc. It's cozy to configure stuff, and also to wander around the interface in general.
2. The Compliance Engine is powerful. We rely heavily on this feature since we must comply with the various security standards to work in the gambling sphere across the globe, and especially in the United States and European Union.
3. The solution continuously monitors config modifications and may alarm the relevant administrators, or even revert the configs automatically.

We were demotivated by the lack of native automation modules for the Terraform and Ansible tools. We think that in the era of the DevOps approach and practices, all the new products need to be released with such support, mandatorily.

In addition, we also hope that the Dome9 will eventually support the other Public Cloud platforms, like Alibaba, since we are planning to expand to the Asian market. Alibaba is the big player in this region due to the fact that Google Cloud and AWS are almost banned.

We have been using Dome9 for less than a year.

Dome9 is stable and works smoothly.

The solution is scalable. We have it run on about 30 projects without any issues.

No cases have been opened regarding Dome9 so far.

No, we are unfamiliar with the other solutions of the same kind.

The setup was straightforward, and the configuration was easy and understandable.

Our deployment was completed by our in-house team. We have a Check Point Certified engineer working in the engineering team.

I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you.

No, we did not evaluate other options before adopting Dome9.

Request a free demo directly from Check Point and see whether Dome9 suits you.

We have used CNAPP on our OpenShift test cluster but are planning to deploy it in our production clusters. We used CNAPP to enhance the visibility of our cloud-deployed applications. It offers various modules to do so. For example, the Posture Management module shows you exposed secrets and security misconfigurations and also gives you hints and ready-to-use JSON configuration files to fix them. 

Cloud Infrastructure Entitlement Management (CIEM) gives you visibility and management automation of identities, roles, entitlements, and privileges in your cloud environments. This helps you find and fix identity- and role-related security holes by constructing a complex privileges graph, which shows you granted permissions and enforced ones, suggesting you enforce the stricter and more secure enforced ones over the ones you granted.

The various CNAPP modules have granted more visibility of our cloud applications to our system engineers and developers. Doing so helps our transition to the cloud by making the management and administrative tasks of our cloud and system engineers easier, as well as suggesting and helping to prioritize patching and updating.

The most valuable features include the Cloud Infrastructure Entitlement Management (CIEM) module, Cloud Security Posture Management (CSPM), and Cloud Workload Protection (CWP).

The costs are really high if you want the entire capabilities of the platform. However, it is really motivated by the great value of the product. Moreover, you can buy individual licenses for the different modules if you don't need some of them.

I've used the solution for one year.

Check Point CloudGuard Intelligence Security is one of the most robust tools on the market. That's why we decided to implement it in our company when all our operations were migrated to the Azure cloud area. 

We needed a tool that would provide security in the network and help analyze any vulnerabilities that we might face in these new environments. We wanted to be able to attack all the weak points that we have in the cloud in order to guarantee effective and stable security. We also have some applications in our systems that deserve excellent security.

Check Point CloudGuard Intelligence came to strengthen our security and has helped the IT department achieve excellent network security. 

In addition to that, it has helped us centralize all the security infrastructure in this tool and helped us a lot to counteract vulnerabilities that were present. With this product, we were able to reduce the rate of attacks that we had. The database that they have is in real-time and updated instantaneously. All these factors helped a lot to reduce vulnerabilities.

Check Point's CloudGuard Intelligence tool presents some features that should be highlighted. For example:

It presents a real-time database that is always updated.

The environment can be centralized within Check Point Infinity, and thus we can have several security tools.

It also presents a forensic analysis that helped us to determine the root of several issues. 

Integration with Sentinel can be made, which allows us to obtain more security data and analyze it.

It presents a portal that is relatively easy to use and configure.

The tool works perfectly and improvements should be made, if any, in various technical and administrative aspects.

It was implemented approximately one year ago.

Check Point CloudGuard Intelligence has good stability. We have not presented performance problems or any other that would lead to a forced restart of the tool.

The tool presents very good and functional scalability. To this day, we have not presented any problems.

The support it provides is not very good. They should improve it since we have had several setbacks due to support issues.

Positive

Previously, there was no tool in the company's infrastructure. We needed the solution when we moved to the cloud and decided to improve security.

The implementation of the tool is very easy. There are several steps in the wizard where it gets complicated around the configuration, however. If you do not have extensive knowledge of the tool, it becomes complicated.

The implementation was done through the vendor, who gave us a support engineer to help us with the implementation and configuration of the tool. We also received some training.

By making an investment in security tools, we are doing ourselves a great favor. With this tool, we are protecting our information while maintaining operations. It is always a great investment to acquire these tools. Also, afterward, there is a noticeable economic return.

Whenever an investment is made in a security tool, it is high due to many factors. that said, investing in security will provide economic returns in the short or long term since it will greatly lighten workloads and provide security.

We evaluated many options on the market, such as Fortinet, Sophos, and Cisco NGFW. However, Check Point had better features.

With the time that I have used this tool, we have noticed that it is a very good solution and that it has excellent features. It provides very secure connections.

We want network security through machine learning. The product offers threat detection and intelligence for the endpoints. It also provides real-time information on application security. 

Check Point CloudGuard CNAPP's initial configuration is very easy. It is plug-and-play. It also gives regular updates. 

The tool should incorporate more use cases like improving security scores. It should also improve documentation.  

I have been using the product for a year. 

The product is stable. 

Check Point CloudGuard CNAPP is scalable. My company has more than 1000 users. 

Check Point CloudGuard CNAPP's support is very good. 

Positive

The tool's deployment is very easy and takes two weeks to complete. We need engineers to install the product. You need to ensure the overall device landscape before the product's installation. Its maintenance is easy. 

I can get 50-60 percent ROI with the tool's use. 

The tool's pricing is moderate. Its licensing costs are yearly. 

The solution helps to improve security scores, which is important for auditing and compliance. I rate it a nine out of ten. 

We pull all of our cloud platforms into Microsoft Azure. We needed a tool that would provide us with provides policy compliance to be able to monitor our environment. In the case something is in violation of one of those rules, it will let us know and we can correct it. 

It is also very flexible to configure users, and authentication methods and thus be able to control the activities of each of the system administrators and users, another one of the functionalities it presents is that it allows us to monitor the records of our environment in the Azure Cloud and be able to take the necessary measures if there is a problem.

One of the reasons we were able to implement this solution is that it gives us complete visibility into the workload that we have hosted on our Microsoft Azure platform. This tool came to help improve our security environment in the cloud and provide more detail through reports such as compliance and security, as it shows us complete visibility of the traffic that is flowing to our Azure platform.

Another reason we implemented it and it caught our attention was the access control to our Azure cloud. Every time a policy is created for each purpose, it immediately blocks the access for which it was designed. Dome9 provides excellent visibility.

Check Point CloudGuard Posture Management presents great values, such as the IAM role control, since if it does not meet the established parameters, these controls will not allow the creation of users, and policies that are not allowed.

It presents great visibility of the traffic flow of our cloud, providing information on what data and users are circulating and in the event of a threat, it immediately identifies them by providing detailed and granular information from our entire environment. 

It also has and provides the ability to provide recommendations of the errors that exist and thus be able to correct them as soon as possible

The service is very complete for the functionality that it was created for, however, they can make a couple of improvements such as the validation of policies that must be available before they are implemented in the production environment. It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published. They do not update as they should and the new rules are not applied. They can also try to reduce the false positives generated by the tool.

This solution has been used for approximately five years in the company.

One of the reasons why we chose to do the implementation with Check Point was its stability. Its performance is very good.

My impression was that the scalability was very good. It is a super scalable product.

On some occasions, we have had problems as they do not send the meetings on time or it takes a long time to resolve a case. However, on other occasions, they resolve very quickly.

Positive

Check Point was always our first option as many security teams are from Check Point.

The configuration was very simple. The application is a very user-friendly tool - apart from training and courses for implementation.

A Check Point engineer who had a lot of experience helped us with the implementation.

When making an investment with these tools you are taking care of an important patrimony that will double your profits.

Check Point always manages good prices and costs in the tools they sell.

We do not evaluate other options. We wanted to continue implementing the same brand since the other products have helped us a lot in the security of our company.

Users can fully rely on Check Point products as they are robustly designed for security.

We currently have hybrid cloud environments, so different cloud platforms are being used by the business for different use cases and systems are being deployed at a very fast pace. It's very challenging to enforce security and have eyes on everything that exists in the cloud unless you have centralized tools helping you accomplish this goal.

Today Dome9 is helping us analyze what we have out there and what our priorities should be from a remediation perspective. We do have multiple accounts today with the different cloud providers, so it's imperative to use a tool like Dome9.

We have been able to expand our visibility and security enforcement into all of our cloud environments by leveraging Dome9. The features allow us to constantly scan and take action on any configurations implemented, that aren't meeting compliance regulatory requirements.

This tool has also allowed us to keep an inventory of assets and an overall picture of what infrastructure exists today on the different cloud platforms we own. It helps to avoid unnecessary misconfigurations due to the lack of knowledge on what has been deployed.

The most valuable feature is the CloudBots for auto-remediation of security findings. It is helpful because my team handles so many security tools that it would be almost impossible with the current staff we have to support the on-premise network and have enough time to go in and maintain the desired/required security postured on the different cloud environments we own today.

One of the main reasons why we started looking into a centralized tool is so that could help us bridge that gap, and Dome9 so far has been very helpful from that perspective.

The tool has a lot of potential, but today, it lacks a lot of Scripts/Bots for Azure. This is one of the main cloud providers, so it's imperative to make this a priority in order to bring a lot of value to this tool.

The idea is to leverage Dome9 as the main central place for auto-remediation of all cloud environments so that customers don't have to spend a lot of time manually remediating. Manual remediation is very challenging once you have so many cloud accounts to support on a regular basis, and Dome9 can help do part of the job.

I have been using Dome9 for about one year.

We did not use another solution prior to this one.

We did not evaluate other options before choosing Dome9.

We mainly use it as a CSPM solution.

It gives us clarity.

The most valuable feature is the ability to see our customers' environments if they use more than one cloud provider, such as AWS, Google, and Azure.

Also, CloudGuard CDR's intrusion detection and threat hunting capabilities are good enough. They help us detect anomalous behavior and respond to threats before they become an issue.

There are regulatory requirements. I would like to be able to pick the regulation I would like to scheck compliance with and it would tell you where you stand on that regulation and what you are missing to reach compliance. And it shouldn't matter which cloud we're dealing with; we would have these possibilities.

I have been using Check Point CloudGuard CNAPP for about two years.

Scalability really isn't an issue with everything in the cloud. That's the essence of a cloud product: the scalability you get compared to on-prem.

Their technical support is perfect. When we contact them, they answer immediately. Their support knows the platform very well.

We did not use a different solution before.

It's very simple to set up because it's all in the cloud.

We have seen a return on investment. It can reduce the human resources we need. Also, there is ROI from everything connected to the fact that it's in the cloud: I don't need someone for management or to pay for on-prem resources, such as CPU.

If I compare the price of CloudGuard, Palo Alto is more expensive and others are less expensive. CloudGuard CNAPP is in the middle.

We looked at other solutions, but with CloudGuard everything is located in the cloud. It's very convenient for us to manage our assets in the cloud.

If they could reduce the price and provide more capabilities, it would be better.