Check Point CloudGuard CNAPP Reviews

1. Visibility for cloud workloads, including server, serverless and Kubernetes.
2. Security configuration review along with automatic remediation.
3. Posture management and compliance for a complete cloud environment.
4. Centralize visibility for a complete cloud environment of the workload hosted on multiple cloud platforms (AWS and Azure).
5. Baseline for security policy as per the workload based on services, such as S3, EC2, etc.
6. Visibility of an API call within the environment.
7. IAM management providing access to the cloud network in a controlled manner.
8. Alerts and notifications for any security breach/changes in the cloud environment.
9. Flow visibility of traffic to and from the cloud environment.
10. Real-time alerting for any security incidents.

They provide support for Azure, Amazon, GCP, and Alibaba. However, we just have AWS and Azure.

1. Provides complete visibility of the workload hosted on different cloud platforms (AWS and Azure) along with multiple tenants. 
2. Helps in enhancing security for cloud environments by providing reports, both in terms of security and compliance. 
3. Provides complete visibility of traffic flowing to/from the cloud platform.
4. Provides best practice policy that helps to strengthen the security of the workload.
5. Assets inventory and API calls can happen from the cloud.
6. Provides control in terms of accessing the cloud workload. As a policy is created, this will block direct access to the cloud environment in case the same is not define or approved in Dome9.

Security visibility with Dome9 is excellent. Normally, without this type of solution, especially if you have some workloads hosted on Azure, they give you minimal tools to be able to analyze the loss. There are different consoles that need to be checked for analyzing any incident. In the case of Dome9, it gives you the loss provided in a report on a centralized console. It gives you complete visibility, including the IP to IP Flow, which is happening from the workloads to the Internet or the Internet to the workloads. Even in case of getting a threat intelligence from Check Point, which we have the integration, if some workflows are communicating any suspicious IPs, then the reports are available on the flow logs. On top of that, it also provides a report where you will be able to find out from which location or country you are getting the traffic to your workloads. Therefore, if you want to block certain geo-locations from communicating with your network, then you can also do that using Dome9.

The workload, which was taking a day's time, now can be turned out within hours. We are able to analyze the logs in real-time. Previously, if we enabled some services, then the email needed to be sent to the security team who would do the scanning, might submit the reports, and post some action to be taken by the developers. Using this solution, we are getting the reports in real-time. The remediation can also be applied automatically. The developer can take the necessary action immediately. It provides us what action needs to be taken.

Unless we did some scanning, we used to not know that there were security flaws within particular services. However, by using Dome9, as it has complete visibility, we are getting those details much faster.

The firewall normally has been managed by security team. Admins can bypass through firewall to create any policy. They can go outside and downloading/uploading anything from their workloads. This solution provides that control as well.

1. The IAM role gives us complete control over the cloud environment. In case someone tries to bypass and create a user or policy locally, which is not allowed or defined in Dome9, changes will be rolled back and a notification will be sent to the concerned team.
2. It's always ON and available on a mobile device using the app.
3. There is complete visibility of the traffic flow with threat intelligence provided from Check Point. It even provides communication detail on any suspicious IPs.
4. Provides detailed information if some workload tries to directly access and bypass any firewall policy.
5. Provides a granular level of reports along with issues based on compliance standards, which are defined depending upon organizational requirements.
6. Task delegation as a particular incident can be assigned to a particular individual. The same can also be done manually or automatically.
7. Customizes queries for detecting any incident.

The solution is pretty straightforward to use, as it is only a SaaS model. You just need to enable the accounts for which Dome9 needs to do validation, and that's it.

Compliance checking capabilities: When you enroll your account, we have multiple accounts. Once you enter that on Dome9, it does a complete scan of your account based on these flow logs. It checks: "What are the security flaws?" So, the compliance depends on the company and what they are using as a benchmark. Normally, for India, we use the CIS as a benchmark, then whatever flow logs are available, those are provided in the reports. Then, we check those compliance reports against the CIS benchmark, and accordingly, take actions. We can then know what are the deviation on the cloud platform and on the account, with respect to the CIS.

There are some use cases where you will not have reports readily available or not get the dashboard for particular outputs. You can create a query on the console for those, e.g., if a particular EXE file started on a workload, we can find out if that is running anywhere in the cloud. While it does not provide details on the process level, it will provide us with which sensor is communicating to which IP addresses as well as if there are any deviations from that pattern.

It has remediation capabilities, and there are two options available:

1. You can do automatic remediation, where you need to define the policy for which unit that you are doing remediation. 
2. It can be assigned to a particular team or group of people for its particular vulnerabilities of security flaws. That ticket can then be raised to service quotas be remediated manually.

1. Policy validation should be available before it is deployed in a production environment using a cloud template.
2. Automatic remediation requires read/write access. When providing read/write access to third-party applications, this can add risk. It should have some options of triggering API calls to the cloud platform, which in turn, can make the required changes.
3. A number of security rules need to be added in order to identify more issues. 
4. The reporting should have more options. The reports should be more granular.
5. It should support all container platforms for visibility of a complete infrastructure single console, such as, PCF.

Three months.

Until now, we have not faced any issues in term of downtime or outages. It seems to be quite stable.

Scalability is not an issue. There are a number of workload licenses that need to be procured, then it is straightforward.

There are between eight to 10 security admins and auditors who have access to Dome9.

Our complete cloud workload is managed through Dome9.

The support is excellent. They regularly review our cloud infrastructure and provide suggestions to help us have a better security posture.

Initially, we were using tools provided by the service provider, such as, ScoutSuite, AWS Config Rules, AWS Trusted Advisor, or Amazon GuardDuty for monitoring, and similar tools for Azure as well. Then, we needed to go through a different console to identify any incidents.

Initially, we used submit a report, but there was no remediation nor information provided how to remediate workload issues. In our current scenarios, we are able to get the complete visibility. The complete visibility of the solution has been a key to the increase in our productivity.

The initial setup was straightforward. The only thing that was required from our side was a cloud template, which was provided by Dome9. We need to executed that template in our cloud environment for AWS and Azure. It automatically creates a read-only ID on the AWS platform for Dome9 to connect with. There is some configuration which needs to be done on Dome9 as well as AWS, but the deployment takes around 15 to 30 minutes.

Check Point's team was available, but we implemented it in-house with our support team.

We don't require staff for deployment and maintenance of this solution.

As it is a security product, the ROI will not have that much importance because it is enhancing your security and/or providing more security to your infrastructure. If there are any security incidents, then Dome9 is able to protect us.

Initially, once the solution was deployed into production, then the scanning used to happen and we used to see the environment's visibility. In the current situation, as everyone is moving to the DevOps environment and using the CI/CD pipelines, it helps us to analyze vulnerabilities way before they get installed in production and the web. It gives us more security in the production environment.

The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider.

We evaluated Prisma Cloud by Palo Alto Networks and Trend Micro Cloud One Conformity.

Normally, the policies are accessible only on the browsers, e.g., if you compile them from Prisma Cloud, they're available as a part of a browser. However, for management users, especially for CIOs and CTOs, it becomes difficult for them to type URLs, then login. In the case of Dome9, they provide an app. With that app, you can directly login with single sign-on. It is much easier to access using the app compared to the browser option.

Most things are the same for all three providers. The major difference between Dome9 and Prisma is the IAM roles. The maturity of IAM roles available in Dome9 are much better than the other two solutions. Currently, our focus is mostly on what is happening and who is making the changes in the environment. Another thing is the visibility that Dome9 provides through its intel is better than the other two solutions.

The other two solutions have system capabilities better than Check Point.

I would recommend Prisma as well as Dome9 because they both have the visibility. In our case, the IAM was a critical piece of our requirements.

The cloud and on-prem environments are completely two different networks.

They should offer the cloud in India. Soon, there will be GDPR and India will have its own data protection laws. This might create some issues in the case of the data residing outside India. Because we are collecting metadata from the internal networks for the cloud environment, this is the reason that I suggest that they should have some plans to have the cloud in India. However, neither Prisma nor Trend Micro have cloud in India.

I would rate this solution as an eight out of 10.

We pull all of our cloud platforms into Microsoft Azure. We needed a tool that would provide us with provides policy compliance to be able to monitor our environment. In the case something is in violation of one of those rules, it will let us know and we can correct it. 

It is also very flexible to configure users, and authentication methods and thus be able to control the activities of each of the system administrators and users, another one of the functionalities it presents is that it allows us to monitor the records of our environment in the Azure Cloud and be able to take the necessary measures if there is a problem..

One of the reasons we were able to implement this solution is that it gives us complete visibility into the workload that we have hosted on our Microsoft Azure platform. This tool came to help improve our security environment in the cloud and provide more detail through reports such as compliance and security, as it shows us complete visibility of the traffic that is flowing to our Azure platform.

Another reason we implemented it and it caught our attention was the access control to our Azure cloud. Every time a policy is created for each purpose, it immediately blocks the access for which it was designed. Dome9 provides excellent visibility.

Check Point CloudGuard Posture Management presents great values, such as the IAM role control, since if it does not meet the established parameters, these controls will not allow the creation of users, and policies that are not allowed.

It presents great visibility of the traffic flow of our cloud, providing information on what data and users are circulating and in the event of a threat, it immediately identifies them by providing detailed and granular information from our entire environment. 

It also has and provides the ability to provide recommendations of the errors that exist and thus be able to correct them as soon as possible

The service is very complete for the functionality that it was created for, however, they can make a couple of improvements such as the validation of policies that must be available before they are implemented in the production environment. It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published. They do not update as they should and the new rules are not applied. They can also try to reduce the false positives generated by the tool.

This solution has been used for approximately five years in the company.

One of the reasons why we chose to do the implementation with Check Point was its stability. Its performance is very good.

My impression was that the scalability was very good. It is a super scalable product.

On some occasions, we have had problems as they do not send the meetings on time or it takes a long time to resolve a case. However, on other occasions, they resolve very quickly.

Positive

Check Point was always our first option as many security teams are from Check Point.

The configuration was very simple. The application is a very user-friendly tool - apart from training and courses for implementation.

A Check Point engineer who had a lot of experience helped us with the implementation.

When making an investment with these tools you are taking care of an important patrimony that will double your profits.

Check Point always manages good prices and costs in the tools they sell.

We do not evaluate other options. We wanted to continue implementing the same brand since the other products have helped us a lot in the security of our company.

Users can fully rely on Check Point products as they are robustly designed for security.

We use CloudGuard CNAPP to verify the posture management of our cloud gateway.

CloudGuard CNAPP helps us improve security, verify vulnerabilities, and understand overall network behaviors. It helps us to have greater visibility of the posture and the gateways that are in the cloud. It also helps us to see where the gaps are and how the attack levels are.

CloudGuard CNAPP helps us a lot in being able to identify erroneous configurations or configurations that may not be as per the standard that we use internally or as per an international standard.

CloudGuard CNAPP's Cloud Security Posture Management identifies the risks that are most critical to our business. In some cases, we could identify that our posture level dropped, and we were able to identify what we needed. We were able to make adjustments to be able to have an adequate level of protection.

We use CloudGuard CNAPP's CloudGuard Workload Protection capabilities. We have several gateways, and within them, or between our clouds, we are protecting everything, such as servers and containers. In this way, we maintain complete protection, and logically, we have visibility into everything that enters and leaves our premises and our cloud.

The scanning provided by CloudGuard Workload Protection helps us identify problems before they go live.

Visibility is a key feature. It helps me to validate my overall network posture.

In a general sense, it is a tremendous solution. We have got good use out of it. From what I see, it is also well-positioned in the market. I understand that it is among the best solutions.

I have been using CloudGuard CNAPP for about five years. 

Its scalability potential is good.

Their support is excellent.

Positive

We did not use a similar solution previously.

We use Azure Cloud and AWS Cloud. The deployment was very easy. We worked with Check Point for implementation.

We took Check Point's help with implementation.

We did not evaluate any other solution.

I would rate CloudGuard CNAPP a ten out of ten. It is an excellent solution. When we used it for the first time, we verified that this solution was on top of other solutions. This platform has helped us to maintain a posture with a lot of visibility. It helps us a lot.

As an organization, we have implemented Azure Microsoft and AWS for some applications. Most of the workloads are managed in the cloud. Therefore we needed a tool that could protect us against some type of cyber threat that would generate losses in the apps that are being used. We apply CloudGuard Workload that comes to us to cover all those security breaches that we could see presenting. In the beginning, we used the free trial to do some tests, and it worked for what we needed it for, and then we acquired it with all the functionalities

CloudGuard Workload Protection came to help us a lot in the organization in the application development part since it is one of the areas where there is more workflow and vital generation of the company since applications are generated and modified daily. With this tool, IT came to us to help provide a series of security layers to all these flows by providing us with different types of security options such as alerts and improvements. One of the characteristics that we liked very much is that it can be coupled with different public clouds.

One of the CloudGuard Workload Protection features that we liked a lot is the security it handles in containers. 

Another interesting thing is that it works without an agent involved. 

It also offers great complete visibility of all devices, and assets in the cloud, which allows us to control all those assets, thus generating complete analysis of the infrastructure in real-time. In this way, we've been able to attack the points where there is some vulnerability in our infrastructure and being able to be at the forefront of security.

It cost us a little to find some information about CloudGuard Workload Protection. It cost us to find information about the tool and recommendations.

The configuration administration documentation is not very available on the web, or it is not completely updated. They should also improve the support so that we can create a case and they can respond faster. They take time to respond or coordinate a meeting since they maintain a schedule that does not fit Latin America very well. It is sometimes difficult to coordinate support hours. 

They do not provide a concrete and rapid solution which causes security implementations to be delayed.

The solution was implemented a¿twoo ago.

So far, the stability of the product has remained excellent. We have not presented any failures.

It has great scalability. It's very fast and precise.

The support offered by Check Point in general is very regular.

Positive

No other solution has been implemented.

Like all setup-type software, it is very easy to install.

The implementation was done in conjunction with a support team from the company and the supplier.

The implementation of a security tool is always an excellent investment. One thing outweighs the other.

The installation of the product is very reliable, and fast, and it is a very competitive cost in the market.

Check Point was the first solution we used. It was recommended by third parties.

It is a very complete tool for workflows. It provides excellent security.

We use Check Point CloudGuard Posture Management to increase our visibility into our environment and ensure that our policies are being followed.

The solution has helped us analyze the security of our Azure environment. Trend Micro and Check Point analyze the Azure environment with our tenants and clients to check for security vulnerabilities and misconfigurations. We need to correct these problems and alert our team and clients of any issues. The solution also compares these actions between two applications.

The most valuable feature is the separate environment. In the testing environment, we can have Client A, Client B, and Client C. We can check this information in one portal. It is possible to separate access to this information for my clients to review.

The license cost is expensive and has room for improvement.

I have been using Check Point CloudGuard Posture Management for three months.

I give the stability a nine out of ten.

I give the scalability a nine out of ten.

The technical support is great.

Positive

The initial setup is straightforward.

The license fee is high.

I give Check Point CloudGuard Posture Management a ten out of ten.

Check Point CloudGuard Posture Management is a good solution and I recommend it.

We required a tool for our Microsoft Azure environment to validate and find threats under machine learning, forensic validations, and extremely important reports for the company to determine possible vulnerabilities and change the infrastructure to improve the security posture of our public cloud environment.

We also needed an environment that could show us monitoring and dashboards of value to improve our security easily.

One of the most important details to monitor is the network in our infrastructure, based on those requirements, we look for a tool, in this case, Check Point.

The Check Point CloudGuard Intelligence tool helped us perfectly with the search for a cloud security posture for our environments and security in the Microsoft Azure cloud, a centralized environment, and has great features within the tool, such as forensic analysis. In case of any vulnerability, we had to determine what happened.

As for the reports, we could help determine what happened, valuable details which allowed us to generate greater security according to the values shown.

The most important features that we like in Check Point CloudGuard Intelligence are the centralization of the security environment within the Check Point Infinity Portal, which already has other security tools that we have and that can also be managed from this site.

Forensic analysis is one of the features we liked a lot since it is easy to understand and helps us improve security.

The ability to integrate it with Microsoft Azure Sentinel allows us to validate the logs in an even more complex and meaningful way.

Something that needs to be improved little by little in tools like Check Point CloudGuard Intelligence is the lowering of costs as some customers can't buy such a solution. They could also sell it based on various versions for different customers and various business needs.

It is also important to improve performance issues at the Infinity Portal level, which is sometimes slow, yet not always.

We would like there to be more public documentation to generate implementations with best practices.

We started using the application no more than a year ago. It's excellent for the analysis of the public cloud infrastructure.

This is a really stable solution.

The solution is incredibly scalable and managed by Check Point Infinity Portal infrastructure.

We had never used or known a tool like Check Point CloudGuard.

The best option is to have a partner who helps them with support in addition to helping with cost issues since pricing is not public.

We always value various issues such as centralized environments, costs, and support, among other details to make the best decision. Even so, with this validation, the best option for our company is Check Point.

Our developers work in our Microsoft Azure public cloud environment, where they build applications and app service sites. These developments did not always avoid vulnerabilities, so we required a tool to guarantee that these environments complied with robust security measures to avoid attacks including identity theft, and denial of services, among others. We needed to protect from damage to the operation or hijacking of our data which would prevent the internal operation of the company. Thanks to this tool, we could cover ourselves and our environment safely.

The importance of having a security tool for our developers' workloads; most of the time, our apps services use identities to log in against databases, generating a possible loss of data and credentials. 

Thanks to Check Ppoint CloudGuard Workload Protection, we were able to provide assessments to verify security problems, best practices, and changes that were listed from the solution portal to be able to correct them both automatically and manually, achieving safe environments.

Check Point CloudGuard Workload Protection is a very important tool for the company and developers. The characteristic that caught our attention the most was that it is a native solution and was created for cloud application protection that was automated.

This solution not only provides recommendations or best practices for applications that are already finished or productive. However, we can protect from the beginning of development to testing and production, having recommendations and improvements throughout the process.

The tool is also very intuitive; its dashboards are very complete and provide a lot of valuable information for decision-making to improve security.

Check Point CloudGuard Workload Protection is a very powerful, comprehensive, centralized tool but also a very expensive solution. It is worth it, however, it is not available to everyone.

The Check Point Infinity admin portal sometimes freezes.

There is little documentation for the implementation and start-up of some configurations. They could improve the public documentation to be able to generate the help that the client requires to be able to generate the correct and effective provisioning.

This is an excellent security tool for the workload of the company's internal developers; we have used this technology in the last year with very encouraging results.

I really like the solution.

This product offers excellent availability; its scaling is managed by the manufacturer.

A centralized tool with the potential of Check Point CloudGuard Workload Protection is not found in other manufacturers. We have not had such a solid and secure solution.

The recommendation is always to have a provider or a partner that can generate and answer all questions about the solutions and provide costs and analysis to see if the solutions are what the company needs.

Before implementing this solution, we validated solutions from other manufacturers such as Fortinet and Cisco. However, the benefits provided by Check Point exceeded the validations, and we chose CloudGuard.

It is an excellent security tool for dev departments and the entire company.

It helped us a lot in improving the regulations and security of our cloud environments.

We still manage an on-premise environment, however, many companies at the beginning believe that the cloud is invulnerable or that the manufacturer must ensure everything, which is not correct. With this implementation, it is possible to improve all current cloud security.

In the company I work for, it was implemented to be able to have governance in addition to good practices in our Microsoft Azure environment. It's a somewhat expensive tool, however, it is worth it to be able to solve all those improvements and avoid so many modern vulnerabilities, which have their point in cloud attacks.

As in our company we have environments that are hybrid in some cases and others totally cloud. We find in Check Point a reliable tool to improve security, implement regulations, and generate governance in cloud environments. In our case, we have a Microsoft Azure public cloud with enough resources which we need to protect. We achieved it together with  Check Point.

It was possible to provide greater security to identities with admin access to the cloud - a critical part of IT management.

The most striking features are:

1- Identity protection generated through Check Point posture management, which is helping to prevent user theft or unauthorized access.

2- The governance that can be provided with this tool is very good since we have been able to implement good practices to avoid vulnerabilities.

3- The administration portal panel is very intuitive. It also generates scores based on regulations and good practices to go little by little with the recommendations, significantly improving security.

Some general improvement characteristics can be made, including the following:

1- Cost improvement. Some tools are quite expensive, and some non-equal manufacturers offer more comfortable capabilities at the cost level.

2- The guidelines to implement or to link with the clouds are not complete. Following them sometimes the task of implementing under the best practices of the manufacturer is not achieved.

3- Many Check Point guides are only available to partners and not to the general public. They can make a better impression by having them public and thereby helping the client.

It's an excellent tool and is available in the Infinity Check Point Portal. Its main function is to centralize governance in the same administration portal and has been tested for more than a year to validate our cloud security.

Previously we used only Microsoft with Defender for Cloud. However, we wanted to have our security centralized. Check Point through the infinity portal achieves that feature.

It's very important to have a reliable and good partner. The proactivity helps us to see the existing needs and check with Check Point what characteristics are required.

We chose Check Point as it provides integrated and centralized security, improving the effectiveness of security reviews.

Even though the cost is somewhat expensive. I recommend this solution for users who use the public cloud.