Check Point CloudGuard CNAPP Reviews

We use Dome9 to control our AWS security groups, evaluate and map security group traffic, and conduct compliance checks of our cloud environment regularly.

Dome9 continues to be a major piece of our cloud security architecture and has given our senior leadership team a high degree of confidence in our ability to protect our cloud environment. We have more visibility than ever before, appreciating the valuable and proactive insight that we receive from the platform.

Clarity and Compliance have become two of our favorite features. Clarity allows us to visually depict our security groups and effective policy for both our current environment and can do predictive visualization based on cloud formation templates. The Compliance engine has helped put our auditors and senior executives at ease, as we can quickly and accurately measure ourselves against hundreds of compliance checks to include CIS benchmarks, PCI, and other best practices.

Dome9 continues to enrich its features at a blazingly fast pace. I would like to see tighter integration with other compliance tools, like Chef Compliance, in addition to Inspector. Also, I would love to add more richness to the Splunk add-on for Dome9.

None, it has been a solid performer for us, and well within the SLA.

We have yet to encounter any issues with scalability.

We have not needed it much, but when we have, they have been very responsive and they truly are helpful.

Initial setup was super easy. We were integrated in 15 minutes, then it was just another hour or so of tuning and kicking the tires.

They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. 

We evaluated native AWS features and a competitor, Evident.io, but found that Dome9 was able to do all of what we needed in one tool instead of two.

Start with read-only and move to full-control slowly. When you go to full control, there will need to be good communications with your AWS teams, so they know it is there. Do not do full-control on your lab environment.

They are a great partner to work with. Not only is the product solid, but we have loved having a good relationship with their leadership and seeing our feedback manifest into real product updates and features!

Check Point CloudGuard CNAPP is primarily designed to protect cloud-native applications and their underlying infrastructure from cyber threats. The primary use cases of this solution are comprehensive cloud security, workload protection, cloud security posture management, DevSecOps integration, threat detection and response, compliance and risk management.

Checkpoint CloudGuard Cnapp has improved efficiency, accuracy, cost-effectiveness, data-driven decision making and customer satisfaction.

The valuable features of Checkpoint CloudGuard CNAPP are automation capabilities, integration with existing systems, real-time analytics and reporting, customization and flexibility, security and compliance, scalability and growth support and a user-friendly interface.

Improvements can be made to the user interface, performance and reliability, security and compliance, and customer support.

I've used the solution for the past year.

The stability is good.

The scalability is nice.

Technical support is good.

Positive

No, I did not previously use a different solution. 

The solution was set up via our in-house team.

The ROI is okay.

The pricing and licensing can be improved.

No, I did not evaluate another solution. 

The threat-hunting system provides forensics through machine learning visualization with real-time insights into processes from a multi-cloud environment. 

It has powerful tools that detect any threats in the network infrastructure in advance before it penetrates into our systems. 

It has repulsed many attacks that have been launched by malware attackers that could destroy data. 

The CloudGuard Intelligence provides alerts that prepare the IT team to set up effective measures after detecting threats. 

The product performance has enabled each team to work without fear of any threats.

It provides the most useful tools for protecting our financial account records from hackers. 

The application has boosted security from all the company sources. We have not lost confidential data to external cyber attackers since we deployed this platform. 

Faster responses to malware threats have saved the organization from engaging in insecure transaction losses. 

The product has safeguarded the entire financial system from external interference. 

We used to experience the challenges of data protection before we deployed this application. There are improvements in data management and security with a positive impact on work processes.

The advanced data analytics on the security of the applications has provided effective insights that helped in safeguarding confidential information. 

The intrusion alerts and notifications have saved us a lot of time and resources in enhancing reliable security. 

The comprehensive security from cloud and on-premises has saved data centers from attacks and provides a reliable environment for boosting production. 

Cloud threat intelligence provides useful insights that help in planning effectively during the process of implementing projects and tasks.

The security investigation features that are present have been performing excellently since we deployed this application. There are few licensing and network coverage cases, however, the customer service team is always ready to solve any problem. 

Timely updates and upgrades to meet modern technological changes could help improve performance and limit the chances of downtime. 

The performance has been stable for a long time since we deployed it. The few hitches which we have experienced can be solved without affecting the workflow performance. 

The Check Point team has done a great job, and I recommend their products to other companies.

I've used the solution for ten months.

This solution has been stable with reliable operations.

I am impressed by its reliable performance, and I recommend it to other business enterprises.

Customer service and support always provide effective guidelines when contacted.

Positive

The other security products that I have worked with had responded poorly which is why we moved to Check Point.

The setup procedure was straightforward.

The implementation was done by the vendor.

There is increased ROI from the product's stable performance.

This platform offers modern security for threats that will arise in any organization.

I evaluated several products. I settled on Check Point CloudGuard Intelligence based on their reliable services.

This is a great and powerful platform for securing organizations from cyber attacks.

We are a solution provider and we are evaluating multiple tools for cloud workload security and vulnerability management. We are evaluating products such as Dome9 to figure out which one would be best for our customers.

This solution is used to replace a variety of cloud security and management tools.

Dome9 can be used centrally manage many different functions that take care of operations such as scanning the network.

All of the features are very useful in today's market.

Dome9 should also support deployments that are on-premises and in a hybrid cloud.

This solution needs DLP support.

I have been using Dome9 for less than one year.

We have not experienced any issues in terms of stability, although we are still exploring the tool.

We are currently running Palo Alto Prisma and evaluating it together with Dome9.

It is easy to implement Dome9 but there are many policies that need to be configured.

Once the deployment is complete, the policies have to be set up and validated. All of the policies need to be relevant to my customers, which means that some of them will have to be disabled. For example, policy requirements will vary from country to country.

This solution can be used in many different markets such as medical or insurance, and different challenges will be present depending on the market.

 The process can take a month or a month and a half.

In addition to evaluating Dome9 and Palo Alto Prisma, we are considering Qualys, as well as a customized solution by Security Compass.

One of our customers is also using Check Point CloudGuard, which we are trying to replace with Dome9.

I would like to understand the reporting, how secure the solutions are, and how it can be implemented such that my framework is mapped to those tools.

The functionality that is used will vary depending on the use case. For example, in a recent use case that I worked on, the data packets had public access without exception. However, this should not have been allowed.

I definitely suggest that people use Dome9 because I have used it since last year and I really like the features. It is also stable. There is only one feature, DLP, that is not present and we have found in Prisma.

I would rate this solution a six out of ten.

We have an FTP infrastructure that is accessed by customers. As FTP service is quite vulnerable if not secured properly, before implementing Dome9 we had to apply multiple security solutions on the FTP servers.

Dome9 wrapped the FTP infrastructure with its network security configurations. This gives us the ability to monitor FTP activity as well.

• Centralized firewall management for both Windows and Linux distros - This is something that everyone is looking for. The initial version of Dome9 was one where you managed all the rules centrally in Linux and Windows, which was quite challenging. Now, to see in a single pane of glass, all the agents, all the rules, everything that is going on in out datacenters, is quite valuable.
• Visibility of the security configurations
• Clear view of the security configurations and connections across environments (DMZ, external and internal networks)
• The user interface is responsive and quite intuitive; when selecting an object it automatically shows the relevant actions

I’d like to see more integration with third-party tools. For example, it would be helpful to have an integration between Dome9 and ServiceNow to manage security incidents and security changes.

I don’t recall any stability issue from the first time we used it. It has been solid and reliable.

I didn’t encounter any scalability challenges. According to the vendor, we are far from the limit that has been tested by the vendor so far.

The technical support has been very professional and helpful. They are knowledgeable and answer our questions in a timely fashion.

We had been using iptables on Linux servers but it was missing centralized management. Also, configuring firewall security rules was quite a nightmare, especially testing.

The initial setup was straightforward, as the solution is quite intuitive.

In order to obtain better pricing, I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two. The company has multiple modules that you purchase independently or in groups, depending on your needs.

When we did market research five years ago, there were not many alternatives in the market for our purposes. We looked at Kaspersky Lab and Trend Micro but they didn’t address our needs.

We ran a PoC with Dome9 and it was transformed quickly into production.

My advice would be:

• Share your project goal(s) with the vendor to help you map the functionalities and modules needed, to be implemented in phases, during implementation.
• Map your existing security configurations and create a lab to test them with and without Dome9.
• Implement the solution progressively and look at the logs in the Dome9 application to learn about the network activity.

Check Point CloudGuard Intelligence surveys the company's multi-cloud servers to ensure they are free from threats. 

The software provides real-time data analytics on the performance and security situation around the applications. Data visualization enables the company IT team to easily monitor the networking system and notice any abnormality. 

The intelligence provision on workflow infrastructure enables my team to prepare for risks and put measures for curbing malware attacks. The system has provided CloudBots that detect any threats and misconfigurations automatically from our cloud servers.

The platform has enabled the company to avoid unnecessary data threats affecting the workflow chain and slowing down performance. 

Intelligence information with real-time data has enabled all the teams to plan effectively and make informed decisions. 

It is highly flexible since it can operate on both mobile and desktop devices. It allows each department to access and control operations and deploy security measures based on the demands. 

Cloud security monitoring has enhanced the safety of workloads and created a clean infrastructure for transferring data to our cloud stores and on-premises.

Typically, the threat-hunting mission scales down the performance of the entire network traffic flow to establish any drawback. Cloud threat intelligence detects any form of violation that goes beyond our policies for immediate rectification. The system has deployed security tools to enhance effective investigations in the entire company networking system. The out-of-the-box integrations enable us to integrate security technologies and create robust security management systems. The set features have a great impact on the overall performance of the company programs, and we are grateful for this great solution. 

The software configurations theory is complicated, and without proper planning and a well-skilled technical team, it cannot perform its tasks properly. Without effective mapping of critical areas, the platform cannot provide very good results. 

The maintenance cost is high after deployment, and it requires close monitoring for effective results. 

This version performs effectively when it is channeled to the right network infrastructure. It has created a centralized operation system that can comprehensively monitor and manage security for all connecting systems.

I've used the solution for one year.

It is stable and has created a better work environment.

Providing security for a multi-cloud networking system has been awesome.

The customer service team has been providing reliable support at all times, and I thank them for such contribution.

Positive

I have no experience from similar solution in my career experience.

The setup was complex, however, the vendor's technical team provided effective guidance.

We deployed it through a vendor team, and they were knowledgeable in all aspects.

The recorded ROI has been growing on a daily basis based on an excellent performance.

The setup cost is high.

I did not check other products.

In recent years, in search of a new strategy, we have tried to strengthen our security and infrastructure posture, being one of the fundamental pillars of a large organization. 

As a result of this situation, we have begun to adapt using solutions that support us at the cloud and on-premise. Posture Management is the solution that supports us in this search for a healthy, strong infrastructure and, above all, is aligned with the legal and regulatory frameworks at an international level.

This tool is very integrated for emerging infrastructures such as the cloud. It comes to support us with this new legal framework. Ideas, opinions, and regulations serve as a baseline to protect us from new methods or attacks. Without this legal framework, it would become more difficult, as many organizations are new to the use of the cloud. This solution gives us support from the experts who have been first in this model of infrastructure and services. We can ensure that by following and adapting our needs based on these guidelines we will be a great organization with a strong vision and a great security framework established to protect us. 

We like the ability to investigate, analyze, and generate reports.

Its most notable feature is to extend the analytics it performs to teams in any available cloud. 

We can collect analysis and be able to transform in such a way that the data provided allows us to find great value in institutional security. We can support each other to be better and more efficient daily. 

Currently, I would like this solution extended to cellular devices or tablets. This will be able to allow us to be more efficient.

I've used the solution for one year.

This product detects cloud anomalies and immediately quarantines threats to minimize further data damage. 

It enables our team to have full visibility of the security situation surrounding our hosted applications and workloads. Check Point CloudGuard Intelligence has a comprehensive risk assessment system that provides an advanced report on any business engagements. 

The product provides detection and security analysis recommendations that can safeguard cloud infrastructure in case of ransomware attacks. It monitors data flow closely to ascertain and block insecure content.

This platform has improved the cloud security situation in the organization. It provides reliable information that can be used for advanced planning and efficient decision-making. 

The cost of maintaining secure cloud infrastructure has been reduced due to regulated pricing from Check Point CloudGuard Intelligence team. The unified cloud infrastructure monitoring system can monitor data centers with limited resources. 

It provides critical insights that enable the IT team to plan and launch smart investigations when there are security breaches.

Comprehensive data visualization helps each team to track data and identify threats that can affect the entire workflow. 

Integration with third parties has been successful, and this has saved us costs and time for problem-solving. 

Anomaly detection is highly efficient and more productive with excellent threat prevention tools. 

The customer support staff responds quickly and positively when reached to address any issue affecting operations. 

The UI is user-friendly, and new users can easily learn how it works.

Effects on the network can slow down performance and lead to data leakages that can expose confidential information to cyber attacks. 

The UI can be upgraded to be more presentable and solve most challenges that affect users when there are inefficiencies. 

It does not support on-premise deployments such as VMware Tanzu, and this has been a major drawback when it comes to integrations with some applications. 

The majority of the features have been performing efficiently, and we are happy. The development can keep on updating the platform to meet daily changes and organizational demands.

I've used the solution for nine months.

The performance has been stable.

The scalability has been smart, and I am really impressed.

Customer support services are efficient.

Positive

This is the most effective platform I have worked with.

The setup was straightforward.

We implemented it through the vendor team.

There has been increased ROI since we deployed this platform.

The cost and setup are relatively good for most enterprises.

The other options are not as powerful as this solution.

Check Point CloudGuard Intelligence offers excellent cloud network security.