Check Point CloudGuard Network Security Reviews

Many traditional on-premise customers transitioning to the cloud often prioritize solutions like CloudGuard, especially when dealing with scale sets and clusters. These customers are accustomed to constructing their own network infrastructure and are drawn to CloudGuard for its compatibility with these setups. This primary use case highlights the appeal of CloudGuard for organizations seeking to maintain control over their network security while migrating to cloud environments.

The unified security management significantly impacts security operations and management positively. It's undeniably beneficial, offering streamlined processes and enhanced control. With the rise of infrastructure as code and tools like Terraform, there's a shift towards a separate manager pushing policies to gateways, which can introduce complexity. However, advancements like dynamic resets, enabled directly on the gateway without manager intervention, represent a significant leap forward, simplifying operations and propelling the company towards more efficient security management.

The most significant benefit for our customers lies in the familiarity and comfort of transitioning from on-premise Check Point solutions to CloudGuard's unified management system. This seamless continuity offers reassurance and confidence in navigating the cloud security landscape, making the transition smoother and more intuitive for them.

When compared to other migration solutions in terms of identity-centric security threats, Check Point stands out for its efficacy rates, particularly evident in its threat cloud and AI capabilities. The integration of various security features, along with the collaborative aspect where information from all Check Point Gateways feeds into a collective pool, underscores the robust security aspect of the platform. This is where Check Point consistently sets itself apart in the security landscape.

We maintain a high level of confidence in our security posture, provided everything is configured correctly. Check Point offers additional solutions to address gaps beyond the firewall's capabilities, especially in scenarios where threats may circumvent it or exploit other entry points. Network security alone may not suffice, but Check Point's supplementary solutions, such as Network Calabrio, complement our defenses effectively, serving as a solid foundation for our overall security strategy.

Our clients appreciate the familiar look and feel of Check Point's interface, which maintains the security standards they've come to trust. While there are numerous reports comparing efficacy rates of cloud-native solutions, they often fall short in comparison to third-party vendors like Check Point.

The auto-scaling feature is undoubtedly one of the most valuable aspects of having Check Point security in the cloud. It provides excellent protection by dynamically adjusting resources based on demand. Additionally, the centralized reporting and management, accessible through a single pane of glass, offer consistency and efficiency across multi-cloud environments. This unified approach ensures seamless security management regardless of the cloud platform, making it a highly advantageous feature of Check Point's cloud security solutions.

Check Point's primary competitor, Palo Alto Networks, offers a SaaS firewall solution that can be deployed in both traditional virtual networks (VNETs) and virtual wide area networks (VWANs). This firewall solution features auto-scaling and consumption-based pricing, allowing users to scale according to their needs seamlessly. While Check Point does offer some VWAN offerings, they appear to be more static and less tailored to cloud-native environments compared to Palo Alto's dynamic and flexible approach.

I have been working with it for approximately five years.

In terms of stability, I've never encountered any issues where a gateway went down or experienced faults. My experience across various environments has been consistently positive, without any instances of gateway crashes or failures for any specific reasons.

The scalability aspect functions seamlessly, although there's a significant process involved, particularly with the CME and management components recognizing new gateways and pushing necessary files. Despite the complexity, the CME serves as an effective tool for deploying scripts and managing tasks. However, the requirement for management to push configurations to the firewall adds an additional layer of intricacy beyond simply pushing to the gateway.

The technical support provided by Check Point is commendable. Once a case reaches the right hands, resolutions are often swift. However, there can be challenges in initially getting the case directed to the appropriate personnel, which is not uncommon for organizations of our size. I would rate it seven out of ten.

Neutral

I've implemented various deployments, with one of the most extensive being a multi-tier architecture utilizing different scale sets for handling ingress, egress, and east-west traffic internally. This particular deployment spanned across two regions, with a total of twelve instances distributed among the scale sets, each serving a distinct function. Essentially, it aimed to replicate a traditional data center environment in the cloud, catering to the specific needs of the organization.

Lately, I've been engaged in numerous discussions surrounding cloud-native firewall solutions like AWS Firewall or Azure Firewall, as well as offerings such as Palo Alto's SaaS firewall and CloudGuard NGFW.

CloudGuard compares favorably, offering a familiar and user-friendly experience akin to Check Point's traditional products. The trend towards cloud-native solutions is evident, particularly among non-security-focused individuals. The flexibility to assist in migrating customers who are embracing cloud-native approaches, integrating seamlessly with platforms like Azure WolfStack and AWS real stack, is a significant advantage. This ease of migration is a notable strength of competitors like Palo Alto.

It functions well, especially the auto-scaling feature, despite the complexity involved, particularly with integrating Azure load balancers. Consolidating these components would be beneficial, but without a SaaS offering, reliance on Azure's resources or cloud-native resources remains a factor. Overall, I would rate it eight out of ten.

We use it to secure our network. We use it to manage our firewalls and some of the other services that we have with them.

By implementing CloudGuard Network Security, we mainly wanted visibility.

CloudGuard Network Security saves time from having to go to multiple places to look for different things. It gives us the ability to see it all in one place. We could realize its benefits in less than 90 days.

CloudGuard Network Security provides unified security management across hybrid-clouds as well as on-prem. We are able to combine different aspects into one place.

I am confident in our cloud network security. Check Point is a great company. They stay up to date on everything that is happening, and they keep us informed about anything that needs to be done to maintain that security posture.

The visibility is most valuable. It allows us to see all of our devices from one place, and it gives us the ability to manage push updates and things like that from one place.

Its price is fair, but it can be more favorable.

We have been using CloudGuard Network Security for about two years.

It feels very stable to me.

Its scalability is good. It is being used across multiple departments. There are 300 users and a lot of endpoints.

We do not have any plans to increase its usage this year. We might do that in 2025.

Their support is great. I would rate them a nine out of ten.

Positive

We did not use any similar solution previously.

I was not too much involved in its deployment. My role is not as technical as it used to be.

We worked with partners to help us with the deployment who had expertise in this, so it was pretty straightforward. Our implementation strategy was to work with a partner.

We had a Check Point partner for implementation. Our experience with them was good. 

We have seen an ROI in terms of time and labor costs. People do not have to spend as much time on different things. They have one interface to manage different things.

It is fairly priced, but it can be a little expensive from time to time. 

I am not aware of any solutions that we have evaluated. Check Point is our firewall vendor, so we went with them. We were able to have just one partner and one point of contact for any issues. Having a bunch of different products creates problems of its own. You do not know whom to call and whom not to call for an issue. Having one single contact to oversee all that is beneficial to us.

I would advise taking your time. Be patient, and you will see results. It does not take much time, but some people want to see a return right away. It took us about 90 days to see the return. It is more based on you getting in it and doing things with it, but be patient.

I would rate CloudGuard Network Security a nine out of ten.

We are using it for in and out of our cloud from on-premises. Security from our SD-WAN and express route connectivity is our main use case.

We also have vendor integrations. SAP RISE was the big one that we recently had where we were using dedicated CloudGuard network gateways for straight vendor implementations.

The ease of deployment has been a benefit. Having Check Point on-premises definitely helped with moving to the cloud. It feels very similar after you migrate. It was not as cumbersome as on-premises, and it was a little less scary for others. It enabled others within our company to adopt.

We have unified security management across hybrid clouds as well as on-prem. We are using just gateways to the cloud, and we have the same management server and the same console as on-prem gateways. It definitely allows you to have unified policies across the board. This seamless integration is a huge plus. Smart-1 Cloud is the next portion to go up to, so we can remove the complexity of management, such as login and whatnot, from our responsibilities.

By using CloudGuard Network Security, we have a good foundation. The history of Check Point has a reliability that I trust. Most of the improvements we do are more internal. There are actions that we, as customers, need to do. It helps to have vendors like Check Point who will go out of their way to help you make their product seamless. It is only as good as how you use it. That has been a big positive, and we have had a good accounts team that has been able to bring proper resources to us, and we encourage those additional resources they provide to us to help us be successful.

For identifying security threats, our company uses a portfolio of different kinds of vector spots and inspection spots. Some of that is handled by another team, and I do not have direct insight into that. However, it has definitely added some automatic reaction with our on-premise setup, which has helped us integrate cross-platform. That portion has been great because no one wants to be too vendor-dependent. You want to be vendor-agnostic. The fact that we can utilize it across multiple vendors has been a positive for us.

We are using gateways, and I appreciate the high-availability gateways they have. They stand out more than the competitors. 

The Check Point architecture team adapting fluently to the architecture that each cloud has is valuable. They are adaptive to customer solutions, which is a big advantage.

Some more built-in marketplace templates would be nice. It would be nice to see more vendor assistance in deployments and backup of recoveries versus having customers rely upon that themselves. That would make it a lot more seamless and aligned with the standard on-premise model that is there. Check Point can extend the same posture that they have to CloudGuard and make that transition very seamless.

Check Point does not have as big a footprint in engineering teams as Cisco or Palo Alto has, especially in the US market. Therefore, finding someone who understands Check Point is a lot harder. If Check Point can make it easier for seamless transitions, it will build the confidence of engineers and help with the adoption of a new vendor for those engineers. Anything they can do to help with that is a competitive advantage, and it works for any company looking into it.

I have been using CloudGuard Network Security for about three years.

It is very stable, but in any virtualized environment, you are still dependent on your cloud provider. If Amazon, Microsoft, Google, or any other cloud provider reboots the gateway because they are doing some maintenance and did not tell you about it, it is not Check Point's fault. It is something where you have to correlate whether you had an outage or lost a node. You still have to report that. It still looks like that your Check Point firewall went down, so guilty until proven innocent type of deal comes into play. That has been a little bit more challenging than when it is your hardware on-premises. Outside of a power issue or an upstream switch, if something goes wrong in the box, it is not on Check Point. At that point, you can hammer down to the cloud. Having shared resources makes it a little bit difficult to delineate. You have to go case by case.

I have not directly experienced the need for scaling, particularly horizontally. Based on studies, presentations, documentation, and architecture, scalability is definitely there, so I have confidence that if my business needs to shift to high throughput and high sessions, Check Point will have a solution for me to do that seamlessly.

I have always had challenges with TAC. There still seems to be a difference in the type or level of tech support you get based on the region you call into. That has been a little bit more challenging. We have had issues with getting the same candid answers where they were regurgitating without looking through. At the support level, we have had some challenges back and forth, but when we talk to our account team or our sales engineer and say that we have a problem, their reaction is very quick. Their escalation internals take care of that. They get us the right people.

For additional deployments from the cloud perspective, we have always had great contacts to get to. I have been very happy with the level of support Check Point has given us for new deployments' design ideas and problems. The feature roadmap they chose has been excellent.

Overall, I would rate their customer service and support an eight out of ten. I am dropping points because of the TAC issues that I have had.

We do use another vendor that does a similar function. The vendor is Fortinet. Both vendors have their own pros and cons. The big difference between the two from a cloud network security perspective is that the high availability model that Check Point has is not what the competitor has. So, you are still relying upon load balancers, and you are still relying upon cloud failover, which adds a little bit of complexity. This high availability has been a huge plus. We have not seen our current vendors or other vendors be able to do so. 

We, as such, have not switched. We have a different vendor we use, and we have not made the decision to switch. We are still at that deciding factor because we are seeing where things fit with both platforms. From an ROI perspective, switching would not be advantageous to us at this point based on what we are getting, but it is definitely something that is looked upon as we look at life cycles. We can then make a decision one way or the other to meet our business needs. 

The decision to go for CloudGuard instead of our cloud vendor's cloud firewall was predated. There were some implementations that were already there. We have made additional investments where we did go between vendor A and vendor B and made a decision. I made the decision and chose Check Point, not just for the single pane of glass and ease of management but also for the high availability. For the high availability that we were deploying, there was no other solution that could give us the seamlessness we were looking for. We could not get that from other vendors, so it became evident that going for Check Point was the right decision to make.

We are a Microsoft Azure Shop, and the deployment model would be high-availability gateways. We are not using gateway low balancers. We are just using the high-availability deployments.

In terms of ease of deployment, I cannot speak for the earlier years, but I did hear that there were some pain points. That was more of a combination of cloud maturity in Microsoft and Check Point integrations. There were other challenges related to intermixing and the knowledge base. This was when Check Point was new to our company, and we probably did not have the right MSP support. A lot of those gaps and failures were due to the support and not having that strong knowledge base and operating support afterward. Recent deployments, from 2020 to 2024, are different. There is a night and day kind of difference. We had instant Check Point support. They walked us through and sat on the call while we deployed in real-time with our CloudOps teams. It was seamless. We ran into a gap, and we were easily able to fix it right then and there. They were very collaborative. It has just been a night-and-day type of scenario.

For the first implementation, we used an MSP consultant in collaboration with Check Point. We did the recent deployment in-house directly with Check Point.

We are yet to figure that part out. There is a lot of tuning on our side, and we have definitely seen its remediation and prevention capabilities help us in very critical situations. Knowing that we could be proactive instead of constantly being reactive has definitely put me at much more ease at night. There are some improvements to that. 

Investment-wise, this is where you look at the consolidation and realize that you might have different vendor technologies that might be doing the same thing. This is something we will have to look at. It is not necessarily a Check Point problem. It is something that we, as an enterprise, have to look into.

My experience has been extremely positive. It was not a concern because I had an account team that fought for pricing for our company. They were not pushing me to professional services for certain help. I was instantly getting a CloudGuard architect to help us out. They understood our environment and bridged the gap where we needed that help with our public cloud provider and with Check Point, in this case. That is what made the experience. They allowed us to scale it well, and that is where Check Point has done very well. 

They realize that customers need to be adaptive in their cloud deployments, and they are much quicker than on-prem. They know that in the end, their product speaks for itself, so pricing has always been very competitive compared to other vendors. I have always had account teams no matter what company I have worked for, and they have always done a good job of meeting that gap. So, its pricing was not the reason we made the decision.

I would rate CloudGuard Network Security a nine out of ten. The ease of template deployment would have been nice. There was also a little bit of weirdness with the licensing models for our on-premise management. That is pretty much it. Otherwise, I am extremely happy with it. They are not negatives. It is still great.

We primarily use it for egress internet traffic for four clouds, as well as between clouds to on-prem. Those are the main use cases. We have another small use case for ingress traffic, but it is a very small use case right now.

By implementing CloudGuard Network Security, we wanted to get network visibility in our clouds. That was the main point. We also wanted to provide a segregation layer with stateful inspection with all the next-generation features, such as IPS.

CloudGuard Network Security certainly has made our organization more secure. Our business partners cannot inadvertently open up the access that they should not be just to get things done. They now have to go through our firewall. We have got the inspection layer. Our security organization can see threats if they come in and take action on them. We were able to realize its benefits almost instantly.

CloudGuard Network Security provides unified security management across hybrid-clouds as well as on-prem. We heavily use global policy to join on-prem and the cloud, as well as multiple clouds. It is a huge benefit for us as we can set a global standard for policy and then push that across all the different security zones.

We are very confident in our cloud network's security. We have had many years of experience developing it, so we were very aware of the design and the solution within each cloud. We are confident with how we deploy it, and we have plans to make it more efficient as we go.

Most recently, it would be the dynamic objects or datacenter objects. The query feature is going to be a game-changer for us as we move forward. It simplifies our policy, and it gives us a way to dynamically learn and discover things in the cloud instead of having a static way.

Currently, we are struggling with licensing just because of the pace and growth of our cloud. Keeping up with licensing for new regions and new gateway usage is certainly something we are looking into. We are working with our accounting to figure out how we can improve. The licensing piece is big for us.

We are at the place where we are looking at better integration with the management system. We use an MDS today, and it is self-deployed. We want to get to the Smart-1 Cloud, but we do not know what that looks like today because it does not support a multi-domain setup. Smart-1 should either be able to do multi-domain or there should be some form of taking a multi-domain environment and putting it in Smart-1.

I have been using CloudGuard Network Security for probably five years.

From our experience in five years, it has been very stable.

It seems to be very scalable. We have plans to increase the usage of CloudGuard Network Security.

We do scale sets across our clouds and across many regions globally. The number of applications behind it is in the hundreds if not thousands.

It is an excellent service. I would rate their support a nine out of ten. Improving a little bit in the smaller clouds such as Oracle and Google would help a lot.

Positive

We did not specifically use any similar solution in the cloud. It was brand new.

We have a public cloud and then a hybrid with on-prem. We have AWS, Azure, Google, and Oracle.

In terms of the version, on-prem, we use Maestro, and in the cloud, we use the latest CloudGuard. We use the software version R80.40 and are about to upgrade to R81.20.

Its deployment was a little complex for us because we have a very large cloud environment and we are multi-cloud. We had an existing estate, so it was hard to put a firewall in the path and not break things.

We are still implementing it because we are taking a cloud-by-cloud approach. We have done AWS and Azure. It took probably two years to do that, so I would assume that for Google and Oracle, it is going to take at least a year.

In terms of the implementation strategy, we first develop the IEC for the code to deploy it, and then we deploy it and test it in a sandbox environment. We then deploy it to non-prod and roll it out to those regions, and after that, we would do the same with prod.

We implemented it ourselves.

We have seen an ROI, but I do not have any metrics.

Pricing-wise, it is pretty competitive. However, I would like to see more flexible licensing. There should be more of a consume what you need and true-up type of model.

In the past, we have evaluated other solutions. When we tested them, they did not have the same feature set or functionality that CloudGuard had. When I initially tested years ago, the scaling probably was not as efficient. The support was also a big factor. The support that we got from those vendors was not as good as from our account team with Check Point. 

When we looked at the cloud provider firewalls, they did not match up to what Check Point could do with the various deep packet features and functions like IPS. The feature set was the main difference. At the time, the cloud providers could not provide IPS or deep packet features. That was a big driver for us with Check Point. The fact that we could not integrate policy with our on-prem firewalls, which were from Check Point, was another big driver because we wanted a unified policy. Our existing relationship with Check Point helped as well.

To those evaluating CloudGuard Network Security, I would advise certainly engaging with the Check Point account team. Get their solutions team to help you walk through the solution and talk to others in the industry about their experiences.

The biggest lesson that I have learned from using this solution is to deploy it as soon as you can in your cloud journey.

I would rate CloudGuard Network Security a nine out of ten. 

I use it to protect our public cloud workloads today. It safeguards them directly from the internet and also from the corporate network. We have interconnected our Azure environments with our on-premises network, including our data centre. CloudGuard Network Security helps protect workloads within Azure from both the corporate network and the internet.

CloudGuard Network Security has significantly improved our operations. Its automatic scaling capability, based on the network load, eliminates the need for capacity planning. 

We don't need capacity planning anymore or do proactive actions in order to always have that capacity planning, it does it automatically. Our network engineers now focus on administering the entire cluster rather than managing individual members and their loads.

Our confidence in our cloud network security is pretty high, largely because of central console management. It ensures that we have uniform threat prevention policies applied globally, which significantly boosts our confidence in the system.

The most valuable feature for us is the scale set, which allows us to scale horizontally, vertically and dynamically depending on the traffic load.

It provides us with unified security management across both CloudGuard and on-premises environments. We use CloudGuard Network Security for Azure and have a single management console that allows full visibility into logs and consolidated logs across all environments. This ensures we maintain consistent IPS, IDS, and threat prevention policies across all regions and data centres.

There is room for improvement in the integration with PaaS services from the public cloud. It would be very helpful. A more cloud-native approach is needed because even it is PaaS services require public cloud resources, even if the traffic load is low. These resources are still required for high availability and resiliency.

So, a full PaaS solution with improvements on that end, basically.

I have been using it for five years now. 

We have many different firewalls worldwide in our environment. Check Point support provides direct, 24/7 support, even when some components may be outdated. Since almost 95% of our hardware is supported, they're still able to provide support for the remaining 5%, which is greatly appreciated.

Positive

We opted for CloudGuard primarily due to two factors, which ultimately became three. 

• First was the Azure consumption cost, which was lower compared to competitors. 
• Secondly, its plug-and-play capability is straight out of the box, as deployment is directly made from the Azure Cloud Marketplace. In contrast, with competitors, you have to manually import and deploy the image they provide, which isn’t off the shelf. 
• The third factor was the scaling solution offered by CloudGuard, which we found to be the fastest.

I was involved. It was straightforward, out of the box, plug and play. 

We didn’t use a reseller or integrator; it’s really simple to deploy, and we had the capability to set it up on our own.

I haven't calculated it because we deployed CloudGuard Network Security as part of our cloud journey. The ROI wasn't calculated solely on that part; it was more about the overall process of closing the data centre and moving to the cloud.

The licesning has some good features. For example, the scaling feature is free of charge, allowing multiple scale-ups and scale-downs over a two-week period, which is pretty good. 

However, since we are still on an IaaS infrastructure, we end up paying for firewalls that are operational without actually handling traffic loads. This is why a PaaS approach would yield more benefits for us.

Overall, I would rate the solution an eight out of ten. The reason it's not a ten relates to the need for a more cloud-native solution that fits today's requirements. The deployment was five years ago, and we're still waiting for Check Point to evolve to truly have cloud-native capabilities.

I'd advise looking into the scale set feature and the out-of-the-box capability, which were really the silver bullets for us. It was a strong requirement, and if anyone is seeking that kind of solution, I would greatly recommend it.

We mainly use the firewall part. We use it to interface with our cloud environments.

We have a CloudGuard firewall in place, and we have Azure or AWS networks at the backend. We use it to secure workloads and be a bridge to our on-prem as a hybrid solution.

It makes securing our cloud workload super easy, and we are able to push any sort of policy changes we need pretty quickly. It is a lot better than the native cloud firewalls that are available in terms of ease of use and features. Check Point IPS is way more advanced than the native cloud firewall solutions.

CloudGuard Network Security provides us with unified security management across hybrid clouds as well as on-prem. It is fantastic. It makes our security operations a lot smoother because we only have to push policy once to our cloud firewalls and our on-prem firewalls. We can select whichever firewalls we want and hit install. The changes are made across all different types of devices. We had evaluated the native cloud firewalls for a specific use case, but we saw that Check Point firewalls were superior in the aspects that we were looking at for our requirements. 

We just set up the firewalls and forget about them. We only have to do jumbo hotfix upgrades on the major version upgrades. For the most part, the uptime on them is fantastic. We do not have any downtime on them, so we never have to worry about them, which is why I do not have a lot of experience with them. We just set them up and forget about them.

CloudGuard Network Security has been fantastic in terms of identifying threats. Being able to log those cloud firewalls to the same place where all of our other Check Point firewalls are is a huge plus because we can see where something gets prevented by IPS or something like that.

We only use it for the firewall, so it is about security.

I want the upgrades of their CloudGuard solution to major versions to be easier. We have had a few small hiccups. They have different types of cloud clusters called Geo Clusters, and those just cannot be upgraded past a certain point, which is a hurdle that we are currently experiencing.

We have been using CloudGuard Network Security for four years.

Its stability is amazing. We have never had any weird downtime issues with our CloudGuard firewalls.

We do not use any of the auto-scaling features that Check Point provides. We do not have a use case for it, so I cannot attest to that.

When you get the right person, Check Point TAC is fantastic, but sometimes, it can take a while to find the right tech engineer to be able to answer your problem within a reasonable amount of time. Most TAC engineers can answer a question, but some might take longer than others. I would rate their support an eight out of ten.

Positive

It is super easy to deploy. In a few clicks, it is up and going. 

I deployed it myself.

We have definitely seen an ROI, but I am not sure how to quantify that. I am satisfied with it. 

It is definitely easy to use and simple. Compared to the native cloud firewalls where if they do not have a feature, you are out of luck, I feel that Check Point has a very superior feature set.

I like the flexibility because I am pretty sure you can use the same license on Azure or AWS. I forgot the name of the license, but there is a specific type you can use that lets you interchange them, and that is pretty good. I like that. 

I would rate it a nine out of ten. The only reason it is not a ten is that sometimes there are hiccups when we have to interact with it, such as while upgrading. These are small things, but I wish it was more seamless than it already is. It is already pretty seamless, but there can always be improvements.

We have deployed CloudGuard in our environment to protect conversations between different network segments. For example, we can protect north-south traffic and east-west traffic.

We deploy our production workload in different cloud provider environments, such as GCP, Azure, AWS, and IBM.

CloudGuard Network Security enhances our network security from an end-to-end connectivity point of view. We can deliver high-performance security to our different functional teams to support our business.

CloudGuard Network Security provides us with unified security management across hybrid-clouds and on-prem. We have one unified platform to manage on-premises gateway and CloudGuard gateway. We have a unified and standard way to ensure compliance and enforce all the definition requirements and process outcomes.

Check Point is at the top end of the market when it comes to security and threat prevention. They have a service called ThreatCloud. We get frequent updates from ThreatCloud. We can look at the numbers, signatures, and bad IPs they provide to us, and we can compare this information with other vendors or competitors. It gives us confidence that they are better in terms of threat detection.

All the features that we subscribe to from CloudGuard NGTP are valuable. All the threat prevention and access control features give us the network security that we expect.

From the policy optimization point of view, they can do better. This is not just for CloudGuard. CloudGuard is one little piece managed by Check Point. They can also integrate a third-party policy management solution to improve that. For example, Tufin is focused on policy optimization and management.

They can also offer solutions faster to address customer concerns.

We have been using this solution for five or six years in our environment.

Check Point overall is pretty stable. We can rely on them. This is one of the key reasons why we stuck with Check Point for more than 20 years.

It is good. They have all kinds of solutions from on-premises to the cloud. There might be some limitations to their partnership with certain cloud providers. They can speed up to give us better solutions, especially for CloudGuard. I know some competitors offer solutions to address customer concerns faster than Check Point. It is an area for improvement.

Our experience has been good. Their sales engineers and support engineers are pretty good, but they also have some gaps. They can improve that. I would rate them an eight out of ten.

Positive

We have seen an ROI because they fixed the gap. We were able to put a solution to fix a gap. It gives us confidence about how secure our environment is.

We have a pretty good partnership with Check Point. We have a global subscription and agreement. They give us a pretty good corporate discount.

We have a global subscription to cover everything, not just the cloud but also the on-premises gateway. We have all the threat prevention subscriptions as well, which makes us stick with Check Point. Even though we get a better price offer from competitors, this global discount makes its pricing a better deal for us.

Before deploying it, we did compare it with other vendors. We looked at the major players in the market, such as Palo Alto and Fortinet.

We did not go for a cloud-native solution because they could not provide the same security as Check Point. We deployed CloudGuard in all of our cloud environments because we felt that their native solutions could not satisfy our requirements. We were also able to add selective threat prevention features, which native-gateway solutions might not have had. This is a value-add when we deploy CloudGuard in a cloud.

CloudGuard Network Security is easy to use for us. Because we have been using Check Point, it is easier for us to integrate new features, rather than deploying a new environment.

Overall, I would rate CloudGuard Network Security a nine out of ten.

We are primarily using it for access control for our various cloud environments from our on-prem resources.

By implementing CloudGuard Network Security, we wanted granularity and control of the traffic going through our different BDCs within AWS. We use one there. We also wanted identity awareness for going into cloud resources.

CloudGuard Network Security gives us access and visibility into what is going on in our cloud environments. Previously, we did not have any cloud instances. We were just managing the on-prem and then letting it go. It gives a lot of visibility. We could realize its benefits instantly.

CloudGuard Network Security provides us with unified security management across hybrid-clouds as well as on-prem. We were able to manage all of our cloud environments from one central place. We have got CloudGuard in Azure and AWS restricting traffic between those hybrid cloud environments.

We feel very confident in our cloud network security by using CloudGuard Network Security. We get what we would expect with an on-prem firewall. We get all of the functionality and security that we would expect from an on-prem firewall in the cloud. We did not go with our cloud vendor's cloud firewall because they were not able to meet a lot of the security standards that we needed.

The ease of deployment has been nice. It is like managing any of our on-prem firewalls.

The only pain points we have had with it were when we did major version upgrades. Rather than being able to do incremental upgrades on those, we had to completely redeploy. I know that has changed recently, but we had some hiccups when we did the upgrades. This is the only issue we have had.

We have been using CloudGuard Network Security for over four years.

It is very stable. I would rate it a ten out of ten for stability.

It scales pretty easily. At this time, I am not aware of any plans to increase its usage.

Their support is great. I would rate them a ten out of ten.

Positive

We did not use a similar solution previously.

It is a private cloud. We have it in both our private Azure and private AWS restricting access between the individual BDCs and on-prem environment and between the two different cloud environments as well. 

It is primarily deployed by one team, but multiple clients use the cloud services.

I believe we have seen an ROI. We are able to manage it from an already existing management server that we are using for on-prem. Not having to have another product that we are managing outside of Check Point is a big plus.

We looked at cloud-native firewalls. They were not able to meet the security standards that we were able to get by using CloudGuard.

We looked at their IPS solutions with the cloud-native firewalls, but we could not go as granular. With CloudGuard Network Security, we could see the individual protection and fine-tune it.

CloudGuard Network Security is also easier to use than other solutions.

I would rate CloudGuard Network Security a ten out of ten.