Check Point WAF (formerly CloudGuard WAF) Reviews

Check Point CloudGuard WAF's primary use is protecting web applications and APIs from application layer attacks in the cloud. I also use it to protect public-facing apps.

Check Point CloudGuard WAF offers the best features through its dual ML engine with attack-based and context-based capabilities. The dual engine directly reduces the operational load and improves detection quality for my team on a day-to-day basis.

Additionally, it allows for less policy tuning. Check Point CloudGuard WAF has positively impacted my organization by reducing my manual effort. It reduces up to 2x my operational effects, leading to lower false positives.

While Check Point CloudGuard WAF is a strong solution, it could be improved in a few areas such as simplifying and customizing the user interface and reporting database. Improving API security depth is also necessary.

I have been using Check Point CloudGuard WAF for the last one year.

Check Point CloudGuard WAF is stable in my experience.

Check Point CloudGuard WAF is highly scalable and designed for cloud-native environments.

The customer support is really good. I would rate the customer support an eight on a scale of one to ten.

Before Check Point CloudGuard WAF, we did not use any WAF solution.

I have seen a return on investment as it is a time-saver product.

Check Point CloudGuard WAF delivers clear efficiency gains over traditional WAFs in three main areas: operations, accuracy, and cost optimization. I do utilize Check Point CloudGuard WAF alongside other Check Point products. We use Check Point firewalls, security gateway, and load balancer, and they work together with Check Point CloudGuard WAF in our environment. My advice for others looking into using Check Point CloudGuard WAF is to first validate the use case and plan the deployment architecture. I would rate this product a nine on a scale of one to ten.

The main use case of Check Point CloudGuard WAF is for application protection.

Check Point CloudGuard WAF provides protection from OWASP threats, and secures web applications from common vulnerabilities, such as SQL injection, cross-site scripting, cross-site request forgery, and remote file inclusions.

The best feature of Check Point CloudGuard WAF is advanced threat prevention integrated with Check Point threat cloud intelligence, which provides real-time protection against web application attacks including zero-day threats, automatically receiving updates from the threat cloud and analyzing millions of indicators of compromise daily.

Cloud intelligence means that Check Point CloudGuard continuously collects threat data from global resources such as firewalls and sandboxes, analyzing billions of IPs, URLs, and behaviors using machine learning, distributing updates, security signatures, and threat profiles to CloudGuard WAF in real-time, automatically applying updated protection without manual interventions.

We have been using Check Point CloudGuard WAF for the last two years, and this is a very useful product.

I monitor the volume of the type of traffic our web applications receive and understand the types and threats targeting our environment.

Check Point CloudGuard WAF effectively detects or blocks malicious SQL queries in real-time, protecting our web application from exploitation. To block SQL injection in Check Point CloudGuard WAF, I access the CloudGuard WAF console, log into the Check Point CloudGuard WAF management console using administrative credentials, then navigate to the security policies or application security section of the console, where the firewall rules of the protection are configured. In the web security policy setting, I verify that the SQL injection protection is enabled, which is typically a predefined feature within the WAF rule set activated to detect and block SQL injection attacks. Check Point CloudGuard WAF comes with predefined SQL injection attack signatures based on known patterns and payloads commonly used in SQL injection attacks, and I ensure the SQL injection signature set is enabled so that CloudGuard can detect and block common SQL injection techniques.

I find no issues in software testing details with our predefined feature-rich template, providing automated security incident handling with real-time visibility and control across multi-cloud environments.

My main use case for Check Point CloudGuard WAF is protecting the public-facing web applications in my company because I need to show different webs to different clients, and I need to protect these web apps.

In addition to protecting public-facing web apps and APIs, I also use Check Point CloudGuard WAF for different purposes, such as providing protection to non-production environments, ensuring that vulnerabilities are caught early during deployment and testing, which helps identify misconfiguration or insecure code before it reaches production.

Check Point CloudGuard WAF has positively impacted my organization by significantly improving both security and operational efficiency, with a noticeable reduction in web-based threats, especially automated attacks and vulnerability exploits, thanks to its real-time prevention and reputation filter that has streamlined my workflow through automatic policy updates and integration smoothly with my CI/CD pipelines, allowing my DevOps teams to deploy security without delays.

AI-based threat detection and contextual machine learning to block known and zero-day attacks, according to Check Point, have led to a notable decrease in successful web-based attacks.

The best features that Check Point CloudGuard WAF offers in my experience include advanced threat detection with blocking OWASP Top 10 threats such as SQL injection, XSS, and CSRF with high accuracy, along with granular access controls such as geo-blocking and IP reputation filter.

The reputation filter has helped me significantly. For example, I was once notified of a spike in traffic targeting one of my login portals, which at first glance looked like normal user activity, but the reputation filter flagged the source IPs as part of a known botnet associated with credential stuffing attacks, leading to those IPs being blocked before they could even reach the authentication layer.

Check Point CloudGuard WAF is a strong solution, but there are a few areas where it could be improved, particularly the user interface for managing custom rules and exceptions, which could be more intuitive and streamlined to reduce the learning curve for new users, especially when deploying for the first time.

I think the documentation could be better. People need more intuitive documentation and easier steps for the first deployment.

I have been using Check Point CloudGuard WAF for around three years.

Check Point CloudGuard WAF is stable in my experience with no downtime or reliability issues.

Check Point CloudGuard WAF is very scalable and has handled growth or increased traffic well.

The customer support for Check Point CloudGuard WAF is great. I have had great response time, and it has been very helpful for me.

Positive

I did not previously use a different solution.

The experience with pricing, setup cost, and licensing for Check Point CloudGuard WAF is straightforward, with the service being available as a fully managed service, and the pricing depending on traffic volume, number of protected applications, and cloud provider. I do not have a problem with this area.

I have seen a return on investment, having more time in the department, which is the relevant metric of time saved.

The experience with pricing, setup cost, and licensing for Check Point CloudGuard WAF is straightforward, with the service being available as a fully managed service, and the pricing depending on traffic volume, number of protected applications, and cloud provider. I do not have a problem with this area.

Before choosing Check Point CloudGuard WAF, I compared it with Azure WAF, but I had to select Check Point CloudGuard WAF.

I compare Check Point CloudGuard WAF with Azure WAF, noting that I need to centralize the security products, preferring different tools in Check Point Infinity Portal since they are from the same company.

If you are considering using Check Point CloudGuard WAF, my top advice is to take full advantage of its automatic learning and threat intelligence features right from the start. Begin with the detect learning mode to observe traffic patterns and fine-tune policies before switching to full prevention, which helps reduce false positives and ensure a smoother deployment.

I do not utilize Check Point CloudGuard WAF alongside any other Check Point products.

Check Point CloudGuard WAF helps me block specific web-based attacks such as SQL injections or cross-site scripting with threat prevention.

Check Point CloudGuard WAF has helped me reduce my false positive rate to approximately fourteen percent, thanks to its adaptive threat prevention and machine learning capabilities.

The breach reduction capabilities of Check Point CloudGuard WAF are impressive, especially in how it proactively blocks zero-day threats and bot-driven attacks before they reach critical systems. For example, it stopped a credential stuffing attempt on my login portal using the reputation filter and input validation. I would rate this review a nine.

My main use case for Check Point CloudGuard WAF is to protect web applications and APIs from OWASP Top 10, and it has helped to secure cloud workload and prevent unauthorized access to data leaks.

I use Check Point CloudGuard WAF to block SQL injection and cross-site scripting attacks, and we protect the API by enforcing strict access, automatically applying a security policy to new applications before deploying in the cloud.

The best features Check Point CloudGuard WAF offers in my experience include automated policy upgrade with threat coverage intelligence, flexible deployment, and zero-day protection, which stand out to me the most.

The automated policy creation and threat intelligence have helped my team by reducing manual configuration and saving time, and the threat intelligence updates ensure immediate protection against new threats, simplifying daily operations and improving response speed.

Check Point CloudGuard WAF has positively impacted my organization by strengthening overall application security and data security, and it reduces manual workload for the security team while improving compliance in securing cloud workloads.

It has improved compliance and manual workflows through automated updates and reports, making it easier to meet compliance, with faster audits and readily available security evidence in reports, and it reduces time spent on manual rule creation and log reviews by automating policy enforcement.

Check Point CloudGuard WAF could be improved by simplifying the initial setup for a faster deployment, making the dashboard and reporting more customizable, and offering a more accessible pricing model.

I have been using Check Point CloudGuard WAF for the past one year.

Check Point CloudGuard WAF is definitely stable in my experience.

It has a user-friendly interface that makes monitoring and management easier with smooth integration with other Check Point and third-party security tools, and it provides a clear dashboard for visibility into attack and traffic patterns.

I would rate customer support as eight out of ten.

I chose this rating because sometimes the response will be delayed more than expected.

Customer support is good, but sometimes it takes longer than expected.

Positive

I have seen a return on investment from using Check Point CloudGuard WAF, considering both time and money.

My experience with pricing, setup cost, and licensing was good.

The experience with pricing, setup cost, and licensing is straightforward without any challenges.

My advice for others looking into using Check Point CloudGuard WAF is to plan deployment with clear policies to maximize protection from the start and take advantage of automated updates and threat intelligence to reduce manual work, ensuring proper integration with your cloud environment.

We have been looking for a solution to protect most of our web applications, especially because we have a couple of them available on the Internet. 

We are not looking at just the web application but also APIs because as a Telco company, we have a mobile money service and some other services that are API-based. We needed a solution that does not only look at our web applications but also our APIs. When I found out about CloudGuard WAF, it was a perfect match. It could not only protect our web application, but we were also able to protect our APIs. We have a couple of APIs on the Internet.

CloudGuard WAF has been great. We had no visibility when it came to our web application because, back then, we only had the next-generation firewall. We were able to protect some network-level attacks, but we had no visibility into what was happening at the application level. What we see now is unbelievable. We are talking about 800,000 attacks that we could not prevent before or were not even aware of, whereas now, we get them every day, and it is CloudGuard WAF that protects us against most of them.

CloudGuard WAF has reduced our false positive rate. That was one of the advantages of the solution itself. False positives are one of the main issues that we have with most security solutions, especially because each application has its own way of working. If the solution is not being able to learn how your applications work, there are going to be a lot of serious issues. With CloudGuard WAF, we did not have much of this issue. We never had an issue where something stopped working because of CloudGuard WAF. Whatever was prevented was actually malicious, so we have a very low rate of false positives. 

CloudGuard WAF is a very straightforward solution. I do not have to worry about signatures. Most of the solutions that are out there are mainly based on signatures, and I have to do a lot of maintenance to get the signature updates, and sometimes, due to a lack of resources, I am not able to do so. With CloudGuard WAF, I have peace of mind, because most of the features are AI-based, and there is not much configuration that needs to be done on my side. Once set, I only go to CloudGuard WAF to check. I do not have to worry about signatures or updates. Everything is done perfectly, and I have a sense of peace because I know our applications are safe. 

It is very important for us that CloudGuard WAF protects our applications against threats without relying on signatures. That is definitely one of the key features I need.

We are satisfied with the product because it does what we need it to do, but one thing that I would like to see improved in the product is the protection of our mobile applications. When I migrate the traffic from our mobile application to CloudGuard, we are not getting what we expected. We would like to be able to also look at our mobile applications.

I have been using Check Point CloudGuard WAF for three years.

It is very stable. We run some of the agents on our data centers and never had any issues. We are happy with the solution.

It is completely scalable.

Technical support is very nice. I have encountered a couple of issues related to the solution. They were not actual issues but things that needed clarification, and support was always there. They gave me the right reference to solve the issues that I faced. I do not have any complaints about the support and customer service aspects.

I would rate them an eight out of ten. They have very short working hours. Especially on the weekends, when you call them, the team is not working because they are a very small team. They need to increase the number of people for 24/7 support.

Positive

We were using Check Point's next-generation firewall. We are heavily Check Point customers.

When it comes to monitoring the solution, I do not have to worry that much about the solution itself. We have the peace of mind that the solution is doing what is expected from us. We do not have to worry much about the solution itself.

It is doing what it is supposed to do, and I do not need people to look at it 24/7. Most of the operations happen in the background, so I do not spend much time on it.

As Infiniti customers, the pricing is manageable, as we have allowances dedicated to each Check Point product. The price is not as high compared to other options I have dealt with in the past. 

Regarding the reduction of the overall total cost of ownership, I am not deeply involved with cost management. However, feedback from a senior manager indicates that we have made a positive decision.

When we were choosing the solution, we had a couple of vendors. After assessing the advantages of each solution, we found Check Point CloudGuard WAF to be the perfect match for my needs.

First of all, there are no signatures. We do not have to rely on signature updates. That was the main reason. Also, it does not only focus on our web application; it also focuses on our APIs. We have got a couple of them.

We, as a company, focus on consolidation. Instead of having siloed solutions separately where people have to look at different solutions, we focus on consolidation. Being able to have another solution that is consolidated and integrated with the other ones we had was a perfect match for us.

I would rate Check Point CloudGuard WAF a nine out of ten.

Check Point WAF (formerly CloudGuard WAF) is required by customers who have web resources and assets that are important to them and in production. These resources include internet shops, services, and financial services. Without a web application firewall, the business stops, and customers need to implement this solution. Insurance companies, banks, and similar organizations fall into this category.

Check Point WAF (formerly CloudGuard WAF) is easy to deploy and provides a complete solution.

Check Point's approach differs from others because it uses artificial intelligence elements and an AI-based approach. The WAF solution operates as a complex solution with multiple functionalities rather than a simple one.

The solution helps reduce the false positive rate. Productivity shows that only 10 to 25 percent will be false positives.

The interface and deployment require qualified skills and a qualified engineer who knows this product very well.

In general, Check Point products load the system somewhat and require more performance and better performance equipment on the customer side.

When compared to solutions specialized only on WAF, such as Imperva or Cloudflare, Check Point WAF (formerly CloudGuard WAF) is a lighter version and does not have as well-performed a load balancer or anti-DDoS option.

We started using Check Point WAF (formerly CloudGuard WAF) two years ago.

Check Point WAF (formerly CloudGuard WAF) scores eight to nine points on a ten-point scale for scalability. This scalability is one of the top features of Check Point solutions in general and especially for Check Point WAF (formerly CloudGuard WAF). It is a main approach of the Check Point team.

I cannot be objective in this question because we have our own service team with engineers on our staff. We handle most tickets and cases ourselves.

We operate as a partner company in projects and serve as an integrator for different solutions, including security solutions.

Regarding total cost of ownership, I cannot describe this accurately. Concerning the price for Check Point WAF (formerly CloudGuard WAF) and license costs, the pricing is good, and the approach could be better.

Regarding competitors, Cloudflare is the most popular and best-selling solution on the Ukrainian market now, and this trend will continue.

Check Point WAF (formerly CloudGuard WAF) and more Check Point solutions are oriented toward cloud infrastructure, cloud, or hybrid infrastructure. I would give Check Point WAF (formerly CloudGuard WAF) an overall rating of nine points.

I have been using Check Point WAF (formerly CloudGuard WAF) on a public cloud.

The features of Check Point WAF (formerly CloudGuard WAF) relate to addressing global attacks that we require. The threat map, which displays information on a live basis, helps us understand the types of points logs, and that is the best part.

I utilize Check Point WAF (formerly CloudGuard WAF) alongside other Check Point products. They integrate with internal systems-level security devices, which we are using to communicate internally. The integration makes the tools work better and is helping us significantly.

Beyond user-level benefits, we are receiving some advantages that are really helping us. Check Point WAF (formerly CloudGuard WAF) did reduce my total cost of ownership for my web application firewall, though not by a substantial amount, but it is acceptable.

In my opinion, there is some room for improvement regarding pricing, which we require, and much of it relates to the license base and support.

I have been using it for more than two to three years, and I confirm that I am currently running on it.

Regarding my experience with the deployment, sometimes we encounter difficulties, but overall it is good, and we achieve our time-based objectives. I would rate the stability as eight to nine.

I rate the technical support from one to ten as eight to nine.

I did not work with other WAFs before Check Point WAF (formerly CloudGuard WAF).

The initial setup is simplified, and I confirm that it is good for understanding.

As of now, I have not integrated with third-party solutions because it is not required.

The investment regarding return on investment is not yet realized, but we are considering that investment base.

The pricing is reasonable, and I believe it is acceptable. I am satisfied with the timing.

Check Point WAF (formerly CloudGuard WAF) is the best option on the market, and it is good for us. The potential attack surface level involves asking about vulnerabilities across the networks, which is why we confirm that it is really helping us.

I find Check Point WAF (formerly CloudGuard WAF) to be good, though I cannot say it is popular in my region.

I would recommend Check Point WAF (formerly CloudGuard WAF) to others, but it depends on the environment. I think it is currently suitable for any types of companies, specifically in the database, which we require.

I confirm that I do not require additional features for Check Point WAF (formerly CloudGuard WAF), and it is currently adequate. I rate this product nine out of ten overall.

I am using not only Fortinet, but I am also dealing with other vendors as well, such as Check Point. I am working with email security by Check Point. I have a little bit of experience with Check Point CloudGuard WAF, as we ran a proof of concept here.

The efficiency improvements provided by Check Point CloudGuard WAF are something I can describe. It was fairly easy to set up Check Point CloudGuard WAF if you are looking at the basic configuration. It was pretty acceptable with setting up rules, and so forth. If you were looking for advanced configurations, then you had to go for a different setup, and that made it a little bit complicated.

In terms of efficiency, Check Point CloudGuard WAF is very straightforward to set up rules because you really do not need to do much customization, as it is the case with all Cloud WAFs.

I have been familiar with Check Point CloudGuard WAF for about six months.

Check Point could improve or add more flexibility when it comes to migrating to different sites. Multi-tenancy is an area where Check Point has room for improvement.

From what I saw, the customer support by Check Point was pretty good, but they were trying to sell it to us, so I would rate it eight out of ten.

Positive

I have experience with FortiWeb, although we just stopped using them. We used to have FortiWeb for the last few years, but now we have actually stopped using them.

The price of Check Point CloudGuard WAF is not expensive, as it was the cheapest solution we found. There is good competition for Check Point CloudGuard WAF at the moment, with big players in the market.

If we selected Check Point CloudGuard WAF, which we did not, it would certainly be much cheaper. I would recommend Check Point CloudGuard WAF to others at a rating of seven out of ten. I would recommend it if you have a simple setup, then it is cheaper and it does the job. My overall review rating for Check Point CloudGuard WAF is seven out of ten.