Check Point WAF (formerly CloudGuard WAF) Reviews

My use cases include the use of WAF, landing pages, etc.

We see the advantages of a WAF solution when there’s silence, when there are no attacks, no mess, no fails. This is his biggest advantage and how it benefits my company.

Overall, it's a good product. I also have f5 for internal things that I use in another area. We work with several products. I’ve been working with a lot of Check Point’s products for a while, so choosing CloudGuard WAF wasn’t a big decision for me. 

It's a significant advantage that it's not signature-based; it's not too important to me, but it's good that it's that way.

Its ability to preemptively block zero-day attacks and detect hidden anomalies is the advantage of the product. It knows how to protect against any behavior and saves you from messing with signatures; that's its advantage.

There are no false positives in WAF for the most part. If there is an attack, then you know it, and there is mitigation for it. I wouldn’t say the reduction is noticeable.

The assimilation is fast overall. As long as I don't have unique problems that I need support for, usually when WAF works, it works. It's not something you manipulate, it's not an antivirus where you deal with signatures, updates, and upgrades every day. If it works, it works.

I have been using the solution for five months.

It is a very simple product, it’s very stable.

It has great scalability. I see the involvement of Check Point’s team whenever I want to scale. If I need to scale, I open a Whatsapp group with the director and the team, and we quickly proceed to do so.

I get the delivery I want from Check Point, I am a big enough customer to get the best delivery. I also received full technical support, especially during the implementation.

I would rate them a ten out of ten. They are always quick to respond to me.

The setup was relatively easy; it's a product that is easy to deploy, and there were no big drawbacks. During the installation, we tested it on two apps first; we saw that it worked as it should, and then we moved on to the other apps. The process itself is not long at all. We have another WAF system that we use in other areas so we were aware of how to run these sorts of solutions.

I work directly with the manufacturer; in this case I worked with someone from Check Point itself.

The ROI is that we are not attacked and are confidently protected. When we are attacked, we can understand how important the solution is. We have to get the blow to understand the importance of the solution.

It didn't lower the TCO, it actually raised it, in my opinion. It is more expensive than f5, where we purchased everything as bundles, and Check Point costs more, but it is worth the money.

Check Point is cheaper than Radware. It is relatively cheaper for a WAF solution which is something that we liked and made us choose it. It is a bit difficult to know the price differences since everything is always included in a bundle.

We also looked at Radware, but in the end, we chose this solution because it is very simple to use, and it gave us a much simpler and friendlier interface.

My advice would be to check the use cases you need to see if CloudGuard suits you. I recommend the solution in general.

I would rate it a nine out of ten. I can’t give it a 10 because there’s always room for improvement. I’d say that there should be better support from the integration team, I’m not sure if it’s Check Point’s responsibility, though. Overall, the product is excellent.

Due to the nature of our business, we have heavily invested in backend API development, providing services exclusively through this interface. Similar to how banks and medical industries utilize data from centralized sources, our APIs cannot be exposed directly to the Internet. To safeguard these critical APIs, a robust security solution is essential. 

Check Point CloudGuard WAF fulfills this need by intercepting all incoming internet traffic, categorizing requests as legitimate or malicious, including attack details, and blocking suspicious activity at the initial stage. Only verified, non-malicious requests are permitted to interact with our APIs.

When we activate the WAF, our security signatures and all the latest threat intelligence are immediately updated. Our protection is automatically refreshed every few hours to address emerging threats. For example, if a zero-day attack originates in Europe, Check Point CloudGuard can detect it within minutes and distribute a new signature globally. This ensures that when the attack reaches Australia, it is already blocked by our up-to-date WAF.

Although the WAF still produces false positives because of the signatures, we can apply a rule to exclude them easily.

Automated threat intelligence is crucial because a ransomware attack can compromise a network in minutes. Imagine an attack occurring at 3 AM when staff is unavailable; the damage may already be done when someone investigates. Ransomware can infiltrate and complete its task within just a few sessions. Once inside, attackers can lay dormant for months, covertly sending data using internal IP addresses. These addresses are often whitelisted, making it difficult to detect whether the outbound traffic is authorized or malicious. Automated threat intelligence can rapidly detect and respond to attacks, unlike manual processes that take 15 to 20 minutes, often too late to prevent significant damage like a completed ransomware attack. Systems like OCSP, utilizing best practices from multiple vendors such as Azure, Microsoft, CheckPoint, Palo Alto, and CloudStrike, provide an open platform for sharing and updating threat signatures. This enables organizations to tailor their security measures based on specific application needs and behaviors, effectively mitigating risks without unnecessary restrictions.

Cloud-based WAF solutions, such as Check Point's, offer significant advantages compared to traditional on-premises WAFs like Cisco or Palo Alto. On-premises WAFs require substantial upfront costs for hardware, expensive licenses, and frequent, costly upgrades as technology evolves. Cloud-based alternatives eliminate these expenses by providing the latest features and capabilities without hardware or software management. This flexibility and cost-efficiency make cloud WAFs appealing to many organizations. However, cloud solutions can be more expensive for high-throughput applications like Instagram or Facebook due to data transfer costs. At the same time,  on-premises options might be more economical in these cases. Ultimately, the best choice depends on specific network size, criticality, and application requirements.

Machine learning is a valuable tool for this assessment because it allows for a two-phase approach: secure and non-secure. In the first secure phase, pre-built signatures are used, eliminating the need for a live tracker as the necessary data is readily available. This approach efficiently blocks threats without progressing to the slower, resource-intensive second phase. Unlike competitors who process every request, this method conserves CPU power and prevents application slowdowns.

Check Point CloudGuard WAF's code could be improved. While the GUI allows configuration for application-related features, specific definitions cannot be modified through the code. Ideally, we would prefer consistent configuration across all products to simplify deployment, but in this case, the ISE is incompatible with the two or three different models we've identified. Therefore, we must rely solely on the GUI for configuration.

I have used Check Point CloudGuard WAF for four months.

It was stable in the four months we ran Check Point CloudGuard WAF.

I would rate the stability nine out of ten.

I would rate the scalability nine out of ten. We only reached 80 percent of our CPU capacity.

The technical support is good. We didn't use them much, demonstrating the product's quality.

Positive

At that stage, our primary goal was to select a suitable WAF to replace our existing F5 WAF. While the F5 WAF performed well, we sought to eliminate it due to excessive licensing costs. Given the high expense of our entire WAF solution, we explored alternatives, including Azure WAF, Check Point WAF, and Palo Alto WAF. Although we initially considered Cisco WAF, it was quickly discarded as outdated. After a two-week evaluation, we narrowed our options to Azure, Check Point, and Palo Alto WAFs.

The deployment is straightforward and similar to any standard firewall installation. While the process took four days due to design finalization, deploying directly from code can be completed in less than thirty minutes.

Two people were involved in the deployment, one working on the design and the other on the ISE.

Check Point CloudGuard WAF is expensive compared to Azure WAF. I would rate the cost of Check Point CloudGuard WAF as eight out of ten, with ten being the most costly.

We evaluated Cisco WAF, but it is outdated and no longer competitive. Since we utilize Azure Cloud, we opted for Azure WAF due to our preference for cloud-based solutions. Azure WAF has performed well and is seamlessly integrated behind the scenes. We also evaluated Palo Alto, but configuration challenges through ISE led us to discontinue its use seven months ago. Check Point CloudGuard WAF was abandoned for similar reasons. Azure WAF's integration with ISE, including built-in Bicep modules for CLI configuration and deployment, is a significant advantage. Currently, we manage approximately 35 IP addresses and require two distinct stages for WAF settings and module deployment. Consistent signature stem definition across different environments is essential. ISE was crucial in our decision-making process, ultimately replacing Check Point due to the latter's lack of ISE integration, a critical requirement. While Check Point offered several strengths, the absence of ISE was a deal-breaker. Overall, Azure WAF has met our expectations.

I would rate Check Point CloudGuard WAF eight out of ten.

We have six environments in multiple locations and eight products that use 20 APIs.

We have a team of four working with the WAF.

I would recommend Check Point CloudGuard WAF if it fully meets the organization's needs, the cost is reasonable, and they desire AI and ML integration in the future. However, since we do not require AI or ML and prioritize ISE for our management approach, this solution did not align with our requirements.

My main use case for Check Point CloudGuard WAF is defending from SQL injection or DDoS attacks, and a quick specific example would be that it protects our applications and data from these threats.

I don't have anything else to add about my main use case, as there are no stories or examples where it helped my team.

The best features Check Point CloudGuard WAF offers are that it's very easy to use, the automated management is very nice, and the introduction of new AI is very efficient, which I find valuable.

With the introduction of AI in general, Check Point CloudGuard WAF provides very high accuracy on the data, allowing me to avoid a lot of false positives and saving me time in determining if what I'm seeing is a possible attack.

Check Point CloudGuard WAF has positively impacted my organization by reducing incidents because I don't have false positives.

Check Point CloudGuard WAF can be improved; initially, the setup is very complicated, and there's not a lot of documentation available, plus it didn't have something for anti-bot, but other than that, it is fine.

The documentation issue means that I can't find it online very easily, and while I can always ask support, it's a bit limited. As for anti-bot, I refer to a feature that I can find a better option for on Cloudflare.

I don't have anything more to add about the needed improvements or anything regarding the onboarding.

I have been using Check Point CloudGuard WAF for one year.

Check Point CloudGuard WAF is very stable, and I haven't had any issues with downtime or reliability, plus it handles growth easily in my environment.

The customer support is rated eight. I have had to contact them, and my experience was satisfactory.

I did not previously use a different solution before Check Point CloudGuard WAF, so there's no prior comparison.

I don't have metrics, but I see a return on investment in overall efficiency, as it has saved my team time and reduced incidents.

I don't know about the pricing, setup cost, or licensing for Check Point CloudGuard WAF, as I don't manage costs.

Before choosing Check Point CloudGuard WAF, I did not evaluate other options, as I went straight with it.

Check Point CloudGuard WAF works very well with all the clouds, such as Azure and AWS, and I shouldn't have any problems adding this feature to my environment.

Regarding the reduction in incidents, I don't have any percentages, but I know I can save a lot of time because I understand that if something is signaled, I need to check it, as it's very not probable that it is a false threat.

My advice for others looking into using Check Point CloudGuard WAF is that, similar to other Check Point services, it can be intimidating at the start, but you will manage after some time.

I rate Check Point CloudGuard WAF eight out of ten.

My use case is mainly for new products that come up in the marketing field, products that are fast and need quick assimilation.

We connected protections, mainly of the WAF for products that do not need too much scam validation or more complex functions. The aim was to provide a quick response to marketing campaigns, customer transportation, and things that need very fast implementation.

Check Point CloudGuard WAF has helped our organization in time-to-market manners; the time to market is very short. Unlike other products we tested, which were a bit more complex, they would take a day's process. Check Point CloudGuard WAF only takes a few minutes of assimilation and then goes live.

Its ability to protect our applications against threats without relying on signatures is one of the benefits I liked about this product. It does not depend on signatures. It looks at the anomaly in behavior. This is what we call a modern application. It saves us the headache of these updates and also the fact that the zero day usually has no signature.

The ability to preemptively block zero day attacks and detect hidden anomalies is exactly its advantage. The zero day does not wait for a signature but looks at behavior. This is how a modern app should be. If you wait for the unknown, your application will be affected, but with this solution, even if you don't know where the attack could come from, the product protects it because of the behavior. That's the advantage.

The assimilation time is short, about a few minutes only, so it is very simple for us and shortens the time of our functions. I'd say it has lowered 30% of our time.

In a product like this, there are not many false positive cases, at least not in our type of implementations, which are not complex. When you do not hear about any false positives, it is a sign that the solution is doing its job.

This product is very simple, it does not require complexity in its implementation. Its ability to deploy our materials quickly is what we appreciate the most.

I would like it to be able to analyze more complex functions, although I did not examine the case study of more complex implementations. Things like forum fields, etc seem to need a little more focused protection of the fields scheme validation. I would say that the more automation this product has, the easier it will be to work with it.

I have been using Check Point CloudGuard WAF for six months.

There were never any server issues, they're very stable.

I am not really sure about its scalability since our framework is very limited at the moment. I am guessing that after we try to deepen our use cases, we may scale then.

Check Point is known for providing really good service. If a ticket is opened, it is addressed and not neglected. The emphasis is on the Israeli team, which knows how to achieve escalations and provide a response. We were never left without an answer.

Positive

We have had several protections from other WAF products that we have tested. Their implementations were longer, more complex, and sometimes, because of the speed we would implement it after it went live because of the times. The time to market was short, and we didn't have time to achieve the desired time window.

Today, with Check Point CloudGuard WAF, there is no way we'll go live without protection.

We used and evaluated Radware and Reblaze. They were very expensive and also dependent on third-party services. With Check Point CloudGuard WAF, everything was done easily in-house.

I'm in charge of the regulations, the SECOPS team is the one involved in the deployment. I'm more of a policy guide, and from what I've noticed, the experience was good.

We always have a business partner who accompanies us in projects of this type. We have always had a good experience with them, the're very professional.

The biggest ROI is that the time to market is good; I am not holding back the business. I do not look that much at attack prevention because that's something that every product usually does. The ROI is the time to assimilate and the short time to market. Those are its benefits.

I am less knowledgeable with prices because I only define the requirements and look at the execution. I know that its price is relatively expensive compared to other products but it gives benefits that are worth it.

My advice would be to use this solution since it's cloud-based and the deployment is quick and easy.

Overall, the platform is great. I would consolidate it from the usual infrastructures, though. Every platform requires someone to focus on it, so it would be good if an integrator would be more involved in this specific solution.

I use CloudGuard WAF for our exposed customer-facing servers.

It provides security for our customers and our products.

This solution not require training. It has its own mechanisms, eliminating the need for training for our applications. The learning curve is quick.

It provides security for our services to customers. As a financial institution, we provide security to our customers and products.

The solution preemptively blocks zero-day attacks and detects hidden anomalies effectively.

The solution reduced the cost to the company when considering that we,with a previous solution, spent many hours on configurations.

It reduced our false positive rate significantly - by 90%.

The reporting can be improved. Currently, it is not 100% accurate, however, it is at a good level. I cannot see many logs for our application that are posted under CloudGuard WAF, and sometimes I cannot identify the issues I have with CloudGuard.

I have been using the solution for three years.

The stability is 100%. I did not have any issues in the last three years during which I had more than ten critical services running on CloudGuard.

Customer support is usually needed during the implementation of the solution. After that, I have only opened a case two or three times, and the response time is very good.

Positive

I had the same solution with the same company, however, it was on-premise. I moved to a cloud-based solution with CloudGuard WAF, and it is very different.

When considering my previous solution, I spent many hours on the configuration.

Pricing and licensing are really expensive for this product. While it provides a very good security level, the price for each service is high. Small organizations might not be able to afford the price.

I would rate the solution nine out of ten. Overall, it is a very good solution. 

The primary use case for Check Point CloudGuard WAF is for protecting web applications and APIs. We use it for web apps and APIs we want to protect.

Check Point CloudGuard WAF has improved our organization by providing protection against web application attacks such as SQL injection, cross-site scripting, and bot threats. Its automated threat prevention and real-time traffic analysis reduced manual intervention and response time. Integration with our cloud infrastructure enabled seamless deployment and scalability, while centralized visibility helped enforce consistent security policies across all environments.

The most valuable feature is the AI/ML engine, which does the job for us and mainly reduces the number of false positives and adapts accordingly. It significantly impacts workflow efficiency, allowing us to focus more on other fields. After implementing it, we have better results in vulnerability and penetration testing and scanning.

CloudGuard WAF could improve UI simplicity, reduce false positives, and enhance policy management. Future releases should include better bot mitigation, behavioral anomaly detection, compliance templates, advanced threat intel integration, and streamlined multi-cloud support to boost protection and usability.

I have been using the solution for one year.

Check Point CloudGuard WAF is very stable.

Its scalability is inherent to its SaaS solution.

The customer support is great.

Positive

We did not have any other solution before using Check Point CloudGuard WAF.

The initial setup was positive, and we did not face any problems.

There is potential money-saving regarding some successful attacks if we did not have Check Point CloudGuard WAF.

Our experience with pricing, setup costs, and licensing was positive. We did not have any issues.

Before choosing Check Point CloudGuard WAF, we did not evaluate other options.

I recommend implementing it easily, onboarding services quickly, and utilizing its policy blocking. It is very useful and efficient. I rate Check Point CloudGuard WAF a ten out of ten. The AI/ML engine, which greatly reduces false positives so that we do not have to manage them manually, stands out the most.

I have dealt with a very complex situation. We are fortunate to have a global presence in 98 countries. We have about 400 people working worldwide. 

Our challenge is to support our customers and protect our infrastructure, which is quite different from normal ones. Unlike a typical company that centralizes everything in a data center, we work in countries with strict legal restrictions. This requires us to create a separate infrastructure for each country. I need something to support us and provide compliance.

I am a very exposed company, and this solution helps prevent attacks.

I have thousands of exposed websites and APIs. Being able to control what is happening and try to prevent any attack is the best feature. 

I provide gamification, and if one wants to acquire services like Netflix, they can go through my application. Some people try to find tokens to sell on the black market; however, with the WAF, I'm able to understand what's happening and block it in real-time.

It's important to protect against threats without relying on signatures. If it sees any anomaly, it just blocks it.

Check Point CloudGuard Network Security helps guard against zero-day attacks. Luckily, we haven't had any.

Check Point CloudGuard Network Security helped reduce the cost of ownership for our web application firewall by 50%. We have everything centralized and we can configure everything centrally.

We've been able to reduce our false positive rate by 80%. It's easier to have something automated instead of a person working on this, checking everything. 

I'm not sure what can be improved. I don't manage the solution. It seems to be a product that runs all the time. They might be able to add more integrations. Security could always be improved. Overall, it's very good. 

I have used the solution for the last three years.

I would give stability a nine out of ten for sure. It is very stable. As an evolved product, there are always areas to mature, of course, however, it provides a very good and mature experience.

I enjoy it the scalability. I can scale up or down based on workload, so I'm very fortunate with that.

I have a great partnership with Check Point. I know a lot of people who work there. For me, it's a very positive and beneficial relationship.

Positive

I did not use any previous solutions.

The initial setup was very intuitive. I had minor issues, however, that was due to not reading the documentation properly. Overall, it was a very satisfying and straightforward experience.

I did the implementation by myself, however, I have a partner as well. They can do things first; however, I managed it on my own since it was easy to do.

We have yet to see an ROI.

For me, the pricing and licensing is a fair value for what they provide.

I did not consider alternate solutions. This was included in my subscription. I have a full suite of Check Point products, so I just use this.

I would rate the solution a seven out of ten. I'm not the one managing it. From what I've heard about the challenges we face, I would rate it a seven. In one project, we had to use mutual certificates, and it wasn't the best experience to configure. It is doable, however, it can be improved. This causes some issues for our customers. 

If someone is only using a cloud-native option WAF, they are missing out on agility. We're more agile since we can protect everything we have. And multi-cloud is a real thing. Everyone has multiple clouds, so centralizing everything into one place is the greatest, in my opinion. 

I use it on our websites and web servers, and it is protecting against malicious code and injection code, as well as any type of attacks.

Check Point CloudGuard WAF enhances web application security with AI-driven threat prevention and seamless cloud integration.

The Check Point WAF gives me a view that I did not have that occurs on the web servers. 

It allows me to show results and reports to demonstrate the attacks, the number of attacks, and prevention measures.

It protects against threats without relying on signatures. The zero-day attacks could be bad. Without this, we wouldn't know al the attacks we're getting. It allows us to save time manually analyzing on the web servers. It frees us up.

It helps against zero-day attacks and protects against anomalies. It's one of the factors that made us choose this solution. 

For now, the product is doing all that I need, however, I need the support of IPv6.

I have used the solution for three months.

It is very stable, never crashing or giving me an error that I can see. It responds very quickly and allows me to enter the menu and set up and configure everything without problems.

The customer service is very good. I have opened one or two cases and received quick responses.

Positive

I have not used any other solutions for a while.

The initial setup is very easy. We use it for our on-prem web servers. It only takes five minutes to deploy.

I used an integrator to help with the implementation the first time. They explained the phases, and it was very simple and quick. The person who helped was from Portugal.

I don't have an exact number in terms of ROI.

The setup cost is very simple. It is a really good price considering the functionalities of the product and the price of the license. It is very well-calibrated.

We did not evalute another solution. I'm a Check Point customer. 

If someone is only using a cloud-native product and not using something like CloudGuard, I'd advise buying it. It is a very good product. Now with WAF, I see many attacks being prevented. It is a good solution for me. I have five million requests per month on our web server. The last results I saw showed maybe 50% to 60% of attacks being prevented. 

I rate it ten out of ten. I am very satisfied.