Check Point CloudGuard CNAPP Reviews

We mainly use it as a CSPM solution.

It gives us clarity.

The most valuable feature is the ability to see our customers' environments if they use more than one cloud provider, such as AWS, Google, and Azure.

Also, CloudGuard CDR's intrusion detection and threat hunting capabilities are good enough. They help us detect anomalous behavior and respond to threats before they become an issue.

There are regulatory requirements. I would like to be able to pick the regulation I would like to scheck compliance with and it would tell you where you stand on that regulation and what you are missing to reach compliance. And it shouldn't matter which cloud we're dealing with; we would have these possibilities.

I have been using Check Point CloudGuard CNAPP for about two years.

Scalability really isn't an issue with everything in the cloud. That's the essence of a cloud product: the scalability you get compared to on-prem.

Their technical support is perfect. When we contact them, they answer immediately. Their support knows the platform very well.

We did not use a different solution before.

It's very simple to set up because it's all in the cloud.

We have seen a return on investment. It can reduce the human resources we need. Also, there is ROI from everything connected to the fact that it's in the cloud: I don't need someone for management or to pay for on-prem resources, such as CPU.

If I compare the price of CloudGuard, Palo Alto is more expensive and others are less expensive. CloudGuard CNAPP is in the middle.

We looked at other solutions, but with CloudGuard everything is located in the cloud. It's very convenient for us to manage our assets in the cloud.

If they could reduce the price and provide more capabilities, it would be better.

We use Check Point CloudGuard Posture Management to increase our visibility into our environment and ensure that our policies are being followed.

The solution has helped us analyze the security of our Azure environment. Trend Micro and Check Point analyze the Azure environment with our tenants and clients to check for security vulnerabilities and misconfigurations. We need to correct these problems and alert our team and clients of any issues. The solution also compares these actions between two applications.

The most valuable feature is the separate environment. In the testing environment, we can have Client A, Client B, and Client C. We can check this information in one portal. It is possible to separate access to this information for my clients to review.

The license cost is expensive and has room for improvement.

I have been using Check Point CloudGuard Posture Management for three months.

I give the stability a nine out of ten.

I give the scalability a nine out of ten.

The technical support is great.

Positive

The initial setup is straightforward.

The license fee is high.

I give Check Point CloudGuard Posture Management a ten out of ten.

Check Point CloudGuard Posture Management is a good solution and I recommend it.

CheckPoint Dome9 is a cloud security management solution for our Azure cloud environment, and we have Azure for our cloud services. With this solution, we manage our network security policy management and automation for our cloud environment across providers, accounts, and regions.

Dome9 provides us policy compliance based on our requirements. If we request SOX or HIPPA, based on that we will enable the policy and we will get the reports as well.

We also create users and set policies and we can monitor the logs.

Dome9 is a very good product for us as we are using a hybrid solution. We have some of the services on-premises and some of the services on the cloud. With Dome9, we very well manage our security policies and also set the compliance policies based on requirements.

Now, we can also support the asset management of our cloud resources, posture management, and many more.

IAM is a very good and unique feature of Dome9. IAM gives us complete control of our cloud environment. For example, if someone tries to bypass the policy and attempts to configure or create some users, then it will not allow them to do so. Also, it sends a notification to the concerned person.

We can monitor each activity from our mobile devices, so there is complete visibility of our cloud traffic flows, with threat intelligence provided by Check Point. The IAM provides us complete safety and security.   

In Dome9, there should be a policy validation option where we can validate the policy before we push it into production. This option is very important, as we are working in a critical and complex environment. This option would give us more confidence in our activities or policy pushing.

We could see the option is available for on-premises devices. 

Automatic remediation requires read/write access.

Otherwise, overall this product is very good for our cloud environment, and we are satisfied with this.  

We have been using Dome9 for the past six months.

It's a very stable product.

Dome9 is very good in terms of scalability.

The technical support is excellent.

We did not use another solution prior to Dome9.

The initial setup is straightforward.

We implemented using a vendor team.

We did not evaluate other options.

We have used CNAPP on our OpenShift test cluster but are planning to deploy it in our production clusters. We used CNAPP to enhance the visibility of our cloud-deployed applications. It offers various modules to do so. For example, the Posture Management module shows you exposed secrets and security misconfigurations and also gives you hints and ready-to-use JSON configuration files to fix them. 

Cloud Infrastructure Entitlement Management (CIEM) gives you visibility and management automation of identities, roles, entitlements, and privileges in your cloud environments. This helps you find and fix identity- and role-related security holes by constructing a complex privileges graph, which shows you granted permissions and enforced ones, suggesting you enforce the stricter and more secure enforced ones over the ones you granted.

The various CNAPP modules have granted more visibility of our cloud applications to our system engineers and developers. Doing so helps our transition to the cloud by making the management and administrative tasks of our cloud and system engineers easier, as well as suggesting and helping to prioritize patching and updating.

The most valuable features include the Cloud Infrastructure Entitlement Management (CIEM) module, Cloud Security Posture Management (CSPM), and Cloud Workload Protection (CWP).

The costs are really high if you want the entire capabilities of the platform. However, it is really motivated by the great value of the product. Moreover, you can buy individual licenses for the different modules if you don't need some of them.

I've used the solution for one year.

We use Check Point CloudGuard Posture Management to maintain our organization's security posture.

With a bit of upscaling, it is possible to write custom rules and policies using the GSL Builder. We used the GSL Builder to build the rules for our playground environment and internet-facing environments.

It takes a couple of weeks for a nontechnical person to learn how to use GSL Builder.

The Unified Security Management console is helpful because it provides a single pane of glass. 

From a control plane perspective, the solution offers excellent visibility into our framework, enabling the identification of non-compliance.

CloudGuard provides good value for money in terms of automating our security across multiple clouds.

The agentless workload posture analysis, which primarily focuses on our cloud platform, provided valuable insights into our organization's overall security posture.

CloudGuard helped to eliminate some manual processes for a few teams, freeing up some of their time.

Our organization's security operations were able to save time by using CloudGuard's unified platform.

The most valuable feature is the ability to apply common tools across all accounts.

The integration process could be enhanced by enabling integration at the organizational level rather than requiring the manual setup of individual accounts. The current workflow of creating and linking each role is time-consuming and labor-intensive. Streamlining account onboarding by allowing CloudGuard to identify and integrate at the organizational level would significantly simplify the process.

I have been using Check Point CloudGuard Posture Management for one year.

Check Point CloudGuard Posture Management is stable.

CloudGuard Posture Management is scalable, as it is a SaaS product.

Before implementing Check Point CloudGuard Posture Management, we relied on the native CSPM of AWS Config.

For beginners in the field, AWS might be a good starting point due to its simplicity. However, for more experienced users who require more advanced features, CloudGuard offers a more mature and comprehensive solution.

I would give Check Point CloudGuard Posture Management a rating of seven out of ten. Consolidating additional capabilities into CloudGuard, along with Fusion, would create a comprehensive package offering for customers. This, along with maintaining compatibility with the evolving AWS service, would help to avoid complicating any integration issues.

While developing our tools, there is always a need for ongoing review and updates. However, compared to AWS, the maintenance required for CloudGuard is minimal.

We pull all of our cloud platforms into Microsoft Azure. We needed a tool that would provide us with provides policy compliance to be able to monitor our environment. In the case something is in violation of one of those rules, it will let us know and we can correct it. 

It is also very flexible to configure users, and authentication methods and thus be able to control the activities of each of the system administrators and users, another one of the functionalities it presents is that it allows us to monitor the records of our environment in the Azure Cloud and be able to take the necessary measures if there is a problem.

One of the reasons we were able to implement this solution is that it gives us complete visibility into the workload that we have hosted on our Microsoft Azure platform. This tool came to help improve our security environment in the cloud and provide more detail through reports such as compliance and security, as it shows us complete visibility of the traffic that is flowing to our Azure platform.

Another reason we implemented it and it caught our attention was the access control to our Azure cloud. Every time a policy is created for each purpose, it immediately blocks the access for which it was designed. Dome9 provides excellent visibility.

Check Point CloudGuard Posture Management presents great values, such as the IAM role control, since if it does not meet the established parameters, these controls will not allow the creation of users, and policies that are not allowed.

It presents great visibility of the traffic flow of our cloud, providing information on what data and users are circulating and in the event of a threat, it immediately identifies them by providing detailed and granular information from our entire environment. 

It also has and provides the ability to provide recommendations of the errors that exist and thus be able to correct them as soon as possible

The service is very complete for the functionality that it was created for, however, they can make a couple of improvements such as the validation of policies that must be available before they are implemented in the production environment. It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published. They do not update as they should and the new rules are not applied. They can also try to reduce the false positives generated by the tool.

This solution has been used for approximately five years in the company.

One of the reasons why we chose to do the implementation with Check Point was its stability. Its performance is very good.

My impression was that the scalability was very good. It is a super scalable product.

On some occasions, we have had problems as they do not send the meetings on time or it takes a long time to resolve a case. However, on other occasions, they resolve very quickly.

Positive

Check Point was always our first option as many security teams are from Check Point.

The configuration was very simple. The application is a very user-friendly tool - apart from training and courses for implementation.

A Check Point engineer who had a lot of experience helped us with the implementation.

When making an investment with these tools you are taking care of an important patrimony that will double your profits.

Check Point always manages good prices and costs in the tools they sell.

We do not evaluate other options. We wanted to continue implementing the same brand since the other products have helped us a lot in the security of our company.

Users can fully rely on Check Point products as they are robustly designed for security.

As an organization, we have implemented Azure Microsoft and AWS for some applications. Most of the workloads are managed in the cloud. Therefore we needed a tool that could protect us against some type of cyber threat that would generate losses in the apps that are being used. We apply CloudGuard Workload that comes to us to cover all those security breaches that we could see presenting. In the beginning, we used the free trial to do some tests, and it worked for what we needed it for, and then we acquired it with all the functionalities

CloudGuard Workload Protection came to help us a lot in the organization in the application development part since it is one of the areas where there is more workflow and vital generation of the company since applications are generated and modified daily. With this tool, IT came to us to help provide a series of security layers to all these flows by providing us with different types of security options such as alerts and improvements. One of the characteristics that we liked very much is that it can be coupled with different public clouds.

One of the CloudGuard Workload Protection features that we liked a lot is the security it handles in containers. 

Another interesting thing is that it works without an agent involved. 

It also offers great complete visibility of all devices, and assets in the cloud, which allows us to control all those assets, thus generating complete analysis of the infrastructure in real-time. In this way, we've been able to attack the points where there is some vulnerability in our infrastructure and being able to be at the forefront of security.

It cost us a little to find some information about CloudGuard Workload Protection. It cost us to find information about the tool and recommendations.

The configuration administration documentation is not very available on the web, or it is not completely updated. They should also improve the support so that we can create a case and they can respond faster. They take time to respond or coordinate a meeting since they maintain a schedule that does not fit Latin America very well. It is sometimes difficult to coordinate support hours. 

They do not provide a concrete and rapid solution which causes security implementations to be delayed.

The solution was implemented a¿twoo ago.

So far, the stability of the product has remained excellent. We have not presented any failures.

It has great scalability. It's very fast and precise.

The support offered by Check Point in general is very regular.

Positive

No other solution has been implemented.

Like all setup-type software, it is very easy to install.

The implementation was done in conjunction with a support team from the company and the supplier.

The implementation of a security tool is always an excellent investment. One thing outweighs the other.

The installation of the product is very reliable, and fast, and it is a very competitive cost in the market.

Check Point was the first solution we used. It was recommended by third parties.

It is a very complete tool for workflows. It provides excellent security.

Currently, the company I work for has implemented several cloud solutions such as Azure and AWS, in which they are migrating from AWS to Azure to have everything unified in a single environment. 

At the moment, we have different applications in both clouds, which have their own system of security in the environments. Recently, in the country there were several ransomware attacks on government companies they were the target due to this we decided to expand security a little more and it was where we made use of Check Point tools that will help us comply with a more centralized security that is more robust on all our end devices.

We have made the decision to centralize our security infrastructure via that CloudGuard for Cloud Intelligence tool. It has contributed a lot to security since many companies were having security problems. We decided we could be one of the few that was not violated with this tool as it gave us a lot of security and helped us avoid vulnerabilities. We were able to counteract attacks with the recommendations that the tool gave us since each point of vulnerability that we found told us how to increase security. That is how our organization was able to survive even an attack.

The CloudGuard for Cloud Intelligence tool has several significant features that provide security to our company. These are helping us to prevent misfortune. Some of these features are centralized monitoring, alerts that indicate some type of vulnerability, recommendations on how to reduce these vulnerabilities, and configuration and monitoring of policies, all based on real-time monitoring with excellent efficiency. They are very effective.

One of the most effective functionalities is integration with the cloud since a match can also be done between the two. 

Check Point tools need to improve the latency in the portal since they take a long time to load. 

They also need to improve the support a little or hire more staff since the response time is slow or the solutions take a long time to implement.

Check Point should give added value to all those customers who purchase their product by providing training so that they can certify in the tool. That way, the customer stops depending so much on support and can solve incidents themselves.

I've used the solution for approximately Three year.

The stability is very good. Even when updates are made, it has not presented any type of failure.

The tool has excellent scalability.

The support must improve the level of service and must train their staff a bit more.

Positive

Currently, we only had other Check Point tools.

Making the investment is a bit high, however, it is very effective to make the acquisition of the tool.

The implementation was done with the help of the vendor and an engineer.

Here it will be reflected in the long term since it is not something tangible but by making the investment in security we can have a company always working

The cost is a bit high, however, the investment is worth it.

We evaluated Palo Alto and Cisco however, they forced us through Check Point at the company.

The solution is very effective. It fulfills perfectly for what it was made to do.