We performed a comparison between Check Point CloudGuard Network Security and Check Point NGFW based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Check Point CloudGuard Network Security provides essential features like VPN, IPS, URL filtering, and Applications Control. It emphasizes compliance, regulations, cloud security, and advanced threat prevention. Check Point NGFW is commended for its comprehensive security features, including URL filtering, intrusion prevention, identity and access management, and application control capabilities.
Check Point CloudGuard Network Security could benefit from enhancements in the support system, cluster creation on AWS, data protection visibility, DLP feature, user interface, and cost reduction. Check Point NGFW needs enhancements in integration, hardware performance, pricing, load balancing, technical support, reporting capabilities, UI design, VPN solutions, management, licensing model, and memory management.
Service and Support: The opinions on the customer service for Check Point CloudGuard Network Security vary, with positive feedback on technical assistance and negative comments on delays in responses. Check Point NGFW has differing reviews, as some users appreciate the helpful and responsive support, while others consider it inferior to Cisco's support.
Ease of Deployment: The setup process for Check Point CloudGuard Network Security is considered to be straightforward and user-friendly, although some technical expertise and guidance may be needed. The setup for Check Point NGFW can range in difficulty, with opinions differing. Some users find it to be simple, while others perceive it as somewhat complex. Certain configurations and migrations may require expertise and experience.
Pricing: The cost of setting up Check Point CloudGuard Network Security is perceived as pricey by some while others find it justifiable and cost-effective. There are various discount models available for pricing flexibility. Check Point NGFW is generally considered to have a higher cost compared to other products. However, users believe that the enhanced security and reliability make the price worthwhile.
ROI: Check Point CloudGuard Network Security has demonstrated a significant return on investment, with estimated returns ranging from 80% to 85%. Check Point NGFW offers a favorable return on investment, particularly after comprehending the level of protection it provides.
Comparison Results: Check Point CloudGuard Network Security is preferred over Check Point NGFW. Users found CloudGuard's initial setup to be easy, straightforward, and user-friendly. CloudGuard offers valuable features such as VPN, IPS, URL filtering, and an Applications Control Blade, which received high praise.
"The SD-WAN is the most valuable feature."
"The solution is stable."
"The most valuable feature of this solution is Quota."
"FortiGate is very simple to manage and easy to use."
"From the firewall perspective, the rules and policies are very sufficient and easy to use."
"Fortinet has a very good solution for Secure SD-WAN. One very good feature is that they have robust and simple FortiOS through which they provide all solutions. That's their strength. There's not much complexity involved with the Secure SD-WAN solution of Fortinet as compared to Cisco's solution, which has a lot of flexibility but complexity also comes with that flexibility."
"It is very flexible to use."
"I'm pretty happy with its reliability. It is also very scalable."
"Check Point CloudGuard Network Security has a beautiful threat emulation different from the market."
"The IPS, application and URL filtering, as well as Identity Awareness, are all very valuable features."
"We have complete visibility of attacks originating from email including spear-phishing, spoofing, etc."
"The multiple virtual firewalls on one box are extremely useful and the interconnection with virtual switches is simple and easy to understand."
"Check Point CloudGuard is quick to deploy and easy for the customer to use."
"The main benefit of the Check Point Virtual Systems solution is its ability to split up the hardware appliances that we have into several logical, virtual devices with separate traffic handling policies, as well as the switching and routing."
"The most valuable feature of this solution is that you can start off with a simple firewall and expand it to UTM."
"The tool's most valuable features are inspecting internet traffic and IPS. We can manage the firewall using shared policies from a single management server."
"The separate management feature of Check Point NGFW is very convenient."
"It's scalable and provides end-to-end resolution."
"Newer versions are much more stable."
"Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention. Apart from that, there is central management through which we can integrate all the firewalls and support them. It makes it easy to manage all the firewalls."
"Check Point's most useful feature is threat prevention and extraction. It was tough to manage seven firewalls and a perimeter solution for IPS, anti-malware, anti-bot, and sandboxing."
"The most valuable features are the security blades and the ease of managing the policies, searching log for events, and correlating them."
"The firewall rule writing and object creation are the best and simplest I've seen on a firewall."
"I have to say that it was Application Control and web filtering are excellent."
"Bandwidth usage in reporting could be improved for Fortinet FortiGate."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"The license renewal process, annual renewal price, and the web application firewall features should be improved."
"I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security."
"The central management for the FortiGate Fortinet Firewall needs improvement. They have the manager to do the essential management for both SD-WAN and for the security policy. They should also improve the SD-WAN function."
"The improvement is related to logs. Instead of the CLI, we should be able to have more insights into the logs of the firewall in the GUI."
"Compared to some other products, the DLP is not at par for the moment."
"I would like to see better pricing in the next release, as well as a simplification of the installation."
"We utilize logging systems, and geolocation is crucial for us as some applications must only be accessible from our country. However, there have been occasional issues with this feature."
"The convergence time between cluster members is still not perfect. It's far away from what we get in traditional appliances. If a company wants to move mission-critical applications for an environment to the cloud, it somehow has to accept that it could have downtime of up to 40 seconds, until cluster members switch virtual IP addresses between themselves and start accepting the traffic. That is a little bit too high in my opinion. It's not fully Check Point's fault, because it's a hybrid mechanism with AWS. The blame is 50/50."
"Sometimes, if you aren't familiar with the solution, it can be a bit complex, but it does become easier to use with time. However, every time they launch a new version, it becomes more complex and you need to take time to get familiar with all the changes. For every version that they upgrade, you need to upskill yourself."
"The complexity to deploy should be decreased."
"CloudGuard Network Security needs to include new features. One specific feature I would like to see is the ability to protect external resources using single sign-on integration with various identity providers, including custom identity providers. Its pricing could also be cheaper."
"There is room for improvement in the integration with PaaS services from the public cloud. It would be very helpful."
"Check Point support, beyond CloudGuard, does need some improvement."
"What I would like for future updates would be faster updates to apply, and perhaps a greater presence in the local language for the regions of Latin America."
"The distributor support capability is quite lacking as the problem/incident is rarely solved on the distributor level and instead escalated to the principal."
"The biggest improvement they could make is having one software to install on all three levels of their products, so that the SMBs, the normal models, and the chassis would all run the same software. Now, while there is central management, everything that has to be configured on the gateway itself works differently on the three kinds of devices."
"Check Point Smart Dashboard does not support my Apple MacBook Air. It only supports Windows versions."
"We find the GUI to be wrong and the CLI doesn't always show all of the connections."
"Compliance and centralized management can be improved."
"The support team should be faster."
"Check Point is not a cheap solution and it's always painful to see exactly how much we need to spend on this."
"The pricing could be better."
More Check Point CloudGuard Network Security Pricing and Cost Advice →
Check Point CloudGuard Network Security is ranked 8th in Firewalls with 121 reviews while Check Point NGFW is ranked 5th in Firewalls with 277 reviews. Check Point CloudGuard Network Security is rated 8.6, while Check Point NGFW is rated 8.8. The top reviewer of Check Point CloudGuard Network Security writes "Highly reliable, great visibility, and centralized management". On the other hand, the top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". Check Point CloudGuard Network Security is most compared with Azure Firewall, VMware NSX, Akamai Guardicore Segmentation, Cisco Secure Firewall and Fortinet FortiGate-VM, whereas Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Azure Firewall. See our Check Point CloudGuard Network Security vs. Check Point NGFW report.
See our list of best Firewalls vendors and best Unified Threat Management (UTM) vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.