What is our primary use case?
We have 4,000 users globally, dispersed all over the world including at our manufacturing locations. The CloudGuard SaaS solution is protecting our Office 365 email environment as well as our Office 365 OneDrive environment from malware and other malicious content. Our CloudGuard Connect instance is protecting our remote plants and acting as a cloud-based firewall enforcement point that is 100 percent managed in the cloud as opposed to on-prem.
How has it helped my organization?
Prior to deploying the product, we were getting daily phishing attacks which were directly impacting our business. We had data exfiltration. I can't remember the exact number of incidents we had, but since deploying the product we are now catching approximately 500 phishing attacks a day, attacks that are no longer negatively impacting the organization.
What is most valuable?
The feature I find to be most valuable is very much the zero-touch provisioning. I was able to be up, operational, and 100 percent functional in less than a half an hour.
I also appreciate the fact that the management aspect of it is all cloud-based and there's very little daily care and feeding and operational work to be done. It just functions.
What needs improvement?
One of the areas that I would like to see them develop into the product would be in the user feedback arena. Today, if a phishing email were to get through and bypass the product — which very few do — it would be nice if, when a user clicked on that phishing email, they got a second-chance opportunity, a chance to double-check that they really wanted to proceed to that website.
For how long have I used the solution?
We were a CloudGuard customer in early availabilities, so we've been using the product for three years.
What do I think about the stability of the solution?
The platform is extremely stable. Given the fact that it is cloud-based and SaaS, we have had zero downtime on the product in the years that we've had it.
The upgrade path has been 100 percent handled by Check Point. They send a notification letting us know when they're going to upgrade. Upgrades have taken very little time because they're able to do them on the back-end in the cloud and just switch our instance over. It's been one of the easiest implementations and products to maintain that I've ever used in my 30-plus years in IT.
What do I think about the scalability of the solution?
I don't consider the question of its scalability applicable because it's very much cloud-based and it's elastic and it will expand to the size of the environment that you have. We're looking at just over 4,000 users running on the product without any issue and without any problem.
How are customer service and technical support?
Check Point's technical support for this product is fantastic. We have been a long-term Check Point customer using the firewall technologies for close to 22 years. And one of the things that Check Point brings to the table is the superior partnership and superior technical skill sets to support their product line. That has trickled down and come through into the SaaS-based solutions.
I would expect nothing other than excellence from Check Point and that's what has been delivered in any technical issue I've had with this product. There have been few to no technical issues with the product. I can't think of the last time I've had to contact support on this product.
Which solution did I use previously and why did I switch?
Before Check Point CloudGuard SaaS, we didn't have a solution that was capturing malicious emails.
How was the initial setup?
The initial setup of the solution was extremely straightforward and extremely simple. You just connect your Office 365 environment into it, the policy is about a half-a-dozen check boxes of decisions that you make, and the product starts to function and starts to inspect your mail and protect your mail immediately. You will see immediate results. I make the joke that it takes 30 minutes to deploy, and that's with a cup of coffee in the middle. It's a very, very, very, easy product to deploy.
Our implementation strategy was that we went in using Detect mode. We let it run in Detect mode for approximately two weeks to get to a comfort level regarding the accuracy of the product, and then we turned it into Prevent (Inline) mode. Our concern was that we were going to see a lot of false positives. But in fact, we didn't actually see any false positives. Everything that it caught was 100 percent accurate and malicious. Over the time we've run the product, which is approximately three years, we have had to release from quarantine, in total, over those three years, less than 100 emails. That's impressive.
What was our ROI?
ROI is an interesting piece because, when you talk about security, the return on investment becomes a very intangible return. Security is a cost. It isn't something that's going to give you payback. But the intangible that we're seeing is a more productive workforce because we're not under cyber attack. We don't have to worry about how people respond to attacks or to have a team deal with them. And we no longer have data exfiltration and potential loss — be it reputational damage or financial loss — because of cyber exposure.
Still, when you talk about a return on investment for this kind of product, that's very intangible. Can I say, "Yes, we're getting paid back for what we put into the product?" No, I can't say that. But what I can say is we are not losing because of not having the product.
What's my experience with pricing, setup cost, and licensing?
It's hard to advise people on pricing and licensing. It's priced per user, although I do not remember what the list-price per user is and I don't even remember what we pay per user. But Check Point has always been very good about its licensing models. One of the nice features is that the licensing model is elastic, so if you go over your license count, you can add users during your billing cycle and true-up later. That type of policy is great for a company such as ours that does M&A activity and sees the occasional burst in employee count.
There are absolutely no additional costs to the standard licensing fees. One of the wonderful pieces is that CloudGuard SaaS is all-inclusive in its licensing. There's no a-la-carte functionality. You're getting 100 percent of the product for the licensing that you're paying.
Which other solutions did I evaluate?
We did do an evaluation of other solutions before putting this product in. We looked at a Microsoft-based solution and we did a bake-off, head-to-head, between the Check Point solution and the micro Microsoft solution. The Check Point solution was superior in its catch-rate and accuracy.
In comparing the two products, what I have found is that structurally, the way Check Point is approaching the catch rate, they're looking more behavioral-based, whereas Microsoft was looking at a signature-based type of solution. That means that the Check Point data is always fresh and current, while Microsoft had to wait to develop its signature and had to wait for somebody to report a malicious content email. It's modern technology with Check Point versus old-school and archaic with Microsoft. That is the best way to describe the two approaches. Clearly, Check Point is a security partner. Microsoft is delivering an application.
What other advice do I have?
They have two different products. One is CloudGuard SaaS, the other is CloudGuard Connect.
The biggest advice I would give is don't go in with fear. Go in confident, because the product is almost too good to be true and it's simple. It really is as simple as it seems, and you will see value within the first 30 minutes of the product running.
The biggest lesson I have learned from using this solution is that visibility is key, and this product has given me more visibility into the attack vectors that our company is under on a daily basis. It has enabled us to then pivot and look at other security solutions. So I would advise to look at the data, understand the data, and understand who your adversaries are. Because once you understand that, you can then leverage your investment in the Check Point product line to further protect your organization.
The reporting functionality has greatly improved over the time I've used the product, so I've been very pleased with that, and I have provided that feedback to Check Point. I'm very tight with R&D at Check Point, so most of the feature functionality that I've needed has been released into the newer versions of the product.
Because I was part of the EA program, I had a lot of input into how the product was developed. I worked very tightly with R&D, as a customer. The partnership between our two companies, between Grace and Check Point, was a great advantage to both companies. I can't say enough about it. It has just been phenomenal.
Currently, our CloudGuard SaaS is managed by two different groups. It is managed by our information security group, which is what I'm part of and lead and manage, as well as our messaging team, which has insight into the content as well as the email flow. When we deployed this product, we thought that it was going to take a lot of people to maintain it and to manage it. We actually have two individuals who are into the product part-time, and spending very little time per week on it. And one of those individuals is just running reports out of the product to provide them to the senior management. There is a very, very low footprint from a workflow and employee perspective, to manage a very powerful product.
I would rate this product at 10 out of 10 all the way. I have nothing but good things to say about the product.