Check Point CloudGuard IaaS Overview

Check Point CloudGuard IaaS is the #4 ranked solution of our best Cloud Security companies. It's rated 4.3 out of 5 stars, and is most commonly compared to VMware NSX: Check Point CloudGuard IaaS vs VMware NSX

What is Check Point CloudGuard IaaS?

CloudGuard delivers automated and elastic public cloud network security to keep assets and data protected while staying aligned to the dynamic needs of public cloud environments.Learn more about Cloud Public IaaS security.

Check Point CloudGuard IaaS is also known as CloudGuard IaaS, Check Point vSEC.

Check Point CloudGuard IaaS Buyer's Guide

Download the Check Point CloudGuard IaaS Buyer's Guide including reviews and more. Updated: August 2020

Check Point CloudGuard IaaS Customers

Physicians Choice Laboratory Services, Helvetica Insurance

Check Point CloudGuard IaaS Video

Check Point CloudGuard IaaS Reviews

Filter by:
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Alex Tremblay
Cyber Security Manager at H2O Power
Real User
Top 20
Sep 16, 2020
Unified Security Management has enabled us to combine our on-prem appliances and cloud environments

What is our primary use case?

We use it as an edge firewall to our entire cloud environment. It protects our connections to all of our sites, to our cloud data center. And it's the internet edge, the protection mechanism between the internet and our network.

Pros and Cons

  • The visibility, the one-pane-of-glass which allows me to see all of my edge protection through one window and one log, is great. Monitoring everything through that one pane of glass is extremely valuable.
  • The biggest room for improvement is that, for a long time now, they've moved everything over to R80 but they still maintain some of the stuff in the old dashboard. They need to "buy in" and move everything to the modern dashboard so that you don't have to go to one place and to another place, at times, to configure the environment. It's time they just finish what they started and put everything in the new, modern dashboard.

Cost and Licensing Advice

  • The pricing is pretty high, not just for your capital, for what you have to pay upfront, but for what you pay for your annual software renewals as well, compared to a lot of other vendors. Check Point is near the top, as far as how much it's going to cost you.

What other advice do I have?

Sometimes you've got to pay for what you actually want. We realized that it's an expensive solution, there's no denying that. But we're happy with what we have gotten out of it. Sometimes you just have to fork over the cash out of your budget and work with it. Work hard with it, because you can't just spend money and expect it to work. But with the time that you put into it, you can get something really good out of it for your company. Really do your analysis, which is something anybody should really know if they're going to spend a lot of money like this. They offer up trials. Try it out and…
M Poczobut
CISO and Senior Director Technical Operations at a insurance company with 201-500 employees
Real User
Top 20
Jul 16, 2020
Extends required threat protection to all of our virtual assets, regardless of where they reside

What is our primary use case?

Most security solutions traditionally have been protecting physical assets within an environment, or reliance on an inline hardware appliance. CloudGuard takes the security controls that were previously packaged with physical appliances in mind and extends them to the virtual infrastructure. It's an add-on capability to an existing virtual infrastructure, such as an AWS, Azure, or even on-premise solutions. It adds a security layer on top of your existing infrastructure with zero latency. We're hosting it ourselves on our hypervisors, as well as starting to do so in some of our private cloud… more »

Pros and Cons

  • What's most valuable to me is that it's a contiguous solution that aligns well with the components that we've relied on and trusted from a traditional hardware, firewall, and unified threat management system. My engineers and analysts don't have to learn another platform. We have already entrusted our security controls to Check Point for perimeter and physical security, and now we can do so at the virtual layer as well, which is key to us.
  • It's meeting our needs at this time. If I could make it better, it would be by making it more standalone. That would be beneficial to us. I say that because our current platform for virtualization is VMware. The issue isn't any fault of Check Point, it's more how the virtualization platform partners allow for that partnership and integration. There has to be close ties and partnerships between the vendors to ensure interoperability and sup-portability. There is only so far that Check Point, or any security vendor technology can go without the partnership and enablement of the virtualization platform vendor as it relies on "Service Insertion" to maintain optimal performance.

Cost and Licensing Advice

  • Licensing is simply by the number of hosts that you are looking to protect within your environment. It makes it much easier to ensure that you are covering your environment.

What other advice do I have?

Intently know and understand the integration points within your environment. It is a great security solution, but understand how integrated it is with, and what level of partnership there is between, Check Point and the virtualization platform that you're looking to add it on top of. The biggest lesson I have learned is that the Check Point CloudGuard features, although good, are only as good as the accompanying virtual platform and its level of integration. I have to be honest: Overall, this is the ideal solution for us and our organization, but it is slightly more complex. There are newer…
Learn what your peers think about Check Point CloudGuard IaaS. Get advice and tips from experienced pros sharing their opinions. Updated: August 2020.
447,546 professionals have used our research since 2012.
MarkG
IT Security Manager at a sports company with 10,001+ employees
Real User
Top 5Leaderboard
Sep 27, 2020
Enables us to deliver connectivity in very short time frames and gives us much better control over sizing of firewalls

What is our primary use case?

We use CloudGuard IaaS for cloud security in AWS, and it serves all kinds of purposes for us. It could be internal segmentation between on-prem or between application VPCs, and it can also help us to provide perimeter security for those parts of the network that require internet access.

Pros and Cons

  • The features of the solution which I have found most valuable are its flexibility and agility. It's a fully scalable solution, from our perspective. We can define scaling groups and, based on the load, it will create new instances. It's truly a product which is oriented toward the cloud mindset, cloud agility, and this is a great feature.
  • The convergence time between cluster members is still not perfect. It's far away from what we get in traditional appliances. If a company wants to move mission-critical applications for an environment to the cloud, it somehow has to accept that it could have downtime of up to 40 seconds, until cluster members switch virtual IP addresses between themselves and start accepting the traffic. That is a little bit too high in my opinion. It's not fully Check Point's fault, because it's a hybrid mechanism with AWS. The blame is 50/50.

What other advice do I have?

The biggest lesson I have learned from using this solution is that network security is moving away from traditional deployments and companies have to adapt themselves to stay competitive. We are fully managing the service. As soon as a new version is released on the Check Point site, they make sure to release it for CloudGuard as well. But so far, we have stayed with our original version. We haven't done any upgrades. The integration process between CloudGuard and AWS Transit Gateway is not straightforward, because we're not talking about traditional networking. There are a lot of different…
reviewer1098015
Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees
Real User
Top 5Leaderboard
Oct 8, 2020
Seamlessly extends our on-premise protection to Cloud without requiring any effort

What is our primary use case?

We have an AWS environment with servers and resources. We also have a Cloud environment and CloudGuard is our solution to protect the internet access to and from the database environment. For example, servers on the AWS that need to do upgrades go to the internet and cross the CloudGuard solution. People that need to connect to the AWS environment, to a server are protected by CloudGuard. The environment is protected by CloudGuard. It's our perimeter firewall on the AWS environment.

Pros and Cons

  • The most valuable feature is that we can use the same manager server that we use on our own Check Point firewalls. We integrated CloudGuard on that manager and we can use the same kind of protections that we use on the on-prem firewalls, like the IPS and antivirus policy. We can have the same kind of protection on the Cloud environment that we have on-premise.
  • CloudGuard functions just like any other firewall. It functions very well. The only thing that could maybe be improved would be to integrate some tools that are not integrated with the SmartConsole, like the SmartView Monitor that we need to open on a different application to access.

What other advice do I have?

If you are already a Check Point customer, this is the perfect solution. If you are not used to Check Point products, you should also analyze other solutions and compare them before you buy. The biggest lesson I have learned is that with this product, you can secure the Cloud environment the same way that you secure the on-prem, which helps a lot with people that are new to the Cloud security environment. I would rate Check Point CloudGuard IaaS a ten out of ten.
Oleg Pekar
Senior Network/Security Engineer at Skywind Group
Real User
Top 5Leaderboard
Aug 26, 2020
Flexibility in licensing and includes support for a large number of cloud providers

What is our primary use case?

The main usage of the Check Point CloudGuard IaaS within our company is for the protection of our cloud assets. It is deployed on Google Cloud Platform with the help of the Firewall, Application Control, and Intrusion Prevention System software blades. In addition, we rely heavily on the GeoIP module to restrict undesired countries from accessing our services, as for now, you can't achieve it with the GCP firewall. There are about 30 Google Cloud projects of different sizes ranging from 10 to 250 virtual machines, and they are used for development, staging, production, etc. For every project… more »

Pros and Cons

  • I find it really useful that CloudGuard supports all the main players on the Public Clouds market including AWS, GCP, and Azure, as well as some exotic ones like Alibaba Cloud, Oracle Cloud, and IBM Cloud.
  • I hope that Check Point continues to improve its technical documentation regarding the Check Point CloudGuard IaaS gateway and management system.

Cost and Licensing Advice

  • There is flexibility in the different licensing models that are offered.

What other advice do I have?

You should fully understand the way CloudGuard would be integrated into your cloud from a networking perspective, and it differs from platform to platform. For example, for Google Cloud, the instances of Cloud Guard must have interfaces in several VPCs as a requirement. Think about the subnetting and routing for your project, then implement a PoC with your networking staff.
RajivT
Senior System Engineer at Gas South
Real User
Jul 29, 2020
Secures our assets in the cloud while providing access to applications in our vendor hosted data centers via IPSEC tunnels

What is our primary use case?

It secures our assets in the cloud while providing access to applications in our vendor hosted data centers via IPSEC tunnels. We also use it for endpoint vpn for all our users. We have it deployed in our cloud and it forms the gateway for all external connectivity and access to the assets in the cloud. We also have a backup site to site connection with our on premise data center so in case the primary connection to the cloud fails we can quick fail over to this backup connection and business can continue as normal .

Pros and Cons

  • We have found the overall functionality of the product to be exactly similar to the physical product. The one good advantage is that it is cloud-based and can be deployed either as a part of a scale set or one can shut down the virtual machine and adjust the physical parameters of the virtual machine easily and bring it right back up.
  • I think they have pretty much mastered what can be done. There are some nuances like when you fail over from one cluster member to the other, the external IP address takes about two minutes to fail over.
SeniorNea133
Senior Network Engineer at a transportation company with 10,001+ employees
Real User
Feb 27, 2019
Enables us to move into the cloud without having to change a lot of our internal processes and retrain staff but it has more maturing to do

What is our primary use case?

Our primary use case is for major cloud vendors: AWS and Azure.

Pros and Cons

  • Moving into the cloud without having to change a lot of our internal processes and retrain staff is one of the biggest benefits of this solution.
  • I would like to see more focus on east-west traffic inspection and AWS.

What other advice do I have?

I would rate it a six out of ten. Other vendors typically are working with hardware acceleration and various other products, which you can't get in the cloud. One of the key things that made us more comfortable with Check Point is this is only thing that they do. It's the same exact thing as they are doing on-premise for the most part.
RAMAKRISHNANV V
Senior Security Architect at a computer software company with 10,001+ employees
Real User
Top 20
Jun 15, 2020
Auto-scaling and zero touch are major security features

What is our primary use case?

My experience with the solution has mainly been implementing it with an auto-scaling on behalf of my clients. My job was to migrate an on-prem firewall to AWS cloud. I'm a senior security architect.

Pros and Cons

  • Auto-scaling and zero touch are valuable features.
  • Zero touch removes any independence for configuring.

What other advice do I have?

My advice to anyone wanting to implement this solution would be to religiously follow the guidelines. I would rate this solution an eight out of 10.
See 1 more Check Point CloudGuard IaaS Reviews