We just raised a $30M Series A: Read our story
RM
CEO at a tech services company with 51-200 employees
Real User
Top 20
Flexible and easy to use with good integration capabilities

Pros and Cons

  • "The installation process doesn't take very long."
  • "Check Point support, beyond CloudGuard, does need some improvement."

What is most valuable?

The solution is very easy to use.

The product is quite flexible.

The installation process doesn't take very long.

We've found the stability to be quite good overall.

You can scale the solution if you need to.

Technical support is helpful and responsive.

The user interface is okay, depending on who is using it.

We haven't had any issues with integrations. It seems to handle them quite well.

What needs improvement?

We're looking forward to the next Check Point with the solution and CloudGuard and everything on the same single cloud. Right now, that's not yet the case.

We're expecting more new features in the next release, however, I'm not sure precisely what is being added.

Check Point support, beyond CloudGuard, does need some improvement.

For how long have I used the solution?

I've been using the solution for 18 to 24 months at this point. It's been a year or two.

What do I think about the stability of the solution?

The product is very stable so far. We haven't had any issues. It doesn't crash or freeze. There aren't bugs or glitches. The performance is reliable.

What do I think about the scalability of the solution?

The product can scale quite well. If a company needs to expand it, it can do so. It's not an issue.

We have 5,000 users on the solution in one particular case. They're on one account. It's kind-of a lot.

How are customer service and technical support?

The CloudGuard technical support has been good so far. We have no complaints. We're quite satisfied with the level of service we receive.

Which solution did I use previously and why did I switch?

From a firewall perspective, yes, we use some other solution, however, CloudGuard is basically filling a gap in the cloud area. Before them, of course, we didn't use any other thing. We were using something else that wasn't really related and when we moved to Check Point was when we first adopted CloudGuard.

How was the initial setup?

The initial setup is pretty straightforward. It's not overly complex. 

The deployment is fast. We managed it in about 24 hours or so.

We had 12 people that assisted in the deployment process.

What's my experience with pricing, setup cost, and licensing?

We have to pay a licensing fee, however, we haven't really done any comparison shopping, and therefore I can't speak to if it is affordable or expensive.

Mostly, we are satisfied with the cost. We have some discount agreements and that's enough.

What other advice do I have?

The solution always updates automatically, and therefore we are always using the latest.

We do plan to continue to use the product as we've mostly been quite satisfied with it.

I'd recommend the solution to other organizations.

Overall, I would rate the solution at a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
SF
Security Platform Administrator at a tech services company with 501-1,000 employees
User
Very good technical support and ROI with great URL filtering capabilities

Pros and Cons

  • "The most valuable features are the VPN Blade, IPS Blade, the URL filtering, and the Applications Control Blade."
  • "CheckPoint CloudGuard could be better at solving cases."

What is our primary use case?

I have been using Check Point CloudGuard for 3 years now. I use it in the financial sector, and use the gateways for perimeter security, east-west traffic inspections, and internet access. We have gateways for production, development, and outbound (internet access). The blades for IPS, FW, And URL filtering have been enabled with no problems. All the gateways are stable. We mostly use it for VPN site to site, and we can establish VPNs with Azure and other services. 

How has it helped my organization?

Check Point CloudGuard Network Security has established communications with other devices and other cloud providers. CloudGuard has improved the passage of CIS and PCI regulations. The functions for autoscaling save costs for the company and the centralized management helps us with administration. CloudGuard complements the security model of the company. We only need one solution for all cloud providers as it offers good compatibility with lots of protection. the easy funtion of use the licence core in other gateways helmpe to save cost. And the easy VPN configuration helpme to stablish more than 100 VPN in an shortly time.

What is most valuable?

The most valuable features are the VPN Blade, IPS Blade, URL filtering, and Applications Control Blade. They help me to align with any compliance or regulations within our financial sector. The VPN blade has helped me to establish tactical communications. The logs help with troubleshooting and they are great. The IPS blade helps me to meet regulations and protect against intrusion. The applications control makes it easy to configure and created profiles. It blocks all the non-authorized applications. 

What needs improvement?

CheckPoint CloudGuard could be better at solving cases. In many cases, the client should be able to request or obtain a sufficient explanation or to obtain an appropriate answer. Check Point should improve the queue clients need to go through to obtain access to direct support chat. This should be for users with privileged access.  

CheckPoint features that should be included in the next release include the possibility to create a cluster on AWS and a Multi-region Cluster. They need to also include the possibility to use a managed web portal. 

For how long have I used the solution?

I've been using the solution for about 3 years.

What do I think about the scalability of the solution?

The scalability is very good.

How are customer service and technical support?

Technical support is very good.

How was the initial setup?

The initial setup is easy.

What about the implementation team?

The team that helped us was very good.

What was our ROI?

The ROI we've had has been very good.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Learn what your peers think about Check Point CloudGuard Network Security. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
543,089 professionals have used our research since 2012.
MK
Dy General Manager at a real estate/law firm with 501-1,000 employees
Real User
Top 5Leaderboard
Stable with a straightforward setup but does not scale effectively

Pros and Cons

  • "The solution has been quite stable."
  • "The solution lacks the capability to scale effectively."

What is our primary use case?

We primarily use the solution as a firewall. It is for the perimeter protection of our products. We use it as a UTM kind of environment.

What is most valuable?

The solution has good features.

It has good antivirus protection.

The solution has been quite stable.

The installation was straightforward and pretty easy to execute.

What needs improvement?

The solution lacks the capability to scale effectively.

For how long have I used the solution?

We had been using the solution for five years. However, we are currently migrating off of it.

What do I think about the stability of the solution?

We found the solution to be stable when we were using it. It doesn't crash or freeze. It's not buggy and it doesn't have glitches.

What do I think about the scalability of the solution?

The solution isn't scalable. In fact, it cannot be upgraded at all. This is the main reason why we are switching over to a different firewall under a different brand.

We have many users at the perimeter currently. 

How are customer service and technical support?

The technical support on offer was very good. We were largely satisfied with the level of service provided. We found them to be helpful and responsive when we had issues.

Which solution did I use previously and why did I switch?

We are currently moving from Check Point to Fortinet. We haven't yet started to use Fortinet, however. It's a work in progress.

How was the initial setup?

The solution is pretty easy to set up. It's not complex. It's rather straightforward. It shouldn't give a company any trouble.

You need two to three people to manage the deployment process. You don't need a big team.

What about the implementation team?

We handled the implementation ourselves using in-house personnel. We didn't need the outside assistance of integrators or consultants.

What other advice do I have?

We're just a customer and an end-user. We aren't a vendor, consultant, or integrator.

I'm not sure if I would recommend the solution to other organizations. It would likely be 50/50. It really depends on the company's requirements. For us, for example, we needed to scale, and that ended up not being possible and so we have to move away from it.

Overall, I would rate the solution six out of ten. Although it has some good aspects, for us, the lack of scalability was impossible to overcome.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
LA
Network, Systems and Security Engineer at SOLTEL Group
Real User
Top 5
Good dashboard for centralized management, effective protection against zero-day attacks

Pros and Cons

  • "The most valuable feature is the centralized dashboard, which is used for managing all of the Check Point Security Gateways."
  • "In case the device is inaccessible due to some issue such as CPU or memory, there is no separate port or hardware partition provided for troubleshooting purposes."

What is our primary use case?

We had a big problem with how to protect our host services, which are directly accessed via the cloud. We wanted to protect our organization tenant and workload from any next-generation attack. For this protection, we implemented the Check Point solution named CloudGuard Network.

This NGFW is provided by Check Point and has all of the capabilities that are required to protect against next-generation attacks at the perimeter level.

The modules or security features that we use are provided as part of the base license. These include VPN, IPS, Application Control, and Content Awareness. Together, these are strong and help to protect the organization.

How has it helped my organization?

This solution effectively protects us against any next-generation attack.

What is most valuable?

The most valuable feature is the centralized dashboard, which is used for managing all of the Check Point Security Gateways.

Whether it is hosted on-premises or on the cloud with the NGTX license, it provides additional security capabilities such as SandBlast, which is able to extract and emulate file execution in a virtual sandbox. It will identify activity and actions, and the system can be configured accordingly.

It provides hyperscaling capabilities for both on-premises and cloud-based security gateways. An on-premises security gateway can be configured for hyperscaling using the Maestro 140 or Maestro 170. In the cloud, on AWS it can be hyper-scaled using the AWS gateway load balancer.

It's able to protect against advanced threats and prevent zero-day attacks using both SandBlast and IPS signatures.

What needs improvement?

Throughput is impacted drastically once the security modules are enabled on the firewall.

As it is a software-based firewall, there is no dedicated throughput available for each module.

In case the device is inaccessible due to some issue such as CPU or memory, there is no separate port or hardware partition provided for troubleshooting purposes.

Throughput on the virtual firewall is an issue in case the organization wants to migrate a workload to the cloud, and it becomes a bottleneck.

For how long have I used the solution?

We have been using the Check Point CloudGuard Network for between two and five years.

What other advice do I have?

The combination of NGFW + URL Filtering + Antivirus + Anti Bot, with 8 vCore D4 v2, is able to provide a throughput of 4Gbps.

On Azure, the combination of NGFW + URL Filtering + Anit Virus + Anit Bot, with 8vCore c5n 2xlarge, is able to provide a throughput of 4.7Gbps. It is similar to AWS.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PL
Firewall Engineer at a logistics company with 1,001-5,000 employees
User
Top 5Leaderboard
Simple management, easy to scale, and allows for rule automation

Pros and Cons

  • "It's possible to sync the Check Point Management with the cloud portal, therefore allowing automated rules to be set in place whenever creating a new VM."
  • "For major upgrades, it's still necessary to destroy the VMs and re-create them again. Doing that would mean new public IPs as well."

What is our primary use case?

We use a hybrid environment, so we have an on-premise data center and branch offices as well as resources in the cloud. On-premise is secured with different Check Point Gateways while for our security in the cloud we use Check Point Cloud Guard.

Depending on the traffic, we use different Cloud Guard firewalls. External traffic is handled by using a scale-set that can adapt on the fly to increase/decrease the number of firewall instances.

Internal traffic is handled by a normal Cloud Guard HA cluster with a certain amount of cores.

How has it helped my organization?

We used the Cloud Guard technology quite early on and used Check Point's Blueprint for our Cloud Datacenter design. By being able to use real firewalls instead of the cloud's own IP tables/inferior IPS we're able to maintain security across the whole environment (on-premise and cloud).

With the possibility to administer the cloud firewalls within the same management as on-premise firewalls, we can use the same objects/networks instead of having two sets of object databases or scripting something to have both of them synched.

What is most valuable?

Having the whole environment be under the same management is definitely is a plus.

Using a scale set to increase/decrease the amount of firewalls in the cloud helps with saving costs in the long run, as they will only increase if traffic increases and therefore saving us on licensing costs. For a normal Cloud Guard you pay for each core, so using the SS you don't have to fully size and pay for the maximum amount of traffic.

It's possible to sync the Check Point Management with the cloud portal, therefore allowing automated rules to be set in place whenever creating a new VM.

What needs improvement?

In the first phase, Cloud Guard Firewalls didn't allow minor and major upgrades. Fortunately, now you can install normal hotfixes and minor upgrades (JHF) on the Cloud firewalls. For major upgrades, it's still necessary to destroy the VMs and re-create them again. Doing that would mean new public IPs as well. We created a script for that. I still hope that major upgrades will be possible in the near future too, otherwise, you still have to script a lot for basic maintenance, instead of using tools like CDT.

What do I think about the scalability of the solution?

The product is very scalable due to using the scale-set.

Disclosure: My company has a business relationship with this vendor other than being a customer: We're a Check Point partner and use their products as well for our own environment.
Flag as inappropriate
RAMAKRISHNANV V
Senior Security Architect at a computer software company with 10,001+ employees
Real User
Top 10
Auto-scaling and zero touch are major security features

Pros and Cons

  • "Auto-scaling and zero touch are valuable features."
  • "Zero touch removes any independence for configuring."

What is our primary use case?

My experience with the solution has mainly been implementing it with an auto-scaling on behalf of my clients. My job was to migrate an on-prem firewall to AWS cloud. I'm a senior security architect. 

What is most valuable?

I think one of the valuable features is the auto-scaling, which is based on traffic and  automatically spins one more firewall and adds it to the management server. The zero touch is also a valuable feature. After re-tagging the next internal load balancer within Check Point, it automatically writes up a mac rule and an access rule. As long as you're adding a server into the internal load balancer, you won't need to touch anything. In a Check Point firewall, the mac rules and access rules are automatically written up. Zero touch means there is no need to insert rules again when you're adding servers internally. 

What needs improvement?

There is definitely some improvement required. We currently use a deployment template provided by AWS each time. If I want to clean up the IaaS I have to use the IaaS template which should not be necessary. Secondly, because it's zero touch, I cannot write up any rules in the firewall. I understand these features might have been built particularly for zero-touch but from the perspective of a network and firewall engineer, some independence to configure something on the firewall would be appreciated. 

An additional feature that could improve the solution would be to enable both automatic and manual control that would allow the engineer complete control over the firewall.

What do I think about the stability of the solution?

The solution is generally stable although it crashed one time while I was implementing. 

What do I think about the scalability of the solution?

The solution is absolutely scalable. 

How are customer service and technical support?

The technical support is excellent.

What other advice do I have?

My advice to anyone wanting to implement this solution would be to religiously follow the guidelines. 

I would rate this solution an eight out of 10. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
FN
IT Professional at a government with 10,001+ employees
Real User
Top 20
User-friendly and easy to implement

What is our primary use case?

Our primary use case for this solution is a firewall.

What is most valuable?

The most valuable Check Point CloudGuard feature is the firewall. I also value the user authentication, IPS, and application control features.

What needs improvement?

The clustering and HE from the scaling availability could be improved. The documentation could be much better as well.

For how long have I used the solution?

I have been using this solution for about a year. 

What do I think about the stability of the solution?

I would rate stability as average, too. It's not the best, but it's also not the worst. 

What do I think about the scalability of the solution?

I would rate the scalability potential of this solution as average.

How are customer service

What is our primary use case?

Our primary use case for this solution is a firewall.

What is most valuable?

The most valuable Check Point CloudGuard feature is the firewall. I also value the user authentication, IPS, and application control features.

What needs improvement?

The clustering and HE from the scaling availability could be improved.

The documentation could be much better as well.

For how long have I used the solution?

I have been using this solution for about a year. 

What do I think about the stability of the solution?

I would rate stability as average, too. It's not the best, but it's also not the worst. 

What do I think about the scalability of the solution?

I would rate the scalability potential of this solution as average.

How are customer service and technical support?

Check Point CloudGuard technical support is good.

Which solution did I use previously and why did I switch?

I have not previously used any solutions. 

How was the initial setup?

Deployment was easy. It took about half a day to do all configure everything how we needed it. 

What about the implementation team?

The first time we deployed it was through a Check Point pre-sales specialist. After that, we deployed on our own. 

What other advice do I have?

If we end up needing to scale, we would have to buy a new license. 

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
OM
Business Manager at a tech services company with 11-50 employees
Real User
Top 20
A user-friendly and compatible cloud security solution

Pros and Cons

  • "I like the firewall and the virtual machine. I also like that it's compatible with Amazon Web Services and Azure."
  • "Check Point Virtual Systems is a complete solution, but pricing can be better."

What is most valuable?

I like the firewall and the virtual machine. I also like that it's compatible with Amazon Web Services and Azure.

What needs improvement?

Check Point Virtual Systems is a complete solution, but pricing can be better.

For how long have I used the solution?

I have been using Check Point Virtual Systems for about five years.

What do I think about the stability of the solution?

It's very stable. 

What do I think about the scalability of the solution?

Check Point Virtual Systems is very scalable. 

How are customer service and technical support?

We depend on the community a lot. It's good. The response time from technical support is also good.

How was the initial setup?

The initial setup was complex. It took about four months to implement this solution. Four people deploy and maintain this product.

What's my experience with pricing, setup cost, and licensing?

The price could be better.

Which other solutions did I evaluate?

We evaluated two or three competing products like Huawei. Check Point and Fortinet is quality, but the prices vary. Huawei is very easy to use, and it's common. The main difference between all is the cost.

What other advice do I have?

I would recommend Check Point as it's an effective tool, and implementation is very easy.

On a scale from one to ten, I would give Check Point Virtual Systems a nine.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Buyer's Guide
Download our free Check Point CloudGuard Network Security Report and get advice and tips from experienced pros sharing their opinions.