We performed a comparison between Cato SASE Cloud Platform and Check Point CloudGuard CNAPP based on real PeerSpot user reviews.
Find out what your peers are saying about Palo Alto Networks, Cisco, Zscaler and others in Secure Access Service Edge (SASE)."The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."
"The solution is stable."
"The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices."
"On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator."
"It's a cloud-based solution that integrates well with everything."
"The product is efficient and easy to use."
"It's a pretty straightforward solution."
"The most valuable feature is that it also works as a next-gen firewall because it has security features."
"It is quite simple and easy to use."
"The feature that I find to be the most valuable is the bandwidth aggregation."
"The scalability is quite good."
"The WAN aggregation feature is the most valuable."
"This solution provides threat prevention and detection of anomalies automatically and investigates the activity of each one of them."
"We really liked its ease of implementation against our Microsoft Azure environment."
"The most valuable feature is posture management, which gives you complete visibility of all your assets in the cloud and allows you to do governance and compliance."
"Assets Management as it provide complete visibility of our workload inkling EC2 instance or Serverless"
"On Dome9, you can have reports on compliance, users created, and EAM access to the cloud infrastructure. For example, if some machine is exposed to the Internet, importing and exporting to the Internet when it shouldn't, we get immediate alerts if someone does this type of configuration by mistake. Dome9 is very important because AWS doesn't protect us for this. It is the client's responsibility to make sure that we don't export things to the Internet. This solution helps us ensure that we comply with our security measures."
"We like the ability to investigate, analyze, and generate reports."
"It learns from behavior, attacks, management, detections, captures packets, real-time analysis, et cetera. It's generating knowledge from a variety of sources for an excellent analysis."
"The posture management and remediation features are the most valuable. We use GSL Builder to build custom rules in alignment with our organization's policies. CloudGuard has canned rules using multiple standard frameworks, but we also have additional rules."
"Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving."
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products."
"We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."
"The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer"
"The price could be better."
"The product must evolve into the endpoint domain."
"The tool needs to be more granular. Its reports are not very in-depth."
"They should include a web application firewall feature in the solution."
"They can't do one-to-one NAT (Network Address Translation) in AP (their access point), and that is something that Palo Alto can do."
"The solution is not cheap."
"For a packaged solution, needing external intervention or a system integrator to get other features not offered by Cato Networks could be an area for improvement. Cato Networks does what it's meant to do and is even overstretching capabilities when introducing new features. The product can only have very few features added on top of what its currently doing. Managed service providers can deliver the extra features you'd need. It's a set of managed services, and what Cato Networks does is very comprehensive. So, for the time being, when the actual incarnation of the SASE solution is deployed, Cato Networks is a very effective product. Naturally, technology will evolve, so everybody knows that in three, four, or five years, there will be a new kid on the block, a new game. Still, at the moment, Cato Networks only needs to improve a little regarding SASE delivery. The product is doing very well, but one feature the Cato Networks team is doing right is preparing for the future through deploying the SSE 360, so the security service is at that edge. It's an excellent strategy to prepare for the future. SSE 360 is what Cato Networks should invest in the most to keep prospering."
"Cato Networks security could be better."
"It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published."
"The technical support could be better, but I do not know of any other needed improvements."
"When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug."
"I would like to see tighter integration with other compliance tools, like Chef Compliance, in addition to Inspector."
"The software configurations theory is complicated, and without proper planning and a well-skilled technical team, it cannot perform its tasks properly."
"Reporting should have more options."
"The solution could be improved with a greater analysis of its Microsoft Security score."
"I would like to see some AI on the back-end, just to assist with doing analysis and making recommendations."
Cato SASE Cloud Platform is ranked 5th in Secure Access Service Edge (SASE) with 21 reviews while Check Point CloudGuard CNAPP is ranked 5th in Vulnerability Management with 60 reviews. Cato SASE Cloud Platform is rated 8.8, while Check Point CloudGuard CNAPP is rated 8.6. The top reviewer of Cato SASE Cloud Platform writes "Useful remote worker VPN, centralized management, and simple on-boarding process". On the other hand, the top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". Cato SASE Cloud Platform is most compared with Zscaler Zero Trust Exchange, Cisco SD-WAN, Prisma Access by Palo Alto Networks, Fortinet FortiGate and VMware SD-WAN, whereas Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Microsoft Defender for Cloud and Qualys VMDR.
We monitor all Secure Access Service Edge (SASE) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.