• Home
  • Cato SASE Cloud Platform vs. Check Point CloudGuard CNAPP

Cato SASE Cloud Platform vs Check Point CloudGuard CNAPP comparison

Cancel
You must select at least 2 products to compare!
Lookout Logo

Lookout

Read 5 Lookout reviews
345 views|279 comparisons
71% willing to recommend
Cato Networks Logo

Cato SASE Cloud Platform

Read 21 Cato SASE Cloud Platform reviews
6,815 views|3,792 comparisons
100% willing to recommend
Check Point Software Technologies Logo

Check Point CloudGuard CNAPP

Read 60 Check Point CloudGuard CNAPP reviews
1,472 views|862 comparisons
93% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Secure Access Service Edge (SASE)
March 2024
Executive Summary

We performed a comparison between Cato SASE Cloud Platform and Check Point CloudGuard CNAPP based on real PeerSpot user reviews.

Find out what your peers are saying about Palo Alto Networks, Cisco, Zscaler and others in Secure Access Service Edge (SASE).
To learn more, read our detailed Secure Access Service Edge (SASE) Report (Updated: March 2024).
Download the complete report
768,415 professionals have used our research since 2012.
Featured Review
Anonymous User
Allows users to self-remediate security issues, maintaining their privacy and providing excellent vulnerability...
Lookout MES is essential to our organization's endpoint security; we require a security stack on all our assets, whether Windows 10, Linux, Mac, or... Read more →
Sureshot
A highly recommended SASE solution that's user-friendly, with excellent stability and scalability
When we hit the pandemic, it became challenging to migrate us and customers to have an auto-scaling VPN for the remote user. Cato gave us much hope... Read more →
Matt Comstock
Brings visibility, security control, and standardization
CloudGuard CNAPP definitely helps with bringing the controls, which can then play to compliance. We have a few key customers in the utility space,... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade.""The solution is stable.""The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices.""On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator."

More Lookout Pros →

"It's a cloud-based solution that integrates well with everything.""The product is efficient and easy to use.""It's a pretty straightforward solution.""The most valuable feature is that it also works as a next-gen firewall because it has security features.""It is quite simple and easy to use.""The feature that I find to be the most valuable is the bandwidth aggregation.""The scalability is quite good.""The WAN aggregation feature is the most valuable."

More Cato SASE Cloud Platform Pros →

"This solution provides threat prevention and detection of anomalies automatically and investigates the activity of each one of them.""We really liked its ease of implementation against our Microsoft Azure environment.""The most valuable feature is posture management, which gives you complete visibility of all your assets in the cloud and allows you to do governance and compliance.""Assets Management as it provide complete visibility of our workload inkling EC2 instance or Serverless""On Dome9, you can have reports on compliance, users created, and EAM access to the cloud infrastructure. For example, if some machine is exposed to the Internet, importing and exporting to the Internet when it shouldn't, we get immediate alerts if someone does this type of configuration by mistake. Dome9 is very important because AWS doesn't protect us for this. It is the client's responsibility to make sure that we don't export things to the Internet. This solution helps us ensure that we comply with our security measures.""We like the ability to investigate, analyze, and generate reports.""It learns from behavior, attacks, management, detections, captures packets, real-time analysis, et cetera. It's generating knowledge from a variety of sources for an excellent analysis.""The posture management and remediation features are the most valuable. We use GSL Builder to build custom rules in alignment with our organization's policies. CloudGuard has canned rules using multiple standard frameworks, but we also have additional rules."

More Check Point CloudGuard CNAPP Pros →

Cons
"Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving.""From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products.""We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now.""The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer"

More Lookout Cons →

"The price could be better.""The product must evolve into the endpoint domain.""The tool needs to be more granular. Its reports are not very in-depth.""They should include a web application firewall feature in the solution.""They can't do one-to-one NAT (Network Address Translation) in AP (their access point), and that is something that Palo Alto can do.""The solution is not cheap.""For a packaged solution, needing external intervention or a system integrator to get other features not offered by Cato Networks could be an area for improvement. Cato Networks does what it's meant to do and is even overstretching capabilities when introducing new features. The product can only have very few features added on top of what its currently doing. Managed service providers can deliver the extra features you'd need. It's a set of managed services, and what Cato Networks does is very comprehensive. So, for the time being, when the actual incarnation of the SASE solution is deployed, Cato Networks is a very effective product. Naturally, technology will evolve, so everybody knows that in three, four, or five years, there will be a new kid on the block, a new game. Still, at the moment, Cato Networks only needs to improve a little regarding SASE delivery. The product is doing very well, but one feature the Cato Networks team is doing right is preparing for the future through deploying the SSE 360, so the security service is at that edge. It's an excellent strategy to prepare for the future. SSE 360 is what Cato Networks should invest in the most to keep prospering.""Cato Networks security could be better."

More Cato SASE Cloud Platform Cons →

"It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published.""The technical support could be better, but I do not know of any other needed improvements.""When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug.""I would like to see tighter integration with other compliance tools, like Chef Compliance, in addition to Inspector.""The software configurations theory is complicated, and without proper planning and a well-skilled technical team, it cannot perform its tasks properly.""Reporting should have more options.""The solution could be improved with a greater analysis of its Microsoft Security score.""I would like to see some AI on the back-end, just to assist with doing analysis and making recommendations."

More Check Point CloudGuard CNAPP Cons →

Pricing and Cost Advice
  • "The pricing is fair; it's comparable to our previous solution, and we carried out multiple POCs and POVs (proof of value). The product is worth the money we pay for it."
  • "Lookout is definitely on the lower end when it comes to price point and that seems to be the only differentiator. The technology is in place in this space and it's really about who is coming in at the better price point now."
  • "In terms of feature performance versus cost, they're a good value."
  • "The licensing costs are good. Prisma has much more options and support for security, but it has a higher cost. For example, Lookout costs 2/3rd of Prisma's licensing price."

    • More Lookout Pricing and Cost Advice →

  • "The price is not an issue for us, as it is priced more competitively than some other vendors."
  • "If you compare with VeloCloud, the price is the same or even cheaper."
  • "You pay yearly based on the speed of your network. If you increase the speed of your network, you increase the cost for your throughput. It is by bandwidth for the most part and then licenses for VPN. There is some per-seat licensing for VPN access, but the majority of it is minimal. It is like $30 a year per client. The rest is based on how much bandwidth you'll use. You pay for that upfront for the year, and if you have to increase it, you increase it, and then they let you send more data through. There are no additional costs in addition to the standard licensing fees."
  • "Cato Networks seems more expensive than Cisco Meraki."
  • "The pricing of this solution depends on what you need. It is based on bandwidth."
  • "I rate the price of Cato Networks a four out of five."
  • "Cato Networks is an expensive product, but it works out of the box, so that's the usual trade-off, make versus buy. If you decide to buy a product that doesn't require much programming, then you'd want to go for Cato Networks, which will work naturally, and immediately without any complex setup. However, the product is a little bit more expensive than the competitors. On a scale of one to five, I'd rate the pricing for Cato Networks as four."
  • "The product is very competitively priced, and that's compelling. They don't charge the customer based on the operational cost like other brands such as Palo Alto. Cato has its own fully-fledged cloud, with their own data centers, equipment, and so on, which is an advantage. I rate the solution five out of five for affordability."

    • More Cato SASE Cloud Platform Pricing and Cost Advice →

  • "​They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. ​"
  • "I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two, to obtain better pricing."
  • "It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution."
  • "The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."
  • "I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you."
  • "Right now, we have licenses on 500 machines, and they are not cheap."
  • "The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."
  • "Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges."

    • More Check Point CloudGuard CNAPP Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Secure Access Service Edge (SASE) solutions are best for your needs.
    See Recommendations
    768,415 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Lookout?
    Top Answer:The solution is stable.
    Read all 4 answers   →
    What is your experience regarding pricing and costs for Lookout?
    Top Answer:The licensing costs are good. Prisma has much more options and support for security, but it has a higher cost. For… more »
    Read all 4 answers   →
    What needs improvement with Lookout?
    Top Answer:The solution could improve identity integration as well. Zero trust, it's a good start as a zero-trust solution… more »
    Read all 4 answers   →
    What do you like most about Cato Networks?
    Top Answer:The solution is a simple WAN solution. We've onboarded the socket on the Cato platform, and it provides connectivity… more »
    Read all 18 answers   →
    What is your primary use case for Cato Networks?
    Top Answer:We use the solution as a WAN, but we plan to optimize it by incorporating security features like zero trust for enhanced… more »
    Read all 19 answers   →
    What advice do you have for others considering Cato Networks?
    Top Answer:In terms of security, we are planning to deploy more features and our current usage is primarily focused on branch… more »
    Read all 18 answers   →
    What do you like most about Check Point CloudGuard Posture Management?
    Top Answer:The visibility in our cloud environment is the most valuable feature.
    Read all 33 answers   →
    What is your experience regarding pricing and costs for Check Point Cloud...
    Top Answer:The price is on the higher end.
    Read all 27 answers   →
    What needs improvement with Check Point CloudGuard Posture Management?
    Top Answer:We have concerns regarding the pricing and would appreciate seeing some improvements.
    Read all 32 answers   →
    Comparisons
    Also Known As
    CipherCloud
    Cato Networks
    Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
    Learn More
    Lookout
    Cato Networks
    Check Point Software Technologies
    Overview

    Lookout is a well-established and powerful secure web gateway (SWG) solution that protects more than 200 million users from threats that can result from the penetration of unsecured web traffic into their networks. Lookout is designed to enable organizations to work remotely while maintaining a tight blanket of security over their confidential business data. It provides administrators with security that extends from their endpoints to the cloud service that they are using to run their organization’s network. 

    Users of Lookout are able to proactively detect threats and keep themselves secure from a field of threats that constantly evolves. IT teams can protect their organizations without having to rely on any other security solutions. This singular solution can run on multiple kinds of mobile devices. The privacy of individuals is preserved while keeping compliance rules intact. Additionally, users gain access to a number of tools that enable them to prevent security breaches from taking place.

    Lookout Benefits

    Some of the ways that organizations can benefit by deploying Lookout include:

    • Ease of deployment. Lookout is a solution whose design makes it easy for users to deploy it. It provides users with simple, step-by-step instructions that remove the need for organizations to devote extensive amounts of time to make sure that it is properly set up. Anyone can quickly set up the solution without undergoing technical training. 
    • Built-in support. Users of the Lookout application have access to built-in demos that can teach them how to use various solution features. Instead of spending time trying to figure out the application, users can watch the demo that is most relevant to them and see for themselves how that particular feature is used.
    • Easy-to-use user interface. Lookout’s user interface is laid out in an intuitive way that makes it easy for administrators to navigate. This interface is present in both the mobile and desktop versions of this solution. 
    • Settings customization. Lookout has a built-in settings customization menu. This makes it possible for administrators to easily customize their settings so that they best conform to their needs. 

    Lookout Features

    • Activity monitoring and activity tracking. Lookout’s activity monitoring and activity tracking capabilities enable users to keep a close eye on the activities that are taking place in their networks. IT teams and administrators have the ability to watch their networks for any unusual activity. These features ensure that organizations can keep ahead of any potential threats. They provide the kinds of insights and warnings that make the jobs of those IT teams and administrators much easier and more streamlined. 
    • Encryption. Organizations that employ Lookout can encrypt their networks and keep crucial business data from being read by unauthorized parties. This feature keeps the secrets organizations are trying to keep out of the wrong hands.
    • Anti-virus tools. Lookout provides users with tools to block threats from harming their networks. These tools can successfully block 99.6 percent of threats without raising false alarms. 

    Cato Networks is a leading SASE (Secure Access Service Edge) platform, combining SD-WAN and network security to obtain a cloud-native service. Cato Networks optimizes and secures application access for users and identities. The platform delivers a next-generation secure networking architecture that minimizes legacy IT infrastructures’ complexity, costs, and risks. The goal of Cato Suite is to connect any user to any application securely and optimally.

    Cato Suite runs on a private global network of more than 65 PoPs (points of presence) connected via SLA-backed network providers. The service can connect branches, data centers, users, and clouds. Cato can be deployed in stages to augment legacy network services.

    Cato Suite delivers end-to-end route optimization for WAN and cloud traffic. The architecture is self-healing, enabling a high service uptime.

    Cato Features

    Cato Cloud has a global backbone to deliver a reliable, global network. Here are some key SD-WAN features of Cato Cloud.

    • Optimizes traffic flows: The Cato Suite can individually optimize traffic flows in the last mile - from the customer’s location to the point of presence, and also between PoPs. This feature eliminates the need for internet providers to hand off traffic to each other, avoiding the resulting latency and congestion.
    • Controls and manages bandwidth: The software-defined overlay is encrypted across the entire cloud infrastructure. This overlay uses application-aware routing, analyzing latency and loss data to choose the best route according to network conditions. These features, like protocol priority marking, enable the system to ensure the performance of real-time applications.
    • Delivers redundancy and failover: By connecting the points of presence with multiple Tier-1 IPs, Cato builds the redundancy needed to ensure security and highly available service.
    • Cloud-native: Cato is built as a scalable, resilient, and elastic cloud service.
    • Converged: The platform converges SD-WAN and network security into a single infrastructure framework.
    • Secures all edges: Cato Network can secure and optimize traffic from all users, locations, applications, and clouds.

    What challenges does Cato Network solve?

    • Migration to SD-WAN

    MPLS (multi-protocol label switching) networks are usually expensive and limited in their capacity. Cato simplifies migrating to a faster, higher-capacity internet and SASE cloud. Cato SD-WAN appliances enable customers to improve usable capacity and resiliency.

    • Global connectivity optimization

    Customers who suffer from the challenge of high latency and network inconsistency can use Cato to deliver a consistent connection and user experience to access on-premises and cloud applications.

    • Securing branch internet access

    Cato’s complete network security stack connects all branch locations to the Cato cloud, therefore protecting all traffic, both internet-bound and WAN, with enterprise-grade, cloud-based security services. This capability avoids having to backhaul internet traffic to a data center or hub or having to implement stand-alone cloud security solutions.

    • Cloud acceleration and control

    Organizations using Cato notice an acceleration of cloud traffic. Cato achieves this by routing all traffic from the edges to the PoP closest to the data center. Because of the close distance between the two, the latency is near zero.

    Reviews from Real Users

    An IT manager/project coordinator at a healthcare company says that “[Cato is] a cloud-based solution that integrates well with everything. They are the classic SaaS solution.”

    Yeong-Gi L., a network engineer at Snetsystems, notes that “The solution is very stable. The scalability is quite good. Technical support was always helpful and responsive. The integration capabilities are not a problem at all.”

    "The most valuable feature is that it also works as a next-gen firewall because it has security features," says Lorenzo S., senior solutions consultant Lead at MDI.

    Check Point CloudGuard CNAPP is a robust cloud security solution, offering comprehensive protection for cloud workloads and applications against cyberattacks. This platform encompasses cloud security posture management, threat prevention, and efficient incident response, providing organizations with a unified defense against threats. Key features include continuous visibility and remediation of misconfigurations, threat prevention through various techniques like intrusion prevention and malware detection, and rapid, cost-effective incident response. With CloudGuard CNAPP, you can safeguard cloud-native applications, cloud infrastructure, and sensitive data, enhancing your overall cloud security posture. This solution is a powerful asset for organizations seeking to fortify their cloud environments against a range of cyber threats.

    Sample Customers
    Paysafe, AdRoll, Pet Lovers Centre, Arlington Orthopedics, Humphreys & Partners Architects
    Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
    Top Industries
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm10%
    Manufacturing Company10%
    Government6%
    REVIEWERS
    Retailer18%
    Healthcare Company18%
    Insurance Company9%
    Energy/Utilities Company9%
    VISITORS READING REVIEWS
    Computer Software Company28%
    Manufacturing Company9%
    Financial Services Firm6%
    Retailer6%
    REVIEWERS
    Security Firm23%
    Financial Services Firm19%
    Computer Software Company10%
    Cloud Provider8%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company15%
    Security Firm8%
    Manufacturing Company7%
    Company Size
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise16%
    Large Enterprise62%
    REVIEWERS
    Small Business40%
    Midsize Enterprise25%
    Large Enterprise35%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise30%
    Large Enterprise45%
    REVIEWERS
    Small Business45%
    Midsize Enterprise12%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise11%
    Large Enterprise62%
    Buyer's Guide
    Secure Access Service Edge (SASE)
    March 2024
    Download Free Report
    Find out what your peers are saying about Palo Alto Networks, Cisco, Zscaler and others in Secure Access Service Edge (SASE). Updated: March 2024.
    DOWNLOAD NOW
    768,415 professionals have used our research since 2012.

    Cato SASE Cloud Platform is ranked 5th in Secure Access Service Edge (SASE) with 21 reviews while Check Point CloudGuard CNAPP is ranked 5th in Vulnerability Management with 60 reviews. Cato SASE Cloud Platform is rated 8.8, while Check Point CloudGuard CNAPP is rated 8.6. The top reviewer of Cato SASE Cloud Platform writes "Useful remote worker VPN, centralized management, and simple on-boarding process". On the other hand, the top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". Cato SASE Cloud Platform is most compared with Zscaler Zero Trust Exchange, Cisco SD-WAN, Prisma Access by Palo Alto Networks, Fortinet FortiGate and VMware SD-WAN, whereas Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Microsoft Defender for Cloud and Qualys VMDR.

    We monitor all Secure Access Service Edge (SASE) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.