We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Auto-scaling and zero touch are valuable features."
"What's most valuable to me is that it's a contiguous solution that aligns well with the components that we've relied on and trusted from a traditional hardware, firewall, and unified threat management system. My engineers and analysts don't have to learn another platform. We have already entrusted our security controls to Check Point for perimeter and physical security, and now we can do so at the virtual layer as well, which is key to us."
"We have found the overall functionality of the product to be exactly similar to the physical product. The one good advantage is that it is cloud-based and can be deployed either as a part of a scale set or one can shut down the virtual machine and adjust the physical parameters of the virtual machine easily and bring it right back up."
"I find it really useful that CloudGuard supports all the main players on the Public Clouds market including AWS, GCP, and Azure, as well as some exotic ones like Alibaba Cloud, Oracle Cloud, and IBM Cloud."
"The visibility, the one-pane-of-glass which allows me to see all of my edge protection through one window and one log, is great. Monitoring everything through that one pane of glass is extremely valuable."
"The main benefit of the Check Point Virtual Systems solution is its ability to split up the hardware appliances that we have into several logical, virtual devices with separate traffic handling policies, as well as the switching and routing."
"The features of the solution which I have found most valuable are its flexibility and agility. It's a fully scalable solution, from our perspective. We can define scaling groups and, based on the load, it will create new instances. It's truly a product which is oriented toward the cloud mindset, cloud agility, and this is a great feature."
"The most valuable feature is that we can use the same manager server that we use on our own Check Point firewalls. We integrated CloudGuard on that manager and we can use the same kind of protections that we use on the on-prem firewalls, like the IPS and antivirus policy. We can have the same kind of protection on the Cloud environment that we have on-premise."
"Its deception features are great, providing a rich telemetry of lured origins, and are a great resource for any active defense strategy."
"This tool greatly helps in understanding the footprint of the attacks."
"The interface and dashboard are amazing."
"The real bonus is the fact that we can secure applications, all the way down to the individual services, on each host. It's actually more granular security than we can get out of a traditional firewall."
"We like the centralized management of the firewalls. Until we installed Guardicore Centra, we managed all our firewalls individually, so making changes was complicated, difficult, and time-consuming."
"From day one, you get threat intelligence. It will immediately block active threats, which has been useful."
"The most valuable feature is the visibility of processes and connections."
"Zero touch removes any independence for configuring."
"It's meeting our needs at this time. If I could make it better, it would be by making it more standalone. That would be beneficial to us. I say that because our current platform for virtualization is VMware. The issue isn't any fault of Check Point, it's more how the virtualization platform partners allow for that partnership and integration. There has to be close ties and partnerships between the vendors to ensure interoperability and sup-portability. There is only so far that Check Point, or any security vendor technology can go without the partnership and enablement of the virtualization platform vendor as it relies on "Service Insertion" to maintain optimal performance."
"I think they have pretty much mastered what can be done. There are some nuances like when you fail over from one cluster member to the other, the external IP address takes about two minutes to fail over."
"I hope that Check Point continues to improve its technical documentation regarding the Check Point CloudGuard IaaS gateway and management system."
"The biggest room for improvement is that, for a long time now, they've moved everything over to R80 but they still maintain some of the stuff in the old dashboard. They need to "buy in" and move everything to the modern dashboard so that you don't have to go to one place and to another place, at times, to configure the environment. It's time they just finish what they started and put everything in the new, modern dashboard."
"As an administrator, I can say that among all of the Check Point products I have been working with so far, the Virtual Systems solution is one of the most difficult."
"The convergence time between cluster members is still not perfect. It's far away from what we get in traditional appliances. If a company wants to move mission-critical applications for an environment to the cloud, it somehow has to accept that it could have downtime of up to 40 seconds, until cluster members switch virtual IP addresses between themselves and start accepting the traffic. That is a little bit too high in my opinion. It's not fully Check Point's fault, because it's a hybrid mechanism with AWS. The blame is 50/50."
"CloudGuard functions just like any other firewall. It functions very well. The only thing that could maybe be improved would be to integrate some tools that are not integrated with the SmartConsole, like the SmartView Monitor that we need to open on a different application to access."
"Needs more customization of honeypots and a vaster catalog of systems able to be mimicked."
"The product needs a few features like enhanced user policies and payload-level inspection to improve the offering."
"The long-term management of the security policies could be improved with some kind of automation platform, something like Chef or Puppet or Ansible, to help you manage the policies after day-one... to then manage the policies and changes to those policies, going forward, through some type of automation process is not turning out to be really easy."
"Sometimes, the speed needs improvement, especially when it comes to the generation of maps, where it can be a bit slow."
"The maps could go a bit faster. They are useful but slightly slow."
"In our version, when using the terminal server, we cannot exclude user tasks for each session."
"Licensing is simply by the number of hosts that you are looking to protect within your environment. It makes it much easier to ensure that you are covering your environment."
"There is flexibility in the different licensing models that are offered."
"The pricing is pretty high, not just for your capital, for what you have to pay upfront, but for what you pay for your annual software renewals as well, compared to a lot of other vendors. Check Point is near the top, as far as how much it's going to cost you."
"Pricing of CloudGuard is pretty fair when you have a single account. It's comparable with other cloud providers. But for our use case, it got really pricey when we had to deploy multiple CloudGuards on multiple accounts in different regions, because you can't have CloudGuard protecting multiple regions. That's the big thing."
"The pricing and licensing have been good. We just had to do a license increase for our portion of it. We had that done within a couple of days. Given the fact that it's purely a software-based license, it ends up being even quicker than doing it for an on-prem firewall."
"It is not expensive, but it is a little bit above the middle range. There are other solutions that are a little more expensive than this, but they also have some interesting features."
"The price could be better."
"You get charged only for what resources you choose and how much traffic actually passes through the firewall, which in turn saves a lot of money."
"Compared to the pricing we were seeing from both Illumio and Edgewise, Guardicore was very competitive."
"Guardicore Centra provides better value for money than NSX, was the other solution that we looked at, which was too expensive for what it does."
"This is not a cheap solution but you have to consider the bigger picture, which is what it is giving you."
Check Point CloudGuard provides unified cloud native security for all your assets and workloads, giving you the confidence to automate security, prevent threats, and manage posture – everywhere – across your multi-cloud environment.
Guardicore Centra is a comprehensive data center and cloud security solution that delivers the simplest way to apply micro-segmentation controls to reduce the attack surface and detect and control breaches within east-west traffic. It provides deep visibility into application dependencies and enforces network and process-level policies to protect critical applications.
Check Point CloudGuard Network Security is ranked 2nd in Cloud and Data Center Security with 25 reviews while Guardicore Centra is ranked 4th in Cloud and Data Center Security with 7 reviews. Check Point CloudGuard Network Security is rated 8.6, while Guardicore Centra is rated 8.8. The top reviewer of Check Point CloudGuard Network Security writes "Unified Security Management has enabled us to combine our on-prem appliances and cloud environments". On the other hand, the top reviewer of Guardicore Centra writes "Allowed us to build out a data center topology without worrying about placement of physical or virtual firewalls that can create bottlenecks". Check Point CloudGuard Network Security is most compared with Fortinet FortiGate, Palo Alto Networks NG Firewalls, Cisco Firepower NGFW Firewall, Cisco ASA Firewall and Azure Firewall, whereas Guardicore Centra is most compared with Cisco Secure Workload, Illumio Adaptive Security Platform, VMware NSX, Prisma Cloud by Palo Alto Networks and Azure Security Center. See our Check Point CloudGuard Network Security vs. Guardicore Centra report.
See our list of best Cloud and Data Center Security vendors.
We monitor all Cloud and Data Center Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.