2019-08-04T07:38:00Z

What advice do you have for others considering Check Point CloudGuard Network Security?

Julia Miller - PeerSpot reviewer
  • 0
  • 8
PeerSpot user
66

66 Answers

Jan Vobruba - PeerSpot reviewer
Real User
Top 5
2024-03-03T12:30:00Z
Mar 3, 2024

Overall, I would rate CloudGuard Cloud Network Security as a ten out of ten.

Search for a product comparison
RS
Real User
Top 20
2024-03-03T12:12:00Z
Mar 3, 2024

For us, the solution was easy to understand. The syncing of the CloudGuard Network Security is like that of the gateway on-prem. Translating in a very easy path to bring the features is very easy. I rate the product a nine out of ten.

NB
Real User
Top 20
2024-03-03T12:08:00Z
Mar 3, 2024

Using CloudGuard Network Security saves time due to its stability and ease of administration. The solution is not complex, allowing administrators to focus on other tasks. The configuration process is straightforward. It can integrate with NSX. I rate the product a nine out of ten. We manage a total of 800 servers that host a variety of components, including our infrastructure, customer applications, databases, application sites, and disaster recovery systems

Ajdin Heric - PeerSpot reviewer
Real User
Top 10
2024-03-03T12:06:00Z
Mar 3, 2024

CloudGuard Network Security provides unified security management across hybrid clouds as well as on-premises environments. It helps to manage everything from a single point. I have been exploring Harmony SASE for remote security and zero-trust access in some proof-of-concept activities. Also, I'm checking out the CloudGuard Web Application Firewall for safeguarding our applications on the internet. I rate the product a ten out of ten. We have had a great experience with Check Point, and we haven't faced any major incidents or attacks compromising our organization. It has helped us detect activities on our endpoints. I would genuinely recommend it. Check Point is easy to manage, implement, and configure. The support is excellent, and the constant threat intelligence updates ensure protection against various threats. It's truly an amazing product for securing your environment.

Fabio Carvalho - PeerSpot reviewer
Real User
Top 20
2024-03-03T09:21:00Z
Mar 3, 2024

It took around a year to see the benefits of using CloudGuard Network Security. If you have CloudGuard Network Security managed by the same management server used for on-premises, you can control all policies in one management tool. I am confident in using the product. We are a Check Point partner, hence we trust the product and the company. I rate the overall product a nine out of ten.

Paulo Lemos - PeerSpot reviewer
Real User
Top 20
2024-03-03T07:58:00Z
Mar 3, 2024

We have both cloud and on-premises deployment models. The solution offers protection and full visibility of traffic on cloud solutions. It is rock solid and comes with proven technology. We can benefit from its detection rates and security. I rate the overall product a ten out of ten. It is a straightforward solution that uses existing technology. We don't have to learn new technology. We can use what we know and deploy it on to the cloud.

Learn what your peers think about Check Point CloudGuard Network Security. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
Hans Moggert - PeerSpot reviewer
Real User
Top 10
2024-03-03T07:52:00Z
Mar 3, 2024

For any private cloud data center leveraging software-defined networking through VMware or Cisco ACI, CloudGuard stands out as the optimal choice. It offers unparalleled flexibility and ease of management, making it the ideal solution for customers already utilizing Check Point in conjunction with virtual networks within their data centers.

SK
Real User
Top 20
2024-02-26T15:55:00Z
Feb 26, 2024

Initially, we faced some challenges, especially with the AWS transit gateway, involving manual routing configurations and complex setup tasks. I rate the overall product a nine out of ten.

Achim Buettner - PeerSpot reviewer
Real User
Top 10
2024-02-26T15:50:00Z
Feb 26, 2024

In most cases, we use the smart management on-premises. With the hybrid solution, we have one log visibility of every single management, which is an advantageous concept. I rate it an eight out of ten.

Darren Fine - PeerSpot reviewer
Real User
Top 10
2024-02-26T15:47:00Z
Feb 26, 2024

Unified Security Management provides a consistent interface and knowledge base, allowing those who were trained in Check Point for on-premise use to apply that same understanding across various cloud environments such as Google, AWS, Alibaba, Oracle, and more. I rate the product an eight out of ten. There is always work to be done. However, some customers may find other technologies more understandable, and there could be a perceived difficulty in the human-computer interaction with Check Point. This might create challenges in comparison to competitors, as customers may find competitors' solutions easier to use.

Erez Zelikovitz - PeerSpot reviewer
Real User
Top 20
2024-02-26T15:44:00Z
Feb 26, 2024

We utilize the tool's SmartConsole integrated into our management system. However, we encounter challenges with multi-tenancy. Since we integrate it as an application on the cloud we can integrate it with any other provider. We do think that the synergy with Check Point is very good because we also allow Check Point to move from the edge to the cloud while we provide security connectivity from the edge to the cloud. So we can support its transition from on-prem security solutions to the cloud. It looks like a very good win-win situation for both Check Point and BBT, and we see it in the market, bringing us big deals in Japan and France. We can go with others as well in terms of architecture because our architecture is very open. We are a small company and cannot engage with everyone. We have good connections with Check Point in Israel. We also have some connections abroad. So far, we are getting good support. We have an application that is running on our cloud. Normally, our main cloud provider is Google, but we can run over any cloud. It could be a private cloud or any data center that provides virtual machines and connectivity. We are agnostic. We are in several POCs in France, Japan, and Thailand, and they are progressing well. However, we need more presales support. There is a lack of knowledge about the solution in the regions, and we are finding it challenging to get sufficient support from those regions. There seems to be a gap in support that needs to be addressed. It seems that the product is the answer that we need. We haven't identified any missing components in the security suite, apart from the operational challenges related to working in a multi-tenancy environment. I rate the product an eight out of ten.

CM
Real User
2024-02-26T15:40:00Z
Feb 26, 2024

The tool is working well so far for normal use cases. I rate it an eight out of ten.

SG
Real User
Top 5
2024-02-26T15:35:00Z
Feb 26, 2024

We have moved our security level from on-prem to the cloud. The security posture is consistent. We can use the same storage system, monitoring system, and objects both on-prem and in the cloud. I am quite confident with CloudGuard Network Security. The primary reason for choosing the product over other cloud firewall vendors was to maintain the same solution as on-premises. Additionally, it offered a good level of security functionalities. I rate the overall product an eight out of ten. You should define your requirements before choosing the product.

TB
Real User
Top 20
2024-02-26T15:34:02Z
Feb 26, 2024

In Azure, when we refer to "size," it could be in terms of factors like the number of instances, bandwidth, or users. We use cloud-native platforms but prefer Check Point solutions. It is easier to manage since we know Check Point is on-prem. I have a high level of confidence in CloudGuard Network Security. I am familiar with Check Point and Azure. I rate the overall product a nine out of ten.

AG
Real User
Top 20
2024-02-26T15:31:00Z
Feb 26, 2024

We operate in a hybrid cloud environment with both on-premises and Azure, but we don't currently use other cloud providers like Amazon. Our on-premises SmartConsole remains in use, and overall, everything is running smoothly. Our confidence in the product is high. We believe that we can do better with its help. I would rate it a nine out of ten because it's very good with high potency and potential. However, it's not perfect. I faced issues with Azure China, and it's not as straightforward on other cloud platforms.

BS
Real User
2024-02-26T15:25:00Z
Feb 26, 2024

CloudGuard Network Security is an efficient solution. I rate it an eight out of ten.

JT
Real User
Top 20
2024-02-26T15:21:00Z
Feb 26, 2024

I don't see any difference in user experience between on-prem and the cloud setup. We have an MDS environment where we can manage the whole country. The tool enables us to manage policies on the same platform for branches and regions in the country. I rate the product an eight out of ten.

MP
Real User
Top 20
2024-02-26T15:13:24Z
Feb 26, 2024

Invest time in analyzing the templates provided by Check Point and tailor them to your specific requirements. Understanding the deployment process is crucial, as it allows you to benefit from it in later stages. You can optimize it later based on the needs. I rate the overall product a nine out of ten.

OY
Real User
Top 20
2024-02-26T15:09:00Z
Feb 26, 2024

CloudGuard Network Security provides unified security management across both our hybrid clouds and on-premises environments. I rate it a nine out of ten. I would recommend others to install the solution.

GB
Real User
Top 20
2024-02-26T15:03:00Z
Feb 26, 2024

There is no real issue with the software itself. It does the job. It does what it was designed for. I can rate it a ten out of ten because it is exactly like the on-prem software physical appliance. There is no difference for us.

LV
Real User
Top 20
2024-02-26T14:45:00Z
Feb 26, 2024

CloudGuard Network Security can manage security for both our hybrid cloud and on-premises systems. Currently, we have separate solutions for on-premises and the cloud. We also use Smart-1 Cloud from the Infinity portal. We haven't integrated the tool with both Azure and on-prem environments. I have about an eight out of ten confidence level in our cloud network security with the product. It is because of Azurre's robust and dynamic nature. It is easy to incorporate anything new that comes up. We can integrate any new steps in Azure concerning the blades, CloudGuard Network Security, and Check Point. Cloud-native firewalls lack functionalities such as IPS, which are exclusive to products like Check Point or other vendor-specific solutions. This is why we opted for CloudGuard Network Security as an additional layer, complementing the limitations of Azure's native or any cloud-native firewalls. We are already using Check Point for our on-prem environment. The cloud solution was easy to integrate with our existing infrastructure. I rate the overall product a six out of ten. Due to certain limitations in the integration between Azure and CloudGuard Network Security, I currently rate the experience as a six. However, I'm hopeful that Check Point is working on its new release.

Nagendra Nekkala - PeerSpot reviewer
Real User
Top 5Leaderboard
2023-10-31T07:16:07Z
Oct 31, 2023

I rate the product an eight out of ten.

JM
Real User
Top 5
2023-10-19T15:02:58Z
Oct 19, 2023

It's worth it in the sense that it can protect your network, and it's very scalable. Overall, I would rate the solution an eight out of ten.

Sony James - PeerSpot reviewer
Real User
Top 5
2023-07-10T08:18:28Z
Jul 10, 2023

Our customers use Check Point solutions both on-premise and on the cloud. Check Point's research and development happening in terms of threat intelligence is better than its competitors, and Check Point's vulnerabilities are fewer. Check Point CloudGuard Network Security has proper security in place with respect to the vulnerabilities. They do not have any vulnerabilities right now. And the research and development happening on Check Point is on the higher side. Most zero-day attacks are protected against. Customers should go for Check Point because of these two points. If a customer wants FortiGate instead, it's all about whether they can map the budget with Check Point or any other security solution. I cannot compare Check Point and FortiGate, though, because each has its own market. I rate Check Point CloudGuard Network Security a nine out of ten.

RM
Real User
Top 20
2023-05-11T07:13:00Z
May 11, 2023

It's the best solution to use. You can trust it. We don't have any issues with it. It works fine. Overall, I'd rate it a ten out of ten.

MH
Consultant
Top 20
2023-05-01T13:34:00Z
May 1, 2023

The usability is moderate. The product has helped us free up some time. It's a complicated situation, however. I'd rate the solution an eight out of ten.

LS
Real User
Top 20
2023-05-01T08:03:00Z
May 1, 2023

I rate Check Point CloudGuard Network Security an eight out of ten.

NG
User
Top 5Leaderboard
2023-02-25T20:13:00Z
Feb 25, 2023

I recommend doing a little research before purchasing the product.

MA
User
Top 5
2023-02-10T11:41:00Z
Feb 10, 2023

Network security is efficient with this product.

Adrian  ACosta - PeerSpot reviewer
User
Top 5
2022-12-23T14:29:00Z
Dec 23, 2022

I'd advise new users, if they are going to acquire a tool of this type, to look for the greatest amount of information on the solution to uncover which offers them the most benefits.

Sunil M Naik - PeerSpot reviewer
Real User
Top 10
2022-11-25T08:28:00Z
Nov 25, 2022

Try the solution today.

BW
Real User
Top 5
2022-10-25T14:32:00Z
Oct 25, 2022

I am satisfied with the current performance.

AlexOgbalu - PeerSpot reviewer
Reseller
Top 10
2022-09-22T12:42:40Z
Sep 22, 2022

I rate the solution seven out of ten. The solution is reliable and would fulfil what it is marketed to achieve. It provides very good security protection, but the customer support response times could be improved.

GC
Real User
Top 20
2022-09-09T14:38:47Z
Sep 9, 2022

This is a good solution, but they have to be ready to pay the high costs. I rate Check Point CloudGuard Network Security an eight out of ten.

LD
User
Top 5Leaderboard
2022-08-07T04:42:00Z
Aug 7, 2022

It is one of the best solutions on the market. I challenge you to try it so you can say the same.

Derron McLarty - PeerSpot reviewer
Real User
Top 20
2022-07-11T15:25:42Z
Jul 11, 2022

My advice to others is the solution is very stable, and reliable, and they should ensure that they invest in Check Point. I rate Check Point CloudGuard Network Security a nine out of ten.

CD
Real User
2022-06-02T13:49:15Z
Jun 2, 2022

Before purchasing it's important to assess the size of your cloud infrastructure. You need to have a concrete plan for which virtual or private network or clouds you have to scope and to do that before deciding which solution you want and what functionality you need. I rate this solution eight out of 10 since there has been some improvement with regard to integrations.

Adrian Cambronero - PeerSpot reviewer
Reseller
Top 5Leaderboard
2022-05-23T22:13:00Z
May 23, 2022

When doing a cloud deployment, remember you are doing this in the cloud so treat it like a cloud device, as good configuration brings good results.

Aditya Sharma - PeerSpot reviewer
Real User
2022-01-28T11:06:00Z
Jan 28, 2022

My advice to people looking into implementing Check Point CloudGuard Cloud Network Security is that they should have technical expertise before deploying it. I'm giving Check Point CloudGuard Cloud Network Security an eight out of ten.

VK
MSP
2022-01-05T07:23:09Z
Jan 5, 2022

My advice to others is to evaluate the products first and then proceed. I rate Check Point CloudGuard Network Security an eight out of ten.

Bernard Otieno - PeerSpot reviewer
Reseller
Top 10
2021-10-14T03:41:44Z
Oct 14, 2021

For most Check Point CloudGuards, it's not actually deployed on the private cloud of the end-user. They usually deploy it on the public cloud. I'd rate the solution at a nine out of ten. The clients who are using it have nothing bad to say about its capabilities. I'd recommend the solution. They are doing quite unique workarounds with cloud security while many others are more focused on on-premises.

LA
Real User
2021-05-12T10:55:00Z
May 12, 2021

The combination of NGFW + URL Filtering + Antivirus + Anti Bot, with 8 vCore D4 v2, is able to provide a throughput of 4Gbps. On Azure, the combination of NGFW + URL Filtering + Anit Virus + Anit Bot, with 8vCore c5n 2xlarge, is able to provide a throughput of 4.7Gbps. It is similar to AWS.

FN
Real User
2021-04-01T09:56:17Z
Apr 1, 2021

If we end up needing to scale, we would have to buy a new license.

MS
Real User
2021-03-15T16:32:48Z
Mar 15, 2021

In summary, this is a good product and I have not found any problems when using it. I can recommend it to others. I would rate this solution a nine out of ten.

RM
Real User
2021-03-15T06:59:06Z
Mar 15, 2021

The solution always updates automatically, and therefore we are always using the latest. We do plan to continue to use the product as we've mostly been quite satisfied with it. I'd recommend the solution to other organizations. Overall, I would rate the solution at a nine out of ten.

OO
Real User
2021-03-08T07:36:00Z
Mar 8, 2021

In the past, my clients were all using Check Point Systems. When I reviewed it at that time, back 10 years ago, Check Point was number one, as far as I remember, meaning FortiGate wasn't a major solution in Turkey. Nobody was talking about FortiGate then. Now FortiGate, is a major player in the firewall industry in Turkey. Most of our clients are migrating to FortiGate because they say it's cheaper than Check Point. So when I see the Check Point's GUI, it's really complicated. My recommendation would be for Check Point customers to first learn about Check Point's GUI, which is pretty advanced, for me at least. But when I talk to my friends who are managing IT, they are migrating to FortiGate. They say, FortiGate is very easy to manage and I should really think about it now. When I was first introduced to Check Point it was really advanced. I didn't understand when I first looked into it. I just wanted a solution. pfSense has the same problem. By the way, according to your report, some customers said that pfSense needs improvement on the management and the GUI and aspects like that, so maybe I'll need another review of OPNsense versus Check Point and FortiGate etc... We didn't have any problems at all. Just in one case, actually. We have a rule that pops up from nowhere which we didn't create. When we restart our Virtual System firewall, it creates a rule which messes up all our internet connection. So if I were to give a number from one to 10, I would probably say Check Point is a nine out of 10. Other than that, we haven't had any problems. Check Point is pretty reliable. I think it's our company's problem that we couldn't patch it after it froze. Maybe an up to date, patched version doesn't have this problem. Overall, it's really working for us. I don't have any problems other than it's just outdated.

OP
Reseller
Top 20
2021-03-04T23:18:38Z
Mar 4, 2021

We're solutions providers. We're partners with Check Point. We offer integrations and support. This is one of the products we offer to our clients. We're using the latest version of the solution. The platform is R80.40. It's deployed on VMware's virtual environment. I'd recommend the solution to other organizations. The likelihood of running into issues is low. I'd rate the solution at a nine out of ten. We've largely been satisfied with the product.

MK
Real User
2021-02-06T10:27:16Z
Feb 6, 2021

We're just a customer and an end-user. We aren't a vendor, consultant, or integrator. I'm not sure if I would recommend the solution to other organizations. It would likely be 50/50. It really depends on the company's requirements. For us, for example, we needed to scale, and that ended up not being possible and so we have to move away from it. Overall, I would rate the solution six out of ten. Although it has some good aspects, for us, the lack of scalability was impossible to overcome.

OM
Real User
2021-01-30T04:24:31Z
Jan 30, 2021

I would recommend Check Point as it's an effective tool, and implementation is very easy. On a scale from one to ten, I would give Check Point Virtual Systems a nine.

Alberto Vallesa - PeerSpot reviewer
MSP
Top 10
2021-01-16T09:07:51Z
Jan 16, 2021

I would recommend this solution. It is pretty straightforward to implement. It is easy, and it doesn't require too much time to make a clean implementation. I am not really sure about using it in a really small company. It depends on the budget. I would rate Check Point Virtual Systems a nine out of ten.

KW
Real User
2020-12-06T06:40:00Z
Dec 6, 2020

We should have done the Auto Scaling stuff upfront instead of going static. The biggest lesson was that the tools in place let you embrace the good parts of the cloud, which is flexibility and cost savings. The thing that we kind of learned is we just treated it upfront like it was another on-prem device, but you miss out on the whole point of having infrastructure as a service if you're not going to leverage it to its fullest capabilities. Remember that you are doing this in the cloud, so treat it like a cloud device. Don't suddenly try to extend your on-prem network without leveraging the whole capabilities that CloudGuard gives you to scale your network in and out as needed. CloudGuard's false positive rate is acceptable and low. You have pretty granular control over everything that you are doing. Even if you're running into false positives, you can easily tweak them and work with CloudGuard to eliminate them. I would rate it a nine (out of 10). It does everything that we wanted it to. It kind of grows with AWS, where new AWS functionality is now enabling new CloudGuard functionality by virtue of a couple of changes that they have been making. They sort of work hand in hand. The only reason that stops it from being a 10 (out of 10) is just the limitations of AWS end up being the limitations CloudGuard as well. You take the good and the bad of the cloud.

GF
Real User
2020-12-02T06:24:00Z
Dec 2, 2020

My advice: Get it. It's a great product. It's a great solution. In terms of CloudGuard's block rate, malware prevention rate, and exploit resistance rate, we didn't really do much testing when it comes to those types of scenarios. But I've used Check Point as a physical firewall before, and it was great. It detected threats and gave me an alert as soon as it detected them. It was really good.

JM
Real User
Top 5
2020-09-23T06:10:00Z
Sep 23, 2020

If you are already a Check Point customer, this is the perfect solution. If you are not used to Check Point products, you should also analyze other solutions and compare them before you buy. The biggest lesson I have learned is that with this product, you can secure the Cloud environment the same way that you secure the on-prem, which helps a lot with people that are new to the Cloud security environment. I would rate Check Point CloudGuard IaaS a ten out of ten.

MG
Real User
2020-09-15T11:13:00Z
Sep 15, 2020

The biggest lesson I have learned from using this solution is that network security is moving away from traditional deployments and companies have to adapt themselves to stay competitive. We are fully managing the service. As soon as a new version is released on the Check Point site, they make sure to release it for CloudGuard as well. But so far, we have stayed with our original version. We haven't done any upgrades. The integration process between CloudGuard and AWS Transit Gateway is not straightforward, because we're not talking about traditional networking. There are a lot of different aspects that we are still not used to keeping in mind. For example, routing is completely reworked in AWS. It's just a matter of time to get used to it. Once you get used to it, everything becomes relatively easy. In terms of our workflow when using the integration between CloudGuard and AWS Transit Gateway, we needed to review our operational documentation and prepare additional guides for our operations team on how to do it. We needed to up-skill our team members, and we needed to utilize new technologies or new features, like BGP over VPN, to make communication secure in the cloud. The solution provides security for numerous corporate applications and is under the responsibility of the operations team which consists of about 15 people. For deployment and maintenance of the solution we have one security operations engineer, one network operations engineer, one AWS operations engineer, and one SDWAN engineer.

AT
Real User
2020-09-07T05:57:00Z
Sep 7, 2020

Sometimes you've got to pay for what you actually want. We realized that it's an expensive solution, there's no denying that. But we're happy with what we have gotten out of it. Sometimes you just have to fork over the cash out of your budget and work with it. Work hard with it, because you can't just spend money and expect it to work. But with the time that you put into it, you can get something really good out of it for your company. Really do your analysis, which is something anybody should really know if they're going to spend a lot of money like this. They offer up trials. Try it out and see if it actually works for you. One of the biggest reasons it was successful for us was because we already used it in our environment and we used it pretty extensively. We had a variety of different systems in there, but we used the Check Point more. So we were more familiar with it coming into it and that's why we leaned more towards it. We figured, it will be expensive but it will probably have the lowest learning curve for us to get where we want to be. Another company may already use, say, Palo Alto extensively and be very familiar with it. If their decision is that they want their team to be really well versed in what's going on, rather than have to break it all down and study all over again and retrain everybody, maybe their choice will be to stick with their Palo Alto solution rather than flipping over to Check Point. If you're going to change vendors entirely, you're going to have a steep learning curve and that's going to mean it will take time, where you might not be able to fulfill a request, because you have to learn how to do it. I haven't really measured rates like the block rate or malware prevention rate yet. The CloudGuard stuff is the same software running under there that I have run for years. It's just in a cloud environment and it's been extremely effective. It doesn't really paint a picture of how much actually gets through, so I don't know the rates, but I do know that I don't have a lot of problems with things getting through that I didn't know about or didn't want to get through. I don't think there are really any false positives with this solution. Sometimes an investigation that leads me down a path and I follow it so far that I can't quite figure it out, but I attribute that to not having enough visibility into other areas of the environment to actually see what's going on, so I can't paint the whole picture and can't then solve the problem. But I don't have a problem with false positives leading me down a path towards something that just had no relevance at all. The ease of use is good if you have a strong technical background. The intuitiveness of getting in there has a learning curve to it because there's a lot going on there, but with something that takes care of this many things in your environment, it's hard not to make it complex. They've done a pretty good job of trying to make it as uncomplicated as possible, but no matter what, you're going to have a learning curve to be able to use it effectively. The Unified Security Management has made threat hunting a lot easier because we have it all in one view, but managing the environment has become a little bit more complex because we have one ruleset to cross the environment. So we really need to know what we're doing there. We've had to adapt a little bit towards that. Instead of having little rulesets all over the environment, we have one massive ruleset. We have to be a little bit more careful about what we're allowing because it can affect more than just the site you want to change. For example, if you want to change a device in New York, you have to be very careful that you don't affect a device in Boston as well, because it's all in this one unified policy. Overall, Check Point has been a nine-plus out of 10 for me. I'm really happy with it. It's a very expensive solution, but everything has gone really well. There are bumps along the way, like with anything. I don't fault them for that. We've worked with it and we've worked around those problems and have come up with solutions that work for everybody. So everybody's happy in the end.

OP
Real User
2020-08-23T20:22:00Z
Aug 23, 2020

You should fully understand the way CloudGuard would be integrated into your cloud from a networking perspective, and it differs from platform to platform. For example, for Google Cloud, the instances of Cloud Guard must have interfaces in several VPCs as a requirement. Think about the subnetting and routing for your project, then implement a PoC with your networking staff.

it_user1042488 - PeerSpot reviewer
Real User
2020-06-14T08:03:11Z
Jun 14, 2020

My advice to anyone wanting to implement this solution would be to religiously follow the guidelines. I would rate this solution an eight out of 10.

MP
Real User
2020-06-10T08:05:00Z
Jun 10, 2020

Intently know and understand the integration points within your environment. It is a great security solution, but understand how integrated it is with, and what level of partnership there is between, Check Point and the virtualization platform that you're looking to add it on top of. The biggest lesson I have learned is that the Check Point CloudGuard features, although good, are only as good as the accompanying virtual platform and its level of integration. I have to be honest: Overall, this is the ideal solution for us and our organization, but it is slightly more complex. There are newer competitive products that take a different stance, that are agent-based. We did not want — and this is another key distinction — a solution that wasn't agent-based in which we had to deploy a piece of software on each and every virtual endpoint. Having this done at the hypervisor level definitely was the right strategy for us. However, the lesson learned, with this type of solution, is that it is very important to understand the nuances of your virtualization platform and what is required on that side to enable the Check Point CloudGuard. You're relying heavily on the partnership and the capabilities of that virtualization platform. Going in, understand the degree of that partnership and the respective road maps of each, because the CloudGuard solution is only as good as the capabilities it has with the virtualization platform. That's especially true for large enterprises that want to constantly move workloads around and have their rule set follow in an event where they're having to ensure that systems are always alive and always protected.

it_user1033941 - PeerSpot reviewer
Real User
2019-09-12T09:01:00Z
Sep 12, 2019

My advice for anybody who is considering this solution is to start by identifying high-bandwidth use cases. If you have any, and you have a high-security requirement, then I suggest considering other options. This is a secure and reliable solution for us, although we are a bit disappointed with the limited scalability and resource consumption. I would rate this solution an eight out of ten.

US
Real User
2019-09-11T10:12:00Z
Sep 11, 2019

There are two deployment model modes in Check Point. One is a gateway level and one is a no gateway all-in-one box solution. With the gateway level, only hardware will be there, all operating systems are stored in a VMware and if there are any issues in the hardware, you just replace the box; all of your policies will be saved into VMware. The all-in-one box you have the GUI policies and also the gateway so it's secure. If there is an issue in the box - like failure or downtime - all of the networks will be affected. I would rate the solution eight out of ten. We haven't been using it too long, so we haven't had a chance to look at all aspects of the solution. I would recommend Check Point to customers because it is an affordable option.

SS
Real User
2019-09-02T05:33:00Z
Sep 2, 2019

The web application firewall is commonly used in most firewalls now. If they can add that as a feature, it would be a very strong scenario. When we use Check Point on a perimeter or a DMZ zone, the first thing that clients ask is if there is wireless protection. Check Point has IPS (Intrusion Prevention System) but it does not have wireless protection. So if production is using the cloud if they can integrate mobile app protection, mobile shielding, there's more value for Check Point, but if they include that, Check Point could be the very best firewall option. On a scale from one to ten, when one is the worst and ten is the best, I would rate Check Point as an eight. It needs to do better in pricing and with broader features for mobile. One thing that I learned from multiple installations of Check Point is that you have to train the customer before implementing. Unless the customer is already a highly skilled security engineer so that they know what they can get out of the product, they will not be as satisfied. Otherwise, just before the deployment, we have them go for training so they understand the product and what it can do. They will be happier and they won't choose to go with another product in the future. Even with my engineers who understand many other products, I trained them properly before I send them out for deployments. Check Point is not a product that if you don't know you can just install without knowing anything about it. You have to know the architecture first. You have to know each and every option than work on the product. Then it will be far better and say no to certain features which are not important to use. On the other hand, knowing it is available is fantastic and becomes an option in the right situations.

it_user919560 - PeerSpot reviewer
Consultant
2019-08-28T09:52:00Z
Aug 28, 2019

For those who want to implement the solution, they should make sure they have a very strong networking background. I would rate the solution eight out of ten.

it_user583365 - PeerSpot reviewer
Real User
2019-08-26T06:42:00Z
Aug 26, 2019

The solution is the on-premises deployment model which we use in our server environment. We are an integration company, and although we deal with other solutions, we mainly focus on Check Point. The solution is a great mix of user experience, flexibility, security features, and cost. After five years, I believe the total cost ownership will be much cheaper than any competitor. The advice I would give to others interested in implementing is that this solution does have security problems. Not Check Point, per se, but in the network environment. The security recommendation from the Check Point and from us is to use the VSX in the internal network. It should not protect your border because there are some issues around bugs, etc. It could cause vulnerabilities if it's used this way. I would rate this solution eight out of ten.

it_user819654 - PeerSpot reviewer
Consultant
2019-08-25T05:17:00Z
Aug 25, 2019

I will recommend this program to others and my rating is seven out of ten. I do recommend that users should always use the checkpoints and backup as often as they can.

it_user715161 - PeerSpot reviewer
Real User
2019-08-08T07:02:00Z
Aug 8, 2019

The biggest lesson that I have learned from this solution is to never assume that something is simple, because there's always a hidden snag that we run into. I would rate this solution a nine out of ten.

IK
Real User
2019-08-04T07:38:00Z
Aug 4, 2019

I would rate it a nine out of ten and I would recommend this solution. Their support team should be faster because sometimes when we need support their responses are late.

CloudGuard Network Security is a firewall solution that provides network security for cloud environments. It protects against cyber threats with multi-layered security for public, private, and hybrid clouds.  CloudGuard Network Security offers advanced threat prevention, firewall, VPN, and application security services, designed to secure cloud infrastructure, virtual networks, and cloud-based applications and workloads. CloudGuard Network Security Features CloudGuard Network Security...
Download Check Point CloudGuard Network Security ReportRead more

Related Q&As