Listing Thumbnail

    Check Point WAF as a Service (Advanced/Premium, Contract)

     Info
    Deployed on AWS
    Check Point WAF as a Service is an AI-driven, fully managed web application firewall that provides advanced security for applications and APIs. It delivers real-time protection against zero-day threats, OWASP Top 10 vulnerabilities, DDoS attacks, and more, ensuring high availability, AWS security compliance, and uninterrupted service. Check Point WAFaaS integrates seamlessly with AWS services, including Amazon Route 53, AWS WAF, AWS Shield, AWS API Gateway, Amazon CloudFront, and AWS Lambda, enabling automated threat prevention with minimal operational overhead.
    4.4

    Overview

    Play video

    Check Point WAF as a Service (WAFaaS) for AWS simplifies web application security by eliminating the complexity of traditional WAF solutions. Easily deployable via AWS Marketplace, it provides automated API discovery, schema validation, and real-time security updates to minimize misconfigurations and unauthorized data exposure.

    Designed for cloud-native agility, Check Point WAFaaS integrates directly with AWS CI/CD pipelines and Infrastructure-as-Code (IaC) frameworks such as AWS CloudFormation and Terraform. This allows security teams to embed protection into their AWS development workflows without slowing down innovation. It prevents cyber threats, including zero-day attacks, OWASP Top 10 vulnerabilities, bot-driven exploits, and large-scale DDoS attacks, ensuring uninterrupted service availability and security compliance.

    Check Point WAFaaS delivers a non-agent WAF that can be deployed in less than 15 minutes. Traffic is effortlessly routed through Check Point servers, which automatically issue SSL certificates. Upon redirection, any HTTP requests are intercepted for inspection and forwarded to the application only after validating their security.

    Check Point WAFaaS is available in premium and advanced packages (Advanced package does not include API Discovery and Zero-day file security).

    ADVANCED PACKAGE: The Advanced package provides core protection features, including:

    • AI-based zero-day prevention: Detects and blocks unknown threats before they exploit vulnerabilities.
    • Intrusion Prevention System (IPS): Shields against OWASP Top 10 attacks with over 2,800 Web CVEs.
    • AI-driven contextual analysis: Ensures precise threat detection with minimal false positives.
    • Advanced DDoS mitigation: Protects applications from overload attacks while keeping services accessible.
    • Rate limiting: Controls traffic flow based on IP address and XFF (limited to 5 rules).
    • Bot prevention: Detects and blocks automated threats.
    • Snort 3.0 signature enforcement: Provides deep packet inspection for enhanced security.
    • Includes 3 months of full logs retention (based on the fair usage policy).

    PREMIUM PACKAGE: The Premium package includes all Advanced Package features and adds:

    • Real-time API discovery & governance: Monitors API traffic for sensitive data exposure and compliance.
    • Auto-generated Swagger schema validation: Ensures API security by enforcing structure and access controls.
    • Unlimited rate limiting: Expands traffic control beyond IP-based limits, including JWT, cookies, and headers.
    • Zero-day file security: Blocks malicious uploads and emerging threats.
    • Includes 6 months of full logs retention (based on the fair usage policy).

    Highlights

    • ZERO-DAY PREVENTION: Check Point WAFaaS has demonstrated prevention of zero-day exploits across a wide spectrum of security events, including log4shell, text4shell, and MOVEit, all in real-time.
    • DEPLOYED WITHIN MINUTES: Check Point WAFaaS delivers a non-agent Web application Firewall, deployable within minutes. Only a one-time DNS configuration is necessary for CloudGuard to start routing traffic securely to applications in the cloud.
    • PREVENT DDoS AND AUTOMATED ATTACKS: Check Point WAFaaS provides real-time detection and automatic mitigation protection against Distributed Denial of Service (DDoS) attacks and bot-driven assaults.

    Details

    Delivery method

    Deployed on AWS
    New

    Introducing multi-product solutions

    You can now purchase comprehensive solutions tailored to use cases and industries.

    Multi-product solutions

    Features and programs

    Buyer guide

    Gain valuable insights from real users who purchased this product, powered by PeerSpot.
    Buyer guide

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Check Point WAF as a Service (Advanced/Premium, Contract)

     Info
    Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    1-month contract (9)

     Info
    Dimension
    Description
    Cost/month
    SaaS Premium - Up to 10M Req / Month
    Check Point WAF as a Service Premium
    $1,800.00
    SaaS Premium - Up to 20M Req / Month
    Check Point WAF as a Service Premium
    $2,240.00
    SaaS Premium - Up to 30M Req / Month
    Check Point WAF as a Service Premium
    $2,680.00
    SaaS Premium - Up to 40 Req / Month
    Check Point WAF as a Service Premium
    $3,120.00
    SaaS Advanced - Up to 10M Req / Month
    Check Point WAF as a Service Advanced
    $1,500.00
    SaaS Advanced - Up to 20M Req / Month
    Check Point WAF as a Service Advanced
    $1,880.00
    SaaS Advanced - Up to 30M Req / Month
    Check Point WAF as a Service Advanced
    $2,260.00
    SaaS Advanced - Up to 40M Req / Month
    Check Point WAF as a Service Advanced
    $2,640.00
    Additional pricing options: Custom sizing Req / Month
    Check Point WAF as a Service: Custom Sizing
    $100,000.00

    Vendor refund policy

    No Refunds

    Custom pricing options

    Request a private offer to receive a custom quote.

    How can we make this page better?

    Tell us how we can improve this page, or report an issue with this product.
    Tell us how we can improve this page, or report an issue with this product.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Support

    Vendor support

    This offer includes Premium Support. For the full list of included support services visit: https://www.checkpoint.com/support-services/support-plans/  To open a support ticket, you would need to have a Check Point user center account. If you do not have a user center account, you can sign up for one here: https://accounts.checkpoint.com . Need support? Contact us at

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    4.4
    132 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    60%
    39%
    1%
    0%
    0%
    14 AWS reviews
    |
    118 external reviews
    External reviews are from G2  and PeerSpot .
    Ijlal K.

    Good protection and easy to manage web security

    Reviewed on Jun 30, 2026
    Review provided by G2
    What do you like best about the product?
    I like that Check Point WAF is easy to use and gives good protection without needing too much manual work all the time. It helps to block common web attacks and gives clear visibility about what is happening. The managed rules are also useful, and it is good that we can still adjust things when needed.
    What do you dislike about the product?
    One thing I dislike is that sometimes the setup and tuning can feel a bit complicated, especially in the start. Some alerts or rules need extra checking to avoid false positives, and it can take time to understand why something was blocked. The interface is good overall, but few parts could be more simple and easier to follow.
    What problems is the product solving and how is that benefiting you?
    Check Point WAF is solving the problem of protecting web applications from common attacks like bad bots, injection attempts and other unwanted traffic. It helps to block many threats before they reach the application, so we dont have to check everything manually. It also gives better visibility about what kind of requests are coming and what was blocked. The benefit is that security becomes more easy to manage and it saves time for the team.
    Hazem H.

    Strong Protection with Room for Onboarding Improvement

    Reviewed on Jun 20, 2026
    Review provided by G2
    What do you like best about the product?
    I use Check Point WAF to protect web applications and APIs from a wide range of cyber threats like SQL injection and cross-site scripting (XSS). What I like most about Check Point WAF is its ability to provide strong, automated protection for web applications while remaining easy to manage on a day-to-day basis. The platform effectively detects and blocks traffic. The initial setup of Check Point WAF was relatively straightforward, especially with the available documentation and guided configuration options. It provides strong protection against modern web application threats and offers good visibility through a centralized management interface.
    What do you dislike about the product?
    One challenge is the initial onboarding and policy tuning process. For organizations with complex or highly customized web applications, achieving the right balance between strong protection and minimizing false positives can require additional time and expertise.
    What problems is the product solving and how is that benefiting you?
    I use Check Point WAF to protect web applications and APIs from cyber threats like SQL injection and XSS. It offers strong, automated protection while being easy to manage daily. It effectively detects and blocks traffic, solving security challenges by defending against common and complex attacks.
    SreejeshSoman

    Cloud-native protection has secured our web workloads and simplifies autonomous threat defense

    Reviewed on Jun 19, 2026
    Review from a verified AWS customer

    What is our primary use case?

    I typically use Check Point WAF (formerly CloudGuard WAF)  for protecting cloud workspaces, which includes cloud applications and websites hosted on cloud platforms, especially Amazon or Azure . My customers are using Check Point WAF (formerly CloudGuard WAF)  as a standalone product in the cloud, not in conjunction with any other Check Point products.

    What is most valuable?

    Check Point WAF  (formerly CloudGuard WAF ) is especially valuable because of its cloud-native architecture and AI autonomous protection capabilities. It does not require extensive administrative skills or experience to operate. Within minutes of redirection, the platform can be up and running, which is one of the key benefits of Check Point WAF (formerly CloudGuard WAF).

    Traditional WAF solutions require rule tuning with manual updates, but Check Point WAF (formerly CloudGuard WAF) includes a self-learning tool that suggests changes automatically. This significantly reduces the need for manual interruption and administrative effort.

    Stability is one of the unique features of Check Point WAF (formerly CloudGuard WAF). I do not have any concerns regarding hardware or security stability, with a reliability rating of 99.9%.

    What needs improvement?

    Check Point WAF (formerly CloudGuard WAF) needs to offer more competitive pricing. There are many other cloud WAF products available, and when comparing costs, other vendors have a significant cost advantage.

    Check Point WAF (formerly CloudGuard WAF) pricing is not as competitive as other original equipment manufacturers like Cloudflare  or Array WAF. I feel the pricing is on the higher side compared to these alternatives.

    Application Delivery Controller (ADC ) features are limited in Check Point WAF (formerly CloudGuard WAF). While we can integrate with ADC , not all inputs from the forest can be uploaded to Check Point WAF (formerly CloudGuard WAF), which is a practical issue we have encountered in customer use cases.

    For how long have I used the solution?

    I have been using this solution for approximately one and a half years.

    What do I think about the stability of the solution?

    Stability is one of the unique features of Check Point WAF (formerly CloudGuard WAF). I do not have any concerns regarding hardware or security stability.

    What do I think about the scalability of the solution?

    On a cloud platform, I do not foresee any scalability limitations. Check Point WAF (formerly CloudGuard WAF) has explicitly expandable features, so I do not forecast any constraints.

    How are customer service and support?

    I am satisfied with Check Point WAF (formerly CloudGuard WAF) customer support. They have a dedicated Tactics and Operations Center  (TAC) team with service level agreements in place. We typically receive business hours or 24/7 support depending on our license level.

    Which solution did I use previously and why did I switch?

    I have not deployed Check Point WAF (formerly CloudGuard WAF) on-premises because their capital expenditure cost is significantly higher than other brands. I have not had the opportunity to deploy an on-premises solution from Check Point.

    How was the initial setup?

    The biggest advantage of Check Point WAF (formerly CloudGuard WAF) is that it is a cloud-native platform. Check Point WAF (formerly CloudGuard WAF) is competitive with other original equipment manufacturers. I am not mentioning low-range products, but when compared with offerings from Cloudflare  or Array WAF, I feel Check Point WAF (formerly CloudGuard WAF) pricing is on the higher side.

    What about the implementation team?

    Application Delivery Controller (ADC) features are limited in Check Point WAF (formerly CloudGuard WAF). We can integrate with ADC, but not all inputs from the forest can be uploaded to Check Point WAF (formerly CloudGuard WAF). This is a practical issue we have encountered in customer use cases.

    What was our ROI?

    From my experience and client experience, Check Point WAF (formerly CloudGuard WAF) is a good product for cost of ownership and return on investment.

    Check Point WAF (formerly CloudGuard WAF) offers a subscription-based, pay-as-you-use model with monthly or yearly subscription options. This subscription model helps customers manage their costs as an operational expenditure rather than a capital expenditure.

    What's my experience with pricing, setup cost, and licensing?

    All original equipment manufacturers mention zero-day attacks and the exploitation of previously unknown vulnerabilities, and Check Point WAF (formerly CloudGuard WAF) also includes this feature. As a tool, it is good, but I did not observe any extraordinary service from Check Point WAF (formerly CloudGuard WAF) regarding zero-day attack protection. It is a good feature, but I did not find particularly unique characteristics.

    Which other solutions did I evaluate?

    Application Delivery Controller (ADC) features are limited in Check Point WAF (formerly CloudGuard WAF). We can integrate with ADC, but not all inputs from the forest can be uploaded to Check Point WAF (formerly CloudGuard WAF). This is a practical issue we have encountered in customer use cases.

    Check Point WAF (formerly CloudGuard WAF) does have higher ratings in some areas.

    What other advice do I have?

    Check Point WAF (formerly CloudGuard WAF) is a good product for total cost of ownership and return on investment. From my experience and client experience, Check Point WAF (formerly CloudGuard WAF) offers a subscription-based, pay-as-you-use model with monthly or yearly subscription options. This subscription model helps customers manage their costs as an operational expenditure rather than a capital expenditure. I would rate this product overall as a nine out of ten.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Dominika T.

    Low False Positives and an Easy Setup from Day One

    Reviewed on Jun 17, 2026
    Review provided by G2
    What do you like best about the product?
    I like the most that since beginning of set up the rate of False Positives is significantly lower then in other tools. Also 0 day protection is working well and does not require manual rules updates.
    What do you dislike about the product?
    There is not enough of technical documentation and also initial set up is complicated. Will be easier if will be more knowledge-base articles available.
    What problems is the product solving and how is that benefiting you?
    It protect assets in hybrid, cloud and on-premises environments. Allows for Iac for better configuration so it allows to save some time of cloud security engineers.
    Alejandro F.

    Great UI, Smooth Integration, and Helpful Support

    Reviewed on Jun 12, 2026
    Review provided by G2
    What do you like best about the product?
    The user interface is really good, also a good integration and performance on my device. Pricing is okay in the actual market. Always when I had a problem the support team has been helpful. AI integration could be better
    What do you dislike about the product?
    I will say that the AI integration on Check Point WAF could be better and use more of the Agentic AI but overall the rest is okay so far as I had a great experience overall
    What problems is the product solving and how is that benefiting you?
    Actually Check Point WAF is solving multiple problems at my company that we had and no other tool was capable of resolving but this one has been able to.
    View all reviews