Sold by: Check Point Software Technologies
Deployed on AWS
Free Trial
Advanced threat prevention security for AWS and hybrid cloud environments, with Threat Extraction and Threat Emulation, and with GWLB (starting with R81.20)
**Please note: To ensure optimal operations, Check Point recommends a 4 vCores machine size. This provides balanced efficiency and smooth performance, which most customers find ideal for their needs.
4.4
Overview
Video
Video 1
Video
Product video
Check Point Check Point Cloud Firewall is a cloud-native security gateway that delivers industry-leading threat prevention and multi-layered network security for workloads migrated to or deployed in AWS environments.
Comprehensive Cloud Network Security: Check Point Cloud Firewall for AWS protects cloud assets with a full suite of advanced security capabilities, including: firewall, Data Loss Prevention (DLP), Intrusion Prevention System (IPS), application control, IPsec VPN, URL filtering, antivirus, anti-bot, threat extraction, and threat emulations. These features enable proactive defense against known and unknown threats, ensuring robust protection for cloud workloads.
Industry-Leading Threat Prevention: Check Point Cloud Firewall for AWS provides advanced threat prevention to secure AWS environments from sophisticated threats, unapproved access, and application-layer Denial of Service (DoS) attacks with industry-leading catch rates (Miercom 2025 and Cyberratings 2025).
Full Control of Network Traffic: Check Point Cloud Firewall for AWS ensures secure, encrypted data flows between your on-premises network and your AWS VPCs. It inspects traffic entering and exiting private subnets in the VPC ("North-South") as well as between VPCs ("East-West").
Unified Security Management: Extend on-premises security policies into the AWS cloud with unified, centralized management via Check Point Security Management Server. Manage policies, logs, and reports consistently across AWS, hybrid, and on-premises environments from a single pane of glass. This listing includes the gateway only. For management, use Check Point Smart-1 Cloud: https://www.checkpoint.com/quantum/unified-cyber-security-platform/smart-1-cloud/
Automated, Scalable Cloud Security: Integrates with infrastructure-as-code tools like Terraform and Ansible for policy automation and cloud-native scaling. CloudGuard dynamically adapts security policies based on real-time cloud metadata and changes. Supports AWS Transit Gateway, auto-scaling, high availability, and multi-AZ redundancy.
Seamless AWS Integration: Check Point Cloud Firewall integrates with a broad range of AWS services, including Gateway Load Balancer, AWS Security Hub, VPC Ingress Routing, AWS Traffic Mirroring, AWS Transit Gateway, AWS Outposts, and Amazon Macie.
This Check Point Cloud Firewall gateway will be deployed as a single gateway, as a high availability cluster, or as an Auto Scaling group via Check Point CloudFormation templates (sk111013) or via automation tools such as Ansible, Terraform, etc. This PAYG-distributed security gateway is managed from a central Security Management Server which provides consistent security policy management, enforcement, and reporting within a single pane of glass. The Security Management Server is not included in this offering. To manage Check Point Cloud Firewall Gateway, it is recommended using Check Point Smart-1 Cloud (https://www.checkpoint.com/quantum/unified-cyber-security-platform/smart-1-cloud/ ).
Highlights
- Advanced Protection with Security Features: firewall, DLP, IPS, applicationcControl, IPsec VPN, URL Filtering, antivirus, anti-bot, threat extraction, and threat emulation. Includes Security Management Server.
- Industry-Leading Threat Prevention: Cutting-edge threat prevention with industry-leading catch rate of malware, ransomware and other types of attacks (per Miercom and Cyberratings, 2025).
- Unified Security Management: Provides consistent visibility, policy management, logging, reporting and control across hybrid-clouds and on-premises from a single pane of glass.
Details
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux Gaia 3.10
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c6in.xlarge Recommended | $1.33 |
c7i-flex.12xlarge | $11.43 |
m6a.4xlarge | $3.73 |
c6in.4xlarge | $3.73 |
c5d.24xlarge | $20.93 |
c7i.16xlarge | $14.94 |
c5.24xlarge | $20.93 |
c4.xlarge | $1.33 |
c7i-flex.xlarge | $1.33 |
c5d.12xlarge | $11.43 |
Vendor refund policy
Terminate the instance at any given time to stop incurring charges.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Additional details
Usage instructions
Once the instance is running, connect to it using SSH, set an admin password using: 'set user admin password' followed by 'save config'. Then connect to https://[instance] using Internet Explorer (IE) to finalize the configuration. Notes:
- SSH password authentication is disabled in /etc/ssh/sshd_config
- For information regarding Firefox and Chrome refer to sk121373.
Support
Vendor support
This offer includes Premium Support. For the full list of included support services visit: https://www.checkpoint.com/support-services/support-plans/ To open a support ticket, you would need to have a Check Point user center account. If you do not have a user center account, you can sign up for one here: https://accounts.checkpoint.com . Need support? Contact us at https://www.checkpoint.com/support-services/contact-support/
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Check Point Software Technologies
By Palo Alto Networks
By Juniper Networks
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Multi-Layered Threat Prevention
Includes firewall, Data Loss Prevention (DLP), Intrusion Prevention System (IPS), application control, IPsec VPN, URL filtering, antivirus, anti-bot, threat extraction, and threat emulation capabilities
Advanced Threat Detection and Analysis
Incorporates Threat Extraction and Threat Emulation technologies for proactive defense against known and unknown threats with industry-leading catch rates
Traffic Inspection and Control
Inspects and controls encrypted data flows between on-premises networks and AWS VPCs, supporting both North-South (VPC ingress/egress) and East-West (inter-VPC) traffic inspection
Cloud Infrastructure Integration
Integrates with AWS Gateway Load Balancer, AWS Transit Gateway, AWS Security Hub, VPC Ingress Routing, AWS Traffic Mirroring, AWS Outposts, and Amazon Macie; supports deployment via CloudFormation templates, Terraform, and Ansible
Centralized Security Policy Management
Provides unified, centralized management of security policies, logs, and reports across AWS, hybrid, and on-premises environments through Check Point Security Management Server
Advanced Threat Prevention
Safeguards network from known and zero-day threats including exploits, malware, spyware, and command and control attacks using researcher-grade signatures and machine learning inspection engine.
Advanced URL Filtering
Defends against phishing, ransomware, and web-based attacks using inline machine learning-based web security engine with real-time detection of previously unseen threats and dynamic policy controls.
File-Based Threat Detection
Identifies file-based threats through inline static and dynamic analysis in the cloud with proprietary hypervisor technology for detection of sandbox-resistant malware.
DNS Security
Detects and prevents sophisticated DNS-layer network attacks and data exfiltration attempts.
Dynamic Policy Management
Applies policy definitions to cloud assets based on AWS tags, Application IDs, User IDs, geographies, or zones with automatic adaptation to infrastructure changes without manual intervention.
Next Generation Firewall Architecture
High-performance firewall solution with core firewall, VPN, NAT, and advanced L4-L7 security services including application security, IPS, and anti-virus capabilities.
Anti-Virus and Malware Protection
Cloud-based anti-virus protection that detects and blocks spyware, adware, viruses, keyloggers, and other malware over POP3, HTTP, SMTP, and FTP protocols.
Intrusion Detection and Prevention
Intrusion detection and prevention (IPS) system integrated with application visibility and control through AppSecure for threat detection and workload protection.
VPN and Secure Connectivity
IPsec and full mesh VPN termination services enabling secure connectivity from on-premises data centers, campuses, and branches to AWS cloud across geographically dispersed VPCs.
AWS Cloud Service Integration
Native integration with AWS services including Elastic Load Balancer, Auto-Scaling Groups, CloudWatch, Security Hub, Key Management Service, Elastic Network Adapter support, and Gateway Load Balancer with L3 gateway and L4 load balancer capabilities.
Standard contract
No
No
No
Customer reviews
Tejas Jain
Cloud security has unified visibility and risk mitigation but still needs stronger features
Reviewed on May 15, 2026
Review from a verified AWS customer
What is our primary use case?
Check Point Cloud Firewall (formerly CloudGuard Network Security) is a cloud-native application protection platform and a suite of multiple products. We primarily use it for our hybrid multi-cloud environment, primarily around cloud environments. The deployments for different clients were a bit different. For one of the clients, it was just a single cloud vendor, which I believe was AWS , and then multi-organizations with hierarchical architecture.
The intent was to manage hundreds or perhaps thousands of EC2 instances and Kubernetes workloads, EKS (Elastic Kubernetes Service), and a lot of PaaS applications, Infrastructure as a Service , container registries, and ECR. The end result was to understand the overall security posture of the cloud, figure out if there are any deviations, and make sure that there is no zero-day and all the detections are in place. Check Point Cloud Firewall (formerly CloudGuard Network Security) is a typical CNAPP suite that comprises cloud workload protection, runtime security, and code quality checks, not just your typical SonarQube or SAST , but definitely something that can integrate with your VCS .
What is most valuable?
The advantages of Check Point Cloud Firewall (formerly CloudGuard Network Security) as a service provider include the platformization story that every single major security provider is doing, something similar to what Palo Alto does.
Check Point had lacked this particular capability in their product stack, so they brought in CloudGuard, integrated it, and used many of the Check Point next-gen firewalls capabilities, along with threat intelligence. This typically brings a lot of other security solutions together, gearing it primarily for the cloud and multi-cloud environment.
With regards to capabilities, it helps detect any attacks that typically fall under the zero-day category. I would not focus on signature-based scanning because that is something everyone can do practically. You can build policies to avoid unintended exposure of storage buckets, sensitive data disclosure, and manage misconfigured policies or privileges that are quite extensive, not following the least privilege principle. It also takes care of that.
Check Point has augmented many API security capabilities as well. If you are hosting any APIs using AWS PaaS services, such as API Gateway Lambda, even on-premises, it can fairly detect standard web vulnerabilities, OWASP Top 10, and all of that. I think that is decent as well. We have pretty much got most of them.
Regarding organizational risk, Check Point Cloud Firewall (formerly CloudGuard Network Security) is definitely meant for improved visibility and risk mitigation. If you have got multi-cloud environments, you cannot use cloud-native services efficiently and effectively because you look at two or three different clouds with controls scattered across them. You do not have a centralized pane of glass, and you do not know what happens to a particular traffic flow if it is moving from one cloud to another. This product is not just Check Point that does this; Palo Alto and Wiz also provide similar solutions to an extent. You get an entire view of it, knowing what controls already exist, which helps build additional policies and definitely aids in risk mitigation.
What needs improvement?
Check Point Cloud Firewall (formerly CloudGuard Network Security) is definitely lagging behind its peers. I am not sure what the reason is. Compared to Palo Alto, they are not there in terms of capabilities and feature set. I do not think there are any obvious misses, but there is mostly lesser adoption in the industry.
Regarding the negatives, sometimes we encounter challenges, especially if a feature may not be working, but that is typical of any vendor. There is no glaring gap; it is a solid product, but based on my experience, the adoption has not been on par with what its peers are doing.
From time to time, we do face challenges with some features, especially if you need to configure a policy where you may need false positive fine-tuning. Sometimes, you have these anomaly detections, which are crucial from a zero-day attack perspective, but they can create a lot of false positives. When you have to tweak, you sometimes need to bring in technical assistance or professional services to achieve what you want. The documentation may not be quite sufficient. There were instances in the past, but I am not sure if they have ramped it up quite significantly recently.
For how long have I used the solution?
I have been dealing with the product for about three and a half to four years, starting after COVID for sure. It happened sometime back in 2022, which was the first time that we saw and used that as a comparison with Palo Alto and other firewall products, Cisco Secure Firewall . Check Point ramped up a lot of its capabilities, including CNAPP and all the additional detections that it can bring in, threat prevention, and then adding on visibility, deep packet inspection, and things of that nature. So it has been about four to four and a half years now.
What do I think about the stability of the solution?
Check Point Cloud Firewall (formerly CloudGuard Network Security) was stable; we never had any outages because of it, so definitely stable. We had a couple of instances, but I would not count that against Check Point since that is typical for most vendors. We raised a couple of feature requests that they introduced in later releases, which made us happy. Nothing glaringly bad; it was mostly stable. Because it is more of a CNAPP solution, it will not disrupt significantly, and we had a very conservative configuration, especially regarding preventive controls.
What do I think about the scalability of the solution?
The product is super easy to scale; just talk to PS. If you do it on day zero, then that is really great. Wanting to do it afterward is possible, but you have to plan it well.
How are customer service and support?
The technical support is great. When working with an EMEA client, the majority of the TAC was based out of Israel, and they are fantastic with quick resolutions and turnaround times.
I would rate Check Point's support nine out of ten; they are really good.
Which solution did I use previously and why did I switch?
I have tried both Check Point Cloud and other providers such as AWS. If I were not under strict regulatory jurisdiction, I would prefer Check Point Cloud itself, as you get better support and they own the infrastructure. Troubleshooting becomes simple, and they seamlessly take care of the pre-provisioning of the underlying infrastructure. However, for a few clients in financial services with strict regulatory requirements, we had to create it on our infrastructure.
How was the initial setup?
The deployment of Check Point Cloud Firewall (formerly CloudGuard Network Security) is very seamless. It learns when you operate in monitoring mode on day zero and day one, understanding the lay of the land, checking what services you have, tweaking them, and applying policy compliance templates like PCI DSS or HIPAA. You can use all those templates to start configuring your policies, so it is pretty robust. Day zero is smooth, just API integration, service principal, and API keys. If you need to integrate with GitHub or other platforms, there are additional integrations, but it serves the purpose by default.
The deployment procedure for Check Point Cloud Firewall (formerly CloudGuard Network Security) is straightforward and takes only a couple of minutes for initial integrations. Fine-tuning takes some time because every environment is different, and you must first understand what the product does and its capabilities before tailoring the configuration. But it is really straightforward, and they have it well documented. If you are using very unusual SaaS applications or non-standard configurations, that might take a bit more time, but that is the same for most others.
What was our ROI?
You cannot compare ROI from one vendor to another definitively, but if I compare against capabilities that I never had before bringing in Check Point Cloud Firewall (formerly CloudGuard Network Security), then there is quite a decent ROI. The product itself is cheap; whatever capabilities that you get are significant. Low cost significantly brings a decent ROI. Additionally, because you have a centralized pane of glass to manage the entire infrastructure, the cloud security piece reduces the workforce needed for management, which definitely contributes to ROI.
What's my experience with pricing, setup cost, and licensing?
Check Point Cloud Firewall (formerly CloudGuard Network Security) is comparatively conservative in terms of pricing; it is not a very expensive product. If you are a Check Point shop with multiple products throughout your infrastructure and have a good relationship with a decent reseller, then I think their pricing is much more conservative compared to Palo Alto and a couple of other vendors.
Which other solutions did I evaluate?
If you look at adoption, if you have got ten clients, then seven or eight of them go with Palo Alto, and the remainder get scattered between Cisco and Check Point.
What other advice do I have?
If you are a Check Point shop, then it integrates really well. The basic integrations that you have with identity and access management and SIEM solutions or SOAR platforms work well. All decent vendors have playbooks that center around Check Point, so I think those are decent and not a challenge. There are a lot of out-of-the-box integrations available, and if you want to build custom integrations, you can work with the TAC or professional services and get that done. If you are a Check Point shop in its entirety, if you have got CloudGuard, Harmony, and the old Check Point UTMs or next-gen firewalls, all of them stitch seamlessly together.
Check Point Cloud Firewall (formerly CloudGuard Network Security) is available through the AWS marketplace, and if you have got a committed spend, you can use that toward purchasing via the marketplace. While I have not used it personally, it was communicated as an option available by our resellers.
I would rate Check Point Cloud Firewall (formerly CloudGuard Network Security) somewhere around seven or eight overall. The adoption is a bit low, which makes me curious about the roadmap; if you have a great market share, you typically see a very decent number of feature releases coming out all the time. Considering stability, ROI, and other factors, I think seven is a fair rating.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Mohan Janarthanan
Cloud security has become unified and object-based whitelisting now simplifies traffic control
Reviewed on May 15, 2026
Review provided by PeerSpot
What is our primary use case?
I use Check Point Cloud Firewall (formerly CloudGuard Network Security) to protect my network assets on the firewall front, managing the inbound and outbound traffic for my cloud workload.
The biggest advantage of Check Point Cloud Firewall (formerly CloudGuard Network Security) for me is routing my traffic and whitelisting my outbound traffic to my vendors, partners, and clients. I am using it for both outbound and inbound traffic purposes. Whenever there was an inspection on the network front, I used network IPS. When whitelisting our applications on the inbound part, I whitelist the application control to my cloud users to connect those particular applications.
What is most valuable?
Integrating with other Check Point products is easy because Check Point offers a platform-based approach rather than a tool-based solution. Within one platform, I can integrate the tools so that I get the visibility.
Check Point Cloud Firewall (formerly CloudGuard Network Security) has a significant impact on my confidence in secure cloud deployments and migrations. The experience is good. For providing internet access across my cloud platform, using Check Point Cloud Firewall (formerly CloudGuard Network Security) means I can push the policy from a single console. Check Point has a gateway and a policy manager, so across unified policy, I can push it. An important feature with Check Point is object-level whitelisting. For example, I whitelist Office 365 . I do not want to whitelist their IP. If I am whitelisting their object in the FQDN piece, there is no need to modify the IP. Sometimes Microsoft changes IPs, and we do not want to whitelist again and again. By whitelisting the object, life is simpler. We do not want to continuously whitelist the IPs.
Check Point Cloud Firewall (formerly CloudGuard Network Security) helps to reduce my organizational risk significantly. I would say that unified AI threat prevention is good. Compared to other solutions, it definitely reduces our threat prevention. I cannot specify a number because all products have different solutions, but I would say that the product detects the threat expectation at double nine.
What needs improvement?
The only negative aspect is that they have to improve the UI. The UI is very slow, and getting the graph details on the security performance metrics is lagging. That is the only thing I feel is not currently available in Check Point.
I would like to see improvements in the graphical aspect of the UI. They definitely have to enhance that.
For how long have I used the solution?
I have been using Check Point Cloud Firewall (formerly CloudGuard Network Security) for six months since I started.
What do I think about the stability of the solution?
Since I have been using Check Point Cloud Firewall (formerly CloudGuard Network Security) for six months, I have not seen any glitches or downtime at all. The advantage with them is stability.
What do I think about the scalability of the solution?
In terms of scalability, it is very easy to scale up or scale out based on my license and traffic pattern. If I do not size the proper traffic, then I have to buy the sizing. We have not come across any such situations.
How are customer service and support?
Support is helpful and very responsive.
If I were to rate support from zero to ten points, I could give it eight point five or nine.
How was the initial setup?
In terms of the installation procedure, the initial setup was complicated, but after that, the implementation is fine.
What was our ROI?
I am able to observe ROI with Check Point Cloud Firewall (formerly CloudGuard Network Security), and I see some savings in terms of time or money.
If I were to quantify the ROI, I would say it is around fifteen to twenty percent.
What's my experience with pricing, setup cost, and licensing?
In terms of price and license, I would say Check Point Cloud Firewall (formerly CloudGuard Network Security) is not expensive. The pricing is moderate.
What other advice do I have?
Check Point stands out, and I can confidently say it stands out.
My biggest challenge while deploying Check Point Cloud Firewall (formerly CloudGuard Network Security) is arriving at the right architecture in the right place. I give this review an overall rating of nine.
Rayaan A.
Comprehensive Traffic Control with a Learning Curve
Reviewed on May 05, 2026
Review provided by G2
What do you like best about the product?
I like how easy it is to manage all our network rules in one place instead of juggling different tools. It also gives clear visibility into traffic, which makes it much easier to spot and fix issues quickly. Having everything in one place saves a lot of time. Instead of jumping between different cloud tools, we can update rules, review logs, and troubleshoot issues from a single dashboard, which makes day to day work much smoother.
What do you dislike about the product?
Some parts feel more complicated than they need to be, especially when setting up or fine-tuning policies. It can take a bit of trial and error to get everything working the way we want. Policy setup can feel a bit layered, especially when you are trying to understand how different rules interact. It would help if there were clearer guidance or examples built into the workflow, so you don't have to rely as much on documentation or trial and error.
What problems is the product solving and how is that benefiting you?
I use Check Point CloudGuard Network Security to control network traffic in our cloud environment. It simplifies managing rules across tools, catches unusual activity early, and provides a single dashboard for smoother operations.
Viral Shaa
Cloud security has unified hybrid policies and now protects critical energy workloads continuously
Reviewed on Apr 30, 2026
Review from a verified AWS customer
What is our primary use case?
My usual use cases for Check Point Cloud Firewall (formerly CloudGuard Network Security) involve onboarding as an energy company, where it acts as the cloud-native security platform that extends the traditional firewall and threat prevention capabilities into public cloud environments like AWS , Azure , or GCP . We set up a virtual security gateway inside our cloud network to provide unified policy management, advanced threat prevention, segmentation for the network, and visibility across the cloud and system. From an administrator standpoint, it protects the workload, inspects traffic, and enforces the necessary rules. Day-to-day, my responsibilities include logging, monitoring, and policy control for Check Point Cloud Firewall (formerly CloudGuard Network Security) , making it a strong fit for our organization, especially in the energy sector where we need critical systems to stay up to date throughout twenty-four seven.
For secure cloud migration, Check Point Cloud Firewall (formerly CloudGuard Network Security) integrates seamlessly across AWS , Azure , and GCP , supporting auto-scaling, native logging, and automation, making it a strong fit for our organization while modernizing our infrastructure and maintaining strict compliance requirements. Using this tool helps us avoid complications like needing to prove compliance for SOC 1 or SOC 2, as these platforms are already compliant.
What is most valuable?
I would say Check Point Cloud Firewall (formerly CloudGuard Network Security) is valuable due to its hybrid cloud security features. It offers granular policy management across the on-premises and cloud environments, giving administrators consistent control for configuration drift. We need to change the policy and the inbound and outbound traffic settings, indicating what traffic must be blocked or allowed, and this capability with Check Point provides significant input into our security strategy.
Check Point Cloud Firewall (formerly CloudGuard Network Security) provides unified security management across both hybrid clouds and on-premises environments. Unified security management affects my security operations positively, as we maintain critical systems on the cloud that require strong security and air gap networks. This cloud-native routing and policy installation helps close gaps in protecting critical applications and environments from exposure to the public cloud.
From an administrator's perspective, Check Point Cloud Firewall (formerly CloudGuard Network Security) enhances our organization with clearer and more intuitive logging, making decisions easier to understand without deep investigation. In the CloudGuard UI, I can see which threats have triggered alerts, and this information is available on the unified dashboard that provides details of the threat analysis upon alert. As a small team, we log into the console to check specific alerts for high or low network usage or machine shutdowns. If needed, I tune the configuration policy, and the visualizing tools with reporting functionality simplify tracking changes made on the firewall, including the relevant source IP or device names. We ingest logs into our SIEM for detailed oversight, which allows us to monitor any administrative changes.
Check Point Cloud Firewall (formerly CloudGuard Network Security) has significantly reduced our organizational risk. We clearly understand our threat landscape and the associated risks. Onboarding the CloudGuard solution directly into our cloud environment has significantly lowered the risks throughout the network and it is easy to launch. When we assess our security posture with third-party assessments, we gain granular visibility into our network pre- and post-CloudGuard installation, showing how we have addressed significant risks and secured vulnerabilities.
What needs improvement?
I find troubleshooting a bit challenging with Check Point Cloud Firewall (formerly CloudGuard Network Security); one area needing improvement is log clarity, as sometimes policy installation takes longer than expected, and resolving cloud-native routing conflicts requires advanced knowledge due to the differences in how AWS and GCP operate.
The UI is significantly good and user-friendly, but adding more advanced features to the reporting perspective, especially concerning administrative changes, would be beneficial. However, these points are not deal-breaking feedback; they would just be beneficial for future releases.
For how long have I used the solution?
I have been experienced with Check Point Cloud Firewall (formerly CloudGuard Network Security) for five to seven years throughout my career because I need to check the logs for what is coming in, setting up the policy, and I have been experienced with the firewall on my current job as well. Any traffic that needs to be allowed or any application that needs to be allowed is configured through the firewall. The inbound and outbound traffic to the network is configured through the firewall.
Specifically, I have been working with Check Point Cloud Firewall (formerly CloudGuard Network Security) for four to five years.
What do I think about the stability of the solution?
For reliability, I note that Check Point Cloud Firewall (formerly CloudGuard Network Security) maintains ninety-nine point nine percent uptime and availability, providing us nearly a hundred percent uptime with constant traffic monitoring. Although it may occasionally experience downtime, it remains strong in both reliability and scalability.
Regarding improvements in reliability and stability, I do not see any need as everything performs well. No improvements are necessary in the areas of reliability and stability; they have been consistently good.
What do I think about the scalability of the solution?
Regarding scalability, Check Point Cloud Firewall (formerly CloudGuard Network Security) proves efficient; I find no issues scaling up as our growing company sees increased traffic. It is capable of managing the increased load and performs well as our needs expand.
How are customer service and support?
I have opened a troubleshooting ticket for Check Point Cloud Firewall (formerly CloudGuard Network Security), and so far, I have had a positive experience; the support team usually responds within twenty-four hours, and they escalate cases, providing instant feedback for priority issues. In urgent situations, I can call and receive support promptly, receiving recommendations or guidance for the issues we encounter.
I would rate the technical support of Check Point Cloud Firewall (formerly CloudGuard Network Security) as eight out of ten.
Which solution did I use previously and why did I switch?
On the POC, I looked at SonicWall and Palo Alto firewalls as competitors. We found Check Point Cloud Firewall (formerly CloudGuard Network Security) to be better because it has a robust threat prevention system, and onboarding is straightforward compared to SonicWall. We are a small security team, and we prefer not to rely on a security operation center that would help narrow down issues. It takes just a few clicks to bring the firewall up and running, allowing us to set up policies without requiring complicated knowledge or extensive training. In contrast, using Palo Alto and SonicWall requires specific training for policy creation.
I have worked with Palo Alto and SonicWall firewalls but we found that Check Point Cloud Firewall (formerly CloudGuard Network Security) offers a better pricing standpoint and security solution overall.
How was the initial setup?
I participated in the initial setup of Check Point Cloud Firewall (formerly CloudGuard Network Security). The initial setup of Check Point Cloud Firewall (formerly CloudGuard Network Security), from an integration standpoint, is straightforward. We began with vendor searches, narrowing down to three candidates, including SonicWall and Check Point.
After moving forward with Check Point Cloud Firewall (formerly CloudGuard Network Security), we contacted them to set up a cloud VM installation, which is quite straightforward. Coordination with their representative involves scheduling calls for setting up policies and traffic management, and we test it in the QA environment before moving to production with all necessary policy modifications.
What about the implementation team?
I continue to collaborate with the Check Point Cloud Firewall (formerly CloudGuard Network Security) team to ensure everything runs smoothly, and there is always room for improvement, especially as we reach out to them for support or new features.
What's my experience with pricing, setup cost, and licensing?
We have encountered a few subscription-based licensing models for the virtual gateway and security enablement. We have opted for a three-year contract with fixed pricing for the CloudGuard cost structure, which has enterprise-grade capabilities. Although the pricing is slightly high for smaller organizations, it offers enterprise-level security, indicating a need for improvement in the pricing model.
Which other solutions did I evaluate?
In making the choice between the three products, we prioritize managing risk and the threat landscape, along with compliance and reporting capabilities. Pricing is the first consideration, followed by how well each solution meets our compliance needs, and finally , the reporting capabilities to match enterprise-level requirements.
What other advice do I have?
I have given Check Point Cloud Firewall (formerly CloudGuard Network Security) an overall review rating of ten out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Rishi T.
Reliable and User-Friendly Security with Minor Setup Hurdles
Reviewed on Apr 30, 2026
Review provided by G2
What do you like best about the product?
I like Check Point CloudGuard Network Security because it's easy to use and effectively keeps my network safe from threats. It works fast and doesn't slow down my work. I really appreciate how I can manage everything from one place and see what's happening on my network in real time. The automatic blocking of threats without needing much intervention from me saves a lot of time.
What do you dislike about the product?
What doesn't work as well for me is that sometimes it takes a bit of time to set up new rules when I need to make changes quickly. Also, the reports could be simpler to understand. Those are the main things I'd like to see improved.
What problems is the product solving and how is that benefiting you?
I use Check Point CloudGuard Network Security to protect my network and data from cyberattacks, stopping hackers and malware. It blocks bad traffic, keeps my information safe, and allows me to work without worry.