We just raised a $30M Series A: Read our story

Check Point CloudGuard Network Security Competitors and Alternatives

Get our free report covering Fortinet, Palo Alto Networks, Cisco, and other competitors of Check Point CloudGuard Network Security. Updated: November 2021.
553,954 professionals have used our research since 2012.

Read reviews of Check Point CloudGuard Network Security competitors and alternatives

Manuel Gellida
Owner at Dinamica en Microsistemas de Informatica, S.A. de C.V.
Reseller
Top 5
Easy to use and deploy with an improved pricing structure in place

Pros and Cons

  • "The initial setup is pretty easy."
  • "They need to allow their solution to integrate with other products and not just other Sophos solutions."

What is our primary use case?

My clients are mostly based in the government. They are my core clients. I install the solution for my clients.

What is most valuable?

The solution is very easy to use. 

Of course, we have the skills, however, it's very easy for us to deploy the solution. That's one of the valuable features. 

They have a communication between the endpoint and the firewall which is very, very useful for security purposes.

Pricing is now pretty good. They changed the pricing structure a few months ago.

The initial setup is pretty easy.

What needs improvement?

The integration could be a bit better. They need to allow their solution to integrate with other products and not just other Sophos solutions.

Sophos has a feature that in my opinion is very limited. They don't have enough VPNs on their models. They have the XG 750, which is a sizeable appliance. On those models, they used to have not enough VPNs. They always were short on that area. 

Pricing used to be very bad, however, they've adjusted their strategy recently. 

The product needs to improve its marketing in Mexico. It's not a well-recognized product in our country.

The solution's technical support is very bad.

There is an overall lack of documentation in relation to features and capabilities. We need these to help explain aspects of the solution to our clients. 

For how long have I used the solution?

I've used the solution since around 2014. I have about six years of experience at this point. It's been a while. I've definitely worked with the product in the last 12 months.

What do I think about the stability of the solution?

The solution is quite stable. There are no bugs and glitches. It doesn't crash and freeze. It's quite reliable. We don't have problems with it.

What do I think about the scalability of the solution?

The solution is very scalable. It is not a problem. Sometimes we have issues when we are trying to do something with a different traditional version of hardware as sometimes the new hardware has more ports. However, if we are talking about scalability in a huge customer, we can do it very easily. 

Mexico is very different than other countries and continents as here, when we say it's a big customer, we are talking about 2,000 to maybe 3,000 users. There aren't too many large-scale operations in the country. However, in general, for our area, we tend to deal with large-scale companies.

For a company that has maybe 1,000 users, Sophos seems to work very well. We have one operation with 10,000 endpoints and it is working quite well.

How are customer service and technical support?

Technical support from Sophos is very bad.

Sometimes we lose a project due to the fact that we need to solve some issues or answer questions. Things that may be technical but also involve the administrative side. I'm talking about licensing and the capabilities of the feature. We need some documentation, something we can show clients. They can better in those cases. They can either help us or supply us with what we need. 

In response time, they are terrible. In the area of technical knowledge, they are getting better, however, they aren't where they need to be. Right now, we are not satisfied with the level of support provided.

How was the initial setup?

The initial setup is not complex. However, here in Mexico, it's very complex to sell the product. The brand is not as well known.

That said, the process is pretty straightforward. 

The deployment times vary. It depends on the end-user and what they need. Sometimes, it's easy as they don't have too many policies. The more policies they have, the longer it takes.

In other cases, clients may have a lot of VPNs. We have to work on those VPNs, and we have to do a lot of routing. However, that depends on the customer. Not all are like that.

For one appliance, you just need one person for deployment and maintenance. If we are working a lot of VPNs, we would have to use more people. We need to involve maybe two or three individuals and re-apply the configuration in that case. 

What about the implementation team?

We handle the installation process ourselves. We do not need the assistance of consultants.

What's my experience with pricing, setup cost, and licensing?

The pricing has recently changed on Sophos. Their licensing and cost structures are much more clear now. It's much better than it was.

Which other solutions did I evaluate?

Clients, in many cases, evaluate for Check Point, Forcepoint, and sometimes Fortinet. Occasionally, they may look at SonicWall, or Palo Alto however, the others are the main big competitors. 

Palo Alto is very expensive as are Check Point and Forcepoint. That's why we sometimes win the projects. We find Fortinet, is very, very hard to beat as they have a lot of market share, have a lot of marketing. Sophos doesn't have that presence, that marketing. Also, when you have to think about prices, Fortinet gives customers everything and it's hard to beat.

The biggest issue I've found with Sophos is the small number of VPNs that we can do compared to a similar appliance with Fortinet or in the same level center. In fact, many other brands offer more VPNs than Sophos.

What other advice do I have?

I'm a Sophos reseller.

We use multiple versions. We have worked with XG 460 and XG 135 and some others -such as XG 230. In those cases, sometimes it has been Rev 1 and in other cases Rev 2 in terms of the hardware versions.

I mostly work with on-premise deployments. The only item I have installed in the cloud is an email solution by Sophos.

I'd recommend the solution to other organizations. Overall, I would rate it at a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
Amith Rao
Senior Network Security Engineer at a tech services company with 51-200 employees
Real User
Top 20
Get great visibility into vulnerabilities through micro-segmentation

Pros and Cons

  • "This tool greatly helps in understanding the footprint of the attacks."
  • "The interface and dashboard are amazing."
  • "The product needs a few features like enhanced user policies and payload-level inspection to improve the offering."

What is our primary use case?

We are a partner, not a customer. We would like to be in a position of trying to provide consultation for this solution and delivery of the product to clients. So, we have partnered with Guardicore in India and we are trying to sell this product and that is our primary use case. The primary use case that we are implementing this product for with clients is micro-segmentation.  

How has it helped my organization?

This particular product has a deployment model both in public and private clouds and on-premises. We are pitching it to all of our customers, irrespective of the regulations that they must follow. Some customers are in the government sector, for example, and they will need to go on-premises. There are some customers like IT service-based companies that have most of their infrastructure in the cloud, and those can use cloud-based services. What the client wants and needs totally depends on the type of client they are. We have an advantage with this product in offering it both ways — on cloud and on-premises — to meet the client's needs.

What is most valuable?

The most important feature or use case, because of micro-segmentation, is the visibility you get when you deploy this product. It will give you very good visibility of your whole data center. The second thing that is valuable is the lateral movement. Often when there is a compromise of vulnerabilities in the organization, this tool greatly helps in understanding the footprint of the attacks. It also helps in stopping the lateral movement of the attack.  

What needs improvement?

Predominantly I have been working with firewalls and the UTM (Unified Threat Management) solutions for some time. Guardicore has to do something to add on features that help to do a better job of inspection.  

They should have policies based on users. Often we can only add user groups. I think they should offer the ability to assign policies to individual users. The ability to assign policies to both users and groups would make the area of creating policies more flexible. They should also have time-based rules in the policies which they currently do not have.  

They should also get into payload-level inspection. As of now, what they do for threat inspection is to look at the metadata of a packet. This is not in depth enough for proper inspection. They need to start inspecting the payload-level information of a packet or offer this as an option.  

So they should have payload-level inspections to do some deep investigation. Then they should have more user-level control of policies. I think if these two things are introduced, then I could probably change my rating of Guardicore to a nine-out-of-ten.  

For how long have I used the solution?

We have just recently started working with Guardicore. Six months ago we began working on the POC (Proof of Concept) and we have still not finished so we have yet to deploy the product to production.  

What do I think about the stability of the solution?

I cannot comment on stability under higher loads because we have not yet deployed it and exposed it to live traffic. We are still in the testing and evaluation phase.  

What do I think about the scalability of the solution?

I think it is an amazing product in terms of scalability.  

How are customer service and technical support?

I have not had any experience with technical support because we are not in production. Once we deploy the solution to our customers, that is when I think we will be making more use of support resources.  

Which solution did I use previously and why did I switch?

Earlier we worked more in the firewall space. That is, we worked with Check Point a lot. It was maybe for a period of five years. Then from firewalls, which is a UTM solution, we are trying to move into the new world technologies. That would be things like dedicated security solutions that cover more than what firewalls do.  

As an employee, I am not sure what my organization has gone through in making evaluations and comparisons. I am sure that they have evaluated other products like Illumio, Cisco Tetration, and Guardicore. I do not know, out of all their testing and research, specifically why they found Guardicore to be more a valuable solution. I think these people may be more focused on what they are doing rather than how it is getting done.  

How was the initial setup?

The installation and setup are pretty straightforward.  

What other advice do I have?

Right now, I would definitely recommend Guardicore for someone who is looking into the micro-segmentation space or probably an internal firewall for the organization.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate Guardicore Centra as probably an eight-out-of-ten.  

The interface and dashboard are amazing. I would rate the user interface as a ten-out-of-ten. For other reasons having to do with features and functionality, I have to mark them down a few points.  

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
RF
Data Analyst at a hospitality company with 201-500 employees
Real User
Top 20
User-friendly, provides good access, and is fairly easy to implement

Pros and Cons

  • "It is a very user-friendly product."
  • "I don't have to see all the object groups that have been created on that firewall. That's just something that I would really appreciate on the CLA, even though it already exists on the GUI."

What is our primary use case?

We primarily use the solution in order to create access rules. That's what I use it for mostly. Sometimes, if I need to do some mapping, I may also leverage this product.  

What is most valuable?

In terms of access, the solution is great at making sure that the firewall has the right IPs, or that the right IPs are passing through where they should be. 

The product does a good job of making sure that the connection is one that the user can trust. It keeps everything secure.

From what I've already done with ASA, I've noted that it's a very simple solution. 

It is a very user-friendly product. I started with the GUI version. There are different versions. You could have the CLA, and the GUI version if you like. Both are really user-friendly and they're easy to learn. 

What needs improvement?

We haven't been working with the product for too long, and therefore I haven't really found any features that are lacking. So far, it's been pretty solid.

One of the things that would make my life easier on ASA, especially for the CLA, is if it had an ASBN feature, specifically for the CLA. This would allow you to be able to see at once where a particular object group is being used without having to copy out all the object groups that have already been created.

I don't have to see all the object groups that have been created on that firewall. That's just something that I would really appreciate on the CLA, even though it already exists on the GUI.

For how long have I used the solution?

I've been using the solution for six months now. It's been less than a year. It hasn't been too long just yet.

What do I think about the stability of the solution?

The solution has been quite stable.

Most of the clients that we deal with use this solution. No one has ever complained about having a breach or anything, to the best of my knowledge, even though we see some people combine different firewalls together, and use them alongside Cisco ASA. So far, we've not had any issue with Cisco ASA. It's reliable and keeps our clients safe.

What do I think about the scalability of the solution?

I've never tried to scale the product. I haven't worked with it too long at this point. I wouldn't be able to comment on its scalability potential.

How are customer service and technical support?

I've never dealt with technical support yet. I can't speak to their level or response or their knowledge of the product.

Which solution did I use previously and why did I switch?

In the past, I've worked with Check Point and Fortinet as well.

How was the initial setup?

I've been handling the implementation. So far, it's been good, even with no prior knowledge of the solution itself. It's my first time working with it.

On my team, lots of people are working on different aspects, and most of the setup is being done by those that have more knowledge about the firewall than we have. We don't have anything to do with the setup, we just make sure that we implement whatever connections the clients already have. It's already broken down that way, just to avoid as many mistakes as possible.

We already have a process for implementation based on the number of connections. The maximum we normally work on each connection is maybe 20 to 30 minutes. However, the process could be as little as one minute. It depends on how many connections we want to add at a time.

What about the implementation team?

We're handing the implementation via our own in-house team.

What's my experience with pricing, setup cost, and licensing?

I'm just handling the implementation and therefore don't have any insights on the pricing aspect of the solution. I wouldn't be able to say how much the company pays or if the pricing is high or low.

That said, the pricing isn't an issue. It's more about what's best for the customer or the client. We want to give the client the best service, and very good protection. If a client begins to worry about pricing, we can't exactly guarantee the same level of safety.

What other advice do I have?

Our company has a partnership with Cisco.

We have different clients and therefore use different versions of the solution. Nobody wants to use an out-of-date version, and therefore, we work to keep everything updated.

Overall, I would rate the solution at a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PF
IT Specialist at a transportation company with 10,001+ employees
Real User
Top 20
Reliable, easy to use, and offers strong security feaures

Pros and Cons

  • "Palo Alto has better and finer controls than, say, Cisco or Check Point."
  • "The solution needs a series of OS changes."

What is our primary use case?

The solution was a firewall that bridged the internal systems with their DMC equipment and/or restricted systems access that wasn't generally available to anyone outside of the organization.

How has it helped my organization?

The solution gets the access controls down to an even more precise part of the network traffic. It's not just any user going to an IP address or going to a port to get on the network. It's very thorough.

What is most valuable?

Our organization liked the fact that it wasn't just firewalls that handled addresses and ports. It also handles actual URL inspections. 

The solution is at the cutting edge of technology. 

The solution has good at controlling restricted access.

Palo Alto has better and finer controls than, say, Cisco or Check Point.

The solution is very strong from a security standpoint.

What needs improvement?

It's like anything else. What's good today might not be in a day, a week, a month, etc. The solution needs to constantly be adapting and updating.

The solution needs a series of OS changes.

For how long have I used the solution?

I have been using the solution for five years.

What do I think about the stability of the solution?

The stability of the solution is rather excellent. It is really stable unless somebody messes up a configuration. We didn't face any bugs or crashes or have any issues with glitches.

What do I think about the scalability of the solution?

The solution was scalable for our purposes. We distributed it to three or four different locations and these were all internal edge firewalls. It wasn't more than a half a day to get any new location up, once the network equipment was in place. (For example, switch hardware, cables, etc.). We would just bring in the hardware, set it up, connect to it, and finish turning it on.

How are customer service and technical support?

The technical support is excellent. There haven't been problems that they couldn't resolve quickly. Pretty much are all cases that we had were dealt with to our satisfaction.

Which solution did I use previously and why did I switch?

Prior to Palo Alto, we had been using Check Point. There wasn't a technical reason that we switched. As an organization, we just periodically switch technologies.

How was the initial setup?

I can't really answer any questions related to the initial setup as there was another person who handled it. However, I do believe it was straightforward for them. My understanding was that deployment only took a day. It wasn't a long process.

What about the implementation team?

For the initial deployment, I'm pretty sure they used a subject matter expert. After that, the organization did not need outside assistance. One of our own team members ended up becoming the subject matter expert for a lot of the implementation strategy.

What's my experience with pricing, setup cost, and licensing?

I don't have an idea of what the licensing costs are.

What other advice do I have?

I'd advise companies considering setting up the solution to make sure they have a trained team. If the team doesn't have any expertise with this type of firewall, then they've got to take some training. The training's pretty good and once you understand the concepts, it's pretty quick to put together. 

At the time we implemented it, it was easier than Check Point and the Check Point had a lot of similar capabilities. It also offered finer filtering on what was going to be allowed through various parts of the firewall ports. 

I'd rate the solution ten out of ten due to its reliability and ease, and the consistency of configuration.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
JA
Project Manager at a tech services company with 51-200 employees
Real User
Top 20
Good pricing, good technical support, and fairly user-friendly

Pros and Cons

  • "The pricing is excellent. It's much less expensive than Cisco."
  • "The initial setup is complex."

What is our primary use case?

I'm primarily using the solution for security purposes, and also for managing the network for various companies. I am deploying it for uniting management statuses, in order to be able to manage everything inside and to control security policies. It can fight against attacks to the system or for email searches. It is basically a central management security appliance.

What is most valuable?

We find it's good for managing the network and offers good defense against attacks.

Technical support is great. It's really fast.

Overall the solution is pretty user-friendly. It has a good dashboard and is pretty easy to navigate.

The pricing is excellent. It's much less expensive than Cisco.

What needs improvement?

The only thing is sometimes you have to learn with CLI. For those not familiar with CLI it can be an issue. It would be ideal if we could avoid using CLI. If you make a mistake in the command line, it's harder to detect. It would be much better if they had a user-friendly GUI.

The initial setup is complex.

For how long have I used the solution?

I've been using the solution for five years.

What do I think about the stability of the solution?

The solution is very stable. You don't have to worry about bugs or glitches. I tend to wait and not upgrade to the latest version right away to ensure this is the case.

What do I think about the scalability of the solution?

The solution is scalable. If you need to expand it, you can. We have it at a variety of networks and sites with no problem.

We have 120 users that are connected to a minimum of 80 computers and a minimum of 15 servers, which is great. The solution is working and it is still stable even across all of these devices and servers. We have multiple networks inside as well, so we are not only on one network. We set them separately, which is why the initial setup for us was quite complex. We're through with that though.

How are customer service and technical support?

The technical support is pretty good. they're pretty knowledgeable and responsive, especially when you get to the Level 3 techs.

Which solution did I use previously and why did I switch?

We previously used CheckPoint. Unfortunately, they didn't have a very good service, especially in technical support, and therefore we decided to switch.

How was the initial setup?

For our organization, the initial setup was not straightforward. It was pretty complex. That's due to the fact that we had many networks to set up and many sites to take into account.

What about the implementation team?

We set up the solution ourselves, although we did work closely with Fortinet as part of their bundle package.

What's my experience with pricing, setup cost, and licensing?

The licensing is paid on a yearly basis.

Which other solutions did I evaluate?

I evaluated Palo Alto. They didn't have the complete solution we wanted. Neither did Juniper, which we also looked at. We looked into possible having Cisco, however, Cisco is too expensive. 

When we looked at Cisco, we also evaluated Meraki, which is a part of Cisco. It did not have what we needed either. 

What other advice do I have?

We are using the 200E in our environment. We had 200D before.

We're not using the latest version of the solution, which is 6.4. I like to wait on new versions to see if it is stable before deploying it. I like to take my time and avoid headaches where possible.

I would recommend the product to other organizations. It's got great bundle options which make it a very good choice - and it's much cheaper than Cisco.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Get our free report covering Fortinet, Palo Alto Networks, Cisco, and other competitors of Check Point CloudGuard Network Security. Updated: November 2021.
553,954 professionals have used our research since 2012.