Sold by: Check Point Software TechnologiesÂ
Deployed on AWS
Free Trial
Check Point CloudGuard Network Security is a cloud-native security gateway that delivers automated, advanced threat prevention and multi-layered network security for assets that customers migrate to or store on AWS. Try it free for 30 days.
4.4
Overview
Video
Video 1
Video
Product video
Check Point CloudGuard Network Security is a cloud-native security gateway that delivers industry-leading threat prevention and multi-layered network security for workloads migrated to or deployed in AWS environments.
Comprehensive Cloud Network Security: CloudGuard Network Security for AWS protects cloud assets with a full suite of advanced security capabilities, including: firewall, Data Loss Prevention (DLP), Intrusion Prevention System (IPS), application control, IPsec VPN, URL filtering, antivirus, anti-Bot, threat emulation, and threat extraction. These features enable proactive defense against known and unknown threats, ensuring robust protection for cloud workloads.
Industry-Leading Threat Prevention: CloudGuard Network Security for AWS provides advanced threat prevention to secure AWS environments from sophisticated threats, unapproved access, and application-layer Denial of Service (DoS) attacks with industry-leading catch rates.
Full Control of Network Traffic: CloudGuard Network Security for AWS ensures secure, encrypted data flows between your on-premises network and your AWS VPCs. It inspects traffic entering and exiting private subnets in the VPC ("North-South") as well as between VPCs ("East-West").
Unified Security Management: Extend on-premises security policies into the AWS cloud with unified, centralized management via Check Point CloudGuard Security Management Server. Manage policies, logs, and reports consistently across AWS, hybrid, and on-premises environments from a single pane of glass. This listing includes the gateway only. For management, use Check Point Smart-1 Cloud: https://www.checkpoint.com/quantum/unified-cyber-security-platform/smart-1-cloud/Â
Automated, Scalable Cloud Security: Integrates with infrastructure-as-code tools like Terraform and Ansible for policy automation and cloud-native scaling. CloudGuard dynamically adapts security policies based on real-time cloud metadata and changes. Supports AWS Transit Gateway, auto-scaling, high availability, and multi-AZ redundancy.
Flexible Licensing and Seamless AWS Integration: Deploy within minutes as either a single gateway, as a high availability cluster, or as an auto scaling group via Check Point CloudFormation templates (sk111013). Recommended deployment on a 4 vCPU instance for optimal performance. CloudGuard Network Security integrates with a broad range of AWS services, including Gateway Load Balancer, AWS Security Hub, VPC Ingress Routing, AWS Traffic Mirroring, AWS Transit Gateway, AWS Outposts, and Amazon Macie.
Getting Started: Supports both Pay-As-You-Go (PAYG) and Bring Your Own License (BYOL) models with a flexible pricing model that supports both usage-based billing and contract-based subscriptions. Start your free 30-day trial to gain full access to CloudGuards features and capabilities. At the end of the trial, your subscription will automatically convert to a paid, usage-based plan, unless canceled beforehand. Request a private offer for custom pricing and terms. For a guided walkthrough, you may request a product demo through this listing.
Highlights
- Advanced Protection with Security Features: Firewall, DLP, IPS, Application Control, IPsec VPN, URL Filtering, Antivirus, Anti-Bot, Threat Emulation and Threat Extraction.
- Industry-Leading Threat Prevention: Cutting-edge threat prevention with industry-leading catch rate of malware, ransomware and other types of attacks (per Miercom and Cyberratings, 2025).
- Unified Security Management: Provides consistent visibility, policy management, logging, reporting and control across hybrid-clouds and on-premises from a single pane of glass.
Details
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux Gaia 3.10
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c6in.xlarge Recommended | $0.91 |
m5.4xlarge | $3.00 |
m6i.xlarge | $0.91 |
r5.24xlarge | $16.42 |
r5.large | $0.80 |
r5.8xlarge | $5.86 |
m6i.24xlarge | $16.42 |
r5a.xlarge | $0.91 |
r5b.12xlarge | $8.79 |
r5b.xlarge | $0.91 |
Vendor refund policy
Terminate the instance at any given time to stop incurring charges.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Additional details
Usage instructions
Once the instance is running, connect to it using SSH, set an admin password using: 'set user admin password' followed by 'save config'. Then connect to https://[instance] using Internet Explorer (IE) to finalize the configuration. Notes:
- SSH password authentication is disabled in /etc/ssh/sshd_config
- For information regarding Firefox and Chrome refer to sk121373.
Support
Vendor support
This offer includes Premium Support. For the full list of included support services visit: https://www.checkpoint.com/support-services/support-plans/ To open a support ticket, you would need to have a Check Point user center account. If you do not have a user center account, you can sign up for one here: https://accounts.checkpoint.com . Need support? Contact us at https://www.checkpoint.com/support-services/contact-support/Â
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Check Point Software Technologies
By Palo Alto Networks
Top
10
In Log Analysis, Network Infrastructure
Top
10
In Network Infrastructure
Top
10
In Network Infrastructure, Security
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Network Traffic Inspection
Inspects traffic entering and exiting private subnets in VPC ("North-South") and between VPCs ("East-West")
Advanced Threat Prevention
Provides multi-layered security capabilities including firewall, IPS, threat emulation, and threat extraction with advanced catch rates
Cloud Infrastructure Integration
Supports infrastructure-as-code tools like Terraform and Ansible, dynamically adapts security policies based on cloud metadata
Security Protocol Coverage
Comprehensive security features including Data Loss Prevention, application control, IPsec VPN, URL filtering, antivirus, and anti-Bot protection
Cloud Service Compatibility
Integrates with AWS services including Gateway Load Balancer, AWS Security Hub, VPC Ingress Routing, AWS Traffic Mirroring, and AWS Transit Gateway
Network Traffic Protection
Advanced cloud-native firewall service powered by FortiOS and FortiGuard Labs threat intelligence for securing cloud network traffic
Threat Intelligence
AI-powered intrusion prevention (IPS), data leak prevention (DLP), and advanced filtering capabilities to block malicious traffic and potential security breaches
Dynamic Policy Management
Security policies that dynamically use cloud metadata tags to follow cloud workloads without requiring static IP updates
Geo-Specific Security Control
Enforcement of compliance policies through geo-IP blocking and traffic restrictions to/from specified countries
Multi-Account Security Aggregation
Capability to consolidate security across multiple VPCs and accounts within an AWS region using a single firewall instance
Threat Prevention
Advanced machine learning-powered inspection engine that detects known and zero-day threats including exploits, malware, spyware, and command and control attacks
Web Security
Inline machine learning-based web security engine for real-time detection of phishing, ransomware, and evasive web-based attacks
File Analysis
Proprietary cloud-based hypervisor for static and dynamic file-based threat detection using advanced sandbox analysis techniques
Protocol Layer Security
Comprehensive security coverage across network layers including DNS-layer attack prevention and network data exfiltration detection
Traffic Visibility
Complete application layer-7 traffic inspection and control with dynamic policy management based on AWS tags, application IDs, and user contexts
Standard contract
No
No
No
Customer reviews
PedroPereira4
Unified cloud security has simplified multi-cloud protection and has improved policy consistency
Reviewed on Dec 03, 2025
Review from a verified AWS customer
What is our primary use case?
I use Check Point CloudGuard Network Security mainly to protect cloud workloads and applications across multi-cloud environments. Day-to-day, I rely on it for managing cloud-based firewalls, enforcing unified security policies across accounts and regions, and continuously monitoring traffic and threat activity to keep our cloud infrastructure secure.
In addition to protecting workloads and managing cloud firewalls, I also use Check Point CloudGuard Network Security to maintain a consistent security posture across multiple cloud providers.
What is most valuable?
The best features Check Point CloudGuard Network Security offers include unified multi-cloud firewall and network security, real-time threat prevention, and automated detection of anomalies, which helped us catch misconfigurations.
The unified multi-cloud firewall feature helps me manage and enforce firewall rules consistently across different cloud providers and accounts. Centralized visibility and monitoring of cloud network activity is another helpful feature of Check Point CloudGuard Network Security that makes compliance audits and security reviews easier.
Check Point CloudGuard Network Security has positively impacted my organization by providing ease of use between different clouds. It has strengthened our overall cloud security posture and reduced the number of configuration-related issues that used to slip through. We have seen fewer unauthorized traffic flows, faster detection of anomalies, and clearer visibility across all cloud environments.
Check Point CloudGuard Network Security is deployed fully in public cloud. It provides unified security management across hybrid clouds. For security operations, this has reduced fragmentation and made it easier to maintain uniform policy across environments. It also shortens investigation time because all logs, events, and traffic insights flow into one place. My team does not have to switch tools or reconcile different rule sets, and this consistency lowers the risk of misconfiguration.
What needs improvement?
Several areas of Check Point CloudGuard Network Security could be improved. The dashboard is comprehensive, but navigating advanced views can take time for administration, so the learning curve is somewhat high. Some automation workflows required additional tuning to work smoothly in complex multi-account setups. Integration with third-party cloud-native tools could also be broader to reduce reliance on custom configuration.
For how long have I used the solution?
I have been using Check Point CloudGuard Network Security for approximately two years.
What do I think about the stability of the solution?
Check Point CloudGuard Network Security is stable.
What do I think about the scalability of the solution?
The scalability of Check Point CloudGuard Network Security is solid.
How are customer service and support?
Customer support for Check Point CloudGuard Network Security is good. I would rate the customer support a solid 10.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I previously used a mix of native cloud firewalls and FortiGate appliances. I switched because managing multiple tools across different clouds became too time-consuming.
What was our ROI?
I have seen a return on investment with Check Point CloudGuard Network Security. The time saved was significant because now we have everything in the same place. We have fewer false positives, so my coworkers have time to look at other projects.
Which other solutions did I evaluate?
We evaluated solutions such as Palo Alto Prisma Cloud and Fortinet's FortiGate. Compared to them, Check Point CloudGuard Network Security was slightly easier to manage overall. Its unified console and policy management model made setup faster and central control simpler. The trade-off is that Check Point CloudGuard Network Security feels less customizable in deeply complex scenarios.
What other advice do I have?
It has made me more confident overall in secure cloud deployments and migrations. Knowing that the same security controls follow us as we move workloads or spin up new ones removes a lot of stress. We do not have to rebuild policies from scratch or worry about gaps during migrations, which makes cloud projects smoother and faster to roll out.
I utilize Check Point CloudGuard Network Security alongside Harmony Endpoint and a few on-premises Check Point gateways. They all tie back into the same management console, so policies, logs, and threat data flow into one place, making it easier to keep everything consistent.
I would suggest planning your policy structure early and keeping it consistent across accounts to avoid complexity later. I would rate this product an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Eliezer P.
Real-Time Visibility and Efficient Comprehensive Protection
Reviewed on Nov 25, 2025
Review provided by G2
What do you like best about the product?
I love the real-time visibility that Check Point CloudGuard Network Security provides me regarding cloud security. This allows me to respond effectively to incidents, which is crucial for protecting our data and operations. I also greatly value the comprehensive protection it offers for cloud environments. I like it because it covers all the security aspects I need, ensuring that all our areas are adequately protected. These features make this tool a vital part of our IT security strategy.
What do you dislike about the product?
Integration with more cloud platforms.
What problems is the product solving and how is that benefiting you?
I use Check Point CloudGuard Network Security to protect against threats and network attacks. It provides me with real-time visibility and comprehensive protection, allowing me to respond effectively to incidents and secure all aspects of cloud security.
Aaron M.
Worry-Free Operation Delivers Total Peace of Mind
Reviewed on Nov 25, 2025
Review provided by G2
What do you like best about the product?
I really like how it does not need much set up. It is great for security and provides simple solutions to a complex problem. It has been a great addition.
What do you dislike about the product?
I have not experienced any downsides to the product. It has functioned as described and has become part of every day work. When there is an issue, it is quickly corrected.
What problems is the product solving and how is that benefiting you?
It is helping staff feel more secure when online. It is also supporting our growth. It has worked to improve efficiency and overall productivity. We do not worry about online security.
Sujit S.
Powerful Cloud Security with Centralized Management, Minor Room for Improvement
Reviewed on Nov 20, 2025
Review provided by G2
What do you like best about the product?
I like Check Point CloudGuard because it provides strong, advanced threat protection that goes beyond native cloud firewalls. It also gives a single, centralized console to manage security across multiple clouds. Policies are dynamic and update automatically using tags and identities, which reduces manual work. Overall, it makes cloud security simpler, consistent, and more powerful.
What do you dislike about the product?
I dislike that Check Point CloudGuard can be complex to deploy and manage, especially for beginners. It also requires higher skill levels compared to native cloud firewalls. Licensing and costs can be confusing and sometimes expensive for small teams. Updates and troubleshooting often depend heavily on Check Point TAC, which can slow things down.
What problems is the product solving and how is that benefiting you?
CloudGuard helps solve the challenge of securing workloads across multiple clouds with one consistent policy. It protects against advanced threats that native cloud firewalls can’t block. It also automates security using tags and identities, reducing manual work. Overall, it improves visibility, strengthens protection, and saves a lot of operational time.
Computer Software
Powerful Threat Prevention with an Intuitive Dashboard
Reviewed on Nov 19, 2025
Review provided by G2
What do you like best about the product?
During the trial, We really liked how the dashboard clearly showed the threats, polices without overwhelming the team. The threat prevention engine is very strong and it blocks traffic smartly.
What do you dislike about the product?
One issue we noticed is that the initial setup feel a bit complex for our team. There are quite few configuration steps and it takes some time to fully understand everything.
What problems is the product solving and how is that benefiting you?
CloudGaurd Network Security helped us strengthen our Zero Trust approach by giving us very clear control over which resources can communicate in in our cloud environment. It provides a solid firewall layer and cloud data security. During the trial, it made it much easier to identify risky traffic and block unauthorized access attempts. Overall it was so helpful for our team.