AWS CloudTrail vs. Check Point CloudGuard vs. FireMon

FireMon

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
AWS CloudTrail	Score 8.8 out of 10	N/A	AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of an AWS account. With CloudTrail, users can log, continuously monitor, and retain account activity related to actions across AWS infrastructure. CloudTrail provides event history of AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking,…	N/A
Check Point CloudGuard	Score 10.0 out of 10	N/A	Check Point CloudGuard is a comprehensive cloud security platform used to prevent threats and prioritize risks in the cloud across applications, network, and workloads.	N/A
FireMon	Score 7.9 out of 10	Enterprise companies (1,001+ employees)	FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to automate policy changes, meet compliance standards, to minimize policy-related risk. Since creating their policy management solution in 2004, FireMon states they've helped…	N/A

Pricing

AWS CloudTrail

Check Point CloudGuard

FireMon

Editions & Modules

No answers on this topic

Offerings

Pricing Offerings
AWS CloudTrail	Check Point CloudGuard	FireMon
Free Trial
Yes	No	Yes
Free/Freemium Version
Yes	No	No
Premium Consulting/Integration Services
Yes	No	Yes

Entry-level Setup Fee

No setup fee

Optional

Additional Details

You can view, filter, and download the most recent 90 days of your account activity for all management events in supported AWS services free of charge. You can set up a trail that delivers a single copy of management events in each region free of charge. Once a CloudTrail trail is set up, Amazon S3 charges apply based on your usage. You will be charged for any data events or additional copies of management events recorded in that region. In addition, you can choose CloudTrail Insights by enabling Insights events in your trails. CloudTrail Insights analyzes write management events, and you are charged based on the number of events that are analyzed in that region.

—

More Pricing Information

Community Pulse
	AWS CloudTrail	Check Point CloudGuard	FireMon
Considered Multiple Products	AWS CloudTrail No answer on this topic	Check Point CloudGuard Vighnesh Rege Senior Solution Advisor Chose Check Point CloudGuard First and foremost reason of our client selecting CheckPoint CloudGuard Posture Management / Dome9 was because they already had CheckPoint Firewalls which are in active use e.g. R75.40 and R82.x products. Customization Vs these other Vendors is another great asset Reporting is … Incentivized Helpful?	FireMon No answer on this topic

Best Alternatives
	AWS CloudTrail	Check Point CloudGuard	FireMon
Small Businesses	Armor Score 6.0 out of 10	Armor Score 6.0 out of 10	NinjaOne Score 9.1 out of 10
Medium-sized Companies	Druva Security Cloud Score 9.4 out of 10	Druva Security Cloud Score 9.4 out of 10	Cisco Meraki MX Score 9.1 out of 10
Enterprises	Druva Security Cloud Score 9.4 out of 10	Druva Security Cloud Score 9.4 out of 10	Cisco Meraki MX Score 9.1 out of 10
All Alternatives	View all alternatives	View all alternatives	View all alternatives

User Ratings
	AWS CloudTrail	Check Point CloudGuard	FireMon
Likelihood to Recommend	8.0 (4 ratings)	7.0 (6 ratings)	7.9 (69 ratings)
Likelihood to Renew	- (0 ratings)	- (0 ratings)	6.8 (7 ratings)
Usability	- (0 ratings)	8.0 (1 ratings)	7.3 (3 ratings)
Availability	- (0 ratings)	- (0 ratings)	7.3 (1 ratings)
Performance	- (0 ratings)	- (0 ratings)	9.1 (1 ratings)
Support Rating	- (0 ratings)	8.2 (4 ratings)	7.7 (17 ratings)
Implementation Rating	- (0 ratings)	- (0 ratings)	9.1 (1 ratings)
Product Scalability	- (0 ratings)	- (0 ratings)	7.9 (48 ratings)

User Testimonials
	AWS CloudTrail	Check Point CloudGuard	FireMon
Likelihood to Recommend	Amazon AWS It is necessary to enable [AWS] Cloudtrail when using AWS in a production environment, otherwise you will not have any idea what is happening within your accounts. Third party monitoring applications will all require [AWS] CloudTrail to be enabled as well. I would not recommend it solely as a monitoring tool, to get the most out of it you must send the logs elsewhere. Either to Cloudwatch logs or a third party product. Incentivized Verified User Anonymous Read full review	Check Point Software Technologies Checkpoint Cloud Guard Native Security Platform is much better in native cloud infra security requirements. It works well, and the manageability of said product is good. But If you are having some hybrid kind of environment, it is not suitable, and the products have more complexity to deploy. There are so many other players to do well in this segment. Incentivized AM Ankit Mistry IT Software Consultant Read full review	FireMon FireMon is best used in a large environment (for example, I have >100 firewalls in my environment). It's best used when trying to improve security posture and showing changes in firewall security over time. It might not be the best choice for smaller environments or those that aren't concerned about security management. Incentivized Carter Spear Cybersecurity Engineer Read full review
Pros	Amazon AWS API Log User activity tracking Real-time alerts Incentivized AS Anton Smyslov Product Owner Read full review	Check Point Software Technologies Advanced Threat protection via Check Point CloudGuard proven ThreatCloud intelligence feeds for malicious IP's is a nice feature. We have not set up the cloud bots auto-remediation functionality yet, but from initial testing, it looks to be something worth utilizing. Having reporting tie in's with our ServiceNow asset management platform is very handy. Incentivized Verified User Anonymous Read full review	FireMon Give good real time reporting for anyone making a change to any of our firewalls Provides good reporting tools that are out of box Provide good customization tools that is specific to our needs Upgrades are a simple process and support does relatively well with assisting us. Incentivized Verified User Anonymous Read full review
Cons	Amazon AWS [In my experience] Cost can easily get out of control with multiple trails on full logging Logs can be difficult to decipher Incentivized Verified User Anonymous Read full review	Check Point Software Technologies Support Services - Support during implementation Proof-of-concept - Needs to more detailed Troubleshooting multi-cloud/ vendor issues Should contain all the compliance standards - NIST, HIPPA, FedRAMP Incentivized Vighnesh Rege Senior Solution Advisor Read full review	FireMon Some features could be added to the existing functionality which include NAT rules usage Rule expiration normalization from firewalls rather than entering them in rule documentation .csv exports of the files from the firewall pane only gives usage for 30 days by default and that should be increased Incentivized Verified User Anonymous Read full review
Likelihood to Renew	Amazon AWS No answers on this topic	Check Point Software Technologies No answers on this topic	FireMon The shell is locked out and we can't run any general centos commands. The implementation and maintainence of the arch is very complex. Even with the right identifiers on log messages the log collection keeps failing. The warning messages on the device are ambiguous. The log messages on firemon are a bit confusing and don't show the exact issue. Incentivized Verified User Anonymous Read full review
Usability	Amazon AWS No answers on this topic	Check Point Software Technologies Is easy to use, and the standad configuration is well prepared. Incentivized Verified User Anonymous Read full review	FireMon It save me time and I'm able to have the review - review the rule independently with using my time. Incentivized JP Jeff Plotkin Network System Administrator Read full review
Reliability and Availability	Amazon AWS No answers on this topic	Check Point Software Technologies No answers on this topic	FireMon FireMon has been relatively stable overall. However, there have been a handful of times where we had issues with the console. For example, we couldn't update which devices to include in a security assessment. The initial suggestion from support was to just reboot it. It seems like there weren't many other options available such as to restart services before going to the extreme of a complete reboot. Incentivized Verified User Anonymous Read full review
Performance	Amazon AWS No answers on this topic	Check Point Software Technologies No answers on this topic	FireMon I'm not sure we have the largest implementation of FireMon out there but we do have a few 1000 devices being probed by FireMon. Overall, the system's performance has been rock solid. The console refreshes quickly and reports are generated within an expected timeframe. Incentivized Verified User Anonymous Read full review
Support Rating	Amazon AWS No answers on this topic	Check Point Software Technologies Checkpoint support is great. They provide great SLAs and they comply with service times accordingly. Incentivized OM Oscar Martinez DevOps Read full review	FireMon FireMon technical support is awesome! They respond quickly to our requests and they are well trained and very knowledgeable about the tool. Some issues have to be referred to the development team, but technical support largely provides solutions for any issues that we may have. Incentivized Eric Garcia IT Security Engineer Read full review
Implementation Rating	Amazon AWS No answers on this topic	Check Point Software Technologies No answers on this topic	FireMon Implementation is fairly simple. Most issues can be resolved by referencing manuals. Incentivized Verified User Anonymous Read full review
Alternatives Considered	Amazon AWS I think in the end, CloudTrail has more features and you can dive deeper inside the logs so it depends on your usage and what you expect in the end to make the right choice, I would say that both tools are really useful and bring a lot of benefits to I.T. companies. Incentivized Verified User Anonymous Read full review	Check Point Software Technologies Most products have their pros and cons but Dome9 does everything Evident.io and Redlock can do and more. Evident was a good tool but merging the two products into one complicated things. Incentivized Verified User Anonymous Read full review	FireMon I has worked with AlgoSec and while they are very similar product, I find the FireMon is easier to understand and get rolling with. While both require some learning, FireMon is by far the easier one. Once you have an understanding of how things are arranged and labeled you can easily import firewalls and begin to work on them to improve them Incentivized Verified User Anonymous Read full review
Scalability	Amazon AWS No answers on this topic	Check Point Software Technologies No answers on this topic	FireMon Firemon Is easily scalable and maintainable with any size team. Although it requires some tech debt, it is well worth the time to invest to ensure compliance is visible and reports are accurate. Although our environment is very large we do not fully utilize the scalability of the Firemon product. Incentivized Verified User Anonymous Read full review
Return on Investment	Amazon AWS Allows us to investigate any strange api actions Increases security Audit trail of changes made in AWS Incentivized Verified User Anonymous Read full review	Check Point Software Technologies Significant $$$ cost savings as compared to other competitors in the market Long term contracting also helped in cost savings and good ROI - 750k USD approx Multi-vendor and Multi-cloud capabilities also helped us forecast the capex well No need of any other IAM solution - Some cost savings in that area as well for us, Incentivized Vighnesh Rege Senior Solution Advisor Read full review	FireMon FireMon's Compliance Reporting provided an immediate and tangible benefit FireMon helps identify egregious or erroneous rules quickly across multiple platforms FireMon took our audit process from an Excel spreadsheet into a far more advanced process with readily available context for reviewers Incentivized Verified User Anonymous Read full review
ScreenShots	AWS CloudTrail Screenshots