CheckPoint is a digital access management and engagement system for venues. It automates and digitizes the registration, ticketing, and check-in process while enabling venues, vendors, and exhibitors to engage with guests directly to their phone's lock screen. CheckPoint is an event management tool for events, conferences, festivals, clubs, and more. The venue management solution boasts users among both the Oscars and Nasdaq.
N/A
Microsoft Defender for Cloud Apps
Score 7.4 out of 10
N/A
Microsoft Defender for Cloud Apps (formerly Microsoft Cloud App Security) is a multimode cloud access security broker.
CheckPoint performs well as an internal firewall between network zones, providing policy control and deep inspection of internal traffic. It works well for a multi network setup like ours across multiple sites. It is however not a fast changing interface and time needs to be taken to perform changes. It's not a quick as other vendors
Microsoft Defender for Cloud Apps is well suited when working with other Microsoft Applications. For example, if you are working with Microsoft Office 365 it works very well when implementing CASB features. It works when implementing monitoring or blocks on Sanctioned applications however customizing the message to users is not that great.
The integration to Microsoft Entra ID is seamless, which allows Conditional Access to redirect the session to Microsoft Defender for Cloud App for it to take actions (Block or Monitor).
Tracker users' activity is very good when troubleshooting or running an investigate.
Detecting risky users through tight integration with Microsoft Entra ID is a very good feature.
Detecting mass downloads and blocking the download of files from non-manage company devices is a very good feature as well.
In my experience, notifications are completely broken and non-functional
In my opinion, confusing UX for the cloud portal
Don't try and import 100's of endpoints when onboarding because it will create a mess
When installing the CP client you have to remove Microsoft Defender and if that fails, CheckPoint technical support goes, "Not my problem, sucks to be you!"
It takes some time to scan and apply the policies when there is some sensitive information.
After it applies the policies, it works, but there is a delay.
It doesn't provide any way to scan Microsoft Teams when an external exchange of images is happening. You can always do the filtering on the documents during the chat, but if there is an image, then some kind of OCR capability is required to detect it. At present, there is no way [Microsoft Cloud App Security] can go and detect those kinds of images and alert us
the solution offer the most improvement about the usability by management more firewall in the same context or multicontext instead. The shared database allow to use one object for more than a package target of a cluster or more of gateways firewall. The management remain isolated from traffic pass through the firewall so the disruption is limited at minimum.
The interface is pretty simple and easy to use; however, you will need to do a lot of investigative research on your own to get comfortable with it. Originally, many of the Microsoft security tools had their own seperate consoles. Overtime, they have blended into one interface which is the ideal state. In some cases it is clear Microsoft had to pick which console a certain feature or setting was going to reside in and this leads to some confusion. For example, DLP is managed through Defender for Cloud Apps but you will also need to jump into Purview. For things like reverse proxy on your M365 tenant, you will need to go into Azure and setup conditional access rules. Not a big problem and I can understand why the settings are located where they are but for someone just starting out with Defender for Cloud Apps, it will take some time to figure out.
I have not utilized actual support but the Sales and Product teams have been super helpful in moving our implementation forward and showing us the best practices.
The CheckPoint Firewall and Cisco ISR router serve different purposes. Our organisation uses both devices, but in different areas of the topology. The Cisco ISR is a remote device and its function is to relay information to our edge firewall, which then passes to our internal firewall (CheckPoint) to securely control traffic requests.
More flexible and more features with easy integration with cloud services like Microsoft Azure and other cloud services. Overall both gives similar features but we prefer Microsoft cloud app security due to its high threat detection rate. mostly we have been able to stop the threat in very very less time.
Cloud App Security saves us thousands of dollars finding and rectifying apps security issues
Identity Security Posture helps the organization identity stay in shape, saving thousands of dollars on security consultations
The cost of suffering a breach cannot be quantified, CAS helps minimize the chances of the attackers succeeding, with excellent historical logging for most operations
