CloudGuard Gateway Performance for Microsoft Azure | Datasheet
©2023 Check Point Software Technologies Ltd. All rights reserved | P. 1
CloudGuard Cloud Network Security, part of the CloudGuard Cloud Native Security platform, provides
advanced threat prevention and automated cloud network security through a virtual security gateway, with
unified security management across all your multi-cloud and on-premises environments.
For public clouds, CloudGuard provides automated and elastic public cloud network security to keep assets
and data protected while staying aligned to the dynamic needs of public cloud environments.
For private clouds, CloudGuard delivers dynamic security within virtual datacenters to prevent the lateral
spread of threats while consolidating visibility & management across physical & virtual networks.
Performance: CloudGuard Network Security (R81.20) - Azure v5 Machines
Notes:
Next Generation Firewall (NGFW) throughput is measured with FW, IPS, Application Control features enabled
(see table 2 below), using Check Point Enterprise testing conditions.
Next Generation Threat Prevention (NGTP) throughput is measured with FW, IPS, Application Control, URL
Filter, Anti-Virus, Anti-Bot features enabled (see table below), using Check Point Enterprise testing conditions.
FW + Site to Site VPN methodology: ideal testing conditions using iPerf tool, UDP only and 1300 bytes packet
size
It is recommended to run additional testing within your environment to ensure your performance requirements
are met. Your performance may vary depending on underlying cloud vendor infrastructure performance.
2 vCPU: D2ds_v5
4 vCPU: D4ds_v5
8 vCPU: D8ds_v5
Concurrent Connections
500K*
500K*
500K*
FW Only
7.8Gbps
11Gbps
11Gbps
FW + IPS
4.1Gbps
7.6Gbps
11Gbps
NGFW (FW + IPS + Application Control)
2.7Gbps
5.8Gbps
11Gbps
NGTP (NGFW + URL Filter + Anti-Virus + Anti-Bot)
1Gbps
2.2Gbps
4.4Gbps
FW + Site-to-Site VPN
2.5Gbps
5Gbps
10Gbps
Remote access VPN Concurrent Connections (NGFW)
500
1000
1700
Remote access VPN Concurrent Connections (NGTP)
400
750
1500
Accuracy range: +/-5%
*Concurrent Connections limited by Azure to 512K. For updates, see Microsoft Azure virtual machine network bandwidth webpage.
CloudGuard Network Security
Gateway Performance for Microsoft Azure
©2023 Check Point Software Technologies Ltd. All rights reserved | P. 2
Content Security
Network
First Time Prevention Capabilities
High Availability
OS-level and static file analysis
File disarm and reconstruction via Threat Extraction
Average emulation time for unknown files that require
full sandbox evaluation is under 100 seconds
Maximal file size for Emulation is 100 MB
Emulation OS Support: Windows XP, 7, 8.1, 10
Active/Active L2, Active/Passive L2 and L3*
Session failover for routing change, device
and link failure
*Not applicable for cloud service providers
usage
IPv6
NAT66
CoreXL, SecureXL
Applications
Use 8,000+ pre-defined or customize your own
applications
Accept, prevent, schedule, and apply traffic-shaping
Unicast and Multicast Routing (see
SK98226)
OSPFv2, BGP, RIP
Static routes, Multicast routes
Policy-based routing
PIM-SM, PIM-DM, IGMP v2, and v3
Data Loss Prevention
Classify 700+ pre-defined data types
End user and data owner incident handling
Dynamic User-based Policy
Integrates with Microsoft AD, LDAP, RADIUS, Cisco
pxGrid, Terminal Servers and with 3
rd
parties via a Web
API
Enforce consistent policy for local and remote users on
Windows, macOS, Linux, Android and Apple iOS
platforms
All-inclusive Security
NGFW
NGTP
NGTX
Basic access control
Prevent known threats
Prevent known and zero-day
attacks
Firewall
VPN (IPsec)
IPS
Application Control
Content Awareness
URL Filtering
Anti-Bot
Anti-Virus
Anti-Spam
SandBlast Threat Emulation
SandBlast Threat Extraction
Each gateway requires a license for the enabled security feature.
CONTACT
US
EMAIL:
WEB: WWW.CHECKPOINT.COM
