Check Point SandBlast Network Reviews

We are using this solution to keep our organization network secure from threats as it provides a virtual environment for the files to scan and emulate.

It keeps our organization secure and is effective against zero-day threats as it gets frequently updated. 

The most valuable thing about this product is that it keeps the network secure against zero-day threats, as nowadays, many organizations are compromised by emerging threats.  

Sometimes, Check Point Sandblast requires more resources, which impacts network performance if it has been deployed with limited resources.

I've been using the device for the last year.

The stability is good.

The scalability is excellent.

Our experience with customer service and support is excellent.

Positive

We are using Check Point only.

We followed the procedure provided by the OEM, and it is easy.

We implemented it through an in-house team.

As of now, everything is good enough.

No, we haven't evaluated other options.

We were looking for several solutions that would meet certain network threat prevention needs - one of which was the tendency to have user workflow control points that could be affected on a day-to-day basis. Given these situations, we needed to provide better zero-day protection in real-time that would reduce corporate expenses and the consumption of costs generated by the security department while still getting information in real-time 24 hours a day. We came across different solutions that met these characteristics; however, in the end, we managed to choose and segment Sandblast computing services.

Sandblast is one of the tools provided by Check Point, which has given us the best zero-day prevention in real time. It offers optimized security management, which facilitates monitoring, analysis, reporting, user segmentation, detection, and analysis within our network. 

It is providing network administrators with productivity without interrupting their regular operations. 

The zero-day protection and prevention features that are included in the solution enhance the intelligence of searching for threats, infections, or attacks under interpretation or prevention technology. It looks out for new cyber ​​threats and generates predictions based on behaviors that are already detected on a daily basis.

We look forward to seeing many favorable characteristics of the Sandblast solution in the future. However, we must take into account that among the appliances that it comes installed and preconfigured on. Check Point provides the solution from Sandblast and offers it to be used for free when purchasing a Check Point product. Its best feature is that in the first year, we get unprecedented security protection and performance. After analysis, we can acquire other services available on the platform. This reduces costs as we have all security needs under one umbrella.  

We do take advantage of the year we get for free from Check Point. In the future, this solution can be added under licensing for consumption per user. Today, we have it as part of a solution or a package. However, we'd like there to be a way where we can have the solution's features available to us in a cheaper way in the future.  

I've used the solution for one year and nine months.

So far, the solution has been very stable during the year and months that we have been using it. There are no crashes, loss of service, or malfunctions. It is one of the solutions that has given us the least amount of problems as security administrators.

The solution has been quite scalable. It has allowed us to integrate different devices and, additionally, it has been incorporated into the solutions that we have today on the perimeter.

Previously we were testing solutions from Microsoft, Amazon Web Services, and Fortinet to see which was the best, which we could implement in the end, and we ultimately decided on Check Point's services.

The price-cost relationship, capabilities, and benefits that the solution gives us is something that must be evaluated. When we decide on certain applications, we must understand that organizations have a budget, and we must take care of them based on that. The free trial, however, is of great value. 

With so many threats at the computer level, we have sought solutions that allow us to improve our internal perimeter security at the technological level to minimize exposure and one by one ability to reduce recovery time in the event of an attack. 

As a necessary part of security, we needed a solution that could integrate easily with other solutions and third-party solutions to allow us an in-depth defense against any threat that we detect. Based on all this, we effectively wanted to protect ourselves with the best solution and brand on the market. 

The product gives us advanced protection, including artificial intelligence and machine learning technologies and services. It is managing to protect us from malware fishing, cyber-attacks, and network exploits and allows us to emulate each of these attacks in a controlled environment. It is one of the few solutions that manage to emulate in real-time and minimize exposure to vulnerabilities since it detects if items have been analyzed and emulated, thus giving a 100% solvency solution before any infiltration.

One of its most outstanding characteristics is that it offers us a fairly accurate forensic analysis. It is detailed and it does allow us to equip and understand the causes and the impact of each of the vulnerabilities or attacks. This allows us to take preventive measures and react to disasters, giving us correct solvency guidelines. All these characteristics allow us to understand in depth what has happened and why this reaction to the attack is one of the characteristics that we must understand that is outstanding and of a lot of help or guidance. 

We have found a need for the application to be a bit more elastic, bringing it to SAS services and not IAS. We need to understand where to find edge analytics in Edge. Right now, it's a bit sparse and not available for some of the products that we have in the services suite. I'd like to see it integrate with more third-party services so that we would have the ability to be an edge service and have high emulation in functionality. 

I've used the solution for two years.

It is one of the applications that support us in security and attacks on the network with a capacity for interpretation and analysis of the data that enters our corporate network. 

It is an efficient and friendly service, giving detailed analysis and centralized detection of events, including zero-day attacks, which are analyzed and managed faithfully. 

These capabilities are indispensable for an organization as they help safeguard the integrity and health of each team. 

These are the advantages and needs that we have achieved when using Check Point SandBlast.

What Check Point has come to give us as a benefit is the power to control, register, analyze, and give a general and safe view of the events and activities carried out by the teams that manage the organization's security. 

These capabilities can be managed from a single panel of equipment configurations and controls. This helps and benefits each of the organization's members that can be attacked because they will always be safe. 

Mail investigation is another of the benefits provided. 

One of its characteristics that we liked the most was its analysis and emulation of activities in the emails since it manages to review them and inspect them if they have an infected attachment. After that, it delivers the filtered emails safely. This avoids an analysis or vulnerability of less experienced users who, in most cases, are the weakest link. It offers the ability to take the solution to cloud environments or totally on-premise, which helps us have the ability to adapt to different environments. 

We would like to see this solution reach mobile devices more efficiently, through apps or more specific products. For the moment, the solution adapts efficiently to corporate environments as technological demands evolve. It is for this same reason that I hope that these innovations will be integrated into SandBlast and in other Check Point products, as it is one of the best that I have tried. It offers us a competitive advantage and efficient security. 

I've used the solution for one year.

I use the solution in my company for securing incoming emails, specifically the ones with attachments. The tool scans the incoming documents for specific network traffic. We also use the tool to inspect and download files for malware or malicious content.

With the tool, malware does not get into our environment, and the user does not open emails with malware in them. We don't get any security breaches, which is the most important benefit of using the tool in our company.

The most valuable feature of the solution stems from the fact that since the tool is in front of the traffic, it catches a lot of stuff that some of our email cloud protection products don't see, as they are mostly antivirus-based. Check Point SandBlast Network is a behavioral-based tool.

The cost is a little bit high-end, and you need to get precise performance metrics in order to get the correct size. Improvements are required in both areas of the tool.

I have been using Check Point SandBlast Network for four or five years. I work with Check Point R81.20.

It is a stable solution.

In terms of scalability, as we have an appliance in place, I would say that we can add additional appliances and use the load-balancing functionalities in the tool. If we are looking at things from just a single appliance perspective, we are stuck with it. You need to upgrade an appliance to another one if you need more performance. Check Point SandBlast Network is not optional as a virtual machine.

In our company, we use just one appliance.

All of our employee traffic goes through the tool. Around 300 people in our company use the tool.

In our company, we haven't had so much need for support because the product is more or less a standard one. We had one issue a few years ago with false positives, but that was quickly resolved.

I have not worked with any product similar to Check Point SandBlast Network.

The setup was quite easy initially because you have many different options on how you want to set it up, like whether you want it to be able to monitor or intercept. Fine-tuning was needed because of the scaling needs. Sometimes, you get false positives, as with any product.

The solution was deployed by two people.

The solution can be deployed within a day.

Firstly, we had a PoC where the vendor supplied us with the device, which we plugged into a passive mode. We checked how it works, what it protects, and what our other solutions do. When we bought the tool, we implemented it as an email gateway, so all the traffic goes through it, and now it blocks everything that it finds bad.

For the product's deployment phase, my company got help from Check Point and a third party.

Our company gained peace of mind from using the tool. With Check Point's firewall tools, it is quite hard to pinpoint the investment.

The product's cost is high.

I think we tried Check Point SandBlast Network as the first tool in our company, and we stuck with it because it made sense because it was quite well integrated into the other Check Point products, and we didn't want to try to integrate it with other tools.

Though I think it could become a complex task, the feature set is there in the tool to meet the needs of its users.

When it comes to the maintenance part, one needs to understand that when it comes to Check Point, the releases are the same, and it is almost the same as the gateway.

I recommend the tool to others. Other people need to test the tool before purchasing it. There is also a cloud version, so one should test whether that is a better option. Yeah. Actually, it is quite a valuable product.

I rate the tool an eight out of ten.

Our technologies and infrastructure are currently both on-premise and in Microsoft Azure, for which we have had several Check Point gateways. Currently, the GW Check Point that we have is in Azure, VM, or virtual appliances, and protecting our infrastructure. Through them, we have activated several blades, one of them SandBlast. This was done in order to use the extraction of files with threats, to verify them, and later, if we do not find security problems, to deliver them to the client. It helps us greatly against zero-day threats.

The tool or blade is implemented in our SandBlast network. The Check Point gateway has provided us with even more advanced protection, check files or attachments in our network, verify threats, deliver (if they are not a problem) or block, in addition to the protection of zero-day for modern threats. It has perfectly complimented us since it is extremely fast. We are impressed with the tool's effectiveness and speed of delivery. The client does not even perceive this protection, which is excellent.

The virtues of this tool include:

1- Its effective threat extraction. With an impressive delivery speed, it is one of the best we have been able to verify.

2- The use of threat cloud protection with its artificial intelligence can automate possible threats. When you see the logs you are amazed.

3- The security is updated with the last zero days and the use of the best security practices is very valuable. It gives us the confidence that the Check Point products will not be violated.

There are really few areas for improvement, however, it seems to me that they should implement SandBlast network in the Check Point Infinity Portal, not as a blade but as a complete tool.

The guides or best practices of Check Point are difficult to find for the client. Therefore, it is sometimes difficult to make better implementations.

Finally, Check Point support is not their strong point. They really need to improve it in order to provide a quality service. Issues take a long time to resolve.

This is an exceptional Check Point feature, used by various vendor security tools. It's an incredible functionality that we have tested over at least the last year.

We did not have a previous tool. It is hard for us to know if there is another solution as complete as Check Point.

The best recommendation is to have a Check Point provider to help us with costs and implementations of the features that perfectly meet what the user is looking for.

A serious company always evaluates all the options, however, due to having a previous relationship, unique characteristics, and impressive performance, the Check Point SandBlast network was selected since it is an excellent tool.

If you have the organizational and economic capacity to use a tool of this caliber, I recommend it without problems.

We are using Check Point Sandblast Network devices for both a proxy firewall and direct internet usage firewall. They have Check Point thread extraction licenses. If someone or some application needs to reach the internet zone, it must pass through via the next generation firewalls connected with Sandblast devices. 

We are planning to use them for submitting emails. Hence, most of the sandbox solutions can miss the first file, which is unknown. If there is no reputation or analysis report, they need time to examine it and they permit the unknown file. Sandblast does not. It has a trick in that it allows the file to download but never allows you to finish the download until analysis ends. When it ends, it releases the file and user experience feels just like slow downloading.

Generally, network sandbox solutions must be in-line configured. This may cause high availability problems and you must consider hardware bypass modules etc. However, Sandblast has native integration with Check Point Next Generation Firewalls. The firewall handles the signature base checks for antivirus, anti-malware, anti-bot, IPS solutions and if there is unknown file it sends the file for analysis in Sandblast. Reputation is calculated and feeds back to NGFW and if Sandblast fails only the sandbox ability fails. The thread extraction ability is really amazing.

You do not need to risk your network by using the in-line sandbox, if the hardware or software fails only sandbox ability fails. You have file or hash submitting ability and this ability needs different hardware in some vendors. However, Check Point Sandblast Network gives you this as an out-of-the-box matter. Check Point Sandblast does not miss the first file like other competitors; it has trick not to miss it. It gives permission to a user for downloading the file but never allows him to finish downloading until the analysis ends.

EDR and EPM solutions like Carbon Black or CyberArk have integrations with the cloud version of Sandblast, however, there must be on-premise Sandblast options also (due to the fact that there are regulations for cloud usage restrictions in some countries). Also, some of the military standards might force you to not send a whole file to the cloud for examination. The thread extraction part has very good capabilities to remove all executables from a document, and, if the user wants to download the original file, it gives link for it. This page needs more customization options or files could be stored on third-party device and could be shared by a third-party product.

I've used the solution for 18 months.

We are using it on top of email security and web security.

The main feature of the solution is that it protects against malicious threats from the outside. We utilize SandBlast solution to mitigate threats from outside to inside. As an ATP, the solution's role is to defend against threats and provide protection to the customer using the SandBlast as an ATP solution.

There should be some improvement in the solution's stability and scalability.

I have been using Check Point SandBlast Network for the past three months.

Since the stability of the tool is good, I rate it nine out of ten.

We have more than 50 customers, including IT heads, CTOs, and all are working on the solution.

I rate the solution's scalability a nine out of ten.

The initial setup is straightforward, and it's a cloud-based solution.

The deployment is very easy. So, the deployment team is deploying this solution to the customer environment.

For deployment, I do not have any idea since I do the PoC part. It depends on the customer environment, the customer's use cases, and the design of the solution. We provide the solution based on the deployment. So it's not complex. It is very easy.

We have certified engineers in-house who are responsible for deploying and implementing the solution. We have expert engineers specialized in Check Point.

The pricing is quite effective, not excessively high. On a scale of one to ten, where ten is the highest price, I rate the pricing a nine.

We are pitching the customer the benefits of the cloud. However, I don't have detailed knowledge about Check Point. So, to be honest, I lack deep visibility or specific information regarding the need for a Check Point experience.

I would tell those individuals seeking anti-threat protection on top of web security and email security to consider SandBlast. By using SandBlast, we can effectively manage everything.

The solution is a single premium package suitable for heavy usage.

Overall, I rate the solution a nine out of ten.