Check Point SandBlast Network Reviews

The primary use case for our organization is to protect against attacks targeting our network. As most of the attacks originate from the internet, protecting the organization requires us to be equipped and ready to mitigate this type of attack at the perimeter level. Hence, it becomes necessary to scan any traffic flowing North-South and vice versa.

The perimeter device should be equipped such that it is able to detect and mitigate attacks, as well as have basic anti-spam filters. Email gateways are not capable of protecting against the latest generation of attacks via email.

Similarly, basic URL filtering is not able to protect against web attacks. Consequently, protecting the organization against this type of sophisticated or targeted attack, we concluded that the next generation of perimeter security solutions is a must.

This product protects us against the most common and sophisticated attacks including phishing email, account takeover, protection against malicious files, malicious attachments, and malware.

It protects us against data leakage that can be caused by an aforementioned attack, which can result in financial loss or reputation damage to the organization.

It is able to detect any changes in our software, such as whenever new code or a new file are delivered via web or email. It accomplishes this using sandboxing to evaluate it for potential vulnerabilities before it is delivered to the endpoint. 

It is able to quarantine zero-day threats using sandbox technology.

Sandboxing functions in a complementary fashion to your other security modules, products, and policies. It provides additional protection with modules such as IPS, anti-bot, antivirus, and antispam with the NGTX license.

The solution instantly cleans files that are downloaded via email or a web channel from risky elements. The sandbox is able to scan files without adding a delay or compromising productivity.

Threat emulation is carried out using AI/ML engineering techniques and it is able to detect and mitigate any unknown or Zero-Day attacks.

Threat extraction performs pre-emptive document sanitization across email and web channels. Whenever any file is sent, its behavior is examined by the AI/ML module after sending it to the sandbox. Other methods of cleaning are also performed, such as the case with Excel files. If macros are present in an Excel file then they are removed and the plain file is sent to the endpoint. Once the user has validated the file or the source, the actual file will be sent and made available.

Malicious or compromised websites and URLs that are received via email or web are scanned and action is taken according to the configured policy.

The Threat Cloud integration services provided by Check Point for dynamic threat Intelligence are helpful.

It offers good integration with SIEM and SOC Workflows.

Threat Extraction/Emulation is enabled on the same NGFW with an additional license and the sandbox can be hosted either on-premises or on the cloud.

Since it is a security module, it makes it virtually impossible for hackers to evade detection. It is also able to protect against attacks from the web, email, and network (IPS) on the same security gateway with a single management console and dashboard.

The file types that can be scanned are limited, which means that if the file type is not listed or enabled for the sandbox, they are bypassed and it can lead to a security issue.

The maximum number of files that can be scanned by the higher sandbox appliance (TE200X) on-premises is 5K per hour. Hence, a bigger organization needs to have multiple devices along with integration between them.

Enabling a module on the same NGFW firewall impacts performance, which adds delay/latency. 

Encrypted and password-protected files are not getting detected, and are bypassed. Exceptions are for files that have a dictionary-based password. 

Currently, this solution is supported only for Windows and Linux for Threat Emulation/Extraction.

This solution is very much stable.

This product is scalable on on-premises by adding an appliance, whereas, for cloud-based deployment, it's the responsibility of the OEM.

The Check Point technical support is excellent.

We have been using the same solution for some time and did not use a similar solution beforehand.

The initial setup involves enabling the module with the license and with cloud integration for Sandboxing. With this, it is complete and no additional devices are required.

The implementation was completed by our in-house team with the assistance of the OEM.

If you already have Check Point NGFW and it's underutilized and sized properly, there is a benefit both in terms of commercial/security and operation. This is because everything is available from a Single OEM on a Single Security gateway and Dashboard.

The cost is not significantly high and it can be negotiated during any purchase of NGFW.

We have evaluated solutions from Cisco and Trend Micro, which required dedicated a security appliance and sandbox appliance. However, since we were already using NGFW, we simply acquired a license for NGTX. This enabled sandboxing on the Check Point cloud.

One of the great needs that our company was going through was the need to protect its infrastructure against hackers or malicious bots, as well as cyber-attacks.

We wanted a robust technology that would meet our objectives. We wanted to prevent attacks on our business environment. In addition, as a company, we already use various Check Point technologies and we wanted to continue with the same scope and security that they have offered us in recent years. That's why Check Point SandBlast Network provides us with that security by scanning everything that passes through our network.

Since implementing the Check Point SandBlast Network tool in the organization, in an environment of around 200 servers (both physical and virtual), we also have three high-availability clusters. 

Before, we only depended on a firewall; however, this acquisition has helped us a lot to improve the entire security environment of our company. In addition, the tool has excellent features such as Threat Emulation and Threat Extraction as well as sandboxing. We can even extract the malicious content of the files or block files completely and can also work as email APT and can remove malicious content from the email body.

We have found several valuable features in the Check Point SandBlast Network. One of those features is that we can download a file and emulate it outside of our company and know that it is clean.

Like any other company that handles sensitive data, we needed a tool that would protect our network and be able to improve security day by day.

The Check Point SandBlast Network uses caching and static analysis to actually reduce the time it takes to scan and isolate the same file for incoming data compromises.

When you have to scan emails that come with attachments, it takes a long time to examine them, which causes other emails not to be scanned, which can cause some danger to our organization. Another problem is that some PC with minimum characteristics makes them slow, causing slowness in computers where we have to invest in PCs to increase their performance or change them

Another point to improve is the support since they do not give an effective and fast solution to the clients when they have problems with any tool or feature.

I have been using and implementing this tool for about two years.

It presents medium stability. Sometimes the portal is hard to enter, and that affects the performance of equipment, however, in general, it has excellent stability.

The solution has excellent scalability.

The support they offer is not very good since they take a long time to provide a solution to your problem.

Positive

Previously we had a firewall and we chose to implement this tool since we have always worked with this brand, and it has been very feasible for us to continue to do so.

The configuration is simple it is very user-friendly.

The provider provided us with a support agent to ensure that the configuration was made.

Of importance in a company is the security of its computer platforms. When making an investment with these tools, you are taking care of an important heritage that will double your profits.

Check Point offers good prices. There are costs. However, that should not stop a company from maintaining good security.

Other brands are not evaluated since we wanted to have the Check Point trend and not mix brands.

It is a very good, reliable, and robust tool. You can be confident that it will protect the organization.

We have the Check Point SandBlast TE100X device private cloud sandbox.

We use sandboxing to scan files in our network. The unknown file will reach the security gateway, the gateway will check for the verdict in the cache, and if not found, it holds the file while the security gateway sends it to SandBlast.

We have enabled four images and depending upon the results of SandBlast, it will determine a verdict that will be given to the security gateway. At this point, the gateway will allow or deny the file and save the results in cache for future reference.

Before using sandblast, we were relying only on the firewall for protection against threats. Like all antivirus solutions, IPS antibot is signature-based protection and we can only upgrade the signatures on daily basis.

But, with SandBlast, we are getting almost instant protection for new threats as well. We now scan all of the incoming files and unknown threats are handled by SandBlast. We can even extract the malicious content from files or block the file outright.

SandBlast can also work as Email APT & can remove malicious content from the email body. It can even block the same & notify the user regarding the event.

The most valuable feature is comprehensive threat prevention, whether signature-based or a zero-day secure network. This is the key benefit & the Check Point SandBlast Network does its job up to the mark.

The file formats most used by industry are all in the list that can be emulated.

Threat extraction can help us to remove malicious content from documents by converting them to PDF.

Visibility is the key to all these efforts & SandBlast done its job. We can even have a video during emulation of what exactly happens when we open the file.

The Static Analysis feature works without using much processing power to analyze files, which helps us to conserve resources.

In Check Point SandBlast, improvement has to be made with respect to the GUI.

The problem we face is due to log queue files, which were being delivered with a delay.

All details should be provided on the smart dashboard and made easier to use. For example, it should display what file it is currently emulating, how many files are currently in the queue, and how much time each file is taking.

There should be an option to flush the queue in case of any issues. Similarly, we should be able to remove particular files from the queue on demand.

Also, policy creation can be more simplified or we can say more specific to particular traffic.

I have been working with the Check Point SandBlast Network for the last two years.

This product is stable enough.

As of now, it is great and there have been no issues observed regarding scalability.

Check Point TAC is always very supportive.

Previously, we were not using any APT solution.

Initially, we had to install all images for emulation, which was tough to understand.

We deployed using an in-house team.

We have evaluated McAfee.

We make use of Check Point firewalls to secure our corporate network and the SandBlast Network software blade is one component in use to help prevent and minimize zero-day threats. 

The Threat Emulation and Threat Extraction features provided by SandBlast are invaluable pieces to securing our environment and ensuring that we remain secure to the best extent possible.

Our corporate network is very small consisting of only a few routers/switches, a firewall, and some client machines without any connected servers. Regardless, Check Point is a key piece of the puzzle.

By enabling the Threat Emulation and Threat Extraction features, we have increased our overall security posture and improved the protection of our corporate environment. We receive a high volume of incoming files and having this in place brings a certain level of peace of mind.

As a new organization, prior to implementing Check Point as part of our network, we relied on everyone just being careful. This is obviously not the best security practice. As we have grown, our security posture has changed and Check Point was part of our maturation as a company.

Preventing zero-day threats and extracting potential threats from incoming files with Threat Extraction is the most valuable feature for us. We receive a large volume of files from external sources and knowing that we are protected as best as possible is a major priority.

Getting everything set up, activated, and configured was relatively painless, which was a huge bonus since I was doing this not as a network or security professional but from a software engineering background. For someone entirely new to the ecosystem, it was a smooth implementation.

We have noticed a slight performance hit when the Threat Emulation and Extraction features were enabled, but the protection trade-off is worth it for us. If the performance could be improved in the next release, that would be beneficial.

We have had a few instances where the firewall has seemed to stop checking for updates and gets behind on the updates, forcing us to go in and manually check for and install updates. Maybe there is something going on here that could be improved even though it is not specific to the SandBlast feature.

I have been using the Check Point SandBlast Network for two years.

We have not experienced any stability issues to date.  It has run without issue or intervention required in order to maintain coverage.

It runs on a dedicated hardware appliance. We are pretty small and scaling has not been an issue, but perhaps larger organizations may have a problem.

We did not use another similar solution prior to this one.

The initial setup was straightforward with relatively easy configuration.

The implementation was done in-house by a networking novice.

I think the overall cost for introducing Check Point with SandBlast was reasonable and competitive in the market.

We evaluated Fortinet. We went with Check Point for the perceived ease of use advantage along with a slight price advantage for us.

One of our offices required zero-day protection that was automated and within the quantum licensing in a small device. It already had a one-year license enabled, so we had a way to use it based on our needs.

We required sophisticated email phishing protection in addition to validating downloaded files in our infrastructure without compromising productivity. We needed to avoid threats within the network and have a data reviewer based on a database containing old threats and new ones.

This protection was required due to the high impact that we would have if we were compromised in the office.

Check Point SandBlast Network has provided us with security for downloaded files on our network in addition to protection against phishing that tries to enter through email.

SandBlast has an emulator which is responsible for validating files and emails against modern threats based on its global database, which is constantly updated. In this way, everything is validated and delivered quickly to the user (who is not affected while being analyzed).

All these benefits generated greater security and stability within our office and the company's perimeter network.

The Check Point SandBlast Network gives us incredibly good features. It really is a very good security tool. The ability to validate new or old threats within the database that is being updated by all GWs globally from the manufacturer makes it a reliable database and tool.

Its threat extraction and emulation checks validate and deliver emails or downloaded files if they do not represent a threat to users. All of this great work is done in seconds. The client does not perceive this emulation, making the technology even more valuable in implementing security.

The Check Point SandBlast Network solution also needs some improvements that can be expected in the future. For example, the cost, which for some customers is high.

Also, on the subject of the guides, they are difficult to find, or they are not clear when it comes to carrying out implementations, generating best practices, or some other details. They are difficult to understand.

At the support level, they could improve the attention times and have the resolution of cases happen a little faster. Sometimes it takes a long time to send emails and tests instead of generating sessions or calls with the client to solve everything quickly.

We've used this excellent tool in an office that required protection against zero-day threats. We have used the technology for more than a year.

We used the Microsoft 365 Data Protection tool for email. However, it is a solution outside of our Check Point environment.

I'd recommend getting a partner who can provide you with all the help for Check Point services.

We always validate, review documentation, and check reviews to determine which security tool fits the bill.

It is a very good tool. You must try it and take your verdict.

In our company, we already have in use our Check Point gateway - provisioned in the Microsoft Azure public cloud - to help us with the entire cloud infrastructure, in addition to the fact that it has helped us to protect ourselves with current threats, zero-day threats, in addition to using the intelligence against Check Point threats which collects information globally making it available to the client. It's really a very valuable security tool. It has helped us improve the security posture in the cloud in our case.

Check Point's SandBlast blade has helped us a lot to increase the security of our network. Both cloud and some users access it directly. It has zero-day protection and reports so that the company can make decisions for improvements. Its willingness to implement best practices security according to the manufacturer against modern threats is undoubtedly one of the best features that Check Point offers us. For the company and users, all its implementation through the use of a virtual Check Point gateway.

The power of Check Point and the power of ThreatCloud intelligence at the service of the blade helps us to detect modern threats that have appeared in some environments at a global level. It shares the information of all its devices, this generates more robust perimeter security in addition to generating trust of the company with the manufacturer to prevent threats.

Its reports and log reading through the Check Point management service are very good to be able to review what is currently happening in our network.

We use the infinity portal of Check Point to manage our services through smart cloud to manage our gateway and our SandBlast blade, however, sometimes the service has performance problems which generates some delays in administration.

It would be very good for Check Point to improve its support. They can improve a lot in providing more effective and faster solutions and sessions with customers to validate the problems that are usually generated.

For the rest, Check Point does not have so many problems to improve.

The Sandblast Network can be used in a private network or in the cloud with the same characteristics. In our case, we use it for the Microsoft Azure cloud through its Check Point gateway; it has really helped us with perimeter security for both emails and zero-day threats.

At the moment, we rely on Check Point's security technology; we have not used another similar device.

My recommendation is to find a partner that can provide cost options, validate the requirements and help us to validate which of their applications fits our needs.

Before implementing it, we validated other options on the market, however, the use of Check Point SandBlast was a very good option.

We strongly believe that we can recommend this Check Point technology for the protection of company networks and perimeters.

Our technologies and infrastructure are currently both on-premise and in Microsoft Azure, for which we have had several Check Point gateways. Currently, the GW Check Point that we have is in Azure, VM, or virtual appliances, and protecting our infrastructure. Through them, we have activated several blades, one of them SandBlast. This was done in order to use the extraction of files with threats, to verify them, and later, if we do not find security problems, to deliver them to the client. It helps us greatly against zero-day threats.

The tool or blade is implemented in our SandBlast network. The Check Point gateway has provided us with even more advanced protection, check files or attachments in our network, verify threats, deliver (if they are not a problem) or block, in addition to the protection of zero-day for modern threats. It has perfectly complimented us since it is extremely fast. We are impressed with the tool's effectiveness and speed of delivery. The client does not even perceive this protection, which is excellent.

The virtues of this tool include:

1- Its effective threat extraction. With an impressive delivery speed, it is one of the best we have been able to verify.

2- The use of threat cloud protection with its artificial intelligence can automate possible threats. When you see the logs you are amazed.

3- The security is updated with the last zero days and the use of the best security practices is very valuable. It gives us the confidence that the Check Point products will not be violated.

There are really few areas for improvement, however, it seems to me that they should implement SandBlast network in the Check Point Infinity Portal, not as a blade but as a complete tool.

The guides or best practices of Check Point are difficult to find for the client. Therefore, it is sometimes difficult to make better implementations.

Finally, Check Point support is not their strong point. They really need to improve it in order to provide a quality service. Issues take a long time to resolve.

This is an exceptional Check Point feature, used by various vendor security tools. It's an incredible functionality that we have tested over at least the last year.

We did not have a previous tool. It is hard for us to know if there is another solution as complete as Check Point.

The best recommendation is to have a Check Point provider to help us with costs and implementations of the features that perfectly meet what the user is looking for.

A serious company always evaluates all the options, however, due to having a previous relationship, unique characteristics, and impressive performance, the Check Point SandBlast network was selected since it is an excellent tool.

If you have the organizational and economic capacity to use a tool of this caliber, I recommend it without problems.

SandBlast Network enables us to restrict and prevent zero-day threats and endpoints attacks completely. This sandboxing solution helps us to diffuse the malware and phishing attacks in real-time with a single click. It's a highly advanced and proactive solution for preventing social engineering attacks and is far better than any unconventional sandboxing solution. 

It also helps in restricting phishing emails and endpoints under the email management system as it acts as a protective shield and applies threat detection intelligence for finding the security threats all over the IT system.

Check Point SandBlast Network has increased the security system inside out from web devices to cloud servers in the most efficient and time-bound manner. It enables my IT system to apply threat detection intelligence and diffuse the endpoint and potential threat attacks and phishing attacks onto the system in the most proactive and secure manner. It protects our cloud server end to end and is one of the best threat intelligence software for our businesses.

It has automated the security system for us, due to which overall productivity and enhancement are observed all over.

Strong Architecture with high-grade advanced intelligence for identifying potential threats and diffusing the same in time bound manner.

Improved income for business due to strengthening security and more confidence in attracting clients.

The compliance and reporting features are superb and help to gain the data views and insights throughout.

The dashboard is quite interactive, and it keeps adding new features as per customized requests from business users.

Its cloud-based service for application control management, strengthening anti-bot, anti-virus, and anti-spam system is quite impressive and aids in attracting more clients on board.

I would like to recommend a pricing and costing strategy. Kindly go ahead with some customized price reductions in the offered packages to have a better deal for all kinds of startups as well. This will ensure more and more new infusion of business users, and there will be an overall improved trajectory for improved outcomes and genuine feedback from users all over. Also, the customization features can be further enhanced so that it can attract millions of eyeballs, and more testing of services can be done by various businesses.

Its been over six months that we are using the solution. It's been a perfect experience so far.

It is highly stable and gives better outcomes with an extended timeframe.

The is the most scalable solution.

Technical support is good.

Positive

It's quite comprehensive and easy to deploy and manage.

We deployed with the assistance of vendor management throughout.

The level of expertise on offer is ten out of ten.

We've seen an ROI of 80%.