Check Point SandBlast Network Reviews

We were looking for several solutions that would meet certain network threat prevention needs - one of which was the tendency to have user workflow control points that could be affected on a day-to-day basis. Given these situations, we needed to provide better zero-day protection in real-time that would reduce corporate expenses and the consumption of costs generated by the security department while still getting information in real-time 24 hours a day. We came across different solutions that met these characteristics; however, in the end, we managed to choose and segment Sandblast computing services.

Sandblast is one of the tools provided by Check Point, which has given us the best zero-day prevention in real time. It offers optimized security management, which facilitates monitoring, analysis, reporting, user segmentation, detection, and analysis within our network. 

It is providing network administrators with productivity without interrupting their regular operations. 

The zero-day protection and prevention features that are included in the solution enhance the intelligence of searching for threats, infections, or attacks under interpretation or prevention technology. It looks out for new cyber ​​threats and generates predictions based on behaviors that are already detected on a daily basis.

We look forward to seeing many favorable characteristics of the Sandblast solution in the future. However, we must take into account that among the appliances that it comes installed and preconfigured on. Check Point provides the solution from Sandblast and offers it to be used for free when purchasing a Check Point product. Its best feature is that in the first year, we get unprecedented security protection and performance. After analysis, we can acquire other services available on the platform. This reduces costs as we have all security needs under one umbrella.  

We do take advantage of the year we get for free from Check Point. In the future, this solution can be added under licensing for consumption per user. Today, we have it as part of a solution or a package. However, we'd like there to be a way where we can have the solution's features available to us in a cheaper way in the future.  

I've used the solution for one year and nine months.

So far, the solution has been very stable during the year and months that we have been using it. There are no crashes, loss of service, or malfunctions. It is one of the solutions that has given us the least amount of problems as security administrators.

The solution has been quite scalable. It has allowed us to integrate different devices and, additionally, it has been incorporated into the solutions that we have today on the perimeter.

Previously we were testing solutions from Microsoft, Amazon Web Services, and Fortinet to see which was the best, which we could implement in the end, and we ultimately decided on Check Point's services.

The price-cost relationship, capabilities, and benefits that the solution gives us is something that must be evaluated. When we decide on certain applications, we must understand that organizations have a budget, and we must take care of them based on that. The free trial, however, is of great value. 

We started using it as a suggestion to complement the current solution we had in place. 

The sound of AI engines working non-stop to detect threats in email and web downloads was hard to resist knowing that a lot of the times that there's a breach, the human behind the screen had something to do with it (we're the weakest links in the chain). 

It had been seen before that people click on links in suspicious emails or even insist on entering in websites that aren't safe. 

SandBlast protects the network and endpoint from some of the most vicious malware there is - including trojans and ransomware - without compromising productivity.

We're very surprised with SandBlast's high detection rates, which also shows the high risks the company's network is exposed to daily. This solution will also protect from zero-day threats. This shows off how advanced the AI engine's heuristics are by assessing the possible threat. It's capable of blocking access, eliminating it, and creating a signature that will help detect and eliminate malware like it in the future. 

Very few false positives are detected, which gives the confidence to raise flags when needed, ensuring the IT department is aware of threats and acting fast.

Our company has a large number of employees that exchange dozens to hundreds of emails every day. That's thousands of emails sent and received daily by our email servers. Some threats/malware come coded in large files. Sometimes they're hidden to a point an anti-virus/anti-malware solution alone would let it slip. 

SandBlast will sanitize any downloaded content and files both from an internal/ external email remittent and unknown websites using the emulator, which will detect any signature not previously recognized by Check Point.

There is a limit on the number of files that can be scanned in real-time, which could lead to us being found with our guard down on a high-traffic day. We knew that from the beginning, so there is more than one device integrated. 

Not all file types are scanned, so we had to limit the type of files that could be shared. We've detected slower performance in older equipment, sometimes forcing the replacement of it since we can't proactively downgrade the security standards on an endpoint for better performance, knowing this causes a threat to the organization.

We've used the solution for three or more years.

SandBlast Network enables us to restrict and prevent zero-day threats and endpoints attacks completely. This sandboxing solution helps us to diffuse the malware and phishing attacks in real-time with a single click. It's a highly advanced and proactive solution for preventing social engineering attacks and is far better than any unconventional sandboxing solution. 

It also helps in restricting phishing emails and endpoints under the email management system as it acts as a protective shield and applies threat detection intelligence for finding the security threats all over the IT system.

Check Point SandBlast Network has increased the security system inside out from web devices to cloud servers in the most efficient and time-bound manner. It enables my IT system to apply threat detection intelligence and diffuse the endpoint and potential threat attacks and phishing attacks onto the system in the most proactive and secure manner. It protects our cloud server end to end and is one of the best threat intelligence software for our businesses.

It has automated the security system for us, due to which overall productivity and enhancement are observed all over.

Strong Architecture with high-grade advanced intelligence for identifying potential threats and diffusing the same in time bound manner.

Improved income for business due to strengthening security and more confidence in attracting clients.

The compliance and reporting features are superb and help to gain the data views and insights throughout.

The dashboard is quite interactive, and it keeps adding new features as per customized requests from business users.

Its cloud-based service for application control management, strengthening anti-bot, anti-virus, and anti-spam system is quite impressive and aids in attracting more clients on board.

I would like to recommend a pricing and costing strategy. Kindly go ahead with some customized price reductions in the offered packages to have a better deal for all kinds of startups as well. This will ensure more and more new infusion of business users, and there will be an overall improved trajectory for improved outcomes and genuine feedback from users all over. Also, the customization features can be further enhanced so that it can attract millions of eyeballs, and more testing of services can be done by various businesses.

Its been over six months that we are using the solution. It's been a perfect experience so far.

It is highly stable and gives better outcomes with an extended timeframe.

The is the most scalable solution.

Technical support is good.

Positive

It's quite comprehensive and easy to deploy and manage.

We deployed with the assistance of vendor management throughout.

The level of expertise on offer is ten out of ten.

We've seen an ROI of 80%.

We are using it on top of email security and web security.

The main feature of the solution is that it protects against malicious threats from the outside. We utilize SandBlast solution to mitigate threats from outside to inside. As an ATP, the solution's role is to defend against threats and provide protection to the customer using the SandBlast as an ATP solution.

There should be some improvement in the solution's stability and scalability.

I have been using Check Point SandBlast Network for the past three months.

Since the stability of the tool is good, I rate it nine out of ten.

We have more than 50 customers, including IT heads, CTOs, and all are working on the solution.

I rate the solution's scalability a nine out of ten.

The initial setup is straightforward, and it's a cloud-based solution.

The deployment is very easy. So, the deployment team is deploying this solution to the customer environment.

For deployment, I do not have any idea since I do the PoC part. It depends on the customer environment, the customer's use cases, and the design of the solution. We provide the solution based on the deployment. So it's not complex. It is very easy.

We have certified engineers in-house who are responsible for deploying and implementing the solution. We have expert engineers specialized in Check Point.

The pricing is quite effective, not excessively high. On a scale of one to ten, where ten is the highest price, I rate the pricing a nine.

We are pitching the customer the benefits of the cloud. However, I don't have detailed knowledge about Check Point. So, to be honest, I lack deep visibility or specific information regarding the need for a Check Point experience.

I would tell those individuals seeking anti-threat protection on top of web security and email security to consider SandBlast. By using SandBlast, we can effectively manage everything.

The solution is a single premium package suitable for heavy usage.

Overall, I rate the solution a nine out of ten.

Our technologies and infrastructure are currently both on-premise and in Microsoft Azure, for which we have had several Check Point gateways. Currently, the GW Check Point that we have is in Azure, VM, or virtual appliances, and protecting our infrastructure. Through them, we have activated several blades, one of them SandBlast. This was done in order to use the extraction of files with threats, to verify them, and later, if we do not find security problems, to deliver them to the client. It helps us greatly against zero-day threats.

The tool or blade is implemented in our SandBlast network. The Check Point gateway has provided us with even more advanced protection, check files or attachments in our network, verify threats, deliver (if they are not a problem) or block, in addition to the protection of zero-day for modern threats. It has perfectly complimented us since it is extremely fast. We are impressed with the tool's effectiveness and speed of delivery. The client does not even perceive this protection, which is excellent.

The virtues of this tool include:

1- Its effective threat extraction. With an impressive delivery speed, it is one of the best we have been able to verify.

2- The use of threat cloud protection with its artificial intelligence can automate possible threats. When you see the logs you are amazed.

3- The security is updated with the last zero days and the use of the best security practices is very valuable. It gives us the confidence that the Check Point products will not be violated.

There are really few areas for improvement, however, it seems to me that they should implement SandBlast network in the Check Point Infinity Portal, not as a blade but as a complete tool.

The guides or best practices of Check Point are difficult to find for the client. Therefore, it is sometimes difficult to make better implementations.

Finally, Check Point support is not their strong point. They really need to improve it in order to provide a quality service. Issues take a long time to resolve.

This is an exceptional Check Point feature, used by various vendor security tools. It's an incredible functionality that we have tested over at least the last year.

We did not have a previous tool. It is hard for us to know if there is another solution as complete as Check Point.

The best recommendation is to have a Check Point provider to help us with costs and implementations of the features that perfectly meet what the user is looking for.

A serious company always evaluates all the options, however, due to having a previous relationship, unique characteristics, and impressive performance, the Check Point SandBlast network was selected since it is an excellent tool.

If you have the organizational and economic capacity to use a tool of this caliber, I recommend it without problems.

It is one of the applications that support us in security and attacks on the network with a capacity for interpretation and analysis of the data that enters our corporate network. 

It is an efficient and friendly service, giving detailed analysis and centralized detection of events, including zero-day attacks, which are analyzed and managed faithfully. 

These capabilities are indispensable for an organization as they help safeguard the integrity and health of each team. 

These are the advantages and needs that we have achieved when using Check Point SandBlast.

What Check Point has come to give us as a benefit is the power to control, register, analyze, and give a general and safe view of the events and activities carried out by the teams that manage the organization's security. 

These capabilities can be managed from a single panel of equipment configurations and controls. This helps and benefits each of the organization's members that can be attacked because they will always be safe. 

Mail investigation is another of the benefits provided. 

One of its characteristics that we liked the most was its analysis and emulation of activities in the emails since it manages to review them and inspect them if they have an infected attachment. After that, it delivers the filtered emails safely. This avoids an analysis or vulnerability of less experienced users who, in most cases, are the weakest link. It offers the ability to take the solution to cloud environments or totally on-premise, which helps us have the ability to adapt to different environments. 

We would like to see this solution reach mobile devices more efficiently, through apps or more specific products. For the moment, the solution adapts efficiently to corporate environments as technological demands evolve. It is for this same reason that I hope that these innovations will be integrated into SandBlast and in other Check Point products, as it is one of the best that I have tried. It offers us a competitive advantage and efficient security. 

I've used the solution for one year.

The primary use case for our organization is to protect against attacks targeting our network. As most of the attacks originate from the internet, protecting the organization requires us to be equipped and ready to mitigate this type of attack at the perimeter level. Hence, it becomes necessary to scan any traffic flowing North-South and vice versa.

The perimeter device should be equipped such that it is able to detect and mitigate attacks, as well as have basic anti-spam filters. Email gateways are not capable of protecting against the latest generation of attacks via email.

Similarly, basic URL filtering is not able to protect against web attacks. Consequently, protecting the organization against this type of sophisticated or targeted attack, we concluded that the next generation of perimeter security solutions is a must.

This product protects us against the most common and sophisticated attacks including phishing email, account takeover, protection against malicious files, malicious attachments, and malware.

It protects us against data leakage that can be caused by an aforementioned attack, which can result in financial loss or reputation damage to the organization.

It is able to detect any changes in our software, such as whenever new code or a new file are delivered via web or email. It accomplishes this using sandboxing to evaluate it for potential vulnerabilities before it is delivered to the endpoint. 

It is able to quarantine zero-day threats using sandbox technology.

Sandboxing functions in a complementary fashion to your other security modules, products, and policies. It provides additional protection with modules such as IPS, anti-bot, antivirus, and antispam with the NGTX license.

The solution instantly cleans files that are downloaded via email or a web channel from risky elements. The sandbox is able to scan files without adding a delay or compromising productivity.

Threat emulation is carried out using AI/ML engineering techniques and it is able to detect and mitigate any unknown or Zero-Day attacks.

Threat extraction performs pre-emptive document sanitization across email and web channels. Whenever any file is sent, its behavior is examined by the AI/ML module after sending it to the sandbox. Other methods of cleaning are also performed, such as the case with Excel files. If macros are present in an Excel file then they are removed and the plain file is sent to the endpoint. Once the user has validated the file or the source, the actual file will be sent and made available.

Malicious or compromised websites and URLs that are received via email or web are scanned and action is taken according to the configured policy.

The Threat Cloud integration services provided by Check Point for dynamic threat Intelligence are helpful.

It offers good integration with SIEM and SOC Workflows.

Threat Extraction/Emulation is enabled on the same NGFW with an additional license and the sandbox can be hosted either on-premises or on the cloud.

Since it is a security module, it makes it virtually impossible for hackers to evade detection. It is also able to protect against attacks from the web, email, and network (IPS) on the same security gateway with a single management console and dashboard.

The file types that can be scanned are limited, which means that if the file type is not listed or enabled for the sandbox, they are bypassed and it can lead to a security issue.

The maximum number of files that can be scanned by the higher sandbox appliance (TE200X) on-premises is 5K per hour. Hence, a bigger organization needs to have multiple devices along with integration between them.

Enabling a module on the same NGFW firewall impacts performance, which adds delay/latency. 

Encrypted and password-protected files are not getting detected, and are bypassed. Exceptions are for files that have a dictionary-based password. 

Currently, this solution is supported only for Windows and Linux for Threat Emulation/Extraction.

This solution is very much stable.

This product is scalable on on-premises by adding an appliance, whereas, for cloud-based deployment, it's the responsibility of the OEM.

The Check Point technical support is excellent.

We have been using the same solution for some time and did not use a similar solution beforehand.

The initial setup involves enabling the module with the license and with cloud integration for Sandboxing. With this, it is complete and no additional devices are required.

The implementation was completed by our in-house team with the assistance of the OEM.

If you already have Check Point NGFW and it's underutilized and sized properly, there is a benefit both in terms of commercial/security and operation. This is because everything is available from a Single OEM on a Single Security gateway and Dashboard.

The cost is not significantly high and it can be negotiated during any purchase of NGFW.

We have evaluated solutions from Cisco and Trend Micro, which required dedicated a security appliance and sandbox appliance. However, since we were already using NGFW, we simply acquired a license for NGTX. This enabled sandboxing on the Check Point cloud.

One of our offices required zero-day protection that was automated and within the quantum licensing in a small device. It already had a one-year license enabled, so we had a way to use it based on our needs.

We required sophisticated email phishing protection in addition to validating downloaded files in our infrastructure without compromising productivity. We needed to avoid threats within the network and have a data reviewer based on a database containing old threats and new ones.

This protection was required due to the high impact that we would have if we were compromised in the office.

Check Point SandBlast Network has provided us with security for downloaded files on our network in addition to protection against phishing that tries to enter through email.

SandBlast has an emulator which is responsible for validating files and emails against modern threats based on its global database, which is constantly updated. In this way, everything is validated and delivered quickly to the user (who is not affected while being analyzed).

All these benefits generated greater security and stability within our office and the company's perimeter network.

The Check Point SandBlast Network gives us incredibly good features. It really is a very good security tool. The ability to validate new or old threats within the database that is being updated by all GWs globally from the manufacturer makes it a reliable database and tool.

Its threat extraction and emulation checks validate and deliver emails or downloaded files if they do not represent a threat to users. All of this great work is done in seconds. The client does not perceive this emulation, making the technology even more valuable in implementing security.

The Check Point SandBlast Network solution also needs some improvements that can be expected in the future. For example, the cost, which for some customers is high.

Also, on the subject of the guides, they are difficult to find, or they are not clear when it comes to carrying out implementations, generating best practices, or some other details. They are difficult to understand.

At the support level, they could improve the attention times and have the resolution of cases happen a little faster. Sometimes it takes a long time to send emails and tests instead of generating sessions or calls with the client to solve everything quickly.

We've used this excellent tool in an office that required protection against zero-day threats. We have used the technology for more than a year.

We used the Microsoft 365 Data Protection tool for email. However, it is a solution outside of our Check Point environment.

I'd recommend getting a partner who can provide you with all the help for Check Point services.

We always validate, review documentation, and check reviews to determine which security tool fits the bill.

It is a very good tool. You must try it and take your verdict.