Check Point SandBlast Network Reviews

Our primary use case of this solution is for security in our data centers.

I am still learning the product.

I am still looking into the product's stability.

In terms of the scalability, it is expandable across the cloud.

I haven't had to contact technical support yet.

We switched because we were using Cisco and were moving away from using Cisco firewalls.

The initial setup was complex because of the lack of information from the consultant.

I used Check Point and a consultant for the deployment. My experience with them was so-so. 

We looked at the big three: Palo Alto, Checkpoint, and Cisco.

I had a little bit of input in the decision-making process.

Always try the product out first.

I would rate it about a six out of ten until I figure the product out.

We use it as a method to ensure with all of our emails and the files coming through have secure attachments and no known issues: No malware, no known vulnerable hashes, nor anything malicious.

SandBlast has improved my organization in the way that we no longer have to worry as much about attachments which come in. Previously, it was a pretty frequent occurrence when we would get something malicious. So, it made it so that we could focus on other tasks and not have to worry nearly as much.

It seems like it works all the time. We have never had an issue. We have never had something go undetected, anything major. All in all, it works pretty well.

I would like to see some speed improvements, e.g., how quickly you can get through all the menus. It crashes sometimes because we push so much through it. Therefore, I would like to see more small things behind the scenes, such as, back-end stability in terms of the management application.

I would also like to improve the usability of the application to improve the quality of life of our users. 

It seems very stable. We haven't seen any issues with it. The quality is great. 

It is definitely scalable. We have a massive amount of endpoints that it's working through right now, and it's definitely taking care of us.

We are a Diamond partner, so we have a dedicated support rep who is always available and with a quick response and remediation. 

When I came onboard, this solution was already implemented.

The initial setup was pretty straightforward and simple. We tested a few things to see how we could make it run a little better.

We deployed it ourselves.

I would rate it an eight out of ten because it is stable and works well. We have never run into an issue with it. It is frequently updated and our support rep goes through the findings and lets us know what type of stuff is being blocked and if we want to make any small configuration changes. 

It's definitely a good way to go just because it's so simple. Once you have it set up, you don't really have to touch it.

Our primary use case of this solution is for file extraction. We send it out to SandBlast to open up the file to see if there is any malicious content in the file. We then send it back into the client environment.

SandBlast has opened us up to a lot more opportunities where we can offer this service to clients. This way they don't have to go to a third-party to get this specific solution. It comes in the Check Point Infinity package, so it has helped us a lot.

We like that we get to segregate our network. If there's any malicious content in any of those files it gets segregated so it doesn't affect any of your existing infrastructure or network traffic.

I would like to see different types of network traffic that we could actually analyze, not just files, but the users as well.

The stability is good. R80.10 is really stable. It just has high usage of resources, but other than that, it has been a very stable product.

The scalability is very good. It is easy to scale and use.

The technical support could use some work, but it's okay. It's a little bit of a tedious process to get through.

If you know what you're doing, then the initial setup is pretty straightforward.

We implemented in-house. 

The customer wanted this solution. They purchased the blade.

Our primary use case of this solution is for Edge firewalls and our cloud.

Check Point has enabled us to detect a lot of threats and prevented a lot of threats from entering our environments. It has kept us safe.

When they work, the log correlation, IPS, antivirus, anti-bot, and the SandBlast are the most valuable features. 

I would like to see more fine-tune MDM integration, specifically iPhones and Symantec pieces. It integrated in great, but not all of the features went in smoothly. They should expand the partnership with some of the bigger MDM companies that the product relies on.

Every time we try to do SandBlast, we run into a conundrum where the certificate issue comes into play. We've gone through it with engineers and it's very painful to keep up on that process. There could be improvements with changing the HTTPS inspection mechanism, or how it's done. That would be huge. Everybody that I've spoken to engineer-wise has said that is very painful and time-consuming. This would be one of the things that I would recommend that they fix.

I just want the product to work and make sure it's reliable. That's my biggest thing from the security aspect.

I am very leery right now about the stability. We've had three outages in the last month because of Check Point, not because of something that the customer has done, but because of changes on the Check Point side. This is what we were advise of.

In terms of scalability. CloudGuard looks amazing. The auto-scaling, the HA, or whatever option you select, I like it. It will add bang for the buck once we get it in there, and finalize it. It should work as designed. Then, I'll be ecstatic.

When I call support, I'll go around and around for a couple of weeks to finally get the issue solved. I would like to see better and more specific support areas for certain products. On some of our engagements, we had Check Point come in and advise us on what to upgrade to since we had an older version. We specified that we didn't want any outages. Then, as soon as we upgraded, within a week, we had an outage.

We wanted to keep our eggs in one basket, not having a knowledge gap between multiple tools. That is why we decided to go with this product. Up until recently, we had a good scorecard with them.

The initial setup depends on your environment. For the cloud stuff, it was pretty straightforward. On-premise is an ever-evolving thing.

Initial deployment has been in for years. We went through Check Point support and our technical account managers (TAMs) to receive resources and engineers.

I would advise someone considering this solution to engage with the Diamond engineers for implementation.

We have seen ROI.

I would rate it an eight out of ten. 

Pro-active prevention techniques mean that files sent to my endpoint are automatically cleansed and filtered for malicious content without a delay. The Check Point Threat Cloud auto updates with new malware found from users worldwide meaning my protection is constantly up to date. Independent tests have verified that Check Point Threat Prevention has the highest catch rate in the industry.  Working for a Check Point partner we utilise Check Point's endpoint solution in our day to day work and the most valuable benefit is knowing I am being protected from email, endpoint and removable media attacks and when attacks occur I am likely to weather the storm better than other users.

When files are sent they are automatically sandboxed and cleansed in real time meaning we don't need to wait for our filters to do their work before we see the output. I know my laptop is safe.

The day to day files like doc, xls, pdf, zip and rar can be scanned and cleaned by threat extraction in real time but there are still some file types which require further inspection. With the machine learning capabilities of sandblast there should be scope for more coverage, butI would like to feel certain 'no' file type is left uncovered. Any vendor that can find a way to do this is on to a winner!

We don't lose any data now that we are using SandBlast.

Check Point SandBlast is best in terms of the extraction function. Customers can get a clean firewall with extraction after I've cleaned and scanned it from Check Point. It's easy for users, too.

We started using SandBlast maybe two year ago.

SandBlast is stable.

We have 10 customer companies. They are mid-sized enterprises with between 100 and 200 users.

Check Point support is good.

Setting up SandBlast isn't complex. The total deployment time is maybe around three months. 

Sometimes we use outside support.

I rate Check Point SandBlast 10 out of 10. For those thinking about implementing SandBlast, I recommend assessing their organization and business requirements. Also, I would consider the costs. It will run you about $5,000 a year.