Check Point SandBlast Network OverviewUNIXBusinessApplication

Check Point SandBlast Network is the #5 ranked solution in top ATP (Advanced Threat Protection) tools. PeerSpot users give Check Point SandBlast Network an average rating of 8.8 out of 10. Check Point SandBlast Network is most commonly compared to Palo Alto Networks WildFire: Check Point SandBlast Network vs Palo Alto Networks WildFire. Check Point SandBlast Network is popular among the large enterprise segment, accounting for 59% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 17% of all views.
Check Point SandBlast Network Buyer's Guide

Download the Check Point SandBlast Network Buyer's Guide including reviews and more. Updated: December 2022

What is Check Point SandBlast Network?

Check Point’s evasion-resistant technology maximizes zero-day protection without compromising business productivity. For the first time, businesses can reduce the risk of unknown attacks by implementing a prevent-first approach. Learn More about Check Point Sandblast

Check Point SandBlast Network Customers

Edenred, State Transport Leasing Company (STLC), Edel AG, Laurenty, Conseil Départemental du Val de Marne, Koch Media

Check Point SandBlast Network Video

Archived Check Point SandBlast Network Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Oleg Pekar - PeerSpot reviewer
Senior Network/Security Engineer at Skywind Group
Real User
Top 5
Effective protection against zero-day threats, with good logging and reporting
Pros and Cons
  • "It provides a high rate of catching the zero-day advanced threats."
  • "The Threat Emulation software blade significantly affects the performance of the NGFWs, we have a significant increase in the CPU and memory consumption."

What is our primary use case?

Our company works in the area of developing and delivering online gambling platforms. The Check Point Next-Generation Firewalls are the core security solution we use for the protection of our DataCenter environment located in Asia (Taiwan).

The environment has about 50 physical servers as virtualization hosts, and we have two HA Clusters that consist of 2x5400 hardware appliances, managed by an OpenServer Security Management Server on a Virtual Machine (KVM), all running on R80.10 with the latest JumboHotfix.

The Check Point SandBlast Network software blade is one of the numerous blades activated on the NGFWs in the DataCenter. It provides the additional layer of security from the perspective of the possible malicious files being scanned and analyzed.

How has it helped my organization?

The overall security of the environment has been greatly improved by the Check Point NGFWs with the SandBlast Network blade activated. Before implementing the Check Point solutions, we relied on the Cisco ACLs and Zone-Based firewalls configured on the switches and routers, which in fact is a simple stateful firewall, and currently appear to be not an efficient solution for protecting from the advanced threats.

The Check Point SandBlast Network software blade has increased the protection of our environment by enabling the Threat Emulation and Threat Extraction features. The first feature performs the sandboxing of the suspicious file types, where more than 70 file types may be emulated, in the Windows and macOS virtual machines.

The second feature works faster by just converting the files to the clean file of the PDF format thus deleting potentially dangerous Macros, JavaScript Actions, etc.

What is most valuable?

  1. It provides a high rate of catching the zero-day advanced threats. I suppose due to the integrated AI-engine.
  2. The Threat Extraction feature takes the suspicious document and converts it to another type/extension, which is harmless, like DOC to PDF.
  3. The processes for the software blade activation and configuration and very easy.
  4. In addition, Check Point SandBlast Network provides protection against phishing emails.
  5. Good logging and reporting capabilities, on the level of other Check Point products.
  6. Built-in compliance checks, with a reasonable set of the default regulations provided.

What needs improvement?

In our setup we don't use any SandBlast Physical or Virtual Threat Emulation Appliances, so all the sandboxing is performed on the hardware Check Point NGFWs. The Threat Emulation software blade significantly affects the performance of the NGFWs, we have a significant increase in the CPU and memory consumption. 

In addition, some of the end-users complain that it takes too long to transfer the files to the servers in the data center since the Threat Emulation adds delays to the transfer used for the emulation.

I hope these issues will be fixed in the next release.

Buyer's Guide
Check Point SandBlast Network
December 2022
Learn what your peers think about Check Point SandBlast Network. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
655,711 professionals have used our research since 2012.

For how long have I used the solution?

We have been using the Check Point SandBlast Network for about three years starting late 2017.

What do I think about the stability of the solution?

The Check Point SandBlast Network software blade is stable, we haven't experienced any stability issues so far.

What do I think about the scalability of the solution?

I think it may be difficult to scale the Check Point SandBlast Network in cases where you don't have a dedicated software or hardware appliance for it to run on. This is because it requires so much in terms of computing resources to run.

How are customer service and support?

We have had several support cases opened, but none of them were connected with the Check Point SandBlast Network software blade. Some of the issues were resolved by installing the latest recommended JumoHotfix, whereas some required additional configuration on the OS kernel level.

The longest issue took about one month to be resolved, which we consider too long.

Which solution did I use previously and why did I switch?

We used the ACLs and Zone-Based firewalls with NBAR on the Cisco switches, routers, and found that this approach doesn't provide sufficient security protection against the modern advanced threats.

How was the initial setup?

The setup was straightforward. The configuration was easy and understandable.

What about the implementation team?

The in-house team completed the deployment. We have a Check Point Certified engineer working in the engineering team.

What's my experience with pricing, setup cost, and licensing?

Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall.

Which other solutions did I evaluate?

Since we already had the Check Point NGFWs, we just activated the additional software blade on it.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Hugo Thebas - PeerSpot reviewer
Security Analyst at Security4IT
Reseller
Prevents the downloading of malicious files by improving security
Pros and Cons
  • "When our workers are downloading software, SandBlast Cloud is useful to emulate the downloads that the workers are doing. Then, there are no threats coming into the company."
  • "I would like if it could emulate bigger files and somehow improve this usability. I don't know if this would be possible. However, if it was able to scan or emulate bigger files, then it would be safer for a company using it."

What is our primary use case?

Our company sells Check Point products. We give our customers support on these products. We use it here in our company, but mainly we give support to our customers who are using the product.

Our clients use it for improving the security in their environment. We are also using it to improve our security. 

We are using this solution extensively. It is available all the time for any file that we download.

We have some on-premise equipment that goes to the cloud.

How has it helped my organization?

When our workers are downloading software, SandBlast Cloud is useful to emulate the downloads that the workers are doing. Then, there are no threats coming into the company.

We have never had a case of a virus entering our company in computer. I think we are safe because of this solution. One of the features of the Check Point product, SandBlast Cloud, is that it prevents the downloading of malicious files.

What is most valuable?

The mostly useful feature is we can download a file and emulate it outside of our company, then we can get the file and know that the file is clean. It's safe to run inside our company and we have no risk of viruses, Trojans, and so on.

What needs improvement?

I would like if it could emulate bigger files and somehow improve this usability. I don't know if this would be possible. However, if it was able to scan or emulate bigger files, then it would be safer for a company using it.

For how long have I used the solution?

About two years.

What do I think about the stability of the solution?

It is very stable. We don't have many problems regarding this aspect. Most of the tickets that we receive are doubts about the configuration and feature improvements.

What do I think about the scalability of the solution?

It is scalable. We can just add more computers into the solution if the equipment becomes obsolete or their capacity reaches its maximum. We just need to use a bigger appliance. However, we have no experiences regarding this, as usually the equipment is better than the customer's needs.

In my company, there are maybe 50 users. It's not a very big company, so everyone has their function, but most of them are technicians. Other users are sellers, directors, supervisors, and security analysts (like me). If we consider that every worker has one computer, we can say that there are about 50 computers using this solution.

How are customer service and technical support?

It has very good support. If I had to give them a score from zero to 10, I would give them a nine. Sometimes it takes a bit too long for them to give the first answer. It's not something that we can't wait for, but sometime we will need that answer right in the moment that we ask, and maybe we are waiting some hours depending on the issue.

Which solution did I use previously and why did I switch?

None.

How was the initial setup?

With some of our customers, I have been involved in the initial setup. It is very simple and intuitive. With just a few clicks, we can make it work.

After the system is running, just to enable each of the features, we take no more than 10 minutes.

What about the implementation team?

I just followed the Check Point documentation. I just read and replicated it into our production environment, then it was good to go.

About five of my colleagues are responsible for implementing the product.

Which other solutions did I evaluate?

I haven't evaluated other solutions.

What other advice do I have?

I am very satisfied with this product.

Anyone who deploys this solution needs to understand their network, e.g., the amount of data transferring through it. This way, they can define the product according to their needs.

I would rate this solution as a 10 out of 10.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Reseller/Partner.
PeerSpot user
Buyer's Guide
Check Point SandBlast Network
December 2022
Learn what your peers think about Check Point SandBlast Network. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
655,711 professionals have used our research since 2012.
PRAPHULLA  DESHPANDE - PeerSpot reviewer
Associate Consult at Atos
Real User
Top 5Leaderboard
Threat Emulation gives networks the necessary protection against unknown threats in files that are attached to emails
Pros and Cons
  • "Threat Emulation gives networks the necessary protection against unknown threats in files that are attached to emails. The Threat Emulation engine picks up malware at the exploit phase before it enters the network. It quickly quarantines and runs the files in a virtual sandbox, which imitates a standard operating system, to discover malicious behavior before hackers can apply evasion techniques to bypass the sandbox."
  • "I think Check Point provides standard time which ideally most other vendors take to identify behaviors of a file by sending them into a sandbox environment for inspection."

What is our primary use case?

Today's attacks are zero-day or which are not correlated to previous attacks. So cyber defense should be active and should block those zero days threats before it impacts the entire network.

Something should be there which proactively can detect threats and block them. Sandbox is technology that overcomes this issue and sandblast for the network which consists of threat emulation and threat exaction.

It emulates unknows files in a sandbox environment and protects threats in hidden email documents by extracting them.

How has it helped my organization?

It contains malware from attached documents in email organization can be relayed on such type of solutions where they need not invest more on other solution for such feature sets which ultimately reduce attack vector via email or from spoof senders and Extracts exploitable content out of the file.

For new applications or for databases there were many file storage which are having new hash values or unknow that can be identified by executing them in the sandbox environment hence improving more efficiency and security.

What is most valuable?

Threat Emulation gives networks the necessary protection against unknown threats in files that are attached to emails. The Threat Emulation engine picks up malware at the exploit phase before it enters the network. It quickly quarantines and runs the files in a virtual sandbox, which imitates a standard operating system, to discover malicious behavior before hackers can apply evasion techniques to bypass the sandbox. The Threat Extraction blade extracts potentially malicious content from e-mail attachments before they enter the corporate network. 

What needs improvement?

I think Check Point provides standard time which ideally most other vendors take to identify behaviors of a file by sending them into a sandbox environment for inspection.

Apart from policy creation and the number of supported files which is also the same as other vendors in the industry so probably as per me, there is no need to improved other things except if they want to make something different than making sure on-prem devices support almost all type of file inspection so even customers who don't have Check Point firewalls can buy Check Point on-prem device for sandbox technology.

For how long have I used the solution?

2 years

What do I think about the stability of the solution?

It's very stable.

What do I think about the scalability of the solution?

Scalability is very good.

How are customer service and technical support?

Tech support is very good.

How was the initial setup?

It's easy to setup.

What about the implementation team?

It never gives us any issue while implementing.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Swapnil Talegaonkar - PeerSpot reviewer
Technology consultant at a tech services company with 501-1,000 employees
Real User
Top 5Leaderboard
Helps to understand the exact daily email traffic flow but monitoring Queues and related operations are very complex
Pros and Cons
  • "Check Point SandBlast Network Solution provides signature-based as well as zero-day threat protection. Also sandboxing can be performed on an on-premise device, cloud as well as the combination of both. Threat emulation is done on multiple OS & verdict is provided."
  • "Many Important controls are only available in CLI & very very complicated. All tecli command features should available on GUI so that it will become easy for normal users to monitor & control queue."

What is our primary use case?

We have Implemented Check Point SandBlast Network Solution at the email Gateway provider where our primary use case was to clean email attachments. We have also enabled Anti-Virus & Antibot blades. We want to convert each & every document should convert into the PDF file With all their active content for example links etc neutralized or disabled.

Also, we are using on-premises as well as cloud sandboxing at the same time. Means particular file format sandboxing will happen on cloud & remaining on the private cloud means on-premise box.

How has it helped my organization?

Check Point SandBlast Network Solution works well if ignore 2 -3 points. All emails are getting scanned for signatures & Threat emulation works well. Check Point SandBlast Network Solution helps to understand the exact daily email traffic flowing. Threat extraction also works quite good help to neutralized or block any malicious attachment received depending upon the severity.

Cacheing & static analysis really reduces the time taken for scanning & sandboxing the same file for potentially less dangerous files. 

What is most valuable?

Check Point SandBlast Network Solution provides signature-based as well as zero-day threat protection. Also sandboxing can be performed on an on-premise device, cloud as well as the combination of both. Threat emulation is done on multiple OS & verdict is provided.

Static analysis as per checkpoint its a python code that helps to provide verdict without emulating every single attachment which results in an increase in performance.

Every scan email will automatically add text which helps us to understand email has been scanned or malicious content has been removed. we can also customize the same.

What needs improvement?

Firstly, performance in our case daily many emails were queued for scanning & among that 30% emails were getting skipped means delivered without scanning. Some times queue was so large that we need to flush or dump emails.

Many Important controls are only available in CLI & very very complicated. All tecli command features should available on GUI so that it will become easy for normal users to monitor & control queue.

Threat Emulation device HA Configuration is also CLI based.

Monitoring Queues and related operations are very complex as it needs to check on CLI.

For how long have I used the solution?

Two years.

What do I think about the stability of the solution?

I have worked on R80.20 & R80.10 I have seen bugs but the TAC team provided hotfixes.

What do I think about the scalability of the solution?

Overall scalability has been a good experience. 

How are customer service and technical support?

For Threat Emulation Security team is responsible & those are I think limited no of peoples are available. The checkpoint should increase the skill set on TE. 

How was the initial setup?

The initial setup was a complex task need to configure MTA & Configuring & troubleshooting needs good CLI.

What about the implementation team?

I have implemented it with my team.

What's my experience with pricing, setup cost, and licensing?

Cost is on the higher side though ill suggest buying a bigger box than required.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Michael Yamashita - PeerSpot reviewer
Security Architect at a manufacturing company with 10,001+ employees
Real User
The forensics reports and the ability to sandbox malware are its most valuable features

What is our primary use case?

Our primary use case is using it to virtualize environments or create a sandbox in which we can use it to test malware.

What is most valuable?

  • The forensics reports
  • The ability to sandbox malware.

What needs improvement?

Using it in the beginning was difficult because I had never used anything similar. In terms of navigating the UI, it was all not too bad, but there is definitely a learning curve. If I had gone through additional training, it would have been helpful.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

It seems scalable.

What do I think about the scalability of the solution?

It seems scalable.

How are customer service and technical support?

I have not yet used technical support.

Which solution did I use previously and why did I switch?

We were not using another vendor previously.

How was the initial setup?

The initial setup is pretty straightforward.

What about the implementation team?

The third-party partner handled most of the setup. We observed, and they taught us the basics. Our experience was very good.

What other advice do I have?

Try it out. Demo it. See it in use was helpful.

I have been involved in giving input and feedback with the product to the company.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Professional Service Assistant at a tech vendor with 201-500 employees
MSP
Saves everyone the time of trying to be reactive. Instead, they are proactive by trying to prevent an issue
Pros and Cons
  • "It saves time with us trying to do the analysis. We use it to try to find out how something got into the network. We use it to stop something before it ever gets in."
  • "I imagine there will be improvements in later versions. There are hotfixes that come out all the time."

What is our primary use case?

Our customers use this solution because it takes an .exe and applications, then scans them. So, it is good threat protection.

How has it helped my organization?

It saves time with us trying to do the analysis. We use it to try to find out how something got into the network. We use it to stop something before it ever gets in.

What is most valuable?

It saves everyone the time of trying to be reactive. Instead, they are proactive by trying to prevent an issue.

What needs improvement?

I imagine there will be improvements in later versions. There are hotfixes that come out all the time.

What do I think about the stability of the solution?

We haven't had any issues with stability. 

How are customer service and technical support?

I have used Check Point's technical support, but not for this product. Their overall technical support is a ten out of ten. 

What other advice do I have?

I would rate it a nine out of ten because it helps us be proactive as opposed to reactive. 

I would advise someone considering this solution to talk to their sales engineers (SEs) and do comparative testing between the hardware of the products.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
Jose Carlos Cordeiro - PeerSpot reviewer
Director at Compugraf
Reseller
Helps our customers with zero-day protection, but the product's visibility needs improvement
Pros and Cons
  • "The zero-day protection is its most valuable feature."
  • "I would like for them to improve the visibility in the product."

What is our primary use case?

We are a reseller, so we implement this solution for our customers.

How has it helped my organization?

The Check Point product is very common in Brazil.

What is most valuable?

The zero-day protection is its most valuable feature. 

What needs improvement?

I would like for them to improve the visibility in the product.

What do I think about the scalability of the solution?

Scalability has been a problem for some of the bigger Brazilian financial companies that we work with. However, it has been okay for the smaller companies. 

How are customer service and technical support?

On a scale from one to ten, I would rate their technical support as a six. 

Which solution did I use previously and why did I switch?

In Brazil, we have new threats every year. When we learned about a new threat, we knew that we needed to do something different. Before having a big problem, we decided to invest in Check Point.

How was the initial setup?

The initial setup is simple, not complex.

What about the implementation team?

We implement this solution for our customers. We do it by ourselves.

Which other solutions did I evaluate?

When we look at vendors, we start with Check Point because we have been using them for many years. Therefore, the product is very familiar to us.

What other advice do I have?

I would rate it a seven out of ten. 

I would advise someone considering this solution to do a proof of concept before adopting the solution. In order to avoid problems, it's important to test it before proceeding.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
Espen Sammerud - PeerSpot reviewer
Network Technician at Buypass
Real User
Has caught some harmful attachments and downloads
Pros and Cons
  • "It has caught some harmful attachments and downloads."
  • "Most of the time stability is okay, but sometimes, we're not able to contact the cloud. It won't last for long. The product could be faster."

What is our primary use case?

We use the Threat Emulation blade feature on the Security Gateway.

How has it helped my organization?

It has caught some harmful attachments and downloads.

What is most valuable?

The most valuable feature is that attachments to emails and downloads from the web are being emulated in the cloud. We see some malicious downloads and attachments, but it is not a lot. I am thinking about enabling the Threat Extraction blade now.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

Most of the time stability is okay, but sometimes, we're not able to contact the cloud. It won't last for long. The product could be faster. Other than that, the stability is okay.

What do I think about the scalability of the solution?

We don't have any problems with scalability. It depends on the bandwidth because we are talking to the cloud.

How are customer service and technical support?

We don't use technical support directly. We work with our partners, and only if it's a big problem do we deal with Check Point directly. The techs contact me directly.

Which solution did I use previously and why did I switch?

In the beginning, Check Point was just a firewall. It is much more than that now. We have been using the product for over 20 years.

How was the initial setup?

The initial setup was straightforward, but we had some technical issues. It was something to do with the release that we were using. So, we had to do some patching. After a few weeks of tuning, it was okay.

What about the implementation team?

We implemented through our partner, SecureLink, or I did the implementation myself. During the implementation phase, there were some issues and we received some help from the technical support at Check Point.  

SecureLink is a good company. They acquired a smaller company, which was our partner. 

What was our ROI?

Our ROI is confidence in knowing that things out there that we didn't know about before are being stopped.

What's my experience with pricing, setup cost, and licensing?

We would like to try the Threat Extraction blade, but you need to buy a license. Check Point is expensive.

I would like to buy things, but I would need the funding. There is room for improvement here.

Which other solutions did I evaluate?

We have also looked at Palo Alto and Fortinet. At this point, we know the Check Point product and have a history with it. The management part of Check Point's product is very good.

I was involved in the decision-making process from the technical side.

What other advice do I have?

I would rate it an eight out of ten. It is not a ten simply because nothing is perfect. 

I would advise someone considering this solution to get a Threat Emulation license and try it out.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Ryan Steele - PeerSpot reviewer
Sr Network Engineer at Columbus Regional Airport Authority
Real User
We put in high availability clusters and had zero downtime
Pros and Cons
  • "We didn't really have any IPS before. So, Check Point has improved our security posture. People get used to doing things certain ways, which might not be the best or most secure way, and they can't do that now, which just requires more education of the user base. With the endpoint client, we've started to use Check Point for remote access."
  • "There have been a couple of things that we've tried where we read through the documentation, and we were really looking for some help in implementing, and technical support wanted me to try it first, then call them if it breaks. It would be nicer if they would hold my hand a bit more. It makes me nervous in production, as I don't have a lab."

What is our primary use case?

Check Point is our main perimeter firewall vendor. We have several Check Point clusters doing different things within our environment.

How has it helped my organization?

We didn't really have any IPS before. So, Check Point has improved our security posture. People get used to doing things certain ways, which might not be the best or most secure way, and they can't do that now, which just requires more education of the user base. With the endpoint client, we've started to use Check Point for remote access.

What is most valuable?

Check Point met all of our criteria that we were looking for in a firewall vendor as far as remote access capabilities, as far as IPS and intrusion detection, the SandBlast and the threat extraction pieces that we were looking at to help limit our attack vectors. They're top rated and have been for a long time. Those were all important things that we were looking at when we were looking at replacing what we currently had with Check Point. 

What needs improvement?

The number one thing that's a little bit frustrating is we implement two-factor authentication for remote access. We thought we were going to be able to pick users or groups to do two-factor against, and some did not do two-factor against. We found out that we can only do that either in the mobile access blade in which we can have it all do two-factor or not, and then the remote VPN all do two-factor or not. For our own internal employees, I want them to have an option to either do clientless or client depending on the situation.

One of the main reasons why we picked Check Point was because we needed a clientless option for third-parties who don't have our hardware. Check Point is not doing two-factor authentication for that. This is something that we've been really asking about and we'd like to be able to do: Two-factor authentication off blade based groups (or something else). We know it is on the roadmap.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

We put in high availability clusters and had zero downtime, even with upgrades. It's been rock solid, we're very pleased. It hasn't been disruptive to the business.

What do I think about the scalability of the solution?

We're small. The new Maestro option is impressive. It is nice to know that we could move into this Maestro product and move away from an Active-Passive firewall cluster to an Active-Active, then if we needed it for computer bandwidth, we could easily add something. That is very awesome.

How are customer service and technical support?

We have premium support currently. Several times a month, I call them to ask them stuff. Some of it is not necessarily because I have a problem, but being very new to Check Point, Check Point does things differently than other firewall vendors, so there is a learning curve if you're not used to the way Check Point does things. We use support for that as well, making sure that we're doing things right. 

My experience with them has been good. There have been a couple of things that we've tried where we read through the documentation, and we were really looking for some help in implementing, and technical support wanted me to try it first, then call them if it breaks. It would be nicer if they would hold my hand a bit more. It makes me nervous in production, as I don't have a lab.

Which solution did I use previously and why did I switch?

We replaced our Cisco ASAs with our Check Points. Our version of the Cisco ASA was at end of life, and we would have needed to move to the next-generation of it.

I was the decision-maker. Our company also has some security teams, software teams, an operations team, and a service desk.

What about the implementation team?

We used a partner for the integration. We used CBTS. We've had a partnership with them, not for just what we've done for Check Point, but with several other products that we've bought over the years, and they've been a good partner. I don't really have any complaints with them.

What was our ROI?

We have seen our return on investment, and I think our security guys would agree with that. It's opened up the eyes of the security, and even the organization, regarding risks to say, “Wow, there is really a lot of stuff going on that we didn't know about.”

Which other solutions did I evaluate?

We looked at the gamut of products out there, since there are a lot of firewall players. However, Cisco has consistently been in the top for a long time.

We also looked at Cisco and Palo Alto. We looked at what the NGFW Cisco ASAs looked like.

What other advice do I have?

Nothing is perfect, but Check Point is pretty close to perfect. Check Point is an anomaly in the industry as they only do security. They have been doing this for 25 years and are a pillar of what they do. 

I would rate it a nine out of ten. It consistently performs well, and independent third-parties agree. They are really good at what they do.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network Engineer at a hospitality company with 10,001+ employees
Real User
It's expandable across the cloud but the initial setup was complex

What is our primary use case?

Our primary use case of this solution is for security in our data centers.

How has it helped my organization?

I am still learning the product.

What do I think about the stability of the solution?

I am still looking into the product's stability.

What do I think about the scalability of the solution?

In terms of the scalability, it is expandable across the cloud.

How are customer service and technical support?

I haven't had to contact technical support yet.

Which solution did I use previously and why did I switch?

We switched because we were using Cisco and were moving away from using Cisco firewalls.

How was the initial setup?

The initial setup was complex because of the lack of information from the consultant.

What about the implementation team?

I used Check Point and a consultant for the deployment. My experience with them was so-so. 

Which other solutions did I evaluate?

We looked at the big three: Palo Alto, Checkpoint, and Cisco.

I had a little bit of input in the decision-making process.

What other advice do I have?

Always try the product out first.

I would rate it about a six out of ten until I figure the product out.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Security Engineer at a individual & family service with 10,001+ employees
Vendor
Ensures all of our emails, files coming through, and attachments are secure
Pros and Cons
  • "It seems like it works all the time. We have never had an issue. We have never had something go undetected, anything major. All in all, it works pretty well."
  • "I would like to see some speed improvements, e.g., how quickly you can get through all the menus. It crashes sometimes because we push so much through it. Therefore, I would like to see more small things behind the scenes, such as, back-end stability in terms of the management application."

What is our primary use case?

We use it as a method to ensure with all of our emails and the files coming through have secure attachments and no known issues: No malware, no known vulnerable hashes, nor anything malicious.

How has it helped my organization?

SandBlast has improved my organization in the way that we no longer have to worry as much about attachments which come in. Previously, it was a pretty frequent occurrence when we would get something malicious. So, it made it so that we could focus on other tasks and not have to worry nearly as much.

What is most valuable?

It seems like it works all the time. We have never had an issue. We have never had something go undetected, anything major. All in all, it works pretty well.

What needs improvement?

I would like to see some speed improvements, e.g., how quickly you can get through all the menus. It crashes sometimes because we push so much through it. Therefore, I would like to see more small things behind the scenes, such as, back-end stability in terms of the management application.

I would also like to improve the usability of the application to improve the quality of life of our users. 

What do I think about the stability of the solution?

It seems very stable. We haven't seen any issues with it. The quality is great. 

What do I think about the scalability of the solution?

It is definitely scalable. We have a massive amount of endpoints that it's working through right now, and it's definitely taking care of us.

How are customer service and technical support?

We are a Diamond partner, so we have a dedicated support rep who is always available and with a quick response and remediation. 

Which solution did I use previously and why did I switch?

When I came onboard, this solution was already implemented.

How was the initial setup?

The initial setup was pretty straightforward and simple. We tested a few things to see how we could make it run a little better.

What about the implementation team?

We deployed it ourselves.

What other advice do I have?

I would rate it an eight out of ten because it is stable and works well. We have never run into an issue with it. It is frequently updated and our support rep goes through the findings and lets us know what type of stuff is being blocked and if we want to make any small configuration changes. 

It's definitely a good way to go just because it's so simple. Once you have it set up, you don't really have to touch it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network Engineer at a tech services company with 51-200 employees
Real User
If there's any malicious content in any of your files it gets segregated so it doesn't affect any of your existing infrastructure or network traffic
Pros and Cons
  • "SandBlast has opened us up to a lot more opportunities where we can offer this service to clients, that way they don't have to go to a third-party to get this specific solution. It comes in the Check Point Infinity Package so it has helped us a lot."
  • "The technical support could use some work, but it's okay. It's a little bit of a tedious process to get through."

What is our primary use case?

Our primary use case of this solution is for file extraction. We send it out to SandBlast to open up the file to see if there is any malicious content in the file. We then send it back into the client environment.

How has it helped my organization?

SandBlast has opened us up to a lot more opportunities where we can offer this service to clients. This way they don't have to go to a third-party to get this specific solution. It comes in the Check Point Infinity package, so it has helped us a lot.

What is most valuable?

We like that we get to segregate our network. If there's any malicious content in any of those files it gets segregated so it doesn't affect any of your existing infrastructure or network traffic.

What needs improvement?

I would like to see different types of network traffic that we could actually analyze, not just files, but the users as well.

What do I think about the stability of the solution?

The stability is good. R80.10 is really stable. It just has high usage of resources, but other than that, it has been a very stable product.

What do I think about the scalability of the solution?

The scalability is very good. It is easy to scale and use.

How are customer service and technical support?

The technical support could use some work, but it's okay. It's a little bit of a tedious process to get through.

How was the initial setup?

If you know what you're doing, then the initial setup is pretty straightforward.

What about the implementation team?

We implemented in-house. 

Which other solutions did I evaluate?

The customer wanted this solution. They purchased the blade.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
it_user830025 - PeerSpot reviewer
IT Security Engineer at a government with 1,001-5,000 employees
Real User
Enabled us to detect a lot of threats and prevented a lot of threats from entering our environments
Pros and Cons
  • "Check Point has enabled us to detect a lot of threats and prevented a lot of threats from entering our environments. It has kept us safe."
  • "I am very leery right now about the stability. We've had three outages in the last month because of Check Point, not because of something that the customer has done, but because of changes on the Check Point side."

What is our primary use case?

Our primary use case of this solution is for Edge firewalls and our cloud.

How has it helped my organization?

Check Point has enabled us to detect a lot of threats and prevented a lot of threats from entering our environments. It has kept us safe.

What is most valuable?

When they work, the log correlation, IPS, antivirus, anti-bot, and the SandBlast are the most valuable features. 

What needs improvement?

I would like to see more fine-tune MDM integration, specifically iPhones and Symantec pieces. It integrated in great, but not all of the features went in smoothly. They should expand the partnership with some of the bigger MDM companies that the product relies on.

Every time we try to do SandBlast, we run into a conundrum where the certificate issue comes into play. We've gone through it with engineers and it's very painful to keep up on that process. There could be improvements with changing the HTTPS inspection mechanism, or how it's done. That would be huge. Everybody that I've spoken to engineer-wise has said that is very painful and time-consuming. This would be one of the things that I would recommend that they fix.

I just want the product to work and make sure it's reliable. That's my biggest thing from the security aspect.

What do I think about the stability of the solution?

I am very leery right now about the stability. We've had three outages in the last month because of Check Point, not because of something that the customer has done, but because of changes on the Check Point side. This is what we were advise of.

What do I think about the scalability of the solution?

In terms of scalability. CloudGuard looks amazing. The auto-scaling, the HA, or whatever option you select, I like it. It will add bang for the buck once we get it in there, and finalize it. It should work as designed. Then, I'll be ecstatic.

How are customer service and technical support?

When I call support, I'll go around and around for a couple of weeks to finally get the issue solved. I would like to see better and more specific support areas for certain products. On some of our engagements, we had Check Point come in and advise us on what to upgrade to since we had an older version. We specified that we didn't want any outages. Then, as soon as we upgraded, within a week, we had an outage.

Which solution did I use previously and why did I switch?

We wanted to keep our eggs in one basket, not having a knowledge gap between multiple tools. That is why we decided to go with this product. Up until recently, we had a good scorecard with them.

How was the initial setup?

The initial setup depends on your environment. For the cloud stuff, it was pretty straightforward. On-premise is an ever-evolving thing.

What about the implementation team?

Initial deployment has been in for years. We went through Check Point support and our technical account managers (TAMs) to receive resources and engineers.

I would advise someone considering this solution to engage with the Diamond engineers for implementation.

What was our ROI?

We have seen ROI.

What other advice do I have?

I would rate it an eight out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Technical Account Manager at a security firm with 51-200 employees
Vendor
The Check Point Threat Cloud auto updates with new malware found from users worldwide meaning my protection is constantly up to date.

Valuable Features:

Pro-active prevention techniques mean that files sent to my endpoint are automatically cleansed and filtered for malicious content without a delay. The Check Point Threat Cloud auto updates with new malware found from users worldwide meaning my protection is constantly up to date. Independent tests have verified that Check Point Threat Prevention has the highest catch rate in the industry.  Working for a Check Point partner we utilise Check Point's endpoint solution in our day to day work and the most valuable benefit is knowing I am being protected from email, endpoint and removable media attacks and when attacks occur I am likely to weather the storm better than other users.

Improvements to My Organization:

When files are sent they are automatically sandboxed and cleansed in real time meaning we don't need to wait for our filters to do their work before we see the output. I know my laptop is safe.

Room for Improvement:

The day to day files like doc, xls, pdf, zip and rar can be scanned and cleaned by threat extraction in real time but there are still some file types which require further inspection. With the machine learning capabilities of sandblast there should be scope for more coverage, butI would like to feel certain 'no' file type is left uncovered. Any vendor that can find a way to do this is on to a winner!

Disclosure: My company has a business relationship with this vendor other than being a customer: Pentesec are 4 star Check Point partners and one of 2 companies with End Point Collaborative Support certifications, making us the most qualified Check Point End Point partners in the United Kingdom. We are vendor agnostic by default, so by choosing to utilise Check Point's End Point solution over alternatives is an endorsement in itself.
PeerSpot user
Buyer's Guide
Download our free Check Point SandBlast Network Report and get advice and tips from experienced pros sharing their opinions.
Updated: December 2022
Buyer's Guide
Download our free Check Point SandBlast Network Report and get advice and tips from experienced pros sharing their opinions.