Check Point SandBlast Network vs NetWitness Platform comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Check Point SandBlast Network and NetWitness Platform based on real PeerSpot user reviews.

Find out in this report how the two ATP (Advanced Threat Protection) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Check Point SandBlast Network vs. NetWitness Platform Report (Updated: September 2022).
655,711 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features.""The most valuable feature of Microsoft Defender for Office 365 is the ease of use.""Does a thorough job of examining email and URLs for malicious content.""At the moment we are satisfied with this product. It's a stable, scalable, and resilient solution for us.""The deployment capability is a great feature.""Some of the valuable features on the email side are anti-phishing, anti-malware, and Safe Links.""The good part is that you don't have to configure it, which is very convenient.""It also gives the vulnerability status according to the versions you have selected. Let's say you have Google Chrome. It mentions the versions it has, and it updates. Within two hours of an update, it is reflected in the dashboard. That's really nice to have."

More Microsoft Defender for Office 365 Pros →

"Threat extraction can help us to remove malicious content from documents by converting them to PDF.""One of its characteristics that we liked the most was its analysis and emulation of activities in the emails since it manages to review them and inspect them if they have an infected attachment.""Check Point SandBlast is best in terms of the extraction function. Customers can get a clean firewall with extraction after I've cleaned and scanned it from Check Point. It's easy for users, too.""Very few false positives are detected, which gives the confidence to raise flags when needed, ensuring the IT department is aware of threats and acting fast.""The use of threat cloud protection with its artificial intelligence can automate possible threats.""The Check Point SandBlast Network uses caching and static analysis to actually reduce the time it takes to scan and isolate the same file for incoming data compromises.""Preventing zero-day threats and extracting potential threats from incoming files with Threat Extraction is the most valuable feature for us.""It shares the information of all its devices, this generates more robust perimeter security in addition to generating trust of the company with the manufacturer to prevent threats."

More Check Point SandBlast Network Pros →

"The newer 11.5 version that my team is using has found it to have good mapping.""The software is scalable to whatever is required, and you can also put a lot of resources in the cloud.""The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs.""Offers a good wireless feature.""The solution is really scalable for the high-end power, enterprise customer.""The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools.""Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports.""The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."

More NetWitness Platform Pros →

Cons
"Microsoft Defender for Office 365 could improve by giving customers information on techniques to prevent threats. For example, information about best practices on how to protect their own devices against hackers and scammers, such as educational information or training. This would help others have a better understanding of cyber security. Additionally, there can be more security features added.""Too many false positives and lacks an accurate capability to detect malicious SharePoint sites.""In one of the reports I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help.""The company should focus on adding threats that the solution is currently unable to detect.""In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement.""There is room for improvement with the UI.""They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not.""There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types."

More Microsoft Defender for Office 365 Cons →

"There should be some customized price reductions in the offered packages.""There is a limit on the number of files that can be scanned in real-time, which could lead to us being found with our guard down on a high-traffic day.""EDR and EPM solutions like Carbon Black or CyberArk have integrations with the cloud version of Sandblast, however, there must be on-premise Sandblast options also.""We would like to see this solution reach mobile devices more efficiently, through apps or more specific products.""We have noticed a slight performance hit when the Threat Emulation and Extraction features were enabled, but the protection trade-off is worth it for us.""When you have to scan emails that come with attachments, it takes a long time to examine them, which causes other emails not to be scanned, which can cause some danger to our organization.""It would be very good for Check Point to improve its support.""Check Point SandBlast Network can improve the integration with third-party vendors, such as EDR or CRM products. For example, IBM Curator."

More Check Point SandBlast Network Cons →

"The multi-tenant capabilities are lagging compared to IBM QRadar.""The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too.""The initial setup is complex. There are other solutions that are easier to implement.""Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10.""RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms.""An area for improvement would be better automation and more inbuilt use cases.""There are instances where you try to run the reports and then it does not give you the desired outcome.""The solution should have more integration capabilities with different platforms."

More NetWitness Platform Cons →

Pricing and Cost Advice
  • "It's a user-base subscription."
  • "From the pricing point of view, like any other product in the market, there is scope for negotiation."
  • "Defender is a little bit more expensive as compared to others. We are in the manufacturing environment. So, we don't have a high budget for all of our endpoint devices. Its cost is a major concern for us."
  • "For licensing, it's usually a yearly package for customers who are subscribed to Office 365, but they can also pay on a monthly basis."
  • "Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution."
  • "Microsoft Defender for Office 365 comes with Microsoft Windows. It is free with the operating system."
  • "The solution saves money so we have seen a return on investment."
  • More Microsoft Defender for Office 365 Pricing and Cost Advice →

  • "I think the overall cost for introducing Check Point with SandBlast was reasonable and competitive in the market."
  • "The cost is not significantly high and it can be negotiated during any purchase of NGFW."
  • "The cost of Check Point SandBlast Network is annually, and there is only a standard license."
  • More Check Point SandBlast Network Pricing and Cost Advice →

  • "There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."
  • "We are on an annual license for the use of the solution."
  • "RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
  • "We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."
  • "Compared to the competition, the is price is not that high."
  • More NetWitness Platform Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which ATP (Advanced Threat Protection) solutions are best for your needs.
    655,711 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Threat Explorer is one of the features that I very much like because it is a real-time report that allows you to… more »
    Top Answer:I would recommend Microsoft Defender for Office 365. If you already have a deployment method, like CCM or something… more »
    Top Answer:There is room for improvement with the UI. The company should focus on adding threats that the solution is currently… more »
    Top Answer:One of its characteristics that we liked the most was its analysis and emulation of activities in the emails since it… more »
    Top Answer:I'd recommend getting a partner who can provide you with all the help for Check Point services.
    Top Answer:We would like to see this solution reach mobile devices more efficiently, through apps or more specific products. For… more »
    Top Answer:I believe they could improve their support, there are often delays. The price of the solution could be reduced, it's… more »
    Top Answer:I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on… more »
    Top Answer:We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a… more »
    Comparisons
    Also Known As
    MS Defender for Office 365
    RSA Security Analytics
    Learn More
    Overview

    Microsoft Defender for Office 365 protects all of Office 365 against advanced threats like business email compromise and credential phishing, and automatically investigates and remediates attacks. With Defender for O365 you get Integrated threat protection for all of Office 365 that gives you:

    - Native protection for Office 365 with built-in protection that simplifies administration, lowers total cost of ownership, and boosts productivity.

    - Unparalleled scale and effectiveness with powerful automated workflows to improve SecOps efficiency.

    - A complete solution for collaboration that protects you from attacks across the kill chain.

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Check Point’s evasion-resistant technology maximizes zero-day protection without compromising business productivity. For the first time, businesses can reduce the risk of unknown attacks by implementing a prevent-first approach. Learn More about Check Point Sandblast

    NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

    Offer
    Learn more about Microsoft Defender for Office 365
    Learn more about Check Point SandBlast Network
    Learn more about NetWitness Platform
    Sample Customers
    Microsoft Defender for Office 365 is trusted by companies such as Ithaca College.
    Edenred, State Transport Leasing Company (STLC), Edel AG, Laurenty, Conseil Départemental du Val de Marne, Koch Media
    Los Angeles World Airports, Reply
    Top Industries
    REVIEWERS
    Comms Service Provider25%
    Financial Services Firm17%
    Manufacturing Company17%
    Performing Arts8%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Comms Service Provider10%
    Government8%
    Financial Services Firm7%
    REVIEWERS
    Security Firm24%
    Computer Software Company18%
    Financial Services Firm12%
    Comms Service Provider6%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider16%
    Financial Services Firm14%
    Government9%
    REVIEWERS
    Comms Service Provider31%
    Financial Services Firm25%
    Computer Software Company25%
    Manufacturing Company13%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Comms Service Provider14%
    Financial Services Firm12%
    Government11%
    Company Size
    REVIEWERS
    Small Business25%
    Midsize Enterprise25%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise19%
    Large Enterprise54%
    REVIEWERS
    Small Business50%
    Midsize Enterprise18%
    Large Enterprise32%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise18%
    Large Enterprise59%
    REVIEWERS
    Small Business26%
    Midsize Enterprise11%
    Large Enterprise63%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise14%
    Large Enterprise64%
    Buyer's Guide
    Check Point SandBlast Network vs. NetWitness Platform
    September 2022
    Find out what your peers are saying about Check Point SandBlast Network vs. NetWitness Platform and other solutions. Updated: September 2022.
    655,711 professionals have used our research since 2012.

    Check Point SandBlast Network is ranked 5th in ATP (Advanced Threat Protection) with 15 reviews while NetWitness Platform is ranked 12th in Log Management with 11 reviews. Check Point SandBlast Network is rated 8.8, while NetWitness Platform is rated 7.6. The top reviewer of Check Point SandBlast Network writes "Automatically cleans known file types, can detect local file changes, and offers Zero-day attack protection". On the other hand, the top reviewer of NetWitness Platform writes "Economical with good technical support and is easily scalable". Check Point SandBlast Network is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox, FireEye Network Security, Proofpoint Email Protection and Cisco Secure Network Analytics, whereas NetWitness Platform is most compared with Splunk, IBM QRadar, RSA enVision, Microsoft Sentinel and FireEye Network Security. See our Check Point SandBlast Network vs. NetWitness Platform report.

    We monitor all ATP (Advanced Threat Protection) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.