Check Point SandBlast Network vs NetWitness Platform comparison

The compared Check Point Software Technologies and NetWitness solutions aren't in the same category. Check Point Software Technologies is ranked #7 in ATP , with an average rating of 8.6, and holds a 4.0% mindshare in the category. NetWitness is ranked #33 in Log Management , with an average rating of 8.3, and holds a 0.4% mindshare. Additionally, 93% of Check Point Software Technologies users are willing to recommend the solution, compared to 75% of NetWitness users who would recommend it.

Check Point SandBlast Network

Read 41 Check Point SandBlast Network reviews

1,051 Views
967 Comparison Views

93% willing to recommend

NetWitness Platform

Read 37 NetWitness Platform reviews

1,507 Views
738 Comparison Views

75% willing to recommend

Check Point SandBlast Network

NetWitness Platform

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Check Point SandBlast Network and NetWitness Platform based on real PeerSpot user reviews.

Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Check Point SandBlast Network vs. NetWitness Platform Report (Updated: September 2022).

Buyer's Guide

Check Point SandBlast Network vs. NetWitness Platform

September 2022

Download the complete report

Helped 869,785 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Check Point SandBlast Network

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Advanced Threat Protection (ATP) (7th)

NetWitness Platform

Average Rating

7.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Log Management (33rd), Security Information and Event Management (SIEM) (30th)

Mindshare comparison

Check Point SandBlast Network and NetWitness Platform aren’t in the same category and serve different purposes. Check Point SandBlast Network is designed for Advanced Threat Protection (ATP) and holds a mindshare of 4.0%, down 6.0% compared to last year.
NetWitness Platform, on the other hand, focuses on Log Management, holds 0.4% mindshare, up 0.3% since last year.

Advanced Threat Protection (ATP) Market Share Distribution
Product	Market Share (%)
Check Point SandBlast Network	4.0%
Palo Alto Networks WildFire	10.7%
Microsoft Defender for Endpoint	9.0%
Other	76.3%

Advanced Threat Protection (ATP)

Log Management Market Share Distribution
Product	Market Share (%)
NetWitness Platform	0.4%
Wazuh	12.2%
Grafana Loki	7.9%
Other	79.5%

Log Management

Featured Reviews

Abnet Tsegaye Belay

Cybersecurity Engineer at a tech services company with 11-50 employees

Has prevented zero-day attacks by analyzing and disarming suspicious files before delivery

Check Point SandBlast Network offers wide protocol coverage. It inspects emails through SMTP, POP3, and IMAP, web downloads through HTTP and HTTPS, and file transfers. Original files are analyzed in the sandbox while users get clean copies instantly to their inbox. It detects zero-day exploits in suspicious and normal files, and includes forensic and reporting features that provide detailed incident analysis, malware behavior reports, and indicators of compromise. The wide protocol coverage is particularly valuable because suspicious activities happen across different protocols. With Check Point SandBlast Network supporting multiple protocols, there is strong protection for our networks. Since implementing Check Point SandBlast Network, we have gained enhancement in our email and web security. It protects our files, complies with different standards, and reduces lateral movement in our networks.

Read full review

MOTASHIM Al Razi

CISO at One Bank Limited

It is a stable solution, but they should make the user interface easier to understand

The solution's initial setup takes work. We have to organize multiple paths and many features. The deployment process takes less than a week. But it takes a month to complete if we want to make the solution smarter by integrating it with various devices. I rate the process as a six out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It has caught some harmful attachments and downloads."

"The most valuable feature of Check Point SandBlast Network is the sandboxing of PDF and Microsoft system files."

"It seems like it works all the time. We have never had an issue. We have never had something go undetected, anything major. All in all, it works pretty well."

"The use of threat cloud protection with its artificial intelligence can automate possible threats."

"One of its characteristics that we liked the most was its analysis and emulation of activities in the emails since it manages to review them and inspect them if they have an infected attachment."

"When our workers are downloading software, SandBlast Cloud is useful to emulate the downloads that the workers are doing. Then, there are no threats coming into the company."

"It provides a high rate of catching the zero-day advanced threats."

"In terms of the scalability, it's expandable across the cloud."

More Check Point SandBlast Network pros

"It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before."

"Incident management is its most valuable feature."

"The solution is really scalable for the high-end power, enterprise customer."

"It's quite economical compared to other solutions in the market."

"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."

"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."

"The product's initial setup phase was not at all difficult."

"The most valuable features are the packet inspection and the automated incident response."

More NetWitness Platform pros

Cons

"Improvements for Check Point SandBlast Network can be seen in dashboard usability; the threat emulation logs and analysis reports could be made more intuitive and visually appealing."

"I am very leery right now about the stability. We've had three outages in the last month because of Check Point, not because of something that the customer has done, but because of changes on the Check Point side."

"When you have to scan emails that come with attachments, it takes a long time to examine them, which causes other emails not to be scanned, which can cause some danger to our organization."

"There have been a couple of things that we've tried where we read through the documentation, and we were really looking for some help in implementing, and technical support wanted me to try it first, then call them if it breaks. It would be nicer if they would hold my hand a bit more. It makes me nervous in production, as I don't have a lab."

"We have found a need for the application to be a bit more elastic, bringing it to SAS services and not IAS."

"There should be some improvement in the solution's stability and scalability."

"I would like for them to improve the visibility in the product."

"The Threat Emulation software blade significantly affects the performance of the NGFWs, we have a significant increase in the CPU and memory consumption."

More Check Point SandBlast Network cons

"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."

"The multi-tenant capabilities are lagging compared to IBM QRadar."

"Its technical support could be better."

"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."

"The product's licensing models are complex to understand. This particular area needs improvement."

"Technical support could be improved."

"There is no support for this product in this country, so problems have to be resolved through global technical teams."

"The initial setup is complex. There are other solutions that are easier to implement."

More NetWitness Platform cons

Pricing and Cost Advice

"We would like to try the Threat Extraction blade, but you need to buy a license. Check Point is expensive. I would like to buy things, but I would need the funding."

"Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall."

"The cost of Check Point SandBlast Network is annually, and there is only a standard license."

"We have seen ROI."

"The cost is not significantly high and it can be negotiated during any purchase of NGFW."

"The product's cost is high."

"I think the overall cost for introducing Check Point with SandBlast was reasonable and competitive in the market."

"The pricing is quite effective, not excessively high. On a scale of one to ten, where ten is the highest price, I rate the pricing a nine."

"The licenses are good but the cost is very expensive."

"We are on an annual license for the use of the solution."

"The product is expensive."

"Compared to the competition, the is price is not that high."

"It is cheap."

"It provides tools to assist in selecting the appropriate license and usage scenarios."

"The NetWitness Platform may be affordable only for enterprise-level customers, as it may not be within the budget of small and medium-sized businesses."

"In comparison to other SIEM solutions such as Splunk, NetWitness is less costly."

More NetWitness Platform pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.

See recommendations

869,785 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

Energy/Utilities Company

Manufacturing Company

Financial Services Firm

13%

Computer Software Company

12%

Comms Service Provider

Performing Arts

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	28
Midsize Enterprise	8
Large Enterprise	13

By reviewers
Company Size	Count
Small Business	9
Midsize Enterprise	7
Large Enterprise	20

Questions from the Community

What do you like most about Check Point SandBlast Network?

The solution can detect and prevent attacks that may be encrypted.

See all answers

What is your experience regarding pricing and costs for Check Point SandBlast Network?

I'm not in charge of costing regarding Check Point SandBlast Network, so I cannot comment on the pricing, setup cost, and licensing.

See all answers

What needs improvement with Check Point SandBlast Network?

Check Point SandBlast Network could be improved as sometimes the cost can be limiting even if the feature is very nice, and the UI can be optimized. The customer support for Check Point SandBlast N...

See all answers

What do you like most about NetWitness Platform?

The product's initial setup phase was not at all difficult.

See all answers

What is your experience regarding pricing and costs for NetWitness Platform?

The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.

See all answers

What needs improvement with NetWitness Platform?

There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.

See all answers

Comparisons

Palo Alto Networks WildFire vs Check Point SandBlast Network

Compared 52% of the time

Fortinet FortiSandbox vs Check Point SandBlast Network

Compared 39% of the time

Trellix Network Detection and Response vs Check Point SandBlast Network

Compared 8% of the time

More Check Point SandBlast Network Competitors

IBM Security QRadar vs NetWitness Platform

Compared 21% of the time

Splunk Enterprise Security vs NetWitness Platform

Compared 15% of the time

Elastic Security vs NetWitness Platform

Compared 11% of the time

USM Anywhere vs NetWitness Platform

Compared 9% of the time

Trellix Network Detection and Response vs NetWitness Platform

Compared 8% of the time

More NetWitness Platform Competitors

Product Reports

Buyer's Guide

Check Point SandBlast Network

October 2025

Download Check Point SandBlast Network product report

Buyer's Guide

NetWitness Platform

September 2025

Download NetWitness Platform product report

Also Known As

No data available

RSA Security Analytics

Overview

Check Point’s evasion-resistant technology maximizes zero-day protection without compromising business productivity. For the first time, businesses can reduce the risk of unknown attacks by implementing a prevent-first approach. Learn More about Check Point Sandblast

Check Point Software Technologies

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness

Sample Customers

Edenred, State Transport Leasing Company (STLC), Edel AG, Laurenty, Conseil Départemental du Val de Marne, Koch Media

Los Angeles World Airports, Reply

Buyer's Guide

Check Point SandBlast Network vs. NetWitness Platform

September 2022

Free Report: Check Point SandBlast Network vs. NetWitness Platform

Find out what your peers are saying about Check Point SandBlast Network vs. NetWitness Platform and other solutions. Updated: September 2022.

DOWNLOAD NOW

869,785 professionals have used our research since 2012.

See our Check Point SandBlast Network vs. NetWitness Platform report.

We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.