Try our new research platform with insights from 80,000+ expert users

Check Point SandBlast Network vs NetWitness Platform comparison

The compared Check Point Software Technologies and NetWitness solutions aren't in the same category. Check Point Software Technologies is ranked #8 in ATP , with an average rating of 8.7, and holds a 4.8% mindshare in the category. NetWitness is ranked #37 in Log Management , with an average rating of 8.0, and holds a 0.3% mindshare. Additionally, 92% of Check Point Software Technologies users are willing to recommend the solution, compared to 75% of NetWitness users who would recommend it.
Check Point SandBlast Network
Read 38 Check Point SandBlast Network reviews
  • 1,036 Views
  • 615 Comparison Views
92% willing to recommend
NetWitness Platform
Read 37 NetWitness Platform reviews
  • 713 Views
  • 124 Comparison Views
75% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Check Point SandBlast Network and NetWitness Platform based on real PeerSpot user reviews.

Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Check Point SandBlast Network vs. NetWitness Platform Report (Updated: September 2022).
Buyer's Guide
Check Point SandBlast Network vs. NetWitness Platform
September 2022
Download the complete report
Helped 859,957 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Check Point SandBlast Network
Average Rating
8.4
Reviews Sentiment
7.5
Number of Reviews
38
Ranking in other categories
Advanced Threat Protection (ATP) (8th)
NetWitness Platform
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
37
Ranking in other categories
Log Management (37th), Security Information and Event Management (SIEM) (29th)
 

Mindshare comparison

Check Point SandBlast Network and NetWitness Platform aren’t in the same category and serve different purposes. Check Point SandBlast Network is designed for Advanced Threat Protection (ATP) and holds a mindshare of 4.8%, down 5.4% compared to last year.
NetWitness Platform, on the other hand, focuses on Log Management, holds 0.3% mindshare, down 0.4% since last year.
Advanced Threat Protection (ATP)
Log Management
 

Featured Reviews

GaneshKhutwad - PeerSpot reviewer
Provides advanced threat prevention and utilizes geographic-based policies to mitigate attacks
Check Point offers three types of support: Gold, Platinum, and Diamond. The level of support you receive should be based on the criticality of the issue, not solely on your client's support tier. While there are established support levels, I have experienced instances where the support provided was not categorized as Gold, Platinum, or Diamond but rather a standard support level. In such cases, the response times were slower, and getting support personnel on the call was more difficult.
Read full review
MOTASHIM Al Razi - PeerSpot reviewer
It is a stable solution, but they should make the user interface easier to understand
The solution's initial setup takes work. We have to organize multiple paths and many features. The deployment process takes less than a week. But it takes a month to complete if we want to make the solution smarter by integrating it with various devices. I rate the process as a six out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Check Point SandBlast Network has positively impacted our organization by reducing incidents, improving user confidence, and saving time since implementing it. With around 2,000 users in our organization, after deploying threat emulation for network security, we haven't seen any incidents, including zero-day or ransomware attacks."
"Check Point SandBlast Network Solution provides signature-based as well as zero-day threat protection. Also sandboxing can be performed on an on-premise device, cloud as well as the combination of both. Threat emulation is done on multiple OS & verdict is provided."
"It seems like it works all the time. We have never had an issue. We have never had something go undetected, anything major. All in all, it works pretty well."
"The most valuable thing about this product is that it keeps the network secure against zero-day threats."
"It provides a high rate of catching the zero-day advanced threats."
"One of its characteristics that we liked the most was its analysis and emulation of activities in the emails since it manages to review them and inspect them if they have an infected attachment."
"Check Point SandBlast is best in terms of the extraction function. Customers can get a clean firewall with extraction after I've cleaned and scanned it from Check Point. It's easy for users, too."
"Very few false positives are detected, which gives the confidence to raise flags when needed, ensuring the IT department is aware of threats and acting fast."
More Check Point SandBlast Network pros
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"Performance and reporting are very good."
"The most valuable features are the packet decoder, log decoder, and concentrator."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"NetWitness Platform offers flexibility for deployment and robust integration capabilities."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"Incident management is its most valuable feature."
More NetWitness Platform pros
 

Cons

"SandBlast takes longer than FortiSandbox to complete a scan."
"Check Point SandBlast Network can improve the integration with third-party vendors, such as EDR or CRM products. For example, IBM Curator."
"The technical support could use some work, but it's okay. It's a little bit of a tedious process to get through."
"Sometimes, Check Point Sandblast requires more resources, which impacts network performance if it has been deployed with limited resources."
"We have found a need for the application to be a bit more elastic, bringing it to SAS services and not IAS."
"I would like if it could emulate bigger files and somehow improve this usability. I don't know if this would be possible. However, if it was able to scan or emulate bigger files, then it would be safer for a company using it."
"The Threat Emulation software blade significantly affects the performance of the NGFWs, we have a significant increase in the CPU and memory consumption."
"There have been a couple of things that we've tried where we read through the documentation, and we were really looking for some help in implementing, and technical support wanted me to try it first, then call them if it breaks. It would be nicer if they would hold my hand a bit more. It makes me nervous in production, as I don't have a lab."
More Check Point SandBlast Network cons
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"More customizability is required, which is something that they need to improve on."
"Its technical support could be better."
"The solution should have more integration capabilities with different platforms."
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"It is not so easy to customize this product."
"We have encountered issues with unresolved crashes."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
More NetWitness Platform cons
 

Pricing and Cost Advice

"I think the overall cost for introducing Check Point with SandBlast was reasonable and competitive in the market."
"The cost of Check Point SandBlast Network is annually, and there is only a standard license."
"The cost is not significantly high and it can be negotiated during any purchase of NGFW."
"Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall."
"The pricing is quite effective, not excessively high. On a scale of one to ten, where ten is the highest price, I rate the pricing a nine."
"We have seen ROI."
"We would like to try the Threat Extraction blade, but you need to buy a license. Check Point is expensive. I would like to buy things, but I would need the funding."
"The product's cost is high."
"It’s cheaper to run virtual machines in a VMware environment."
"In comparison to other SIEM solutions such as Splunk, NetWitness is less costly."
"The NetWitness Platform may be affordable only for enterprise-level customers, as it may not be within the budget of small and medium-sized businesses."
"RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
"We are on an annual license for the use of the solution."
"Compared to the competition, the is price is not that high."
"The licenses are good but the cost is very expensive."
"We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."
More NetWitness Platform pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
See recommendations
859,957 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
15%
Government
8%
Energy/Utilities Company
6%
Financial Services Firm
18%
Computer Software Company
17%
Government
6%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Check Point SandBlast Network?
The solution can detect and prevent attacks that may be encrypted.
See all answers
What is your experience regarding pricing and costs for Check Point SandBlast Network?
The experience with pricing, setup costs, and licensing was good.
See all answers
What needs improvement with Check Point SandBlast Network?
Check Point SandBlast Network ( /products/check-point-sandblast-network-reviews ) can be improved by adding more integration capabilities, such as integration with third-party firewalls, third-part...
See all answers
What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
See all answers
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
See all answers
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
See all answers
 

Comparisons

Palo Alto Networks WildFire vs Check Point SandBlast Network Logo
Palo Alto Networks WildFire vs Check Point SandBlast Network
Compared 50% of the time
Fortinet FortiSandbox vs Check Point SandBlast Network Logo
Fortinet FortiSandbox vs Check Point SandBlast Network
Compared 27% of the time
Trellix Network Detection and Response vs Check Point SandBlast Network Logo
Trellix Network Detection and Response vs Check Point SandBlast Network
Compared 7% of the time
Symantec Advanced Threat Protection vs Check Point SandBlast Network Logo
Symantec Advanced Threat Protection vs Check Point SandBlast Network
Compared 6% of the time
Cisco Secure Network Analytics vs Check Point SandBlast Network Logo
Cisco Secure Network Analytics vs Check Point SandBlast Network
Compared 6% of the time
More Check Point SandBlast Network Competitors
Splunk Enterprise Security vs NetWitness Platform Logo
Splunk Enterprise Security vs NetWitness Platform
Compared 23% of the time
IBM Security QRadar vs NetWitness Platform Logo
IBM Security QRadar vs NetWitness Platform
Compared 21% of the time
Elastic Security vs NetWitness Platform Logo
Elastic Security vs NetWitness Platform
Compared 14% of the time
Trellix Network Detection and Response vs NetWitness Platform Logo
Trellix Network Detection and Response vs NetWitness Platform
Compared 9% of the time
RSA enVision vs NetWitness Platform Logo
RSA enVision vs NetWitness Platform
Compared 9% of the time
More NetWitness Platform Competitors
 

Product Reports

Buyer's Guide
Check Point SandBlast Network
June 2025
Check Point SandBlast Network reportDownload Check Point SandBlast Network product report
Buyer's Guide
NetWitness Platform
June 2025
NetWitness Platform reportDownload NetWitness Platform product report
 

Also Known As

No data available
RSA Security Analytics
 

Overview

Check Point’s evasion-resistant technology maximizes zero-day protection without compromising business productivity. For the first time, businesses can reduce the risk of unknown attacks by implementing a prevent-first approach. Learn More about Check Point Sandblast

Check Point Software Technologies

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness
 

Sample Customers

Edenred, State Transport Leasing Company (STLC), Edel AG, Laurenty, Conseil Départemental du Val de Marne, Koch Media
Los Angeles World Airports, Reply
Buyer's Guide
Check Point SandBlast Network vs. NetWitness Platform
September 2022
Free Report: Check Point SandBlast Network vs. NetWitness Platform
Find out what your peers are saying about Check Point SandBlast Network vs. NetWitness Platform and other solutions. Updated: September 2022.
DOWNLOAD NOW
859,957 professionals have used our research since 2012.
See our Check Point SandBlast Network vs. NetWitness Platform report.

We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.