Try our new research platform with insights from 80,000+ expert users

Check Point SandBlast Network vs NetWitness Platform comparison

The compared Check Point Software Technologies and NetWitness solutions aren't in the same category. Check Point Software Technologies is ranked #11 in ATP , with an average rating of 8.6, and holds a 5.7% mindshare in the category. NetWitness is ranked #38 in Log Management , with an average rating of 8.0, and holds a 0.3% mindshare. Additionally, 92% of Check Point Software Technologies users are willing to recommend the solution, compared to 75% of NetWitness users who would recommend it.
Check Point SandBlast Network
Read 38 Check Point SandBlast Network reviews
  • 1,074 Views
  • 763 Comparison Views
92% willing to recommend
NetWitness Platform
Read 37 NetWitness Platform reviews
  • 739 Views
  • 465 Comparison Views
75% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Check Point SandBlast Network and NetWitness Platform based on real PeerSpot user reviews.

Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Check Point SandBlast Network vs. NetWitness Platform Report (Updated: September 2022).
Buyer's Guide
Check Point SandBlast Network vs. NetWitness Platform
September 2022
Download the complete report
Helped 853,271 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Check Point SandBlast Network
Average Rating
8.4
Reviews Sentiment
7.5
Number of Reviews
38
Ranking in other categories
Advanced Threat Protection (ATP) (11th)
NetWitness Platform
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
37
Ranking in other categories
Log Management (38th), Security Information and Event Management (SIEM) (32nd)
 

Mindshare comparison

Check Point SandBlast Network and NetWitness Platform aren’t in the same category and serve different purposes. Check Point SandBlast Network is designed for Advanced Threat Protection (ATP) and holds a mindshare of 5.7%, up 5.4% compared to last year.
NetWitness Platform, on the other hand, focuses on Log Management, holds 0.3% mindshare, down 0.4% since last year.
Advanced Threat Protection (ATP)
Log Management
 

Featured Reviews

GaneshKhutwad - PeerSpot reviewer
Provides advanced threat prevention and utilizes geographic-based policies to mitigate attacks
Check Point offers three types of support: Gold, Platinum, and Diamond. The level of support you receive should be based on the criticality of the issue, not solely on your client's support tier. While there are established support levels, I have experienced instances where the support provided was not categorized as Gold, Platinum, or Diamond but rather a standard support level. In such cases, the response times were slower, and getting support personnel on the call was more difficult.
Read full review
MdZaman - PeerSpot reviewer
Really scalable for enterprise customers
The solution should have more integration capabilities with different platforms. The API is nearly open and scalable, so the solution can integrate with many platforms. The solution has more than 200 log sources in the scalability to support, but this is its limit. Installation is pretty easy. However, there are a couple of modules involved, so it is not as easy as it could be. We are talking about a distributed module, not a single-module type. This is what makes things a bit complex, instead of easier. I rate it as a seven out of ten on its installation and configuration capabilities.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution can detect and prevent attacks that may be encrypted."
"It provides a high rate of catching the zero-day advanced threats."
"The Check Point SandBlast Network gives us incredibly good features."
"The product gives us advanced protection, including artificial intelligence and machine learning technologies and services."
"It looks out for new cyber ​​threats and generates predictions based on behaviors that are already detected on a daily basis."
"You do not need to risk your network by using the in-line sandbox."
"The most valuable feature of Check Point SandBlast Network is the sandboxing of PDF and Microsoft system files."
"Threat extraction can help us to remove malicious content from documents by converting them to PDF."
More Check Point SandBlast Network pros
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"The solution is really scalable for the high-end power, enterprise customer."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"The most valuable features are the integration and ease of use."
"It's quite economical compared to other solutions in the market."
"The most valuable feature is the security that it provides."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
More NetWitness Platform pros
 

Cons

"SandBlast takes longer than FortiSandbox to complete a scan."
"Improvements for Check Point SandBlast Network can be seen in dashboard usability; the threat emulation logs and analysis reports could be made more intuitive and visually appealing."
"The Threat Emulation software blade significantly affects the performance of the NGFWs, we have a significant increase in the CPU and memory consumption."
"Using it in the beginning was difficult because I had never used anything similar. In terms of navigating the UI, it was all not too bad, but there is definitely a learning curve."
"Check Point SandBlast Network can improve the integration with third-party vendors, such as EDR or CRM products. For example, IBM Curator."
"The guides or best practices of Check Point are difficult to find for the client. Therefore, it is sometimes difficult to make better implementations."
"When you have to scan emails that come with attachments, it takes a long time to examine them, which causes other emails not to be scanned, which can cause some danger to our organization."
"In Check Point SandBlast, improvement has to be made with respect to the GUI."
More Check Point SandBlast Network cons
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"The user interface is a little bit difficult for new users and it needs to be improved."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"An area for improvement would be better automation and more inbuilt use cases."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
More NetWitness Platform cons
 

Pricing and Cost Advice

"The pricing is quite effective, not excessively high. On a scale of one to ten, where ten is the highest price, I rate the pricing a nine."
"The cost is not significantly high and it can be negotiated during any purchase of NGFW."
"I think the overall cost for introducing Check Point with SandBlast was reasonable and competitive in the market."
"The cost of Check Point SandBlast Network is annually, and there is only a standard license."
"The product's cost is high."
"Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall."
"We would like to try the Threat Extraction blade, but you need to buy a license. Check Point is expensive. I would like to buy things, but I would need the funding."
"We have seen ROI."
"We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
"This is a pricey solution; it's not cheap."
"There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."
"RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
"We are on an annual license for the use of the solution."
"It is cheap."
"It’s cheaper to run virtual machines in a VMware environment."
"Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
More NetWitness Platform pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
See recommendations
853,271 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
16%
Government
11%
Energy/Utilities Company
6%
Computer Software Company
18%
Financial Services Firm
17%
Government
6%
Insurance Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Check Point SandBlast Network?
The solution can detect and prevent attacks that may be encrypted.
See all answers
What is your experience regarding pricing and costs for Check Point SandBlast Network?
The experience with pricing, setup costs, and licensing was good.
See all answers
What needs improvement with Check Point SandBlast Network?
Check Point SandBlast Network ( /products/check-point-sandblast-network-reviews ) can be improved by adding more integration capabilities, such as integration with third-party firewalls, third-part...
See all answers
What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
See all answers
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
See all answers
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
See all answers
 

Comparisons

Palo Alto Networks WildFire vs Check Point SandBlast Network Logo
Palo Alto Networks WildFire vs Check Point SandBlast Network
Compared 50% of the time
Fortinet FortiSandbox vs Check Point SandBlast Network Logo
Fortinet FortiSandbox vs Check Point SandBlast Network
Compared 29% of the time
Symantec Advanced Threat Protection vs Check Point SandBlast Network Logo
Symantec Advanced Threat Protection vs Check Point SandBlast Network
Compared 5% of the time
Trellix Network Detection and Response vs Check Point SandBlast Network Logo
Trellix Network Detection and Response vs Check Point SandBlast Network
Compared 5% of the time
Microsoft Defender for Office 365 vs Check Point SandBlast Network Logo
Microsoft Defender for Office 365 vs Check Point SandBlast Network
Compared 5% of the time
More Check Point SandBlast Network Competitors
Splunk Enterprise Security vs NetWitness Platform Logo
Splunk Enterprise Security vs NetWitness Platform
Compared 23% of the time
IBM Security QRadar vs NetWitness Platform Logo
IBM Security QRadar vs NetWitness Platform
Compared 18% of the time
Elastic Security vs NetWitness Platform Logo
Elastic Security vs NetWitness Platform
Compared 13% of the time
Trellix Network Detection and Response vs NetWitness Platform Logo
Trellix Network Detection and Response vs NetWitness Platform
Compared 10% of the time
RSA enVision vs NetWitness Platform Logo
RSA enVision vs NetWitness Platform
Compared 9% of the time
More NetWitness Platform Competitors
 

Product Reports

Buyer's Guide
Check Point SandBlast Network
May 2025
Check Point SandBlast Network reportDownload Check Point SandBlast Network product report
Buyer's Guide
NetWitness Platform
May 2025
NetWitness Platform reportDownload NetWitness Platform product report
 

Also Known As

No data available
RSA Security Analytics
 

Overview

Check Point’s evasion-resistant technology maximizes zero-day protection without compromising business productivity. For the first time, businesses can reduce the risk of unknown attacks by implementing a prevent-first approach. Learn More about Check Point Sandblast

Check Point Software Technologies

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness
 

Sample Customers

Edenred, State Transport Leasing Company (STLC), Edel AG, Laurenty, Conseil Départemental du Val de Marne, Koch Media
Los Angeles World Airports, Reply
Buyer's Guide
Check Point SandBlast Network vs. NetWitness Platform
September 2022
Free Report: Check Point SandBlast Network vs. NetWitness Platform
Find out what your peers are saying about Check Point SandBlast Network vs. NetWitness Platform and other solutions. Updated: September 2022.
DOWNLOAD NOW
853,271 professionals have used our research since 2012.
See our Check Point SandBlast Network vs. NetWitness Platform report.

We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.