Check Point SandBlast Network vs Trellix Advanced Threat Defense comparison

Check Point Software Technologies and Trellix are both solutions in the Advanced Threat Protection (ATP) category. Check Point Software Technologies is ranked #7 with an average rating of 8.6, while Trellix is ranked #21 with an average rating of 9.0. Check Point Software Technologies holds a 4.0% mindshare in ATP, compared to Trellix’s 2.0% mindshare. Additionally, 93% of Check Point Software Technologies users are willing to recommend the solution, compared to 76% of Trellix users who would recommend it.

Check Point SandBlast Network

Read 40 Check Point SandBlast Network reviews

1,051 Views
967 Comparison Views

93% willing to recommend

Trellix Advanced Threat Def...

Read 9 Trellix Advanced Threat Defense reviews

416 Views
379 Comparison Views

76% willing to recommend

Check Point SandBlast Network

Trellix Advanced Threat Def...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Dec 1, 2024

Check Point SandBlast Network and Trellix Advanced Threat Defense are key players in cybersecurity, each providing distinct capabilities in threat detection. While Trellix seems to have the upper hand due to its advanced features, Check Point enjoys better feedback regarding pricing and support.

Features: Check Point SandBlast Network is known for powerful threat emulation, effective zero-day threat mitigation, and seamless integration across diverse network environments. Trellix Advanced Threat Defense distinguishes itself with robust behavioral analytics, comprehensive anomaly detection, and advanced machine learning capabilities, providing greater threat visibility.

Room for Improvement: Check Point could improve by enhancing its feature depth in behavioral analytics, providing more robust anomaly detection, and expanding its machine learning capabilities. Trellix, on the other hand, might benefit from simplifying deployment processes, optimizing the integration across varied environments, and reducing upfront costs to improve cost-effectiveness.

Ease of Deployment and Customer Service: Check Point SandBlast Network is easier to deploy, requiring minimal configuration and relying on a responsive customer service team. Trellix Advanced Threat Defense demands more complex deployment but compensates with superior support services, assisting users throughout their setup process.

Pricing and ROI: Check Point SandBlast Network offers competitive pricing and strong ROI due to its ease of use and simple deployment. Trellix Advanced Threat Defense, with potentially higher initial costs, provides significant ROI through its extensive feature set and enhanced threat management capabilities, making it a worthwhile investment for feature-focused users.

To learn more, read our detailed Check Point SandBlast Network vs. Trellix Advanced Threat Defense Report (Updated: September 2025).

Buyer's Guide

Check Point SandBlast Network vs. Trellix Advanced Threat Defense

September 2025

Download the complete report

Helped 869,566 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Check Point SandBlast Network

Ranking in Advanced Threat Protection (ATP)

7th

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

No ranking in other categories

Trellix Advanced Threat Def...

Ranking in Advanced Threat Protection (ATP)

21st

Average Rating

7.8

Reviews Sentiment

5.6

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of October 2025, in the Advanced Threat Protection (ATP) category, the mindshare of Check Point SandBlast Network is 4.0%, down from 6.0% compared to the previous year. The mindshare of Trellix Advanced Threat Defense is 2.0%, up from 1.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Advanced Threat Protection (ATP) Market Share Distribution
Product	Market Share (%)
Check Point SandBlast Network	4.0%
Trellix Advanced Threat Defense	2.0%
Other	94.0%

Advanced Threat Protection (ATP)

Featured Reviews

Abnet Tsegaye Belay

Cybersecurity Engineer at a tech services company with 11-50 employees

Has prevented zero-day attacks by analyzing and disarming suspicious files before delivery

Check Point SandBlast Network offers wide protocol coverage. It inspects emails through SMTP, POP3, and IMAP, web downloads through HTTP and HTTPS, and file transfers. Original files are analyzed in the sandbox while users get clean copies instantly to their inbox. It detects zero-day exploits in suspicious and normal files, and includes forensic and reporting features that provide detailed incident analysis, malware behavior reports, and indicators of compromise. The wide protocol coverage is particularly valuable because suspicious activities happen across different protocols. With Check Point SandBlast Network supporting multiple protocols, there is strong protection for our networks. Since implementing Check Point SandBlast Network, we have gained enhancement in our email and web security. It protects our files, complies with different standards, and reduces lateral movement in our networks.

Read full review

Philippe Panardie

RSSI at SDIS49

Ensuring long-term reliability while seeking internal email management enhancements

Prisma is a commercial name of the firewall now, but we don't work with the cloud product. Only our company is using it and we do not recommend it to customers. For us, it's transparent because it's a cloud product, so we don't really know the version as it's always updated. We have not had any problem, but it's difficult to report on what's going on because some days they can wash out perhaps 100 mails, and then it's difficult to say how many attacks you have reached. The right email has been washed out and then nobody has complained. We do not use the Threat Visualization feature; as we are in MX, the mail is washed out before it is in the mail inbox of the user, thus avoiding any problem requiring a reservation. In fact, there is no integration with existing security frameworks. The only problem we can have is that as we have no API interface, there is no inspection of internal mail. I rate Trellix Advanced Threat Defense a nine out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"You do not need to risk your network by using the in-line sandbox."

"It seems like it works all the time. We have never had an issue. We have never had something go undetected, anything major. All in all, it works pretty well."

"It enables my IT system to apply threat detection intelligence and diffuse the endpoint and potential threat attacks and phishing attacks onto the system in the most proactive and secure manner."

"It provides a high rate of catching the zero-day advanced threats."

"In terms of the scalability, it's expandable across the cloud."

"The most efficient and protective characteristics of Check Point's SandBlast solution are that we can see a lot of this protection at the network and mail levels."

"Check Point has enabled us to detect a lot of threats and prevented a lot of threats from entering our environments. It has kept us safe."

"SandBlast Network enhances security by providing advanced threat prevention."

More Check Point SandBlast Network pros

"It stops in excess of twenty-five malware events per month, all of which could be critical to the business."

"Its greatest strength is the DXL client which can rapidly disseminate attack information to all clients via the McAfee Agent instead of going through the ePO server."

"Provides good exfiltration, and is an all-in-one product."

"I recommend this solution because of its ease of use."

"It is very scalable."

"It is stable and reliable."

"The most valuable features are the administration console and its detection and response module."

"The fact that in 10 years, we have had no problem is the most valuable feature for us; it's really a washing machine, but the only problem we face is that it's difficult to report on this product."

Cons

"EDR and EPM solutions like Carbon Black or CyberArk have integrations with the cloud version of Sandblast, however, there must be on-premise Sandblast options also."

"The guides or best practices of Check Point are difficult to find for the client. Therefore, it is sometimes difficult to make better implementations."

"Check Point SandBlast Network can improve the integration with third-party vendors, such as EDR or CRM products. For example, IBM Curator."

"The response times were slower, and getting support personnel on the call was more difficult."

"Check Point SandBlast Network can be improved by adding more integration capabilities, such as integration with third-party firewalls, third-party EDR solutions, and SIEM."

"There should be some customized price reductions in the offered packages."

"Many Important controls are only available in CLI & very very complicated. All tecli command features should available on GUI so that it will become easy for normal users to monitor & control queue."

"We have found a need for the application to be a bit more elastic, bringing it to SAS services and not IAS."

More Check Point SandBlast Network cons

"There could be a tool that automatically updates all-new Microsoft IPs, which are available for free to connect to the client."

"We'd like them to be better at dealing with script threats."

"Make the ATD system a part of the whole product and take the whole thing onto the cloud. While it is there already, it is not to the same level as the on-premise version."

"The only problem we can have is that as we have no API interface, there is no inspection of internal mail."

"I would like to see future versions of the solution incorporate artificial intelligence technology."

"Lacks remote capabilities not dependent on the internet."

"This solution needs to be made "cloud ready"."

"The initial setup was industry standard complex. It takes awhile and has a lot of planning involved. It could be simplified with product redesign."

Pricing and Cost Advice

"The cost of Check Point SandBlast Network is annually, and there is only a standard license."

"We would like to try the Threat Extraction blade, but you need to buy a license. Check Point is expensive. I would like to buy things, but I would need the funding."

"I think the overall cost for introducing Check Point with SandBlast was reasonable and competitive in the market."

"Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall."

"The product's cost is high."

"We have seen ROI."

"The pricing is quite effective, not excessively high. On a scale of one to ten, where ten is the highest price, I rate the pricing a nine."

"The cost is not significantly high and it can be negotiated during any purchase of NGFW."

"The product is expensive, but it is better than the rest of them in the industry."

"Our licensing fees for this solution are approximately one million dollars per year."

See which vendors are best for you

Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.

See recommendations

869,566 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

Energy/Utilities Company

Manufacturing Company

Government

16%

Comms Service Provider

14%

Performing Arts

11%

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	27
Midsize Enterprise	8
Large Enterprise	13

By reviewers
Company Size	Count
Small Business	3
Midsize Enterprise	4
Large Enterprise	5

Questions from the Community

What do you like most about Check Point SandBlast Network?

The solution can detect and prevent attacks that may be encrypted.

See all answers

What is your experience regarding pricing and costs for Check Point SandBlast Network?

I'm not in charge of costing regarding Check Point SandBlast Network, so I cannot comment on the pricing, setup cost, and licensing.

See all answers

What needs improvement with Check Point SandBlast Network?

Check Point SandBlast Network could be improved as sometimes the cost can be limiting even if the feature is very nice, and the UI can be optimized. The customer support for Check Point SandBlast N...

See all answers

What do you like most about McAfee Advanced Threat Defense?

I recommend this solution because of its ease of use.

See all answers

What needs improvement with McAfee Advanced Threat Defense?

I would like to see an API interface for internal email and control of outgoing email to make it closer to 10. It's necessary; today we have an MX interface, and it would be interesting to have an ...

See all answers

What is your primary use case for McAfee Advanced Threat Defense?

We are working with Palo Alto products, specifically firewalls. We are only using Palo Alto Firewalls and not Cortex. With FireEye and Trellix, we only work with ETP now because the NDR function wh...

See all answers

Comparisons

Palo Alto Networks WildFire vs Check Point SandBlast Network

Compared 52% of the time

Fortinet FortiSandbox vs Check Point SandBlast Network

Compared 39% of the time

Trellix Network Detection and Response vs Check Point SandBlast Network

Compared 9% of the time

More Check Point SandBlast Network Competitors

Fortinet FortiSandbox vs Trellix Advanced Threat Defense

Compared 32% of the time

Check Point Infinity vs Trellix Advanced Threat Defense

Compared 25% of the time

Microsoft Defender for Identity vs Trellix Advanced Threat Defense

Compared 25% of the time

Microsoft Defender for Office 365 vs Trellix Advanced Threat Defense

Compared 19% of the time

More Trellix Advanced Threat Defense Competitors

Product Reports

Buyer's Guide

Check Point SandBlast Network

October 2025

Download Check Point SandBlast Network product report

Buyer's Guide

Trellix Advanced Threat Defense

September 2025

Download Trellix Advanced Threat Defense product report

Also Known As

No data available

McAfee Advanced Threat Defense

Overview

Check Point’s evasion-resistant technology maximizes zero-day protection without compromising business productivity. For the first time, businesses can reduce the risk of unknown attacks by implementing a prevent-first approach. Learn More about Check Point Sandblast

Check Point Software Technologies

Powerful advanced threat detection

Uncover Hidden Threats

Combine in-depth static code analysis, dynamic analysis (malware sandboxing), and machine learning to increase zero-day threat and ransomware detection.

Threat Intelligence Sharing

Immediately share threat intelligence across your entire infrastructure—including multi-vendor ecosystems—to reduce time from threat encounter to containment.

Enable Investigation

Validate threats and access critical indicators of compromise (IoCs) needed for investigation and threat hunting.

Trellix

Sample Customers

Edenred, State Transport Leasing Company (STLC), Edel AG, Laurenty, Conseil Départemental du Val de Marne, Koch Media

The Radicati Group, Florida International University, MGM Resorts International, County Durham andDarlington NHS Foundation Trust

Buyer's Guide

Check Point SandBlast Network vs. Trellix Advanced Threat Defense

September 2025

Free Report: Check Point SandBlast Network vs. Trellix Advanced Threat Defense

Find out what your peers are saying about Check Point SandBlast Network vs. Trellix Advanced Threat Defense and other solutions. Updated: September 2025.

DOWNLOAD NOW

869,566 professionals have used our research since 2012.

See our Check Point SandBlast Network vs. Trellix Advanced Threat Defense report.

See our list of best Advanced Threat Protection (ATP) vendors.

We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.