We performed a comparison between Check Point SandBlast Network and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Threat Emulation gives networks the necessary protection against unknown threats in files that are attached to emails. The Threat Emulation engine picks up malware at the exploit phase before it enters the network. It quickly quarantines and runs the files in a virtual sandbox, which imitates a standard operating system, to discover malicious behavior before hackers can apply evasion techniques to bypass the sandbox."
"The sandbox is able to scan files without adding a delay or compromising productivity."
"The zero-day protection is its most valuable feature."
"We didn't really have any IPS before. So, Check Point has improved our security posture. People get used to doing things certain ways, which might not be the best or most secure way, and they can't do that now, which just requires more education of the user base. With the endpoint client, we've started to use Check Point for remote access."
"It saves time with us trying to do the analysis. We use it to try to find out how something got into the network. We use it to stop something before it ever gets in."
"SandBlast updates the threat signatures frequently."
"The most efficient and protective characteristics of Check Point's SandBlast solution are that we can see a lot of this protection at the network and mail levels."
"The technology is impressive in general."
"If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution."
"The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money."
"The most valuable feature is the network security module."
"The most valuable feature is MVX, which tests all of the files that have been received in an email."
"Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"The installation phase was easy."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
"The guides or best practices of Check Point are difficult to find for the client. Therefore, it is sometimes difficult to make better implementations."
"They need to improve the GUI interface."
"The initial setup was complex because of the lack of information from the consultant."
"When you have to scan emails that come with attachments, it takes a long time to examine them, which causes other emails not to be scanned, which can cause some danger to our organization."
"We would like to see this solution reach mobile devices more efficiently, through apps or more specific products."
"The file types that can be scanned are limited, which means that if the file type is not listed or enabled for the sandbox, they are bypassed and it can lead to a security issue."
"Using it in the beginning was difficult because I had never used anything similar. In terms of navigating the UI, it was all not too bad, but there is definitely a learning curve."
"I think Check Point provides standard time which ideally most other vendors take to identify behaviors of a file by sending them into a sandbox environment for inspection."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment."
"Management of the appliance could be greatly improved."
"The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right."
"A better depth of view, being able to see deeper into the management process, is what I'd like to see."
"Stability issues manifested in terms of throughput maximization."
"FireEye Network Security should have better integration with other vendors' firewalls or proxies, such as Palo Alto and Fortinet. Files that are being submitted should happen through the API or automatically."
"It would be very helpful if there were better integration with other solutions from other vendors, such as Fortinet and Palo Alto."
More Check Point SandBlast Network Pricing and Cost Advice →
More Trellix Network Detection and Response Pricing and Cost Advice →
Check Point SandBlast Network is ranked 8th in Advanced Threat Protection (ATP) with 33 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 36 reviews. Check Point SandBlast Network is rated 8.4, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Check Point SandBlast Network writes "High detection with few false positives and able to handle large volumes of data". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Check Point SandBlast Network is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox, Microsoft Defender for Office 365, Cisco Secure Network Analytics and Symantec Advanced Threat Protection, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Fortinet FortiGate and NetWitness Platform. See our Check Point SandBlast Network vs. Trellix Network Detection and Response report.
See our list of best Advanced Threat Protection (ATP) vendors.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
