What is our primary use case?
We were looking for a solution as complete as possible to replace the existing antivirus and, if possible, integrate it with other products that we have, such as the CheckPoint firewall.
We decided to use the Check Point SandBlast agent to prevent ransomware on users' computers.
We subsequently expanded the scope of the solution to detect malicious activity on our network.
It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.
It is also missed that it does not have a client for Linux.
How has it helped my organization?
Check Point SandBlast Agent allows us to centralize all the security software used in a console and avoid, mainly, ransomware in the company.
Many of our users have laptops to carry out teleworking, with this tool we can secure their web browsing, and in the event of suffering some type of attack, the computer is notified by SandBlast Agent and provides information about it and the security actions carried out. It even allows you to restore files modified during the attack.
You also have the option of performing a forensic analysis of the infected computer by providing a lot of information.
What is most valuable?
What we liked the most about the product, apart from detecting any attempted attack, is the graphical interface.
The graphical interface is very easy to use and intuitive, which greatly facilitates the work and greatly facilitates the work and the location of threats on the users' computers.
We also highly value the anti-ransomware functionality, which creates a copy of the files on the computers and in case of infection by ransomware is able to restore them to a date when the computer was not infected.
What needs improvement?
It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.
SandBlast Agent had moments in which it had a high load, we escalated it to the CheckPoint support that helped us to stabilize it. We had a problem with the parameterization of the solution. Once corrected by following the CheckPoint instructions, everything worked normally again.
It is also missed that it does not have a Linux client since some administrators use this type of operating system.
For how long have I used the solution?
I have been using SandBlast for over 1 year now.
What do I think about the stability of the solution?
It is a very mature product that provides great stability in service.
What do I think about the scalability of the solution?
It is a very mature product with good performance. Currently we have not needed to use its scalability.
How are customer service and support?
Our experience with customer service and support is very good, the support is totally professional and responds quickly.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
Previously, we used third-party antivirus software and switched to Check Point SandBlast Agent for its ease of integration with other Check Point products and to improve protection against ransomware.
How was the initial setup?
Initial setup is easy, policies and user groups are defined and then applied. Then we adjusted the policies until we got what we needed.
What about the implementation team?
We implemented it with an internal team and when we had doubts, we consulted the manufacturer's support with a totally satisfactory result due to their great experience.
What was our ROI?
Currently we have not quantified our ROI but we have avoided the loss of information on user computers due to viruses, ransomware, ...
What's my experience with pricing, setup cost, and licensing?
The cost of the solution is similar to other products on the market.
Which other solutions did I evaluate?
We have been evaluating other products, such as Bitdefender and Broadcom (Symantec Enterprise).
What other advice do I have?
It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.
It is also missed that it has no client for linux.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.