Check Point SandBlast Network Reviews

SandBlast is an email protection solution.

SandBlast updates the threat signatures frequently.

SandBlast takes longer than FortiSandbox to complete a scan.

I have used SandBlast for five years.

I rate SandBlast seven out of 10 for stability. 

I rate SandBlast seven out of 10 for scalability. SandBlast is more difficult to scale than FortiSandbox.

Setting up SandBlast is straightforward. 

The vendor deployed SandBlast. 

SandBlast is expensive. The only additional cost is support. 

I rate Check Point SandBlast Network six out of 10. 

Check Point is our main perimeter firewall vendor. We have several Check Point clusters doing different things within our environment.

We didn't really have any IPS before. So, Check Point has improved our security posture. People get used to doing things certain ways, which might not be the best or most secure way, and they can't do that now, which just requires more education of the user base. With the endpoint client, we've started to use Check Point for remote access.

Check Point met all of our criteria that we were looking for in a firewall vendor as far as remote access capabilities, as far as IPS and intrusion detection, the SandBlast and the threat extraction pieces that we were looking at to help limit our attack vectors. They're top rated and have been for a long time. Those were all important things that we were looking at when we were looking at replacing what we currently had with Check Point. 

The number one thing that's a little bit frustrating is we implement two-factor authentication for remote access. We thought we were going to be able to pick users or groups to do two-factor against, and some did not do two-factor against. We found out that we can only do that either in the mobile access blade in which we can have it all do two-factor or not, and then the remote VPN all do two-factor or not. For our own internal employees, I want them to have an option to either do clientless or client depending on the situation.

One of the main reasons why we picked Check Point was because we needed a clientless option for third-parties who don't have our hardware. Check Point is not doing two-factor authentication for that. This is something that we've been really asking about and we'd like to be able to do: Two-factor authentication off blade based groups (or something else). We know it is on the roadmap.

We put in high availability clusters and had zero downtime, even with upgrades. It's been rock solid, we're very pleased. It hasn't been disruptive to the business.

We're small. The new Maestro option is impressive. It is nice to know that we could move into this Maestro product and move away from an Active-Passive firewall cluster to an Active-Active, then if we needed it for computer bandwidth, we could easily add something. That is very awesome.

We have premium support currently. Several times a month, I call them to ask them stuff. Some of it is not necessarily because I have a problem, but being very new to Check Point, Check Point does things differently than other firewall vendors, so there is a learning curve if you're not used to the way Check Point does things. We use support for that as well, making sure that we're doing things right. 

My experience with them has been good. There have been a couple of things that we've tried where we read through the documentation, and we were really looking for some help in implementing, and technical support wanted me to try it first, then call them if it breaks. It would be nicer if they would hold my hand a bit more. It makes me nervous in production, as I don't have a lab.

We replaced our Cisco ASAs with our Check Points. Our version of the Cisco ASA was at end of life, and we would have needed to move to the next-generation of it.

I was the decision-maker. Our company also has some security teams, software teams, an operations team, and a service desk.

We used a partner for the integration. We used CBTS. We've had a partnership with them, not for just what we've done for Check Point, but with several other products that we've bought over the years, and they've been a good partner. I don't really have any complaints with them.

We have seen our return on investment, and I think our security guys would agree with that. It's opened up the eyes of the security, and even the organization, regarding risks to say, “Wow, there is really a lot of stuff going on that we didn't know about.”

We looked at the gamut of products out there, since there are a lot of firewall players. However, Cisco has consistently been in the top for a long time.

We also looked at Cisco and Palo Alto. We looked at what the NGFW Cisco ASAs looked like.

Nothing is perfect, but Check Point is pretty close to perfect. Check Point is an anomaly in the industry as they only do security. They have been doing this for 25 years and are a pillar of what they do. 

I would rate it a nine out of ten. It consistently performs well, and independent third-parties agree. They are really good at what they do.

We use it as a method to ensure with all of our emails and the files coming through have secure attachments and no known issues: No malware, no known vulnerable hashes, nor anything malicious.

SandBlast has improved my organization in the way that we no longer have to worry as much about attachments which come in. Previously, it was a pretty frequent occurrence when we would get something malicious. So, it made it so that we could focus on other tasks and not have to worry nearly as much.

It seems like it works all the time. We have never had an issue. We have never had something go undetected, anything major. All in all, it works pretty well.

I would like to see some speed improvements, e.g., how quickly you can get through all the menus. It crashes sometimes because we push so much through it. Therefore, I would like to see more small things behind the scenes, such as, back-end stability in terms of the management application.

I would also like to improve the usability of the application to improve the quality of life of our users. 

It seems very stable. We haven't seen any issues with it. The quality is great. 

It is definitely scalable. We have a massive amount of endpoints that it's working through right now, and it's definitely taking care of us.

We are a Diamond partner, so we have a dedicated support rep who is always available and with a quick response and remediation. 

When I came onboard, this solution was already implemented.

The initial setup was pretty straightforward and simple. We tested a few things to see how we could make it run a little better.

We deployed it ourselves.

I would rate it an eight out of ten because it is stable and works well. We have never run into an issue with it. It is frequently updated and our support rep goes through the findings and lets us know what type of stuff is being blocked and if we want to make any small configuration changes. 

It's definitely a good way to go just because it's so simple. Once you have it set up, you don't really have to touch it.

One of our offices required zero-day protection that was automated and within the quantum licensing in a small device. It already had a one-year license enabled, so we had a way to use it based on our needs.

We required sophisticated email phishing protection in addition to validating downloaded files in our infrastructure without compromising productivity. We needed to avoid threats within the network and have a data reviewer based on a database containing old threats and new ones.

This protection was required due to the high impact that we would have if we were compromised in the office.

Check Point SandBlast Network has provided us with security for downloaded files on our network in addition to protection against phishing that tries to enter through email.

SandBlast has an emulator which is responsible for validating files and emails against modern threats based on its global database, which is constantly updated. In this way, everything is validated and delivered quickly to the user (who is not affected while being analyzed).

All these benefits generated greater security and stability within our office and the company's perimeter network.

The Check Point SandBlast Network gives us incredibly good features. It really is a very good security tool. The ability to validate new or old threats within the database that is being updated by all GWs globally from the manufacturer makes it a reliable database and tool.

Its threat extraction and emulation checks validate and deliver emails or downloaded files if they do not represent a threat to users. All of this great work is done in seconds. The client does not perceive this emulation, making the technology even more valuable in implementing security.

The Check Point SandBlast Network solution also needs some improvements that can be expected in the future. For example, the cost, which for some customers is high.

Also, on the subject of the guides, they are difficult to find, or they are not clear when it comes to carrying out implementations, generating best practices, or some other details. They are difficult to understand.

At the support level, they could improve the attention times and have the resolution of cases happen a little faster. Sometimes it takes a long time to send emails and tests instead of generating sessions or calls with the client to solve everything quickly.

We've used this excellent tool in an office that required protection against zero-day threats. We have used the technology for more than a year.

We used the Microsoft 365 Data Protection tool for email. However, it is a solution outside of our Check Point environment.

I'd recommend getting a partner who can provide you with all the help for Check Point services.

We always validate, review documentation, and check reviews to determine which security tool fits the bill.

It is a very good tool. You must try it and take your verdict.

As we need to secure our network, we must detect and add controls, and that is where, based on recommendations and experience, we use Check Point SandBlast technologies. They help us and provide zero-day or solvent security and protection and contribute to optimizing the risks of security based on profiles or data already shared and pre-established such as security templates to be easy and quick to implement. It is offering us a security strategy that helps us avoid major problems or impacts on users and is easy and non-invasive with users.

Its greatest value is that Check Point promotes and connects these technologies efficiently with ThreatCloud, which is one of the most outstanding bits of intelligence of the brand. It is capable of integrating advanced AI engines, and exclusive data of the brand. Having this added value in the solution enables us to provide greater security and adds efficiency in resolving incidents of any product. The AI can perform deep investigations, which can help us solve CPU problems or other types of hardware attacks.

Its greatest value is in the integration of AI analytics and detecting zero-day threats, which in many cases are a great vulnerability. Having all these security features applied allows us to save equipment and protect users. The most efficient and protective characteristics of Check Point's SandBlast solution are that we can see a lot of this protection at the network and mail levels. We have been able to take advantage of the great characteristics that the brand and its services offer us. 

In the future, I would like to see these solutions being easier to manage from mobile applications - from either iOS or Android - including other operating systems that appear in the future. This would allow administrators to be more flexible in managing their infrastructures and equipment from any place. It is mega important to innovate and think about how to adapt to the changes of the future, including this security to the famous virtual world that is being created. 

We used the solution for one year.

The most valuable feature of Check Point SandBlast Network is the sandboxing of PDF and Microsoft system files.

Check Point SandBlast Network can improve the integration with third-party vendors, such as EDR or CRM products. For example, IBM Curator.

I have been using Check Point SandBlast Network for approximately two years.

The stability of Check Point SandBlast Network is good.

Check Point SandBlast Network is scalable.

We have approximately 5,000 users using this solution.

The support from Check Point SandBlast Network is good. The support helps us very quickly.

We have two people for the deployment of the Check Point SandBlast Network.

The cost of Check Point SandBlast Network is annually, and there is only a standard license.

I rate Check Point SandBlast Network an eight out of ten.

Today's attacks are zero-day or which are not correlated to previous attacks. So cyber defense should be active and should block those zero days threats before it impacts the entire network.

Something should be there which proactively can detect threats and block them. Sandbox is technology that overcomes this issue and sandblast for the network which consists of threat emulation and threat exaction.

It emulates unknows files in a sandbox environment and protects threats in hidden email documents by extracting them.

It contains malware from attached documents in email organization can be relayed on such type of solutions where they need not invest more on other solution for such feature sets which ultimately reduce attack vector via email or from spoof senders and Extracts exploitable content out of the file.

For new applications or for databases there were many file storage which are having new hash values or unknow that can be identified by executing them in the sandbox environment hence improving more efficiency and security.

Threat Emulation gives networks the necessary protection against unknown threats in files that are attached to emails. The Threat Emulation engine picks up malware at the exploit phase before it enters the network. It quickly quarantines and runs the files in a virtual sandbox, which imitates a standard operating system, to discover malicious behavior before hackers can apply evasion techniques to bypass the sandbox. The Threat Extraction blade extracts potentially malicious content from e-mail attachments before they enter the corporate network. 

I think Check Point provides standard time which ideally most other vendors take to identify behaviors of a file by sending them into a sandbox environment for inspection.

Apart from policy creation and the number of supported files which is also the same as other vendors in the industry so probably as per me, there is no need to improved other things except if they want to make something different than making sure on-prem devices support almost all type of file inspection so even customers who don't have Check Point firewalls can buy Check Point on-prem device for sandbox technology.

2 years

It's very stable.

Scalability is very good.

Tech support is very good.

It's easy to setup.

It never gives us any issue while implementing.

Our company sells Check Point products. We give our customers support on these products. We use it here in our company, but mainly we give support to our customers who are using the product.

Our clients use it for improving the security in their environment. We are also using it to improve our security. 

We are using this solution extensively. It is available all the time for any file that we download.

We have some on-premise equipment that goes to the cloud.

When our workers are downloading software, SandBlast Cloud is useful to emulate the downloads that the workers are doing. Then, there are no threats coming into the company.

We have never had a case of a virus entering our company in computer. I think we are safe because of this solution. One of the features of the Check Point product, SandBlast Cloud, is that it prevents the downloading of malicious files.

The mostly useful feature is we can download a file and emulate it outside of our company, then we can get the file and know that the file is clean. It's safe to run inside our company and we have no risk of viruses, Trojans, and so on.

I would like if it could emulate bigger files and somehow improve this usability. I don't know if this would be possible. However, if it was able to scan or emulate bigger files, then it would be safer for a company using it.

About two years.

It is very stable. We don't have many problems regarding this aspect. Most of the tickets that we receive are doubts about the configuration and feature improvements.

It is scalable. We can just add more computers into the solution if the equipment becomes obsolete or their capacity reaches its maximum. We just need to use a bigger appliance. However, we have no experiences regarding this, as usually the equipment is better than the customer's needs.

In my company, there are maybe 50 users. It's not a very big company, so everyone has their function, but most of them are technicians. Other users are sellers, directors, supervisors, and security analysts (like me). If we consider that every worker has one computer, we can say that there are about 50 computers using this solution.

It has very good support. If I had to give them a score from zero to 10, I would give them a nine. Sometimes it takes a bit too long for them to give the first answer. It's not something that we can't wait for, but sometime we will need that answer right in the moment that we ask, and maybe we are waiting some hours depending on the issue.

None.

With some of our customers, I have been involved in the initial setup. It is very simple and intuitive. With just a few clicks, we can make it work.

After the system is running, just to enable each of the features, we take no more than 10 minutes.

I just followed the Check Point documentation. I just read and replicated it into our production environment, then it was good to go.

About five of my colleagues are responsible for implementing the product.

I haven't evaluated other solutions.

I am very satisfied with this product.

Anyone who deploys this solution needs to understand their network, e.g., the amount of data transferring through it. This way, they can define the product according to their needs.

I would rate this solution as a 10 out of 10.