Check Point SandBlast Network Reviews

We were looking for several solutions that would meet certain network threat prevention needs - one of which was the tendency to have user workflow control points that could be affected on a day-to-day basis. Given these situations, we needed to provide better zero-day protection in real-time that would reduce corporate expenses and the consumption of costs generated by the security department while still getting information in real-time 24 hours a day. We came across different solutions that met these characteristics; however, in the end, we managed to choose and segment Sandblast computing services.

Sandblast is one of the tools provided by Check Point, which has given us the best zero-day prevention in real time. It offers optimized security management, which facilitates monitoring, analysis, reporting, user segmentation, detection, and analysis within our network. 

It is providing network administrators with productivity without interrupting their regular operations. 

The zero-day protection and prevention features that are included in the solution enhance the intelligence of searching for threats, infections, or attacks under interpretation or prevention technology. It looks out for new cyber ​​threats and generates predictions based on behaviors that are already detected on a daily basis.

We look forward to seeing many favorable characteristics of the Sandblast solution in the future. However, we must take into account that among the appliances that it comes installed and preconfigured on. Check Point provides the solution from Sandblast and offers it to be used for free when purchasing a Check Point product. Its best feature is that in the first year, we get unprecedented security protection and performance. After analysis, we can acquire other services available on the platform. This reduces costs as we have all security needs under one umbrella.  

We do take advantage of the year we get for free from Check Point. In the future, this solution can be added under licensing for consumption per user. Today, we have it as part of a solution or a package. However, we'd like there to be a way where we can have the solution's features available to us in a cheaper way in the future.  

I've used the solution for one year and nine months.

So far, the solution has been very stable during the year and months that we have been using it. There are no crashes, loss of service, or malfunctions. It is one of the solutions that has given us the least amount of problems as security administrators.

The solution has been quite scalable. It has allowed us to integrate different devices and, additionally, it has been incorporated into the solutions that we have today on the perimeter.

Previously we were testing solutions from Microsoft, Amazon Web Services, and Fortinet to see which was the best, which we could implement in the end, and we ultimately decided on Check Point's services.

The price-cost relationship, capabilities, and benefits that the solution gives us is something that must be evaluated. When we decide on certain applications, we must understand that organizations have a budget, and we must take care of them based on that. The free trial, however, is of great value. 

It is one of the applications that support us in security and attacks on the network with a capacity for interpretation and analysis of the data that enters our corporate network. 

It is an efficient and friendly service, giving detailed analysis and centralized detection of events, including zero-day attacks, which are analyzed and managed faithfully. 

These capabilities are indispensable for an organization as they help safeguard the integrity and health of each team. 

These are the advantages and needs that we have achieved when using Check Point SandBlast.

What Check Point has come to give us as a benefit is the power to control, register, analyze, and give a general and safe view of the events and activities carried out by the teams that manage the organization's security. 

These capabilities can be managed from a single panel of equipment configurations and controls. This helps and benefits each of the organization's members that can be attacked because they will always be safe. 

Mail investigation is another of the benefits provided. 

One of its characteristics that we liked the most was its analysis and emulation of activities in the emails since it manages to review them and inspect them if they have an infected attachment. After that, it delivers the filtered emails safely. This avoids an analysis or vulnerability of less experienced users who, in most cases, are the weakest link. It offers the ability to take the solution to cloud environments or totally on-premise, which helps us have the ability to adapt to different environments. 

We would like to see this solution reach mobile devices more efficiently, through apps or more specific products. For the moment, the solution adapts efficiently to corporate environments as technological demands evolve. It is for this same reason that I hope that these innovations will be integrated into SandBlast and in other Check Point products, as it is one of the best that I have tried. It offers us a competitive advantage and efficient security. 

I've used the solution for one year.

We started using it as a suggestion to complement the current solution we had in place. 

The sound of AI engines working non-stop to detect threats in email and web downloads was hard to resist knowing that a lot of the times that there's a breach, the human behind the screen had something to do with it (we're the weakest links in the chain). 

It had been seen before that people click on links in suspicious emails or even insist on entering in websites that aren't safe. 

SandBlast protects the network and endpoint from some of the most vicious malware there is - including trojans and ransomware - without compromising productivity.

We're very surprised with SandBlast's high detection rates, which also shows the high risks the company's network is exposed to daily. This solution will also protect from zero-day threats. This shows off how advanced the AI engine's heuristics are by assessing the possible threat. It's capable of blocking access, eliminating it, and creating a signature that will help detect and eliminate malware like it in the future. 

Very few false positives are detected, which gives the confidence to raise flags when needed, ensuring the IT department is aware of threats and acting fast.

Our company has a large number of employees that exchange dozens to hundreds of emails every day. That's thousands of emails sent and received daily by our email servers. Some threats/malware come coded in large files. Sometimes they're hidden to a point an anti-virus/anti-malware solution alone would let it slip. 

SandBlast will sanitize any downloaded content and files both from an internal/ external email remittent and unknown websites using the emulator, which will detect any signature not previously recognized by Check Point.

There is a limit on the number of files that can be scanned in real-time, which could lead to us being found with our guard down on a high-traffic day. We knew that from the beginning, so there is more than one device integrated. 

Not all file types are scanned, so we had to limit the type of files that could be shared. We've detected slower performance in older equipment, sometimes forcing the replacement of it since we can't proactively downgrade the security standards on an endpoint for better performance, knowing this causes a threat to the organization.

We've used the solution for three or more years.

SandBlast Network enables us to restrict and prevent zero-day threats and endpoints attacks completely. This sandboxing solution helps us to diffuse the malware and phishing attacks in real-time with a single click. It's a highly advanced and proactive solution for preventing social engineering attacks and is far better than any unconventional sandboxing solution. 

It also helps in restricting phishing emails and endpoints under the email management system as it acts as a protective shield and applies threat detection intelligence for finding the security threats all over the IT system.

Check Point SandBlast Network has increased the security system inside out from web devices to cloud servers in the most efficient and time-bound manner. It enables my IT system to apply threat detection intelligence and diffuse the endpoint and potential threat attacks and phishing attacks onto the system in the most proactive and secure manner. It protects our cloud server end to end and is one of the best threat intelligence software for our businesses.

It has automated the security system for us, due to which overall productivity and enhancement are observed all over.

Strong Architecture with high-grade advanced intelligence for identifying potential threats and diffusing the same in time bound manner.

Improved income for business due to strengthening security and more confidence in attracting clients.

The compliance and reporting features are superb and help to gain the data views and insights throughout.

The dashboard is quite interactive, and it keeps adding new features as per customized requests from business users.

Its cloud-based service for application control management, strengthening anti-bot, anti-virus, and anti-spam system is quite impressive and aids in attracting more clients on board.

I would like to recommend a pricing and costing strategy. Kindly go ahead with some customized price reductions in the offered packages to have a better deal for all kinds of startups as well. This will ensure more and more new infusion of business users, and there will be an overall improved trajectory for improved outcomes and genuine feedback from users all over. Also, the customization features can be further enhanced so that it can attract millions of eyeballs, and more testing of services can be done by various businesses.

Its been over six months that we are using the solution. It's been a perfect experience so far.

It is highly stable and gives better outcomes with an extended timeframe.

The is the most scalable solution.

Technical support is good.

Positive

It's quite comprehensive and easy to deploy and manage.

We deployed with the assistance of vendor management throughout.

The level of expertise on offer is ten out of ten.

We've seen an ROI of 80%.

The primary use case for our organization is to protect against attacks targeting our network. As most of the attacks originate from the internet, protecting the organization requires us to be equipped and ready to mitigate this type of attack at the perimeter level. Hence, it becomes necessary to scan any traffic flowing North-South and vice versa.

The perimeter device should be equipped such that it is able to detect and mitigate attacks, as well as have basic anti-spam filters. Email gateways are not capable of protecting against the latest generation of attacks via email.

Similarly, basic URL filtering is not able to protect against web attacks. Consequently, protecting the organization against this type of sophisticated or targeted attack, we concluded that the next generation of perimeter security solutions is a must.

This product protects us against the most common and sophisticated attacks including phishing email, account takeover, protection against malicious files, malicious attachments, and malware.

It protects us against data leakage that can be caused by an aforementioned attack, which can result in financial loss or reputation damage to the organization.

It is able to detect any changes in our software, such as whenever new code or a new file are delivered via web or email. It accomplishes this using sandboxing to evaluate it for potential vulnerabilities before it is delivered to the endpoint. 

It is able to quarantine zero-day threats using sandbox technology.

Sandboxing functions in a complementary fashion to your other security modules, products, and policies. It provides additional protection with modules such as IPS, anti-bot, antivirus, and antispam with the NGTX license.

The solution instantly cleans files that are downloaded via email or a web channel from risky elements. The sandbox is able to scan files without adding a delay or compromising productivity.

Threat emulation is carried out using AI/ML engineering techniques and it is able to detect and mitigate any unknown or Zero-Day attacks.

Threat extraction performs pre-emptive document sanitization across email and web channels. Whenever any file is sent, its behavior is examined by the AI/ML module after sending it to the sandbox. Other methods of cleaning are also performed, such as the case with Excel files. If macros are present in an Excel file then they are removed and the plain file is sent to the endpoint. Once the user has validated the file or the source, the actual file will be sent and made available.

Malicious or compromised websites and URLs that are received via email or web are scanned and action is taken according to the configured policy.

The Threat Cloud integration services provided by Check Point for dynamic threat Intelligence are helpful.

It offers good integration with SIEM and SOC Workflows.

Threat Extraction/Emulation is enabled on the same NGFW with an additional license and the sandbox can be hosted either on-premises or on the cloud.

Since it is a security module, it makes it virtually impossible for hackers to evade detection. It is also able to protect against attacks from the web, email, and network (IPS) on the same security gateway with a single management console and dashboard.

The file types that can be scanned are limited, which means that if the file type is not listed or enabled for the sandbox, they are bypassed and it can lead to a security issue.

The maximum number of files that can be scanned by the higher sandbox appliance (TE200X) on-premises is 5K per hour. Hence, a bigger organization needs to have multiple devices along with integration between them.

Enabling a module on the same NGFW firewall impacts performance, which adds delay/latency. 

Encrypted and password-protected files are not getting detected, and are bypassed. Exceptions are for files that have a dictionary-based password. 

Currently, this solution is supported only for Windows and Linux for Threat Emulation/Extraction.

This solution is very much stable.

This product is scalable on on-premises by adding an appliance, whereas, for cloud-based deployment, it's the responsibility of the OEM.

The Check Point technical support is excellent.

We have been using the same solution for some time and did not use a similar solution beforehand.

The initial setup involves enabling the module with the license and with cloud integration for Sandboxing. With this, it is complete and no additional devices are required.

The implementation was completed by our in-house team with the assistance of the OEM.

If you already have Check Point NGFW and it's underutilized and sized properly, there is a benefit both in terms of commercial/security and operation. This is because everything is available from a Single OEM on a Single Security gateway and Dashboard.

The cost is not significantly high and it can be negotiated during any purchase of NGFW.

We have evaluated solutions from Cisco and Trend Micro, which required dedicated a security appliance and sandbox appliance. However, since we were already using NGFW, we simply acquired a license for NGTX. This enabled sandboxing on the Check Point cloud.

We currently operate a hybrid environment, combining both on-premise infrastructure and cloud services through Microsoft Azure. Within this setup, we’ve deployed multiple Check Point gateways over time, with our current gateway running as a virtual appliance in Azure. It plays a key role in securing our cloud-based resources.

Among the activated blades, SandBlast stands out. We rely on it for advanced threat prevention especially its file extraction capabilities. Suspicious files are intercepted, analyzed, and only released to the end user once they’re confirmed to be safe. This proactive approach has been a game changer in defending against zero-day attacks and unknown threats, giving us a strong layer of protection without compromising performance or delivery.

The tool or blade is implemented in our SandBlast network. The Check Point gateway has provided us with even more advanced protection, check files or attachments in our network, verify threats, deliver (if they are not a problem) or block, in addition to the protection of zero-day for modern threats. It has perfectly complimented us since it is extremely fast. We are impressed with the tool's effectiveness and speed of delivery. The client does not even perceive this protection, which is excellent.

Some of the standout strengths of this tool are:

1. Highly efficient threat extraction – It delivers files at impressive speed while filtering out malicious content. From our experience, it’s among the most reliable solutions we’ve tested.
2. AI-powered threat cloud protection – The automation of threat detection is a game changer. Reviewing the logs reveals just how intelligent and proactive the system really is.
3. Up-to-date security against zero-day threats – Regular updates and adherence to top-tier security practices give us strong confidence in the integrity of Check Point’s products. We trust that our environment remains secure and uncompromised.

There are really few areas for improvement, however, it seems to me that they should implement SandBlast network in the Check Point Infinity Portal, not as a blade but as a complete tool.

The guides or best practices of Check Point are difficult to find for the client. Therefore, it is sometimes difficult to make better implementations.

Finally, Check Point support is not their strong point. They really need to improve it in order to provide a quality service. Issues take a long time to resolve.

This is an exceptional Check Point feature, used by various vendor security tools. It's an incredible functionality that we have tested over at least the last year.

yes

yes

good

Positive

We did not have a previous tool. It is hard for us to know if there is another solution as complete as Check Point.

The best recommendation is to have a Check Point provider to help us with costs and implementations of the features that perfectly meet what the user is looking for.

A serious company always evaluates all the options, however, due to having a previous relationship, unique characteristics, and impressive performance, the Check Point SandBlast network was selected since it is an excellent tool.

If you have the organizational and economic capacity to use a tool of this caliber, I recommend it without problems.

SandBlast is an email protection solution.

SandBlast updates the threat signatures frequently.

SandBlast takes longer than FortiSandbox to complete a scan.

I have used SandBlast for five years.

I rate SandBlast seven out of 10 for stability. 

I rate SandBlast seven out of 10 for scalability. SandBlast is more difficult to scale than FortiSandbox.

Setting up SandBlast is straightforward. 

The vendor deployed SandBlast. 

SandBlast is expensive. The only additional cost is support. 

I rate Check Point SandBlast Network six out of 10. 

As we need to secure our network, we must detect and add controls, and that is where, based on recommendations and experience, we use Check Point SandBlast technologies. They help us and provide zero-day or solvent security and protection and contribute to optimizing the risks of security based on profiles or data already shared and pre-established such as security templates to be easy and quick to implement. It is offering us a security strategy that helps us avoid major problems or impacts on users and is easy and non-invasive with users.

Its greatest value is that Check Point promotes and connects these technologies efficiently with ThreatCloud, which is one of the most outstanding bits of intelligence of the brand. It is capable of integrating advanced AI engines, and exclusive data of the brand. Having this added value in the solution enables us to provide greater security and adds efficiency in resolving incidents of any product. The AI can perform deep investigations, which can help us solve CPU problems or other types of hardware attacks.

Its greatest value is in the integration of AI analytics and detecting zero-day threats, which in many cases are a great vulnerability. Having all these security features applied allows us to save equipment and protect users. The most efficient and protective characteristics of Check Point's SandBlast solution are that we can see a lot of this protection at the network and mail levels. We have been able to take advantage of the great characteristics that the brand and its services offer us. 

In the future, I would like to see these solutions being easier to manage from mobile applications - from either iOS or Android - including other operating systems that appear in the future. This would allow administrators to be more flexible in managing their infrastructures and equipment from any place. It is mega important to innovate and think about how to adapt to the changes of the future, including this security to the famous virtual world that is being created. 

We used the solution for one year.