Try our new research platform with insights from 80,000+ expert users

Check Point SandBlast Network vs Cisco Secure Network Analytics comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Check Point SandBlast Network
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
36
Ranking in other categories
Advanced Threat Protection (ATP) (10th)
Cisco Secure Network Analytics
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
60
Ranking in other categories
Network Monitoring Software (22nd), Network Traffic Analysis (NTA) (3rd), Network Detection and Response (NDR) (5th), Cisco Security Portfolio (7th)
 

Mindshare comparison

While both are Network Security Systems solutions, they serve different purposes. Check Point SandBlast Network is designed for Advanced Threat Protection (ATP) and holds a mindshare of 6.0%, up 5.1% compared to last year.
Cisco Secure Network Analytics, on the other hand, focuses on Network Monitoring Software, holds 1.2% mindshare, down 1.6% since last year.
Advanced Threat Protection (ATP)
Network Monitoring Software
 

Featured Reviews

GaneshKhutwad - PeerSpot reviewer
Provides advanced threat prevention and utilizes geographic-based policies to mitigate attacks
Check Point offers three types of support: Gold, Platinum, and Diamond. The level of support you receive should be based on the criticality of the issue, not solely on your client's support tier. While there are established support levels, I have experienced instances where the support provided was not categorized as Gold, Platinum, or Diamond but rather a standard support level. In such cases, the response times were slower, and getting support personnel on the call was more difficult.
Sudhakar T - PeerSpot reviewer
Strong network security analytics with excellent encrypted traffic analysis features
Improvements are needed on the application layer for complete security analysis. The solution should have the ability to analyze security events not only at the network layer but also at the application and OS layers. There's a need for a more comprehensive licensing model where all necessary licenses are included by default.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It has caught some harmful attachments and downloads."
"One of its characteristics that we liked the most was its analysis and emulation of activities in the emails since it manages to review them and inspect them if they have an infected attachment."
"You do not need to risk your network by using the in-line sandbox."
"The solution can detect and prevent attacks that may be encrypted."
"It provides a high rate of catching the zero-day advanced threats."
"Check Point SandBlast Network Solution provides signature-based as well as zero-day threat protection. Also sandboxing can be performed on an on-premise device, cloud as well as the combination of both. Threat emulation is done on multiple OS & verdict is provided."
"SandBlast has opened us up to a lot more opportunities where we can offer this service to clients, that way they don't have to go to a third-party to get this specific solution. It comes in the Check Point Infinity Package so it has helped us a lot."
"The product gives us advanced protection, including artificial intelligence and machine learning technologies and services."
"If you are using Darktrace or NAC solutions you can integrate Stealthwatch."
"We find that Stealthwatch can detect the unseen."
"From a security standpoint, it is just seeing pockets as well. Visibility is very key for us."
"The feature most valuable for us is to gain visibility of what is actually floating through, so we can stop it based on whether it's good or bad traffic."
"The most valuable feature is having visibility into the data segments throughout our network."
"It has definitely helped us improve our mean time to resolution on network issues."
"The most valuable features of this solution are the logging, keeping threats under control, and keeping our data and environment secure."
"The solution's analytics and thrust detection capabilities are good. We're still adjusting it. It's a little hypersensitive, but it is working right now."
 

Cons

"The file types that can be scanned are limited, which means that if the file type is not listed or enabled for the sandbox, they are bypassed and it can lead to a security issue."
"We would like to see this solution reach mobile devices more efficiently, through apps or more specific products."
"I imagine there will be improvements in later versions. There are hotfixes that come out all the time."
"I would like to see some speed improvements, e.g., how quickly you can get through all the menus. It crashes sometimes because we push so much through it. Therefore, I would like to see more small things behind the scenes, such as, back-end stability in terms of the management application."
"Using it in the beginning was difficult because I had never used anything similar. In terms of navigating the UI, it was all not too bad, but there is definitely a learning curve."
"There is a limit on the number of files that can be scanned in real-time, which could lead to us being found with our guard down on a high-traffic day."
"The management of alerts could improve them a bit - especially in event management."
"EDR and EPM solutions like Carbon Black or CyberArk have integrations with the cloud version of Sandblast, however, there must be on-premise Sandblast options also."
"It's too complicated to install, when starting out."
"The expensive nature of the tool is an area of concern where improvements are required."
"The customizability of the UI should improve."
"I would like to see some improvement when it comes to reporting."
"Cisco Stealthwatch needs more integration with device discovery. We have to do a lot of hard work to figure out what things are. Better service integration is required."
"We've had problems with element licensing costs so scalability is a concern."
"Cisco Stealthwatch can improve by having bundled packages for popular add-ons. It would be a lot easier for people implementing it, have let's say a better way to use the product."
"We would like the solution to make more advances in the way that Extreme Networks has been doing."
 

Pricing and Cost Advice

"The cost of Check Point SandBlast Network is annually, and there is only a standard license."
"The pricing is quite effective, not excessively high. On a scale of one to ten, where ten is the highest price, I rate the pricing a nine."
"We would like to try the Threat Extraction blade, but you need to buy a license. Check Point is expensive. I would like to buy things, but I would need the funding."
"The product's cost is high."
"The cost is not significantly high and it can be negotiated during any purchase of NGFW."
"We have seen ROI."
"Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall."
"I think the overall cost for introducing Check Point with SandBlast was reasonable and competitive in the market."
"Licensing is on a yearly basis."
"The solution is expensive. It costs several hundred thousand dollars per year (depending on how many flows you are collecting)."
"One of the things which bugs me about Lancope is the licensing. We understand how licensing works. Our problem is when we bought and purchased most of these Lancope devices, we did so with our sister company. Somewhere within the purchase and distribution, licensing got mixed up. That is all on Cisco, and it is their responsibility. They allotted some of our sister company's equipment to us, and some of our equipment to them. To date, they have never been able to fix it."
"Today, we are part of the big Cisco ELA, and it is a la carte. We can get orders for whatever we want. At the end of the day, we have to pay for it in one big expense, but that is fine. We are okay with that."
"Licensing is done by flows per second, not including outside>in traffic."
"On a yearly basis, licensing is somewhere around $30,000."
"The licensing costs are outrageous."
"NetFlow is very expensive."
report
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
845,406 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
15%
Government
11%
Energy/Utilities Company
6%
Computer Software Company
29%
Financial Services Firm
12%
Government
9%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Check Point SandBlast Network?
The solution can detect and prevent attacks that may be encrypted.
What needs improvement with Check Point SandBlast Network?
The cost is a little bit high-end, and you need to get precise performance metrics in order to get the correct size. Improvements are required in both areas of the tool.
What do you like most about Cisco Stealthwatch?
The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration.
What is your experience regarding pricing and costs for Cisco Stealthwatch?
The organization experienced challenges with licensing as Cisco has multiple licensing factors, and there are concerns about the price. Cisco solutions are considered to be very expensive.
What needs improvement with Cisco Stealthwatch?
Improvements are needed on the application layer for complete security analysis. The solution should have the ability to analyze security events not only at the network layer but also at the applic...
 

Also Known As

No data available
Cisco Stealthwatch, Cisco Stealthwatch Enterprise, Lancope StealthWatch
 

Overview

 

Sample Customers

Edenred, State Transport Leasing Company (STLC), Edel AG, Laurenty, Conseil Départemental du Val de Marne, Koch Media
Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF
Find out what your peers are saying about Microsoft, Palo Alto Networks, Fortinet and others in Advanced Threat Protection (ATP). Updated: March 2025.
845,406 professionals have used our research since 2012.