What is your primary use case for Check Point SandBlast Network?

I use the solution in my company for securing incoming emails, specifically the ones with attachments. The tool scans the incoming documents for specific network traffic. We also use the tool to inspect and download files for malware or malicious content.

SandBlast Network enhances security by providing advanced threat prevention. It utilizes geographic-based policies to mitigate attacks. For example, it addresses the OWASP Top Ten security risks, which include common vulnerabilities such as XSS and SQL injection. These algorithms are designed to protect against the most prevalent and dangerous attacks in the world, making them an excellent solution for comprehensive security.

Check Point SandBlast Network was acquired when the company needed to improve its security posture in different characteristics. The company had a deficiency in monitoring the corporate network. This tool analyzes the traffic network in a way that is really efficient, and of course, the best thing is that it identifies suspicious patterns and behaviors. With this solution, we managed to improve the entire comprehensive posture of the critical assets of the organization's network.

We are using it on top of email security and web security.

With so many threats at the computer level, we have sought solutions that allow us to improve our internal perimeter security at the technological level to minimize exposure and one by one ability to reduce recovery time in the event of an attack. As a necessary part of security, we needed a solution that could integrate easily with other solutions and third-party solutions to allow us an in-depth defense against any threat that we detect. Based on all this, we effectively wanted to protect ourselves with the best solution and brand on the market.

Our company migrated to the Azure cloud. One of the first objectives was to protect the company against cyber attacks since these are currently the trend (attackers want to be able to steal information). For this reason, a tool was needed that would help prevent and mitigate all kinds of attacks both in the cloud and on-premises. The tool presents several types of characteristics that make it very good in the market due to real-time scanning, anti-spam, and URL filtering, among other characteristics that adjusted very well to the needs that we were presenting.

We were looking for several solutions that would meet certain network threat prevention needs - one of which was the tendency to have user workflow control points that could be affected on a day-to-day basis. Given these situations, we needed to provide better zero-day protection in real-time that would reduce corporate expenses and the consumption of costs generated by the security department while still getting information in real-time 24 hours a day. We came across different solutions that met these characteristics; however, in the end, we managed to choose and segment Sandblast computing services.

It is one of the applications that support us in security and attacks on the network with a capacity for interpretation and analysis of the data that enters our corporate network. It is an efficient and friendly service, giving detailed analysis and centralized detection of events, including zero-day attacks, which are analyzed and managed faithfully. These capabilities are indispensable for an organization as they help safeguard the integrity and health of each team. These are the advantages and needs that we have achieved when using Check Point SandBlast.

One of our offices required zero-day protection that was automated and within the quantum licensing in a small device. It already had a one-year license enabled, so we had a way to use it based on our needs. We required sophisticated email phishing protection in addition to validating downloaded files in our infrastructure without compromising productivity. We needed to avoid threats within the network and have a data reviewer based on a database containing old threats and new ones. This protection was required due to the high impact that we would have if we were compromised in the office.

We started using it as a suggestion to complement the current solution we had in place. The sound of AI engines working non-stop to detect threats in email and web downloads was hard to resist knowing that a lot of the times that there's a breach, the human behind the screen had something to do with it (we're the weakest links in the chain). It had been seen before that people click on links in suspicious emails or even insist on entering in websites that aren't safe. SandBlast protects the network and endpoint from some of the most vicious malware there is - including trojans and ransomware - without compromising productivity.

One of the great needs that our company was going through was the need to protect its infrastructure against hackers or malicious bots, as well as cyber-attacks. We wanted a robust technology that would meet our objectives. We wanted to prevent attacks on our business environment. In addition, as a company, we already use various Check Point technologies and we wanted to continue with the same scope and security that they have offered us in recent years. That's why Check Point SandBlast Network provides us with that security by scanning everything that passes through our network.

In our company, we already have in use our Check Point gateway - provisioned in the Microsoft Azure public cloud - to help us with the entire cloud infrastructure, in addition to the fact that it has helped us to protect ourselves with current threats, zero-day threats, in addition to using the intelligence against Check Point threats which collects information globally making it available to the client. It's really a very valuable security tool. It has helped us improve the security posture in the cloud in our case.

We are using Check Point Sandblast Network devices for both a proxy firewall and direct internet usage firewall. They have Check Point thread extraction licenses. If someone or some application needs to reach the internet zone, it must pass through via the next generation firewalls connected with Sandblast devices. We are planning to use them for submitting emails. Hence, most of the sandbox solutions can miss the first file, which is unknown. If there is no reputation or analysis report, they need time to examine it and they permit the unknown file. Sandblast does not. It has a trick in that it allows the file to download but never allows you to finish the download until analysis ends. When it ends, it releases the file and user experience feels just like slow downloading.

The primary use case for our organization is to protect against attacks targeting our network. As most of the attacks originate from the internet, protecting the organization requires us to be equipped and ready to mitigate this type of attack at the perimeter level. Hence, it becomes necessary to scan any traffic flowing North-South and vice versa. The perimeter device should be equipped such that it is able to detect and mitigate attacks, as well as have basic anti-spam filters. Email gateways are not capable of protecting against the latest generation of attacks via email. Similarly, basic URL filtering is not able to protect against web attacks. Consequently, protecting the organization against this type of sophisticated or targeted attack, we concluded that the next generation of perimeter security solutions is a must.

We make use of Check Point firewalls to secure our corporate network and the SandBlast Network software blade is one component in use to help prevent and minimize zero-day threats. The Threat Emulation and Threat Extraction features provided by SandBlast are invaluable pieces to securing our environment and ensuring that we remain secure to the best extent possible. Our corporate network is very small consisting of only a few routers/switches, a firewall, and some client machines without any connected servers. Regardless, Check Point is a key piece of the puzzle.

We have the Check Point SandBlast TE100X device private cloud sandbox. We use sandboxing to scan files in our network. The unknown file will reach the security gateway, the gateway will check for the verdict in the cache, and if not found, it holds the file while the security gateway sends it to SandBlast. We have enabled four images and depending upon the results of SandBlast, it will determine a verdict that will be given to the security gateway. At this point, the gateway will allow or deny the file and save the results in cache for future reference.

Our company works in the area of developing and delivering online gambling platforms. The Check Point Next-Generation Firewalls are the core security solution we use for the protection of our DataCenter environment located in Asia (Taiwan). The environment has about 50 physical servers as virtualization hosts, and we have two HA Clusters that consist of 2x5400 hardware appliances, managed by an OpenServer Security Management Server on a Virtual Machine (KVM), all running on R80.10 with the latest JumboHotfix. The Check Point SandBlast Network software blade is one of the numerous blades activated on the NGFWs in the DataCenter. It provides the additional layer of security from the perspective of the possible malicious files being scanned and analyzed.

Our company sells Check Point products. We give our customers support on these products. We use it here in our company, but mainly we give support to our customers who are using the product. Our clients use it for improving the security in their environment. We are also using it to improve our security. We are using this solution extensively. It is available all the time for any file that we download. We have some on-premise equipment that goes to the cloud.

Today's attacks are zero-day or which are not correlated to previous attacks. So cyber defense should be active and should block those zero days threats before it impacts the entire network. Something should be there which proactively can detect threats and block them. Sandbox is technology that overcomes this issue and sandblast for the network which consists of threat emulation and threat exaction. It emulates unknows files in a sandbox environment and protects threats in hidden email documents by extracting them.

We have Implemented Check Point SandBlast Network Solution at the email Gateway provider where our primary use case was to clean email attachments. We have also enabled Anti-Virus & Antibot blades. We want to convert each & every document should convert into the PDF file With all their active content for example links etc neutralized or disabled. Also, we are using on-premises as well as cloud sandboxing at the same time. Means particular file format sandboxing will happen on cloud & remaining on the private cloud means on-premise box.