Check Point SandBlast Agent Review

Helps us to detect running malicious activity in our network


What is our primary use case?

Previously, one of our clients was using Symantec and we provided POV to them with Check Point SandBlast agent after that customer found that it's very easy and stable to use after E83 version released.

There were many bugs or cosmetic issues that Check Point rectified and provided the stable version.

It helps us to detect running malicious activity in our network and after the COVID situation, most users are working from home where it becomes very difficult for IT admin to maintain security so such type of solution definitely helps us to prevent cyber attacks.

How has it helped my organization?

Compliance check, anti-malware, Media Encryption Full disc encryption, Forensic behavioral ransomware protection are some type of feature that Check Point provides with a single dashboard console. It gives overall host information about when any malicious activity has found and what action by which security blade has taken. So starting from firewall bladed to forensic / ransomware blade it gives us finite detail information on the host. So most of the security load has been transferring to the endpoint which is perfectly doing their work.

What is most valuable?

Most of EDR solutions which detect malware based on AI or ML. Check Point provides the most sophisticated attack vector information by combining these two. The forensic analysis gives detail information about host compromised how exact payload was executed and bots were communicating and how it prevents them.

Anti-ransomware createS a copy of your entire disk in case any suspicious activity founded then it automatically restored all files to its last backup file date so even after the system gets compromised by ransomware still we get hope to get all data safely.

What needs improvement?

Stability.

We know that Check Point has a very good database about threats even Check Point tries to make this EDR stable still there are some issues we were facing after upgrading or taking TAC to help its got resolved but Check Point really needs to work on metadata.

Check Point agent to Server communication many times got interrupted or cloud-managed infinity portal dashboard gives many issues while creating policy or installing uninstalling agent or packages.

Heavy load on the system gives issue which can be in a different manner.

For how long have I used the solution?

2 years.

What do I think about the stability of the solution?

Needs to work better.

What do I think about the scalability of the solution?

can be scaled upto high value

How are customer service and technical support?

TAC team is helpful.

Which solution did I use previously and why did I switch?

Symantec to Check Point.

How was the initial setup?

Not too easy. Need to have basic understanding and require to take local Check Point engineers to help sometimes.

What about the implementation team?

We are a vendor.

Which other solutions did I evaluate?

Cisco  AMP.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Check Point SandBlast Agent reviews from users
Add a Comment
Guest