We just raised a $30M Series A: Read our story

Check Point SandBlast Network Competitors and Alternatives

Get our free report covering Palo Alto Networks, Fortinet, FireEye, and other competitors of Check Point SandBlast Network. Updated: October 2021.
542,823 professionals have used our research since 2012.

Read reviews of Check Point SandBlast Network competitors and alternatives

Bálint Kamarás
Lead IT Security Consultant at Compliance Data Systems Kft.
Consultant
Top 5
Good incident management and great integrations but needs to improve its on-premises appliances

Pros and Cons

  • "The incident management on the solution is very good. You get a lot of detailed information about an incident. You also get a lot of documentation in connection with the CVI or integration."
  • "Symantec appliances need improvement. The whole appliance environment is a robust system and it needs a massive amount of storage space. If you have to increase or speed up the background storage it's a pretty complicated process. The scalability and sizing is critical, and if you do it wrong you run into issues pretty quickly."

What is our primary use case?

We primarily use the solution for its integration capabilities.

What is most valuable?

Their integrations are pretty good as are their Sandbox solutions, their proxies, and their LTAs with API or ICAP protocols.

Symantec has good experience in the field. They're good at picking up on trends.

They have one of the biggest background cloud networking internet solutions due to the fact that they have a lot of customers everywhere in the world and they have a lot of data.

The incident management on the solution is very good. You get a lot of detailed information about an incident. You also get a lot of documentation in connection with the CVI or integration.

If you have to integrate it with CM solutions, you can correlate data more with other solutions, for example, with firewalls. The result of this integration is that it gives you much more information. 

There are customers where the engineers have enough time to investigate all of the incidents. However, you can also collect this data in a CM and then in an incident and response management solution. It ends up saving a lot of time

What needs improvement?

Symantec appliances need improvement. The whole appliance environment is a robust system and it needs a massive amount of storage space. If you have to increase or speed up the background storage it's a pretty complicated process. The scalability and sizing is critical, and if you do it wrong you run into issues pretty quickly.

Symantec ATP doesn't offer add-ons or anything of that nature. It's a closed architecture, a closed system. It's based on a Linux OS, and we haven't got a lot of privileges to change anything.

That said, if you are integrated with content analysis, then you have to use a lot of very good add-ons for the content analysis to find and analyze and investigate. If you only have ATP it's not enough to be effective. You have to use other solutions from Symantec, like its content analysis. You have to integrate the messaging gateway or email security and so on. 

For how long have I used the solution?

I've been using the solution for two years.

What do I think about the stability of the solution?

The solution is mostly stable. However, these types of solutions can be blocking items and will need to be adjusted. If you have any LAN, for example, and an on-premise solution, then you need to change it. When you do you will lose the connection. Therefore, if you have LAN solution, you need to change the mode out of work hours.

What do I think about the scalability of the solution?

In terms of the on-premises appliances, you need very big appliances to handle the storage. Users of on-premises solutions really need to size things up correctly at the outset, as it isn't easy to scale a physical environment.

How are customer service and technical support?

We've contacted technical support in the past. 

As of right now, with the Broadcom acquisition, many people are changing roles which causes support to be rather slow. The senior engineers are now moving to premium support. Due to these changes the customers aren't the happiest as they have to wait longer for help or information. This has only been happening for about a year, which, in thte scheme of things, isn't too long.

Which solution did I use previously and why did I switch?

We've worked with Palo Alto in the past and have just started using Check Point.

How was the initial setup?

Whether the initial setup is straightforward or complex depends on on the company and its requirements and if it plans to integrate the solution into other products.

Deployment times vary; it really depends on the organization's existing architecture and on the integration. For example, if you like to only implement systems for the EDR facility, all the EDR, along with the manager, is a pretty fast process. However, if you would like to integrate it with your email security or with your web proxy, or with anything else, that will be complicated and will lengthen the processes. The implementation can take anywhere from one month to one year.

What's my experience with pricing, setup cost, and licensing?

The solution isn't the least expensive option. Other solutions do cost more, however.

What other advice do I have?

We have been platinum partners with Symantec.

The solution is at a bit of a crossroads due to its acquisition by Broadcom and they changed their EDI solution because Broadcom had an EDI network solution too. There were EDI scanners in the network, but it's on the side. Now they have a new direction in this area, due to the fact that they want to solve these processes only from the endpoint side. Frankly, I am still waiting for the restart of this new direction. I do not think it's enough. 

While most deployments are using on-premises, we have some hybrid and cloud solutions too. It depends on the customer.

Whether or not this is a suitable solution for a company depends on its network and requirements. Different products offer different benefits. A company needs to shop around to see which fits best. For example, it's not the best solution for enterprise companies. Also, their price is not the cheapest, however, there are many more that are more expensive as well. 

I'd rate the solution seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
SF
Network Manager at 3C Information Solutions Inc
Real User
Top 20
Simple to set up, offers malware protection and web filtering, and the VPN works well

Pros and Cons

  • "The most valuable feature for us is the VPN."
  • "When you contact support, there is no guarantee that they will be available to help you tackle the issue that you are facing."

What is our primary use case?

We had two 800-Series Palo Alto Firewalls, but as they reached end-of-life, we began researching alternatives. Ultimately, we chose to switch to Cisco Firepower, so we no longer use WildFire.

What is most valuable?

The most valuable feature for us is the VPN. We used GlobalProtect for the VPN, as well as site-to-site.

It is very simple to use.

What needs improvement?

The support needs to be improved because it takes too long to resolve severity-one issues.

Better integration with third-party products and services is needed.

The need to implement their own multifactor authentication, rather than relying on third-party add-ons for it.

They have malware protection and web-filtering in place, although they are not as effective as Titan or Cisco Umbrella.

For how long have I used the solution?

I began working with Palo Alto WildFire a year ago when I joined the company.

What do I think about the stability of the solution?

It is a solid, stable network solution.

What do I think about the scalability of the solution?

In terms of scalability, Palo Alto is at the top of the market.

Managing this solution we had six network administrators, who are network analysts. In terms of end-users, the entire company was using the Palo Alto network.

How are customer service and technical support?

When you contact support, there is no guarantee that they will be available to help you tackle the issue that you are facing. Sometimes you are left on the phone for three or four hours before you can speak with an engineer, which is very, very poor. If you have an emergency situation or a network outage of severity-one, then you cannot wait for hours to support your clients.

Which solution did I use previously and why did I switch?

Palo Alto was the first solution of this type that we used. However, we have recently purchased Cisco Firepower and no longer work with Palo Alto products.

Prior to Firepower being released, Palo Alto was very simple and better than Cisco ASA. Now, however, Firepower is simpler and the support is outstanding. With Cisco, if you have a severity-one outage then it will be less than ten minutes before you get an engineer on the phone to help you.

I have also worked with Check Point and Juniper solutions, and I feel that scalability-wise, Palo Alto is better than the rest, except for perhaps Cisco, where it is neck and neck.

How was the initial setup?

The setup is not complex. When you come from a CLI background of Cisco ASA or any other platform, Palo Alto is much easier. As long as you are familiar with the general steps in the procedure, it is not difficult.

What's my experience with pricing, setup cost, and licensing?

This solution is very pricey and it depends on the package that you implement. There are sometimes promotions on, which can save on costs.

What other advice do I have?

The Palo Alto models that we were using are the PA800-500 and PA830. 

I have seen people in different organizations and different industries set their firewall solutions up in different ways. It depends on the level of support, in terms of who will be maintaining the network. It also includes the level of knowledge they have, as well as their management preference. Some people choose Palo Alto because they don't care about the costs, and it is an easy solution to use, especially if they are already familiar with it. I would say that if they have the budget then this is a good choice and I recommend it.

However, if they are looking to consolidate all of their services, then the option to choose is definitely Cisco. It's a cloud-based solution with malware protection, filtering, and everything you need all in one box. It makes a lot of difference.

Finally, some people prefer FortiGate because the pricing is good and it is simple to use, whereas some people prefer Check Point for other reasons. It's an individual choice, but it should be well researched before the final choice is made.

I would rate this solution an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PP
ciso at SDIS49
Real User
Top 5Leaderboard
Stable threat protection that is easy to set up, and the appliances are good

Pros and Cons

  • "The server appliance is good."
  • "Technical packaging could be improved."

What is most valuable?

The server appliance is good.

What needs improvement?

Technical packaging could be improved.

It would be helpful to receive access to the administration of the product.

For how long have I used the solution?

We have been working with FireEye Network Security for one year.

What do I think about the stability of the solution?

It's a stable solution.

What do I think about the scalability of the solution?

If you choose a good appliance, it could be scalable. 

You have a login to your applications.

We are 600 users who are on the payroll, but in total, we have 3,000 and 2,400 of which are volunteers.

How are customer service and technical support?

Technical support is rather good. But it's very restrictive, it's false of maintenance. 

If you're don't authenticate it each month, you have to ask for another password and it's a little bit repressive.

Which solution did I use previously and why did I switch?

Previously, we have not used another solution, because it's a compliment to TruePoint Securities.

The CheckPoint product is very strong, but we have found that some cases on CheckPoint lessons are not on the list.

How was the initial setup?

The initial setup was straightforward, you can do it by yourself. 

You don't have to find a partner or a FireEye expert.

What's my experience with pricing, setup cost, and licensing?

The pricing is not reasonable. The user fee is not as high but the maintenance fee is expensive.

What other advice do I have?

For the next project, we will be doing comparisons for massive attacks.

We have been customers for five years and we have a very good relationship with them.

It's not the first line of defense. It's for us to subline of defense itself. It depends on the analysis of the threat.

An alternative tool could be Endpoint security.

I think we will put in service for Endpoint Security, soon. But network security is aligned more in your defense unison.

I would rate FireEye Network Security an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Get our free report covering Palo Alto Networks, Fortinet, FireEye, and other competitors of Check Point SandBlast Network. Updated: October 2021.
542,823 professionals have used our research since 2012.