Our company has a large number of employees that exchange dozens to hundreds of emails every day. That's thousands of emails sent and received daily by our email servers. Some threats/malware come coded in large files. Sometimes they're hidden to a point an anti-virus/anti-malware solution alone would let it slip. 

SandBlast will sanitize any downloaded content and files both from an internal/ external email remittent and unknown websites using the emulator, which will detect any signature not previously recognized by Check Point.

SandBlast Network has five very notable features, including a sandbox analysis. It allows you to execute files in a controlled environment to identify malicious behavior without having to affect the productive side. It has SSL traffic inspection. 

The solution can detect and prevent attacks that may be encrypted.

Integration with third-party tools has been of great help, the visibility it gives over the entire network.

The reports are helpful.

Strong Architecture with high-grade advanced intelligence for identifying potential threats and diffusing the same in time bound manner.

Improved income for business due to strengthening security and more confidence in attracting clients.

The compliance and reporting features are superb and help to gain the data views and insights throughout.

The dashboard is quite interactive, and it keeps adding new features as per customized requests from business users.

Its cloud-based service for application control management, strengthening anti-bot, anti-virus, and anti-spam system is quite impressive and aids in attracting more clients on board.

We have found several valuable features in the Check Point SandBlast Network. One of those features is that we can download a file and emulate it outside of our company and know that it is clean.

Like any other company that handles sensitive data, we needed a tool that would protect our network and be able to improve security day by day.

The Check Point SandBlast Network uses caching and static analysis to actually reduce the time it takes to scan and isolate the same file for incoming data compromises.

We look forward to seeing many favorable characteristics of the Sandblast solution in the future. However, we must take into account that among the appliances that it comes installed and preconfigured on. Check Point provides the solution from Sandblast and offers it to be used for free when purchasing a Check Point product. Its best feature is that in the first year, we get unprecedented security protection and performance. After analysis, we can acquire other services available on the platform. This reduces costs as we have all security needs under one umbrella.  

One of its characteristics that we liked the most was its analysis and emulation of activities in the emails since it manages to review them and inspect them if they have an infected attachment. After that, it delivers the filtered emails safely. This avoids an analysis or vulnerability of less experienced users who, in most cases, are the weakest link. It offers the ability to take the solution to cloud environments or totally on-premise, which helps us have the ability to adapt to different environments. 

You do not need to risk your network by using the in-line sandbox, if the hardware or software fails only sandbox ability fails. You have file or hash submitting ability and this ability needs different hardware in some vendors. However, Check Point Sandblast Network gives you this as an out-of-the-box matter. Check Point Sandblast does not miss the first file like other competitors; it has trick not to miss it. It gives permission to a user for downloading the file but never allows him to finish downloading until the analysis ends.

One of its most outstanding characteristics is that it offers us a fairly accurate forensic analysis. It is detailed and it does allow us to equip and understand the causes and the impact of each of the vulnerabilities or attacks. This allows us to take preventive measures and react to disasters, giving us correct solvency guidelines. All these characteristics allow us to understand in depth what has happened and why this reaction to the attack is one of the characteristics that we must understand that is outstanding and of a lot of help or guidance. 

The solution instantly cleans files that are downloaded via email or a web channel from risky elements. The sandbox is able to scan files without adding a delay or compromising productivity.

Threat emulation is carried out using AI/ML engineering techniques and it is able to detect and mitigate any unknown or Zero-Day attacks.

Threat extraction performs pre-emptive document sanitization across email and web channels. Whenever any file is sent, its behavior is examined by the AI/ML module after sending it to the sandbox. Other methods of cleaning are also performed, such as the case with Excel files. If macros are present in an Excel file then they are removed and the plain file is sent to the endpoint. Once the user has validated the file or the source, the actual file will be sent and made available.

Malicious or compromised websites and URLs that are received via email or web are scanned and action is taken according to the configured policy.

The Threat Cloud integration services provided by Check Point for dynamic threat Intelligence are helpful.

It offers good integration with SIEM and SOC Workflows.

Threat Extraction/Emulation is enabled on the same NGFW with an additional license and the sandbox can be hosted either on-premises or on the cloud.

Since it is a security module, it makes it virtually impossible for hackers to evade detection. It is also able to protect against attacks from the web, email, and network (IPS) on the same security gateway with a single management console and dashboard.

The main feature of the solution is that it protects against malicious threats from the outside. We utilize SandBlast solution to mitigate threats from outside to inside. As an ATP, the solution's role is to defend against threats and provide protection to the customer using the SandBlast as an ATP solution.

The virtues of this tool include:

1- Its effective threat extraction. With an impressive delivery speed, it is one of the best we have been able to verify.

2- The use of threat cloud protection with its artificial intelligence can automate possible threats. When you see the logs you are amazed.

3- The security is updated with the last zero days and the use of the best security practices is very valuable. It gives us the confidence that the Check Point products will not be violated.

The Check Point SandBlast Network gives us incredibly good features. It really is a very good security tool. The ability to validate new or old threats within the database that is being updated by all GWs globally from the manufacturer makes it a reliable database and tool.

Its threat extraction and emulation checks validate and deliver emails or downloaded files if they do not represent a threat to users. All of this great work is done in seconds. The client does not perceive this emulation, making the technology even more valuable in implementing security.

1. It provides a high rate of catching the zero-day advanced threats. I suppose due to the integrated AI-engine.
2. The Threat Extraction feature takes the suspicious document and converts it to another type/extension, which is harmless, like DOC to PDF.
3. The processes for the software blade activation and configuration and very easy.
4. In addition, Check Point SandBlast Network provides protection against phishing emails.
5. Good logging and reporting capabilities, on the level of other Check Point products.
6. Built-in compliance checks, with a reasonable set of the default regulations provided.

Preventing zero-day threats and extracting potential threats from incoming files with Threat Extraction is the most valuable feature for us. We receive a large volume of files from external sources and knowing that we are protected as best as possible is a major priority.

Getting everything set up, activated, and configured was relatively painless, which was a huge bonus since I was doing this not as a network or security professional but from a software engineering background. For someone entirely new to the ecosystem, it was a smooth implementation.

Its greatest value is in the integration of AI analytics and detecting zero-day threats, which in many cases are a great vulnerability. Having all these security features applied allows us to save equipment and protect users. The most efficient and protective characteristics of Check Point's SandBlast solution are that we can see a lot of this protection at the network and mail levels. We have been able to take advantage of the great characteristics that the brand and its services offer us. 

The most valuable feature is comprehensive threat prevention, whether signature-based or a zero-day secure network. This is the key benefit & the Check Point SandBlast Network does its job up to the mark.

The file formats most used by industry are all in the list that can be emulated.

Threat extraction can help us to remove malicious content from documents by converting them to PDF.

Visibility is the key to all these efforts & SandBlast done its job. We can even have a video during emulation of what exactly happens when we open the file.

The Static Analysis feature works without using much processing power to analyze files, which helps us to conserve resources.

It seems like it works all the time. We have never had an issue. We have never had something go undetected, anything major. All in all, it works pretty well.

The quality is very good. 

I really like the Excel and Secure Access features. 

The performance is quite good. 

We like that we can tune in on the firewalls. We can look at our CPU and tune the firewalls.

The technology is impressive in general. 

It is scalable. 

Technical support is decent. 

Check Point met all of our criteria that we were looking for in a firewall vendor as far as remote access capabilities, as far as IPS and intrusion detection, the SandBlast and the threat extraction pieces that we were looking at to help limit our attack vectors. They're top rated and have been for a long time. Those were all important things that we were looking at when we were looking at replacing what we currently had with Check Point. 

The most valuable feature of Check Point SandBlast Network is the sandboxing of PDF and Microsoft system files.

SandBlast updates the threat signatures frequently.

Check Point SandBlast Network Solution provides signature-based as well as zero-day threat protection. Also sandboxing can be performed on an on-premise device, cloud as well as the combination of both. Threat emulation is done on multiple OS & verdict is provided.

Static analysis as per checkpoint its a python code that helps to provide verdict without emulating every single attachment which results in an increase in performance.

Every scan email will automatically add text which helps us to understand email has been scanned or malicious content has been removed. we can also customize the same.

• The forensics reports
• The ability to sandbox malware.

Pro-active prevention techniques mean that files sent to my endpoint are automatically cleansed and filtered for malicious content without a delay. The Check Point Threat Cloud auto updates with new malware found from users worldwide meaning my protection is constantly up to date. Independent tests have verified that Check Point Threat Prevention has the highest catch rate in the industry.  Working for a Check Point partner we utilise Check Point's endpoint solution in our day to day work and the most valuable benefit is knowing I am being protected from email, endpoint and removable media attacks and when attacks occur I am likely to weather the storm better than other users.

Threat Emulation gives networks the necessary protection against unknown threats in files that are attached to emails. The Threat Emulation engine picks up malware at the exploit phase before it enters the network. It quickly quarantines and runs the files in a virtual sandbox, which imitates a standard operating system, to discover malicious behavior before hackers can apply evasion techniques to bypass the sandbox. The Threat Extraction blade extracts potentially malicious content from e-mail attachments before they enter the corporate network. 

We like that we get to segregate our network. If there's any malicious content in any of those files it gets segregated so it doesn't affect any of your existing infrastructure or network traffic.

The mostly useful feature is we can download a file and emulate it outside of our company, then we can get the file and know that the file is clean. It's safe to run inside our company and we have no risk of viruses, Trojans, and so on.

The most valuable feature is that attachments to emails and downloads from the web are being emulated in the cloud. We see some malicious downloads and attachments, but it is not a lot. I am thinking about enabling the Threat Extraction blade now.

When they work, the log correlation, IPS, antivirus, anti-bot, and the SandBlast are the most valuable features. 

The zero-day protection is its most valuable feature. 

Check Point SandBlast is best in terms of the extraction function. Customers can get a clean firewall with extraction after I've cleaned and scanned it from Check Point. It's easy for users, too.

It saves everyone the time of trying to be reactive. Instead, they are proactive by trying to prevent an issue.