We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Threat Emulation gives networks the necessary protection against unknown threats in files that are attached to emails. The Threat Emulation engine picks up malware at the exploit phase before it enters the network. It quickly quarantines and runs the files in a virtual sandbox, which imitates a standard operating system, to discover malicious behavior before hackers can apply evasion techniques to bypass the sandbox."
"Preventing zero-day threats and extracting potential threats from incoming files with Threat Extraction is the most valuable feature for us."
"The sandbox is able to scan files without adding a delay or compromising productivity."
"You do not need to risk your network by using the in-line sandbox."
"When our workers are downloading software, SandBlast Cloud is useful to emulate the downloads that the workers are doing. Then, there are no threats coming into the company."
"Threat extraction can help us to remove malicious content from documents by converting them to PDF."
"It provides a high rate of catching the zero-day advanced threats."
"Check Point SandBlast Network Solution provides signature-based as well as zero-day threat protection. Also sandboxing can be performed on an on-premise device, cloud as well as the combination of both. Threat emulation is done on multiple OS & verdict is provided."
"It has definitely helped us improve our mean time to resolution on network issues."
"From what I understand, you can encrypt and unencrypt traffic moving in transit. This is one of the features that we liked about it."
"Overall, the implementation is very good."
"Great network monitoring, looking at anomaly detection and evaluation."
"We find that Stealthwatch can detect the unseen."
"It's easy to set up. The deployment takes one or two days. You need to collect the data from a device and then direct it to the portal."
"Many Important controls are only available in CLI & very very complicated. All tecli command features should available on GUI so that it will become easy for normal users to monitor & control queue."
"We have noticed a slight performance hit when the Threat Emulation and Extraction features were enabled, but the protection trade-off is worth it for us."
"The file types that can be scanned are limited, which means that if the file type is not listed or enabled for the sandbox, they are bypassed and it can lead to a security issue."
"I would like if it could emulate bigger files and somehow improve this usability. I don't know if this would be possible. However, if it was able to scan or emulate bigger files, then it would be safer for a company using it."
"The Threat Emulation software blade significantly affects the performance of the NGFWs, we have a significant increase in the CPU and memory consumption."
"EDR and EPM solutions like Carbon Black or CyberArk have integrations with the cloud version of Sandblast, however, there must be on-premise Sandblast options also."
"In Check Point SandBlast, improvement has to be made with respect to the GUI."
"I think Check Point provides standard time which ideally most other vendors take to identify behaviors of a file by sending them into a sandbox environment for inspection."
"Cisco could improve the administration for the customers."
"The visualization could be improved, the GUI is not the best."
"We would like the solution to make more advances in the way that Extreme Networks has been doing."
"It's a good solid solution but integration with Network Access Control products with Cisco ISE would be good."
"Many of these tools require extensive on-premises hardware to run."
"We determined that Stealthwatch wouldn't provide the machine learning model that we required."
"The cost is not significantly high and it can be negotiated during any purchase of NGFW."
"I think the overall cost for introducing Check Point with SandBlast was reasonable and competitive in the market."
"Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall."
"This is an expensive product. We have quit paying for support because we don't want to have to upgrade it and keep paying for it."
Check Point’s evasion-resistant technology maximizes zero-day protection without compromising business productivity. For the first time, businesses can reduce the risk of unknown attacks by implementing a prevent-first approach. Learn More about Check Point Sandblast
Cisco Stealthwatch uses NetFlow to provide visibility across the network, data center, branch offices, and cloud. Its advanced security analytics uncover stealthy attacks on the extended network. Stealthwatch helps you use your existing network as a security sensor and enforcer to dramatically improve your threat defense.
Check Point SandBlast Network is ranked 5th in Advanced Threat Protection (ATP) with 8 reviews while Cisco Stealthwatch is ranked 5th in Network Traffic Analysis (NTA) with 6 reviews. Check Point SandBlast Network is rated 8.2, while Cisco Stealthwatch is rated 8.4. The top reviewer of Check Point SandBlast Network writes "Automatically cleans known file types, can detect local file changes, and offers Zero-day attack protection". On the other hand, the top reviewer of Cisco Stealthwatch writes "Provides valuable security knowledge and helps us improve network performance". Check Point SandBlast Network is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox, FireEye Network Security, Proofpoint Email Protection and Microsoft Defender for Office 365, whereas Cisco Stealthwatch is most compared with Darktrace, SolarWinds NetFlow Traffic Analyzer, Palo Alto Networks Threat Prevention, Cisco Stealthwatch Cloud and ThousandEyes.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.