Basil DangeSenior Manager at a financial services firm
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Check Point SandBlast Network Solution provides signature-based as well as zero-day threat protection. Also sandboxing can be performed on an on-premise device, cloud as well as the combination of both. Threat emulation is done on multiple OS & verdict is provided."
"Threat Emulation gives networks the necessary protection against unknown threats in files that are attached to emails. The Threat Emulation engine picks up malware at the exploit phase before it enters the network. It quickly quarantines and runs the files in a virtual sandbox, which imitates a standard operating system, to discover malicious behavior before hackers can apply evasion techniques to bypass the sandbox."
"When our workers are downloading software, SandBlast Cloud is useful to emulate the downloads that the workers are doing. Then, there are no threats coming into the company."
"It provides a high rate of catching the zero-day advanced threats."
"Threat extraction can help us to remove malicious content from documents by converting them to PDF."
"Preventing zero-day threats and extracting potential threats from incoming files with Threat Extraction is the most valuable feature for us."
"The sandbox is able to scan files without adding a delay or compromising productivity."
"This solution has advanced a lot over the last few years."
"Many Important controls are only available in CLI & very very complicated. All tecli command features should available on GUI so that it will become easy for normal users to monitor & control queue."
"I think Check Point provides standard time which ideally most other vendors take to identify behaviors of a file by sending them into a sandbox environment for inspection."
"I would like if it could emulate bigger files and somehow improve this usability. I don't know if this would be possible. However, if it was able to scan or emulate bigger files, then it would be safer for a company using it."
"The Threat Emulation software blade significantly affects the performance of the NGFWs, we have a significant increase in the CPU and memory consumption."
"In Check Point SandBlast, improvement has to be made with respect to the GUI."
"We have noticed a slight performance hit when the Threat Emulation and Extraction features were enabled, but the protection trade-off is worth it for us."
"The file types that can be scanned are limited, which means that if the file type is not listed or enabled for the sandbox, they are bypassed and it can lead to a security issue."
"When the data leaves the cloud, there are security issues."
"Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall."
"I think the overall cost for introducing Check Point with SandBlast was reasonable and competitive in the market."
"The cost is not significantly high and it can be negotiated during any purchase of NGFW."
Check Point’s evasion-resistant technology maximizes zero-day protection without compromising business productivity. For the first time, businesses can reduce the risk of unknown attacks by implementing a prevent-first approach. Learn More about Check Point Sandblast
Microsoft Defender for Identity is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization. With Microsoft Defender for Identity, you can:
- Monitor users, entity behavior, and activities with learning-based analytics
- Protect user identities and credentials stored in Active Directory
- Identify and investigate suspicious user activities and advanced attacks throughout the kill chain
- Provide clear incident information on a simple timeline for fast triage
To learn more about our solution, ask questions, and share feedback, join our Microsoft Defender for Identity Community.
Check Point SandBlast Network is ranked 5th in Advanced Threat Protection with 7 reviews while Microsoft Defender for Identity is ranked 13th in Advanced Threat Protection with 1 review. Check Point SandBlast Network is rated 8.2, while Microsoft Defender for Identity is rated 9.0. The top reviewer of Check Point SandBlast Network writes "Automatically cleans known file types, can detect local file changes, and offers Zero-day attack protection". On the other hand, the top reviewer of Microsoft Defender for Identity writes "Identifies, detects, and investigates advanced threats". Check Point SandBlast Network is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox, FireEye Network Security, Proofpoint Email Protection and Symantec Advanced Threat Protection, whereas Microsoft Defender for Identity is most compared with Microsoft Defender for Office 365 and Palo Alto Networks WildFire.
See our list of best Advanced Threat Protection vendors.
We monitor all Advanced Threat Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.