Basil DangeSenior Manager at a financial services firm
Anonymous UserPrincipal Consultant at a tech services company
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Check Point SandBlast Network Solution provides signature-based as well as zero-day threat protection. Also sandboxing can be performed on an on-premise device, cloud as well as the combination of both. Threat emulation is done on multiple OS & verdict is provided."
"Threat Emulation gives networks the necessary protection against unknown threats in files that are attached to emails. The Threat Emulation engine picks up malware at the exploit phase before it enters the network. It quickly quarantines and runs the files in a virtual sandbox, which imitates a standard operating system, to discover malicious behavior before hackers can apply evasion techniques to bypass the sandbox."
"When our workers are downloading software, SandBlast Cloud is useful to emulate the downloads that the workers are doing. Then, there are no threats coming into the company."
"It provides a high rate of catching the zero-day advanced threats."
"Threat extraction can help us to remove malicious content from documents by converting them to PDF."
"Preventing zero-day threats and extracting potential threats from incoming files with Threat Extraction is the most valuable feature for us."
"The sandbox is able to scan files without adding a delay or compromising productivity."
"The good part is that you don't have to configure it, which is very convenient."
"Some of the valuable features on the email side are anti-phishing, anti-malware, and Safe Links."
"Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features."
"Many Important controls are only available in CLI & very very complicated. All tecli command features should available on GUI so that it will become easy for normal users to monitor & control queue."
"I think Check Point provides standard time which ideally most other vendors take to identify behaviors of a file by sending them into a sandbox environment for inspection."
"I would like if it could emulate bigger files and somehow improve this usability. I don't know if this would be possible. However, if it was able to scan or emulate bigger files, then it would be safer for a company using it."
"The Threat Emulation software blade significantly affects the performance of the NGFWs, we have a significant increase in the CPU and memory consumption."
"In Check Point SandBlast, improvement has to be made with respect to the GUI."
"We have noticed a slight performance hit when the Threat Emulation and Extraction features were enabled, but the protection trade-off is worth it for us."
"The file types that can be scanned are limited, which means that if the file type is not listed or enabled for the sandbox, they are bypassed and it can lead to a security issue."
"We need a separate license and we don't know how to get the license that is required."
"There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types."
"In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement."
"Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall."
"I think the overall cost for introducing Check Point with SandBlast was reasonable and competitive in the market."
"The cost is not significantly high and it can be negotiated during any purchase of NGFW."
"It's a user-base subscription."
"From the pricing point of view, like any other product in the market, there is scope for negotiation."
Check Point’s evasion-resistant technology maximizes zero-day protection without compromising business productivity. For the first time, businesses can reduce the risk of unknown attacks by implementing a prevent-first approach. Learn More about Check Point Sandblast
Microsoft Defender for Office 365 protects all of Office 365 against advanced threats like business email compromise and credential phishing, and automatically investigates and remediates attacks. With Defender for O365 you get Integrated threat protection for all of Office 365 that gives you:
- Native protection for Office 365 with built-in protection that simplifies administration, lowers total cost of ownership, and boosts productivity.
- Unparalleled scale and effectiveness with powerful automated workflows to improve SecOps efficiency.
- A complete solution for collaboration that protects you from attacks across the kill chain.
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security and Compliance Community.
Check Point SandBlast Network is ranked 4th in Advanced Threat Protection (ATP) with 7 reviews while Microsoft Defender for Office 365 is ranked 9th in Advanced Threat Protection (ATP) with 3 reviews. Check Point SandBlast Network is rated 8.2, while Microsoft Defender for Office 365 is rated 8.4. The top reviewer of Check Point SandBlast Network writes "Automatically cleans known file types, can detect local file changes, and offers Zero-day attack protection". On the other hand, the top reviewer of Microsoft Defender for Office 365 writes "Essential security capabilities, plenty of email protection, and enhanced data loss prevention". Check Point SandBlast Network is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox, FireEye Network Security, Proofpoint Email Protection and Symantec Advanced Threat Protection, whereas Microsoft Defender for Office 365 is most compared with Mimecast Email Security with Targeted Threat Protection, Proofpoint Email Protection, Microsoft Exchange Online Protection, Barracuda Email Security Gateway and Fortinet FortiMail. See our Check Point SandBlast Network vs. Microsoft Defender for Office 365 report.
See our list of best Advanced Threat Protection (ATP) vendors.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.