Basil DangeSenior Manager at a financial services firm
Anonymous UserIT Infrastructure Architect at a financial services firm
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Check Point SandBlast Network Solution provides signature-based as well as zero-day threat protection. Also sandboxing can be performed on an on-premise device, cloud as well as the combination of both. Threat emulation is done on multiple OS & verdict is provided."
"Threat Emulation gives networks the necessary protection against unknown threats in files that are attached to emails. The Threat Emulation engine picks up malware at the exploit phase before it enters the network. It quickly quarantines and runs the files in a virtual sandbox, which imitates a standard operating system, to discover malicious behavior before hackers can apply evasion techniques to bypass the sandbox."
"When our workers are downloading software, SandBlast Cloud is useful to emulate the downloads that the workers are doing. Then, there are no threats coming into the company."
"It provides a high rate of catching the zero-day advanced threats."
"Threat extraction can help us to remove malicious content from documents by converting them to PDF."
"Preventing zero-day threats and extracting potential threats from incoming files with Threat Extraction is the most valuable feature for us."
"The sandbox is able to scan files without adding a delay or compromising productivity."
"The most valuable aspects of this solution are that it's simple and stable. It has better security aspects compared to other similar solutions."
"The most valuable features are security and support."
"The interface with Panorama makes it very easy to use."
"The most valuable features are web control and IPS/IDS."
"In Palo Alto the most important feature is the App-ID."
"The most valuable feature is the Posture Assessment."
"The most valuable feature is that you can control your traffic flowing out and coming it, allowing you to apply malware and threat protection, as well as vulnerability checks."
"The Palo Alto VM-Series is nice because I can move the firewalls easily."
"Many Important controls are only available in CLI & very very complicated. All tecli command features should available on GUI so that it will become easy for normal users to monitor & control queue."
"I think Check Point provides standard time which ideally most other vendors take to identify behaviors of a file by sending them into a sandbox environment for inspection."
"I would like if it could emulate bigger files and somehow improve this usability. I don't know if this would be possible. However, if it was able to scan or emulate bigger files, then it would be safer for a company using it."
"The Threat Emulation software blade significantly affects the performance of the NGFWs, we have a significant increase in the CPU and memory consumption."
"In Check Point SandBlast, improvement has to be made with respect to the GUI."
"We have noticed a slight performance hit when the Threat Emulation and Extraction features were enabled, but the protection trade-off is worth it for us."
"The file types that can be scanned are limited, which means that if the file type is not listed or enabled for the sandbox, they are bypassed and it can lead to a security issue."
"In the next release, I would like for them to develop an anti-malware functionality in which it checks for malicious files like Cisco has."
"There should be an option for direct integration with the Azure platform."
"The command-line interface is something that some people struggle with and I think that they should have an option to go straight to the GUI."
"I would like to have automatic daily reporting, such as how many users have connected via SSL VPN."
"The solution needs to have more easily searchable details or documentation about it online, so it's easier to Google if you have queries."
"In the next release, I would like to see better integration between the endpoints and the firewalls."
"The disadvantage with Palo Alto is that they don't have a cloud-based solution that includes a secure web gateway."
"The product needs improvement in their Secure Access Service Edge."
"Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall."
"I think the overall cost for introducing Check Point with SandBlast was reasonable and competitive in the market."
"The cost is not significantly high and it can be negotiated during any purchase of NGFW."
"The price of this solution is very high for some parts of Africa, which makes it a challenge."
"Palo Alto can be as much as two times the price of competing products that have twice the capabilities."
"The cost of this product varies from customer to customer and the relationship with IBM, including how many offerings from IBM are already being used."
"Because I work for a university and the URL is for the institution, it's a free license for us."
"It is not the cheapest on the market. The total cost for two firewall instances is $75,000. This includes licenses, deployment fees, and support for two years."
"The VM series is licensed annually."
Check Point’s evasion-resistant technology maximizes zero-day protection without compromising business productivity. For the first time, businesses can reduce the risk of unknown attacks by implementing a prevent-first approach. Learn More about Check Point Sandblast
The VM-Series is a virtualized form factor of our next-generation firewall that can be deployed in a range of private and public cloud computing environments based on technologies from VMware, Amazon Web Services, Microsoft, Citrix and KVM.
The VM-Series natively analyzes all traffic in a single pass to determine the application identity, the content within, and the user identity. These core elements of your business can then be used as integral components of your security policy, enabling you to improve your security efficacy through a positive control model and reduce your incident response time though complete visibility into applications across all ports.
In both private and public cloud environments, the VM-Series can be deployed as a perimeter gateway, an IPsec VPN termination point, and a segmentation gateway, protecting your workloads with application enablement and threat prevention policies.
Check Point SandBlast Network is ranked 5th in Advanced Threat Protection with 7 reviews while Palo Alto Networks VM-Series is ranked 2nd in Advanced Threat Protection with 16 reviews. Check Point SandBlast Network is rated 8.2, while Palo Alto Networks VM-Series is rated 8.6. The top reviewer of Check Point SandBlast Network writes "Automatically cleans known file types, can detect local file changes, and offers Zero-day attack protection". On the other hand, the top reviewer of Palo Alto Networks VM-Series writes "An excellent solution for the right situations and businesses". Check Point SandBlast Network is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox, FireEye Network Security, Proofpoint Email Protection and Symantec Advanced Threat Protection, whereas Palo Alto Networks VM-Series is most compared with Azure Firewall, Fortinet FortiGate, Cisco ASA Firewall, Juniper SRX and Fortinet FortiGate-VM. See our Check Point SandBlast Network vs. Palo Alto Networks VM-Series report.
See our list of best Advanced Threat Protection vendors.
We monitor all Advanced Threat Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.