We performed a comparison between Check Point SandBlast Network and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of Check Point SandBlast Network is the sandboxing of PDF and Microsoft system files."
"The forensics reports and the ability to sandbox malware are its most valuable features."
"The main feature of the solution is that it protects against malicious threats from the outside."
"The Check Point SandBlast Network gives us incredibly good features."
"SandBlast has opened us up to a lot more opportunities where we can offer this service to clients, that way they don't have to go to a third-party to get this specific solution. It comes in the Check Point Infinity Package so it has helped us a lot."
"Threat Emulation gives networks the necessary protection against unknown threats in files that are attached to emails. The Threat Emulation engine picks up malware at the exploit phase before it enters the network. It quickly quarantines and runs the files in a virtual sandbox, which imitates a standard operating system, to discover malicious behavior before hackers can apply evasion techniques to bypass the sandbox."
"It enables my IT system to apply threat detection intelligence and diffuse the endpoint and potential threat attacks and phishing attacks onto the system in the most proactive and secure manner."
"It has caught some harmful attachments and downloads."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"NetWitness can be highly beneficial for incident detection and response."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"The most valuable features are the integration and ease of use."
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it."
"Incident management is its most valuable feature."
"We would like to see this solution reach mobile devices more efficiently, through apps or more specific products."
"The initial setup was complex because of the lack of information from the consultant."
"The Threat Emulation software blade significantly affects the performance of the NGFWs, we have a significant increase in the CPU and memory consumption."
"The management of alerts could improve them a bit - especially in event management."
"I think Check Point provides standard time which ideally most other vendors take to identify behaviors of a file by sending them into a sandbox environment for inspection."
"I am very leery right now about the stability. We've had three outages in the last month because of Check Point, not because of something that the customer has done, but because of changes on the Check Point side."
"The technical support could use some work, but it's okay. It's a little bit of a tedious process to get through."
"I would like if it could emulate bigger files and somehow improve this usability. I don't know if this would be possible. However, if it was able to scan or emulate bigger files, then it would be safer for a company using it."
"Health monitoring of the event sources and devices."
"The product's licensing models are complex to understand. This particular area needs improvement."
"The initial setup is very complex and should be simplified."
"It is not so easy to customize this product."
"Technical support could be improved."
"The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
More Check Point SandBlast Network Pricing and Cost Advice →
Check Point SandBlast Network is ranked 8th in Advanced Threat Protection (ATP) with 33 reviews while NetWitness Platform is ranked 20th in Log Management with 36 reviews. Check Point SandBlast Network is rated 8.4, while NetWitness Platform is rated 7.4. The top reviewer of Check Point SandBlast Network writes "High detection with few false positives and able to handle large volumes of data". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Check Point SandBlast Network is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox, Microsoft Defender for Office 365, Cisco Secure Network Analytics and Trellix Network Detection and Response, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics. See our Check Point SandBlast Network vs. NetWitness Platform report.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.