Compare Check Point SandBlast Network vs. RSA NetWitness Logs and Packets (RSA SIEM)

Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about Check Point SandBlast Network vs. RSA NetWitness Logs and Packets (RSA SIEM) and other solutions. Updated: July 2021.
523,535 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"Check Point SandBlast Network Solution provides signature-based as well as zero-day threat protection. Also sandboxing can be performed on an on-premise device, cloud as well as the combination of both. Threat emulation is done on multiple OS & verdict is provided.""Threat Emulation gives networks the necessary protection against unknown threats in files that are attached to emails. The Threat Emulation engine picks up malware at the exploit phase before it enters the network. It quickly quarantines and runs the files in a virtual sandbox, which imitates a standard operating system, to discover malicious behavior before hackers can apply evasion techniques to bypass the sandbox.""When our workers are downloading software, SandBlast Cloud is useful to emulate the downloads that the workers are doing. Then, there are no threats coming into the company.""It provides a high rate of catching the zero-day advanced threats.""Threat extraction can help us to remove malicious content from documents by converting them to PDF.""Preventing zero-day threats and extracting potential threats from incoming files with Threat Extraction is the most valuable feature for us.""The sandbox is able to scan files without adding a delay or compromising productivity."

More Check Point SandBlast Network Pros »

"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible.""The most valuable features are the packet decoder, log decoder, and concentrator.""The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it.""The most valuable features are the integration and ease of use.""Performance and reporting are very good.""The most valuable features are the threat prediction and network forensics.""The most valuable feature is the security that it provides.""What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."

More RSA NetWitness Logs and Packets (RSA SIEM) Pros »

Cons
"Many Important controls are only available in CLI & very very complicated. All tecli command features should available on GUI so that it will become easy for normal users to monitor & control queue.""I think Check Point provides standard time which ideally most other vendors take to identify behaviors of a file by sending them into a sandbox environment for inspection.""I would like if it could emulate bigger files and somehow improve this usability. I don't know if this would be possible. However, if it was able to scan or emulate bigger files, then it would be safer for a company using it.""The Threat Emulation software blade significantly affects the performance of the NGFWs, we have a significant increase in the CPU and memory consumption.""In Check Point SandBlast, improvement has to be made with respect to the GUI.""We have noticed a slight performance hit when the Threat Emulation and Extraction features were enabled, but the protection trade-off is worth it for us.""The file types that can be scanned are limited, which means that if the file type is not listed or enabled for the sandbox, they are bypassed and it can lead to a security issue."

More Check Point SandBlast Network Cons »

"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams.""Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance.""The initial setup is very complex and should be simplified.""The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly.""The user interface is a little bit difficult for new users and it needs to be improved.""Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support.""It is not so easy to customize this product.""Security needs improvement."

More RSA NetWitness Logs and Packets (RSA SIEM) Cons »

Pricing and Cost Advice
"Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall.""I think the overall cost for introducing Check Point with SandBlast was reasonable and competitive in the market.""The cost is not significantly high and it can be negotiated during any purchase of NGFW."

More Check Point SandBlast Network Pricing and Cost Advice »

"We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment.""Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day.""Our license is for one year."

More RSA NetWitness Logs and Packets (RSA SIEM) Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
523,535 professionals have used our research since 2012.
Questions from the Community
Top Answer: The sandbox is able to scan files without adding a delay or compromising productivity.
Top Answer: If you already have Check Point NGFW and it's underutilized and sized properly, there is a benefit both in terms of commercial/security and operation. This is because everything is available from a… more »
Top Answer: The file types that can be scanned are limited, which means that if the file type is not listed or enabled for the sandbox, they are bypassed and it can lead to a security issue. The maximum number of… more »
Top Answer: It would help if they could provide the malware analytics in the core package as that would make the cost more reasonable. Licensing is paid annually and I believe the cost is somewhere between 12,000… more »
Top Answer: I believe they could improve their support, there are often delays. The price of the solution could be reduced, it's very costly.
Ranking
Views
3,269
Comparisons
2,086
Reviews
6
Average Words per Review
673
Rating
8.2
Views
6,348
Comparisons
4,183
Reviews
10
Average Words per Review
504
Rating
7.7
Popular Comparisons
Also Known As
RSA Security Analytics
Learn More
Overview

Check Point’s evasion-resistant technology maximizes zero-day protection without compromising business productivity. For the first time, businesses can reduce the risk of unknown attacks by implementing a prevent-first approach. Learn More about Check Point Sandblast

If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

Offer
Learn more about Check Point SandBlast Network
Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
Sample Customers
Edenred, State Transport Leasing Company (STLC), Edel AG, Laurenty, Conseil Départemental du Val de Marne, Koch Media
Los Angeles World Airports, Reply
Top Industries
REVIEWERS
Security Firm17%
Computer Software Company17%
Government8%
Individual & Family Service8%
VISITORS READING REVIEWS
Computer Software Company26%
Comms Service Provider23%
Financial Services Firm8%
Government6%
REVIEWERS
Comms Service Provider30%
Financial Services Firm30%
Computer Software Company20%
Healthcare Company10%
VISITORS READING REVIEWS
Computer Software Company31%
Comms Service Provider22%
Financial Services Firm7%
Government7%
Company Size
REVIEWERS
Small Business41%
Midsize Enterprise23%
Large Enterprise36%
REVIEWERS
Small Business26%
Midsize Enterprise16%
Large Enterprise58%
Find out what your peers are saying about Check Point SandBlast Network vs. RSA NetWitness Logs and Packets (RSA SIEM) and other solutions. Updated: July 2021.
523,535 professionals have used our research since 2012.

Check Point SandBlast Network is ranked 4th in Advanced Threat Protection (ATP) with 7 reviews while RSA NetWitness Logs and Packets (RSA SIEM) is ranked 3rd in Advanced Threat Protection (ATP) with 11 reviews. Check Point SandBlast Network is rated 8.2, while RSA NetWitness Logs and Packets (RSA SIEM) is rated 7.8. The top reviewer of Check Point SandBlast Network writes "Automatically cleans known file types, can detect local file changes, and offers Zero-day attack protection". On the other hand, the top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Good support, powerful decoders and concentrator, but the dashboard is not reflecting events in real-time ". Check Point SandBlast Network is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox, FireEye Network Security, Proofpoint Email Protection and Symantec Advanced Threat Protection, whereas RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar, RSA enVision, LogRhythm NextGen SIEM and ArcSight Enterprise Security Manager (ESM). See our Check Point SandBlast Network vs. RSA NetWitness Logs and Packets (RSA SIEM) report.

See our list of best Advanced Threat Protection (ATP) vendors.

We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.