We performed a comparison between Check Point SandBlast Network and Cisco Secure Network Analytics based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, ESET and others in Advanced Threat Protection (ATP)."SandBlast updates the threat signatures frequently."
"Preventing zero-day threats and extracting potential threats from incoming files with Threat Extraction is the most valuable feature for us."
"When our workers are downloading software, SandBlast Cloud is useful to emulate the downloads that the workers are doing. Then, there are no threats coming into the company."
"The most efficient and protective characteristics of Check Point's SandBlast solution are that we can see a lot of this protection at the network and mail levels."
"Check Point SandBlast Network Solution provides signature-based as well as zero-day threat protection. Also sandboxing can be performed on an on-premise device, cloud as well as the combination of both. Threat emulation is done on multiple OS & verdict is provided."
"The Check Point SandBlast Network gives us incredibly good features."
"The zero-day protection is its most valuable feature."
"The forensics reports and the ability to sandbox malware are its most valuable features."
"It is a good application, providing for real-time monitoring of the organization of data. It can basically identify points of peak traffic where possible issues are being caused."
"The artifacts available in the tool provide better information for analyzing network traffic. It enables a holistic view of network traffic and general packet analysis. It's easy to identify anomalies without the use of signatures. The way in which we implemented Stealthwatch Cloud has enabled my team to analyze traffic behind proxies."
"StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk."
"The most valuable features of this solution are its reporting and mitigation capabilities."
"Stability is the most valuable feature we have seen in this solution."
"It has improved our internal knowledge of what's going on with the network, and that's helpful."
"Being able to graph and show data to management has improved our organization. We can show the data to the higher-ups. It shows them that it's picking up on these anomalies and doing its job."
"If you are using Darktrace or NAC solutions you can integrate Stealthwatch."
"The file types that can be scanned are limited, which means that if the file type is not listed or enabled for the sandbox, they are bypassed and it can lead to a security issue."
"I am very leery right now about the stability. We've had three outages in the last month because of Check Point, not because of something that the customer has done, but because of changes on the Check Point side."
"I think Check Point provides standard time which ideally most other vendors take to identify behaviors of a file by sending them into a sandbox environment for inspection."
"The management of alerts could improve them a bit - especially in event management."
"There have been a couple of things that we've tried where we read through the documentation, and we were really looking for some help in implementing, and technical support wanted me to try it first, then call them if it breaks. It would be nicer if they would hold my hand a bit more. It makes me nervous in production, as I don't have a lab."
"Check Point SandBlast Network can improve the integration with third-party vendors, such as EDR or CRM products. For example, IBM Curator."
"There is a limit on the number of files that can be scanned in real-time, which could lead to us being found with our guard down on a high-traffic day."
"In Check Point SandBlast, improvement has to be made with respect to the GUI."
"The GUI could use some improvement. Being able to find features more easily would be a great improvement if it was simplified."
"I would like to see more and cleaner reporting. For example, if I pull up Steven and I want to look and maybe compare him to what you've done in the past week, and compare that to the past six months, the point would be to see what the difference in activity looks like over this time. I don't see that capability in reporting to date. You see that trend but you don't really see a straightforward comparison. That right there is key to what we want to see about the normal activity."
"The reporting of day-to-day metrics still has room for improvement."
"One update that I would like to see is an agent-based client. Currently, Stealthwatch is network-based. A local agent could help manage endpoints."
"If there was one improvement I’d suggest it would be that it detect traffic through an intranet. The product requires that traffic flow through a managed network device. The product is designed mostly for enterprise environments and not smaller environments or businesses."
"Initially, I felt Cisco Secure Network Analytics lacked integration with Splunk."
"Cisco Stealthwatch needs more integration with device discovery. We have to do a lot of hard work to figure out what things are. Better service integration is required."
"One update I would like to see is an agent-based client. Currently StealthWatch is network based."
More Check Point SandBlast Network Pricing and Cost Advice →
More Cisco Secure Network Analytics Pricing and Cost Advice →
Check Point SandBlast Network is ranked 8th in Advanced Threat Protection (ATP) with 33 reviews while Cisco Secure Network Analytics is ranked 24th in Network Monitoring Software with 57 reviews. Check Point SandBlast Network is rated 8.4, while Cisco Secure Network Analytics is rated 8.2. The top reviewer of Check Point SandBlast Network writes "High detection with few false positives and able to handle large volumes of data". On the other hand, the top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". Check Point SandBlast Network is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox, Microsoft Defender for Office 365, Trellix Network Detection and Response and Symantec Advanced Threat Protection, whereas Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.