Compare Check Point SandBlast vs. RSA NetWitness Logs and Packets (RSA SIEM)

Check Point SandBlast is ranked 3rd in Advanced Threat Protection with 14 reviews while RSA NetWitness Logs and Packets (RSA SIEM) is ranked 9th in Advanced Threat Protection with 6 reviews. Check Point SandBlast is rated 8.4, while RSA NetWitness Logs and Packets (RSA SIEM) is rated 6.6. The top reviewer of Check Point SandBlast writes "We put in high availability clusters and had zero downtime". On the other hand, the top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Provides accurate information, quick analysis from the endpoint perspective, and quick identification of any potential malware". Check Point SandBlast is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox and FireEye Network Security, whereas RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar and ArcSight. See our Check Point SandBlast vs. RSA NetWitness Logs and Packets (RSA SIEM) report.
Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about Check Point SandBlast vs. RSA NetWitness Logs and Packets (RSA SIEM) and other solutions. Updated: November 2019.
383,162 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
Administratively, it's easy to control.The security is its most valuable feature.Its ease of use is the most valuable feature. We had existing endpoints and it was an easy upgrade process. The interface board is also easy to use.The forensics reports and the ability to sandbox malware are its most valuable features.It saves time with us trying to do the analysis. We use it to try to find out how something got into the network. We use it to stop something before it ever gets in.The zero-day protection is its most valuable feature.It has caught some harmful attachments and downloads.We didn't really have any IPS before. So, Check Point has improved our security posture. People get used to doing things certain ways, which might not be the best or most secure way, and they can't do that now, which just requires more education of the user base. With the endpoint client, we've started to use Check Point for remote access.

Read more »

It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible.The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that.The most valuable features are its ingestion of logs and raising of alerts based on those logs.Their technical support responds quickly and are knowledgable.The most valuable feature is the correlation. It can report in real-time and monitor the management.It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before.

Read more »

Cons
Off the top of my head, I can't think of a way it has improved my organization.There was a learning curve for our general population of employees (the user).Using it in the beginning was difficult because I had never used anything similar. In terms of navigating the UI, it was all not too bad, but there is definitely a learning curve.I imagine there will be improvements in later versions. There are hotfixes that come out all the time.I would like for them to improve the visibility in the product.Most of the time stability is okay, but sometimes, we're not able to contact the cloud. It won't last for long. The product could be faster.There have been a couple of things that we've tried where we read through the documentation, and we were really looking for some help in implementing, and technical support wanted me to try it first, then call them if it breaks. It would be nicer if they would hold my hand a bit more. It makes me nervous in production, as I don't have a lab.It needs to include built-in deployment. This will make the job easier rather than having to go and dig up an Active Directory deployment along with policy objects.

Read more »

They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams.The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together.I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex.The initial setup was complex because it takes a lot of time to complete the implementation.The implementation needs assistance.We have encountered issues with unresolved crashes.

Read more »

Pricing and Cost Advice
We would like to try the Threat Extraction blade, but you need to buy a license. Check Point is expensive. I would like to buy things, but I would need the funding.We didn't actually purchase the software. It was given to us by Check Point. We are using it as a test bed for possible future customers.We have seen ROI.Pricing is a little high.

Read more »

We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment.This is a pricey solution; it's not cheap.The licenses are good but the cost is very expensive.It is cheap.

Read more »

report
Use our free recommendation engine to learn which Advanced Threat Protection solutions are best for your needs.
383,162 professionals have used our research since 2012.
Ranking
Views
3,281
Comparisons
2,400
Reviews
13
Average Words per Review
388
Avg. Rating
8.4
Views
6,647
Comparisons
4,415
Reviews
6
Average Words per Review
391
Avg. Rating
6.5
Top Comparisons
Also Known As
RSA Security Analytics
Learn
Check Point
RSA
Overview

Check Point’s evasion-resistant technology maximizes zero-day protection without compromising business productivity. For the first time, businesses can reduce the risk of unknown attacks by implementing a prevent-first approach. Learn More about Check Point Sandblast

If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

Offer
Learn more about Check Point SandBlast
Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
Sample Customers
Edenred, State Transport Leasing Company (STLC), Edel AG, Laurenty, Conseil Départemental du Val de Marne, Koch MediaLos Angeles World Airports, Reply
Top Industries
REVIEWERS
Manufacturing Company18%
Individual & Family Service9%
Mining And Metals Company9%
Comms Service Provider9%
VISITORS READING REVIEWS
Software R&D Company31%
Comms Service Provider19%
Financial Services Firm13%
Energy/Utilities Company6%
Find out what your peers are saying about Check Point SandBlast vs. RSA NetWitness Logs and Packets (RSA SIEM) and other solutions. Updated: November 2019.
383,162 professionals have used our research since 2012.
We monitor all Advanced Threat Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Sign Up with Email