I was delighted to read David Strom’s extremely favorable product review of Check Point SandBlast Mobile in CSO magazine a few weeks ago. Strom really puts SandBlast Mobile through the paces in the review, and in the process provides security and IT leaders facing the challenge of securing mobility in their organizations with a great deal of insight.

In short, Strom found SandBlast Mobile to be a comprehensive yet easy to manage mobile threat defense solution, which is worth the cost to protect against a wide range of attack vectors. The review clearly demonstrates that it’s possible to easily deploy the most advanced security solution, without impacting performance or the overall mobile experience of employees.

Detected all intentional infections in seconds

As part of his test, Strom simulated a number of attack scenarios on Android and iOS devices. He launched man-in-the-middle attacks, ran information stealing malware, and even downloaded phishing scams. In addition, he introduced Stagefright, the Android exploit that roots the device. The results?

SandBlast Mobile “found all of our intentional infections quickly and displayed notifications on the phone and management dashboard within a few seconds,” writes Strom.

Defense in depth

Strom notes that SandBlast Mobile performs a battery of scans on protected devices that detect known and unknown malware. These scans include sandbox emulation on Android apps, advanced code flow analysis, app reputation, and threat intelligence, which is powered by Check Point Threat Cloud, with malware and exploits collected from more than 100,000 network nodes around the world. According to Strom, “these additional scans are why SandBlast Mobile is considered defense in depth; it goes beyond looking for signatures and dives deeper into the malware’s actual behavior.”

A breeze to manage

SandBlast Mobile “fits in between mobile device managers (MDMs) and security event log analyzers, and actually makes it easier to manage the overall security footprint” of enterprise mobile deployments, according to Strom. He explains how an MDM solution helps SandBlast Mobile enable application whitelisting, segregating apps and data from personal ones, tracking stolen phones, controlling network access and other non-security-related tasks, noting that  it works well with all the leading MDMs, including AirWatch, MobileIron, Microsoft Intune, Maas360, and Blackberry Enterprise Server.

Getting started with SandBlast Mobile is easy, as the smartphone app takes “just a few clicks to install” for both Android and iOS, and the web-based administrative dashboard is a simple software-as-a-service tool. The dashboard is organized for “large collections of thousands of devices where an admin can search and quickly find issues and threats.”

While there are many configuration choices in the dashboard, SandBlast Mobile makes most of them for you. According to Strom, “this makes getting started quicker: other tools require more customization to be useful out of the box.”

SandBlast Mobile “is probably the simplest Check Point product that I have ever used,” wrote Strom.

A resounding endorsement

Net-net, Strom and CSO gave SandBlast Mobile high marks. “SandBlast Mobile offers solid mobile protection for your end users, and is very affordable. … It is certainly worth the expense, given the cost of cleaning up after an infection.”

Check out the review for yourself. Thanks, David!