Forcepoint Data Loss Prevention Reviews

We have different areas of DLP like drive, chat, email, network, and endpoint protection. We have different data classifications which are regulated in our industry. Based on that data regulation, we created a few policies as per our government standards, like the social identity number, personally identifiable information, and personal health information. 

We categorized data for different sectors, and we have applied policies, and Forcepoint DLP actively filters it. If I'm sending some PII to you, it should get filtered out because it's against the organization's norm. It does its job actively.

I like that you can quickly create policies and enforce them in a matter of minutes. 

It would be better if we could easily integrate with other products. Suppose I want to integrate this DLP with some other CASB solutions or a firewall solution. In that case, it takes a considerable amount of time because Forcepoint DLP doesn't come with a legacy firewall or CASB solutions to integrate with it. We need to do it separately.

It's not improvised for different sectors, and I need to look for other solutions. I'm investing a lot of time researching and implementing other solutions for other areas. That is one point where I can't feel satisfied with this Forcepoint DLP.

The only problem we have faced is that it consumes most of the CPU whenever a Forcepoint DLP is deployed on an endpoint. This is when users feel some lag in their machine's performance or their Internet performance. That's when we uninstall and try to reinstall, or we'll give a cloud link to which it gets access. We use Forcepoint DLP for endpoint protection, not for email or cloud. For email and drive, we went with the Google DLP.

Forcepoint DLP isn't as efficient on drive or chat, or email. For that, we have some specialized solutions, but it would be better to have a single console where you can control all these areas. It would be pretty easy for a consumer who is going to use this product. All in one shot, you can try to track it and enforce your policies on a single dashboard. That is one point currently lacking in Forcepoint, and I feel they need to work on it.

In the next release, I would like to use this DLP across different solutions like network, firewall, email, or chat with a consolidated dashboard and with integration facilities with other solutions.

Security should work as a whole. It shouldn't work individually in blocks. It does not serve our purpose. It should be integrated with multiple solutions. For that, it should have enough intelligence to work with other tools.

I'm looking forward to seeing that kind of capability with Forcepoint.

I have been using Forcepoint Data Loss Prevention for three years.

Forcepoint Data Loss Prevention is a stable solution.

Forcepoint Data Loss Prevention is a scalable solution. 

Technical support is pretty good. I don't see any kind of delay. As soon as we raise the request, we always get support from Forcepoint DLP immediately.

I heard that the implementation was pretty simple. Only the policy creation took time because we had to build use cases for it. Your industry might have a different use case, and my industry might have a different use case. It took a little bit of time, and it came from an implementation standpoint, and I felt it was pretty good. 

You just need one person working in shifts to use this solution. As we have 8,000 employees, we are doing it in shifts with three professionals.

We used an integrator to implement this solution.

We evaluated Google DLP and Netskope DLP. We chose Forcepoint Data Loss Prevention because of the ease of policy creation. For any DLP solution to work effectively, we need to create our use cases. On top of use cases, we need to build policies and enforce them. In Forcepoint DLP, it's pretty simple to create any kind of policy and enforce them. It doesn't take a lot of time to get it enforced. It all takes a matter of minutes, and I feel this is the biggest advantage of using this DLP solution.

If the organization is pretty small, then I can recommend this solution. However, if it's a pretty huge organization, I will step back a little bit because it won't serve its whole purpose.

On a scale from one to ten, I would give Forcepoint Data Loss Prevention a six.

Our main use case for the product involves classifying and protecting organizational data from unauthorized transfers, especially when users attempt to upload or transfer classified data to public cloud services or data-sharing platforms.

The main challenge is the solution's high cost. Additionally, there is no discount for bulk purchases, making it difficult to get budget approvals.

It could benefit from more AI-based features, such as predictive capabilities and expanded coverage of versatile platforms beyond Google Drive and a few cloud platforms. AI could also suggest appropriate policies during deployment based on the specific environment.

We have been using Forcepoint Data Loss Prevention for about five years.

The solution is very stable. I rate the stability a nine out of ten. 

The product is easy to scale by increasing licenses and deployment for large volumes. I rate the scalability a nine out of ten. 

Sometimes, we receive a delayed response from the technical support team. 

Positive

The setup was quite straightforward.

The deployment took approximately one week and required remote and physical support from a local partner and the necessary hardware and appliances.

I rate the process a nine out of ten. 

We have seen significant benefits in compliance, audit controls, and preventing data leakage, making it effective from an ROI perspective.

The platform's key features include blocking unauthorized data copying to USB drives, preventing data transfers to the cloud, and discovering, classifying, and monitoring data without causing friction for users.

The real-time analytics feature is helpful. It alerts within seconds and promptly informs management of any potential security issues.

I suggest thoroughly understanding your organization's data leakage channels and the criticality of your data. With this understanding, you may fully benefit from using DLP.

Overall, I rate it an eight out of ten. 

We use it for monitoring and blocking sensitive data in emails, following our new governance policy.

We like the ability to customize our requirements and rules, as well as its ease of use and management. It also has a cloud feature and proxy functionality.

The product is good, but the biggest issue is needing direct support from Forcepoint.

In future releases, it would be helpful if the OCR feature supported more standard formats, as currently, Forcepoint cannot block some standard data formats.

I have been using it for three years. 

I would rate the stability a seven out of ten. We occasionally experience some downtime and glitches, mainly on the cloud side.

It is very scalable and we have not encountered any issues.  There are around 11,000 end users using this solution.

I would rate the scalability an eight out of ten.  

It can be hard to contact customer service and support, and their response times and solutions can be slow and sometimes irrelevant.

A lot of time their feedback is not helpful. 

Neutral

Forcepoint offers a more cost-effective solution because everything, including OCR, is included in one package, unlike Symantec, where it is an add-on with an additional cost. We also considered McAfee before choosing Forcepoint.

So, the main reason we chose Forcepoint is the cost because it's a single package.

The initial setup is simple. It's now easier than Microsoft, for example.

We currently use a hybrid model with on-premises deployment for the top and cloud access for laptops.

There are five people in our technical team handling deployment and maintenance of this solution. 

I would rate the pricing a six out of ten, where one is high price, and ten is low price. It can be a low price. 

Overall, I would rate the solution a seven out of ten. There is some room for improvement.

We use this product to ensure that our intellectual property is protected. DLP gives us control over IPs and company-sensitive data. It also helps us ensure compliance with global policies and industrial policies like CISS, personally identifiable information, and all sorts of data. 

Forcepoint has a unique fingerprinting technology. We set a policy and as soon as a document goes into the repository, the policy applies. When I receive a document from my MD and want it to remain within the organization, I move it into a repository and it's viewed as sensitive. It's an efficient way to ensure that documents are safe. DLP ensures that data doesn't flow out. 

I would also add that the predefining feature is a very simple process. You pick your industry, add the email, choose your country, populate the type of policies that suit your region, and your industry, and then you can choose what to block and what to allow. 

In general, Forcepoint is miles ahead of its competitors. The closest similar solution would be Symantec, but they're still miles behind.

Currently DLP is an on-prem product and the cloud version is an add-on. I'd like to see DLP as a cloud or hybrid option so we can deploy it as a full cloud solution or on-prem as we choose. I hope they're looking in that direction, it would make a huge difference.

Most of my customers are looking for the ability to control or shut down the USB port devices so that content coming out of the port is blocked. Forcepoint added it to the DUP add-on. McAfee DLP has that feature and most of our customers requesting this have moved from McAfee and want it in Forcepoint DLP.

I've been using this solution for five years. 

The solution is stable. It's been around for a while and has never needed a patch or hub fix. 

The solution is scalable, we currently have 2,600 users. 

If I have all the prerequisites, all the firewalls open and everything, I can deploy in one day. The initial setup requires some expertise to implement. It's easy for me because it's something I've been running for a couple of years. Policies are the issue and they have to be tweaked every day. 

The product is very cheap because it's a DLP switch. It comprises DLP for endpoint, DLP for the network, and DLP for discovery. Forcepoint sells the DLP endpoint, the DLP network, and the DLP discovery separately, and you can choose what you want. We go for the suite which comprises all three which is cheaper.

This is a good product. It's important to understand your needs and pain points.  Once you're clear about why you want it, it's easy to set up and then build from scratch in line with what you want to achieve. 

I rate this solution nine out of 10. 

We do managed services. We analyze customers' requirements, and then we suggest a proper DLP or endpoint data protection solution. We have implemented Forcepoint DLP and Forcepoint Web Gateway for multiple customers.

Forcepoint DLP helped a lot when an incident was created and we tried to have an auto-remediation of the incident. For DLP, an incident is a key factor. DLP is meant to generate an incident, and that incident should be managed. If no one is managing the incident, DLP is of no use. Forcepoint has an email workflow. It provides email incident remediation wherein an automatic email is generated for the manager. If a person violates a policy, we can configure it in a way that one email is sent to the manager. One email will also go to the end-user. The end-user can again analyze the activity and give us feedback about whether it was a genuine business need and we should release that email, or whether it was a mistake and we should quarantine that email. The decision is made by the manager or by the end-user who sent the email. This helped a lot and reduced the incident count. It was very helpful to have such a report and to be able to say that the end-user was aware of the fact that this email has been quarantined. After providing the legal justification, the email was released by him. It reduced 40% of incidents for emails. This kind of feature is not available in other DLP solutions, and I really appreciate having that feature.

The workflow remediation is quite good. That is a key feature because of which it has the upper hand over other DLP solutions.

Endpoint protection, web protection, network protection, and storage use are valuable features. Among these, endpoint protection is most valuable.

It has good policies and good mechanisms to detect incidents.

They can have less memory consumption for their endpoint channels. They are not that adaptive with other endpoints solutions like EPP and EDR. They can improve in this aspect. 

Their discovery or the way they discover the data at risk can also be improved. There are many database servers that are not supported by Forcepoint.

Their login mechanism to find out the issue is another thing they need to improve. We would like to have the finest login to figure out what exactly is happening and why we are not able to communicate with the detection server. One of the products I have used is better in this aspect. We can have the finest level login, and we can figure it out, but I haven't found such an option in Forcepoint. 

I have been into DLP technology for the last eight years. I have been using Forcepoint for three years.

I have worked with another DLP solution in and out, and I find that solution to be more stable than Forcepoint. Once you implement a policy in that solution, the policy will always function. You can be assured that the policy will be functional. With Forcepoint, I always need to check whether the policy is functional or not and whether my policy is getting synchronized on the detection server or not. There won't be any sort of end trigger if the policy synchronization was stopped. 

It is quite scalable. It is comparable to other DLP solutions in terms of scalability.

I haven't interacted that much with their support, but whenever I created a case, there was proper support. As compared to other solutions, Forcepoint's support is more technical and professional.

I have used other solutions. Many of the customers are switching to Forcepoint. They are not getting proper support from one of the vendors. So, they are switching to Forcepoint. They are getting equal or more benefits with Forcepoint, and its cost is also low.

Incident remediation is awesome in Forcepoint. One of the solutions that I used did not have incident remediation. Forcepoint again has the upper hand in terms of policies. It has nearly 1,700 policy templates that we can use. Many compliance-related and PII-related rules are readily available in those templates. Forcepoint also has a time-based policy, wherein they can detect that a policy is active within a certain period of time. This visibility is not there in other solutions. Forcepoint also supports flow data transfer analysis.

Overall, Forcepoint DLP has the upper hand. Stability and scalability are secondary. The primary thing is that an application should be usable. Forcepoint is really user-friendly, and it has multiple options. They say that they can detect the malware if data leakage is happening to malware. They do have some sort of analysis in their detection engine to detect malware.

As compared to other DLP solutions, it is quite complex because they do have their policy server and analytics server in place, and their Forcepoint manager is also there. With other solutions, we need to have an Oracle Database in place, which is not required with Forcepoint. For Forcepoint, SQL Server can be quickly installed and is ready for use.

The installation duration depends on the organization and the size of the organization. For the same set of organizations, Forcepoint will take 30% less time as compared to others. In many organizations, I have implemented it within a month, and in many organizations, the project took one year.

The implementation strategy depends on the customer, but we do follow the implementation steps, such as gathering information and then deciding which detection server to go for, where to place it, and how many counts are required. If I have more than 30,000 agents, then I definitely need to think about one more endpoint prevent server. So, it depends on the organization size and the response of the organization in terms of how quickly they adapt DLP and how friendly they are with the DLP solution. The biggest implementation that we had done had 30,000 users.

Our customers have seen an ROI. 

Its pricing is quite low considering the features they are offering. As compared to other solutions, it is reasonable. 

They do have professional support. If we need professional support, then there will be additional costs.

You definitely need to do a proper calibration of the organization and data flow analysis. Even though there are 1,700 policy templates, each and every organization will have a different set of rules and data to be analyzed. So, data flow analysis is a must with Forcepoint DLP to create a proper policy.

Cost-wise, it is a very good product. An organization should really consider this product if they are in process of DLP implementation, or if they are thinking of switching from any other DLP solution. If there is a budget constraint or you need a good DLP solution, I would definitely recommend Forcepoint DLP.

I would rate Forcepoint Data Loss Prevention an eight out of 10. There is no DLP that will score a 10.

We use it mostly for endpoint protection of PCI information, as well as PII, such as social security numbers.

We have a hybrid system, in that we utilize the cloud as well as our on-premises appliances. Depending on where the customer is, if they're on-premises or if they're working from home or elsewhere, we have that covered with the hybrid solution. Forcepoint has its product available in the cloud and we use the on-premises side when the data is going through the appliances.

The greatest benefit is the detection, detecting either accidental or unauthorized transmission of certain kinds of PCI or PII data that we prohibit. It's very useful to get that from alerts. We can also block them outright, depending on what threshold we have set. That's the most useful thing about DLP, that it prevents unauthorized usage of that kind of data.

Some of the built-in rules, templates, and content classifiers are among the most valuable features. Some of the built-in patterns are good places to get started with. Along with the phrases, they are helpful in putting together policies and fine-tuning our policies. A good example of that would be certain kinds of credit card data. They have a lot of algorithms available to fine-tune what exactly you're looking for, whether it be credit cards from Mexico, or US credit cards, et cetera. They have a good database of those types of predefined algorithms, ways to detect things, and the specific information you're looking for.

These features are valuable because they work and seem to be picking up the right data. They seem accurate. It's also convenient to be able to choose them and not have to figure it out myself or create my own. That goes a long way toward fine-tuning our policies.

The user-friendliness of the interface in formulating DLP policies could be improved. An example would be managing policies. It's a little daunting at first, and can be confusing, at times, when it comes to how to set things up and how to add policies. They could improve on that.

Overall, I would like to see them modernize. I'm on version 8.5, so there are newer versions out. They may have done that already. I'd have to demo the newer versions.

We're planning on upgrading this year to 8.6. I believe that in going to 8.6, we will be gaining some additional features. The newer versions will have better detection capabilities with improvement to their algorithms.

I have been using Forcepoint Data Loss Prevention for about five years or six years.

The on-premises solution has high availability. The appliances that we've used are very stable. They just keep running. We have had very few issues with the appliances in terms of failure. In those situations, they were more on the hardware side. They just needed a reboot and that fixed things. Overall, the stability is good for on-premises. 

In terms of the cloud side, availability doesn't come into play as much because we don't change policies that often. We don't modify the policies on a day-to-day basis. We might modify a policy once a week or once every month, at the most. The client or endpoint really just needs to receive that update once, and it's pretty much good to go. So we're not relying too much on the cloud availability, except for that initial update for each endpoint. The cloud availability is going to be more relevant on the web side of the product, where you're going to want continual web access, filtering, et cetera.

One feature that I'm getting ready to take advantage of more is the ability to add more data crawlers to the DLP on-prem environment, without any extra Forcepoint costs or licensing needed for that additional data server. That will help in reducing the stress on the data server that we're using now. It will help manage all the policies, the clients that connect to it, and all of the network discovery tasks, especially. They will all be handled much more efficiently when we spread the load. We're looking to add an extra one or two Windows Servers for that, so the additional cost would just be related to the Windows setup.

Forcepoint's technical support for the solution is excellent. The technicians that I have dealt with have been with their company for a long time and they know their product inside and out.

There has been no other similar solution here, as long as I have been with the company. I started off with a sister company, and they actually used a very early version of Websense, which is what Forcepoint used to be called before it became Forcepoint. That means we have never used a competing vendor.

I was not involved in the initial deployment, but we've had it ever since I've been on the team here. I've been managing it ever since. I was there for the initial deployment in one of our sister companies. It wasn't anything unusually difficult. It just required installing some hardware and getting all the firewall rules worked out. Once you get all that in place, everything usually works pretty well. That's been my experience, even with upgrades. Most of the time our issues have been firewall blocks within our own company. That's usually the biggest hurdle, overcoming our firewall-related issues.

We use it on about 5,000 endpoints and we have two people who administer  it. They're both information security analysts.

I don't have ROI numbers. I base everything on: "Am I getting the support that I need?" And the answer is "yes."

We have never looked at other solutions at a PoC level.

What I can recommend is getting the highest tier of support that you can afford, because it's absolutely critical. I don't know how I would do everything if I had to submit a request and wait several days for it. I don't know how I would keep things going in that situation. With a higher level of support you can call someone and you also have someone who is managing your account. That's also really nice, because you get some extra benefits out of that.

I'm very satisfied and would rate it at nine out of 10.

The main use case for Forcepoint DLP is its OCR feature, which many customers need. The OCR capability can only be used at the network level, not at the endpoint level. It enables network-based data security, such as scanning emails or web traffic for potential data leaks. It's useful when dealing with scanned documents or screenshots containing sensitive information, preventing data leakage for multiple customers who require this level of security.

DLP also provides a test suite and integrates with a cloud access security broker. This helps protect data in cloud storage environments and gives you more control over data security in the cloud.

First, you need to categorize your data—what kind of data it is, the severity of its sensitivity, how long it needs protection, and the destinations that need protection. Forcepoint provides a dedicated solution with a user-friendly interface that makes it easy to manage. Remember that DLP doesn't handle data classification independently, so you'll need another tool to classify your data. For instance, you might use a classification tool to label documents as confidential, private, or internal.

Once the classification agent is installed on the endpoint, users need to label their data accordingly. For example, a Word document containing sensitive information should be labeled confidential. After labeling, you can create a policy in the DLP solution, such as Forcepoint, to block any data labeled as confidential from being shared. You can specify destination addresses to block at various levels, like the network, email, or RDP.

It is a bit expensive.

When deploying a DLP solution in your environment, it is important to follow best practices and start with monitoring mode. Initially, you may not know where your data resides, which users need access to it, or the nature of the data itself. Deploying an agent and monitoring the data flow and usage for three to six months is essential. 

Forcepoint DLP helped customers save some money at the end of the cyber security field. Data is the most important thing you need to implement for a DLP solution in your environment. You could also face insider threats. Implementing a DLP solution helps prevent potential data leaks by giving you control over what kind of data is being accessed, where it's stored, and how it's being used within your environment. It also allows you to monitor and prevent unauthorized sharing of sensitive data, ensuring better security across your organization.

You have two primary use cases for encryption: one for USB devices and the other for network-level data, like email. For email encryption, you can use an appliance that encrypts emails before sending them to another recipient. You can set up DLP for USB devices to manage and secure the data copied to the USB. By registering the USB with your DLP administrator or security tool, such as Forcepoint Security Manager, you can ensure that any data transferred to the USB is protected through encryption, preventing unauthorized access.

Integrating a DLP solution with your Active Directory is a prerequisite for implementing it in your environment. Ensuring your Active Directory follows best practices and benchmarks is crucial for seamless integration and optimal functionality of the DLP solution. You need to add the Active Directory to the environment. It must be integrated because you cannot block your data if your endpoint is not integrated with the endpoint level.

Overall, I rate the solution a nine out of ten.

Some implementations in Forcepoint are easy to do. 

We cannot implement very complex policies or use cases with Forcepoint.

Forcepoint's data visibility is the most valuable feature. 

They need to improve their reporting feature as well as the incident response. They have very limited and basic response rules available for incident management so they need to improve them.

I have been using Forcepoint Data Loss Prevention fora year and a half.

I rate the stability an eight out of ten.

The scalability is an eight out of ten. 

The technical support is average.

Positive

The initial setup is straightforward. It takes about three to four hours to implement this solution.

The solution is expensive. 

Overall, the solution is an eight out of ten.