Forcepoint Data Loss Prevention Reviews

We're trying to use the solution for data loss prevention on the endpoints.

Every time I pushed the agent to laptops, I wasn't able to gain visibility.

I do not have any real valuable features at the moment. 

It was mostly stable. 

There is a lot of articles and documentation that technical support direct you to.

Getting tech support to assist us took too long. 

The communication between endpoints and the DLP over the internet was difficult.

The ease of deployment wasn't as flexible as Digital Guardian. We did not have a good deployment experience. 

It needs better pricing.

There is too much going on. We need help understanding all of their tools and offerings. We need to understand their offering, and we don't right now.

An integration deployment feature would be great for APIs. They need to use standard APIs and tools.

They need more resources online to assist users in looking for the most up-to-date documentation. 

I've used the solution for two months. 

I'd rate the stability six out of ten. It was okay. It could have been better. 

I did not look into scalability. 

Customer support simply directs us to links to read up on our own. When we contact support, we need one on one help, not directions to articles. They need to improve the way they deal with customers and be more hands-on. 

Neutral

I've also used Digital Guardian. It is an easier solution to deploy.

The initial setup was not that simple. The solution itself is too big, too vast, to really learn properly. It also wasn't as flexible as we needed it to be 

The cost is too high. They need to work on their pricing model. 

I wasn't a part of the decision-making process. 

I cannot recall the version number we're using. 

I'd advise potential new users to do a proof of concept and check vendor integrations. Increase the POC to two or three months, and don't be rushed into the product until you are ready.

The solution is too fast to learn everything. Digital Guardian was much more manageable. 

I'd rate the solution seven out of ten. 

I primarily use the solution for endpoint network and cloud application channels.

From the coverage perspective, it has better insights. 

The solution is stable.

It can scale. 

Technical support has been helpful. 

The pricing is fine. 

It can be giving better insights. 

The footprint could be lower. We'd like fewer devices and components. We'd like to have something unified. Maybe they could reduce the number of servers or hardware that need to be implemented as part of the solution. 

The setup could be streamlined. 

Feature requests do take some time to implement. 

I'd like to have fewer workflows on-prem. Still, I'd like to ensure I get endpoint protection.

Managing the resources and managing the hardware requires multiple people. I have to rely on my server and network administrators, and I have to rely on the DLP administrator, who is managing the solution. That's too many resources, I have to look into it. I want to have a SaaS-based solution to reduce my cost and administration effort in terms of server management, et cetera.

I've used the solution for more than three years. 

It is stable. My only requirement is to be able to invest further or maintain the hardware.

I haven't faced any scalability issues thus far. 

I have 5,000 users on the solution in my organization. We use it regularly. We started with just 3,000 users and have since scaled up. I'm not sure if we will scale more. 

Technical support is fine. I didn't face many challenges yet. However, I have made requests for some of the features and some time requirements. Some of them have to be gone to their development team to add such features, and I do have a couple of enhancements that were done with the latest updates. That said, usually, feature requests maybe take some time. They have their own priorities to address. In general, however, support-wise, I'm good.

Positive

I'm also aware of Symantec and McAfee. 

Forcepoint has extensive coverage compared to Symantec or McAfee. The reliability was good. I'm getting better coverage in terms of security, and I get better insights as well.

Symantec also seems to be good. That's my understanding of the market. However, due to their recent acquisition via Broadcom, they have some higher renewal costs. 

Forcepoint, from a coverage perspective, it is giving better insights on the content. We cannot compare the insights with Microsoft, Palo Alto, or even Trend Micro.

In terms of the initial setup, they have bifurcated in a way so that each and every channel has to be protected. I don't understand why can't we enable something on the fly. For example, with a checkbox, I should be able to enable it as part of the feature to enable the future. That is not available, so I have to go ahead and deploy different components on different channels.

However, it is rather easy. I'd rate it a four out of five in terms of ease of setup.

Skill-wise and license-wise there is no major challenge. 

The value you get with this solution in terms of price is good. Other options don't give the same coverage. 

I'm just looking for a SaaS-based model. That's what I am exploring right now.

Fortunately or unfortunately, Forcepoint has not come up with a pure SaaS-based DLP. I'm just looking in the market to see what the best solution I can get is in terms of the same sort of production or to see how I can gradually migrate it or have a one-time migration of my Forcepoint policies directly to the SaaS-based solution. I'm hoping I can reduce my administration efforts in terms of managing the hardware.

I'm an end-user. 

I use a combination of on-premises and cloud deployments. 

I'd rate the solution eight out of ten. 

Our primary use case for this solution is for malicious activities.

The feature I found most valuable is the DLP. We are using it to do encryptions.

My opinion is that the dashboard could be improved and made more user-friendly. They do not enable a wide range of proper inquiries and we need to identify much of what we need on our own, like incident severity.

In the next release, I'd like to see the updates working properly as the priority apps we have are not upgrading the agent that we have installed.

I have been using this solution for about a year and a half.

I would rate the stability of this solution an eight, on a scale from one to 10, with one being the worst and 10 being the best.

I would rate the scalability of this solution a six, on a scale from one to 10, with one being the worst and 10 being the best.

I would say that their technical support is quite helpful. I would rate them a seven, on a scale from one to 10, with one being the worst and 10 being the best.

Neutral

Our model of deployment is on-premises. The only issue with deployment that we've found is that sometimes OPC is not able to connect to SCM or to a particular vendor. The deployment took around 20 minutes. Everyone was involved in the deployment of this solution, every department. It takes about two to three people to maintain this solution.

We used an in-house team to do the deployment of this solution.

There are around 16,000 users of this solution in our company.

I would recommend this solution to other people.

I would rate this solution as a whole a 10, on a scale from one to 10, with one being the worst and 10 being the best.

We use this product to ensure that our intellectual property is protected. DLP gives us control over IPs and company-sensitive data. It also helps us ensure compliance with global policies and industrial policies like CISS, personally identifiable information, and all sorts of data. 

Forcepoint has a unique fingerprinting technology. We set a policy and as soon as a document goes into the repository, the policy applies. When I receive a document from my MD and want it to remain within the organization, I move it into a repository and it's viewed as sensitive. It's an efficient way to ensure that documents are safe. DLP ensures that data doesn't flow out. 

I would also add that the predefining feature is a very simple process. You pick your industry, add the email, choose your country, populate the type of policies that suit your region, and your industry, and then you can choose what to block and what to allow. 

In general, Forcepoint is miles ahead of its competitors. The closest similar solution would be Symantec, but they're still miles behind.

Currently DLP is an on-prem product and the cloud version is an add-on. I'd like to see DLP as a cloud or hybrid option so we can deploy it as a full cloud solution or on-prem as we choose. I hope they're looking in that direction, it would make a huge difference.

Most of my customers are looking for the ability to control or shut down the USB port devices so that content coming out of the port is blocked. Forcepoint added it to the DUP add-on. McAfee DLP has that feature and most of our customers requesting this have moved from McAfee and want it in Forcepoint DLP.

I've been using this solution for five years. 

The solution is stable. It's been around for a while and has never needed a patch or hub fix. 

The solution is scalable, we currently have 2,600 users. 

If I have all the prerequisites, all the firewalls open and everything, I can deploy in one day. The initial setup requires some expertise to implement. It's easy for me because it's something I've been running for a couple of years. Policies are the issue and they have to be tweaked every day. 

The product is very cheap because it's a DLP switch. It comprises DLP for endpoint, DLP for the network, and DLP for discovery. Forcepoint sells the DLP endpoint, the DLP network, and the DLP discovery separately, and you can choose what you want. We go for the suite which comprises all three which is cheaper.

This is a good product. It's important to understand your needs and pain points.  Once you're clear about why you want it, it's easy to set up and then build from scratch in line with what you want to achieve. 

I rate this solution nine out of 10. 

Some implementations in Forcepoint are easy to do. 

We cannot implement very complex policies or use cases with Forcepoint.

Forcepoint's data visibility is the most valuable feature. 

They need to improve their reporting feature as well as the incident response. They have very limited and basic response rules available for incident management so they need to improve them.

I have been using Forcepoint Data Loss Prevention fora year and a half.

I rate the stability an eight out of ten.

The scalability is an eight out of ten. 

The technical support is average.

Positive

The initial setup is straightforward. It takes about three to four hours to implement this solution.

The solution is expensive. 

Overall, the solution is an eight out of ten. 

Major compliance issues are faced by every manufacturer or by those who use customer data. From a compliance point of view, people want a DLP solution for their organization. Every organization needs a DLP solution to prevent data leakage to external sources outside the company, making it one of the major use cases for every customer as they require a DLP tool that covers multiple channels like email, web, network, printers, USB, and removable devices.

Some of our company's customers who want the tool to deal with some of their use cases are macOS users. When it comes to the area of USB control, macOS takes five to ten seconds, meaning there are some solution-designing problems attached to it. With Forcepoint Data Loss Prevention, policies can be applied in Windows within a fraction of a second, but for MacOS users, it takes five to ten seconds, and during these seconds, data leakage from inside to outside an organization can happen. The product is compliant with Windows. My company suggests the product to those who have a Windows operating system in their environment. If you are a macOS user, the problem or concern arises due to the issues attached to the area of USB control. As a whole, macOS is good for users. The aforementioned details regarding macOS need to be considered for improvement.

I have been using Forcepoint Data Loss Prevention for 5 years. I am a reseller of the tool.

The product's stability is very good, and it is a major reason why it is considered a market leader.

Scalability-wise, I rate the solution a nine out of ten.

My company caters to the needs of multiple customers who use the product.

The technical support for the solution is very good.

The product's initial setup phase was easy.

The solution is deployed on an on-premises model.

The time taken to deploy the product is something which depends on the solution or the setup. Mostly, the solution can be deployed within three days, after which some finetuning is required to meet the requirements of our company's customers.

Speaking about how the tool improves data security and compliance posture, I would say that there are multiple products, one of which is a DLP tool, required from a complaint point of view when it comes to data security.

The product's most valuable features for protecting sensitive data revolve around areas like data discovery, data classification, and data leakage. Forcepoint also provides pre-defined templates for data classification covering components like PII, PHI, and PCI.

Forcepoint DLP is a leading tool in the market.

The policy management and the incident reporting system are very easy since, in our company, we just need to integrate it with our user group and users, based on which we configure the policy and apply it within a fraction of a second. The aforementioned details explain why Forcepoint is leading in the market with respect to DLP products.

The data fingerprinting part is a major reason why my company chose Forcepoint Data Loss Prevention. In our company, we need to use areas like PII, PHI, and PCI, so that, though we can share data via emails or any other channels, we get to block specific areas with the fingerprinting feature of Forcepoint Data Loss Prevention .

From a DLP perspective, Forcepoint Data Loss Prevention is the best. There are no other competitors who can compete with Forcepoint in the area of DLP.

In Forcepoint Data Loss Prevention, the user risk scoring impacts security operations and incident response since it is very easy to deploy from our company's customers' perspective, and it makes their day-to-day operations very easy with respect to incident response.

The main benefits of the use of the solution stem from the fact that it ensures that there are no chances of data leakage of any confidential data from inside to outside of the organization.

I rate the tool an eight out of ten.

Forcepoint is installed on our company-issued laptops to act as an on-premises firewall. This ensures that we cannot access websites that are not whitelisted in the Data Loss Prevention (DLP) system, even when working from home.

The most valuable feature is security.

The administration should take a proactive approach to ensure that research-related websites can be accessed without having to be whitelisted, even if there are some sites that remain off-limits.

The setup is complex and has room for improvement.

The support is slow and has room for improvement.

I have been using the solution for three years.

The solution is as stable as our internet connection.

I give the scalability a nine out of ten.

We have 3,000 employees using the solution.

We use third-party technical support. The turnaround time for support is slow.

I believe the initial setup is complex and is handled by another team.

The deployment was done over the weekends and it took the IT team approximately two to three months to deploy bank-wide.

The licensing is on an annual basis.

I give the solution a nine out of ten.

The solution requires around 15 people for deployment and maintenance.

I recommend the solution to others.

I deployed the solution for three of our customers, and the primary use case is data loss prevention.

The feature with which the solution integrates with the proxy, the ICAP protocol that logs the inline traffic or real-time traffic, is valuable.

The Optical Character Recognition (OCR) functionality is another helpful feature, especially for unstructured data. Being able to discover sensitive data in an unstructured format is the most beneficial element of the solution.

We can add tags to table format or Excel documents, such as ''confidential'' or ''sensitive information'', and the DLP suite takes action according to the defined policy for each tag.

The APIs for device integration are limited, so that could be improved.

If a feature known as Exact Data Match is present, I cannot detect it. This is an easily accessible feature in the Symantec DLP product and those from other vendors, such as Zscaler. EDM either needs to be added as a feature or made easier to find, as I couldn't find it. It's possible none of my customers got a license for this particular feature, but that seems unlikely.

Forcepoint is very stable; I rate it a nine out of ten for stability. 

The solution has excellent scalability; I rate it eight out of ten here. 

The customer support is outstanding. 

Positive

The deployment is straightforward once you understand the solution's architecture. A proper understanding of the different components of Forcepoint DLP is essential, as deploying an enterprise-level DLP could be confusing because the policy server is separate from the main engine sitting on the Triton server. Understanding the components of the enterprise DLP suite is the most critical element for a successful deployment. Still, I rate the solution seven out of ten in terms of ease of setup.

The scale of the particular DLP deployment is also a factor; we had cases where the customer only required endpoint or network DLP, a relatively quick job that two staff can complete. A complete DLP suite, including email, web, and network DLP, plus data classification and labelling, would require four associates. Our most recent deployment was a complete enterprise DLP, which required four staff. The entire deployment took almost three months, including a one-month planning phase. During the planning phase, we prepared the documentation, designed the HLDs and LLDs, and high and low-level diagrams. Following acceptance from the customer, we started the implementation, which took roughly 50 to 60 days.

The level of maintenance required depends on how many events per hour a particular tool is putting out. If a customer wants to check analytics or identify an email or data leak, that situation doesn't require much policy fine-tuning, and a single staff member could deal with it. The customer can also decide what coverage they want, which may be 24/7, an admin to monitor events only, or Monday-to-Friday support. The coverage determines how many engineers will be required.

Another factor in maintenance requirements is the volume of events, as an extensive client could have more than 10,000 servers with many sensitive data in motion. The customer had 24,000 users for our last deployment, and there wasn't a dedicated team for the DLP. The engineering team took care of the network, endpoint, and data security together. There were ten of us on the team, with two engineers per shift for 24/7 coverage.

I can't comment on the cost, as a different department handles that.

I rate the solution eight out of ten. 

Forcepoint is the best DLP solution in the industry. I have yet to see another DLP solution on the market that provides as much security for endpoints; their endpoint DLP is unbeatable. Forcepoint also has an enormous number of features. It's handy, lightweight, easy to deploy, captures all the details, and never gives false positives; it's an excellent product.