Try our new research platform with insights from 80,000+ expert users
Shipra Gupta - PeerSpot reviewer
Service Delivery Manager at Paramount Computer Systems
Real User
Good reporting whether it is at the gateway or it is the LP
Pros and Cons
  • "The product is user-friendly."
  • "We faced some issues with the endpoint installation of the agent as it is not from a common ground."

What is our primary use case?

We use this solution for data theft and for some forensic work.

What is most valuable?

Forcepoint DLP has very good reporting whether it is at the gateway or it is the LP. The product is user-friendly. 

What needs improvement?

We faced some issues with the endpoint installation of the agent as it is not from a common ground. Rather than being able to give a command from the central control and install the agents on the laptop, you need to install them one by one.

For how long have I used the solution?

I have been using Forcepoint Data Loss Prevention for 10 and a half years.

Buyer's Guide
Forcepoint Data Loss Prevention
December 2024
Learn what your peers think about Forcepoint Data Loss Prevention. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.

What do I think about the stability of the solution?

This solution is stable. There is no specific maintenance of Forcepoint DLP, it is just a matter of tweaking the product to comply with any new or amended corporate policies.

What do I think about the scalability of the solution?

Forcepoint DLP is scalable, it is just a matter of installing the agents.

Which solution did I use previously and why did I switch?

Previously, I worked with Symantec DLP and McAfee DLP. Forcepoint is more user-friendly than both of these products.

How was the initial setup?

The initial setup of Forcepoint DLP is neither easy nor complex. The technical setup is easy, however, the user education takes time and can be a bit of a strain. 

What about the implementation team?


What other advice do I have?

If you are considering implementing Forcepoint Data Loss Prevention into your organization, be sure to be clear of your initial requirements. Sometimes users are thinking something totally different and the DLP will not meet those needs. 

Overall, I would rate this solution an eight out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
PeerSpot user
reviewer1964613 - PeerSpot reviewer
Consultant at a tech services company with 1,001-5,000 employees
Real User
Top 5
Offers reasonable DLP features but needs to improve on its integration capabilities
Pros and Cons
  • "The tool is fine for the DLP features, especially when you are on an on-premises model with a data center."
  • "Forcepoint Data Loss Prevention is not a very well-integrated tool."

What needs improvement?

I am not satisfied with the tool and will replace it since its integration with the Microsoft platform solution, which the company has chosen currently, would be difficult, and we don't want to spend too much time on it. It is easier to have a fully integrated stack. Forcepoint Data Loss Prevention is not a very well-integrated tool. We also have artificial intelligence, which is easier to directly integrate into the heart of the platform.

The main issue is that you cannot be in security staff and put your data center in Dubai. You need to master your data redundancies. Putting two data centers in Switzerland is fine, and we can use it, but you cannot have DLP rules, and you put your data in Dubai, which can lead to mistakes. Even the rules are really sensitive data. We could think that only the patterns would go in Dubai or whatever, but the rules are the most important part because the rules define what is going to be detected and what won't be detected, and inside the rules, we have everything customized.

No financial institution will be able to keep Forcepoint in Switzerland when they move outside of the data center. The other issue is that when you are doing a setup with the on-premises version of Forcepoint, the big mistake here is the way the software is split. Speaking about the version of Forcepoint you are going to install in your data centers, the issue here is that it is done for a VMware setup inside the data center, so you can have many servers. In the cloud, you are going to pay for what you are using. If you are using eight or ten servers, you are going to pay for ten, making it really expensive. The web version that you can set up of Forcepoint has not been designed for the cloud. The cloud version is located in Dubai.

For how long have I used the solution?

I have been using Forcepoint Data Loss Prevention for ten years.

How are customer service and support?

The solution's technical support was bad as they have no skills at all. We are not able to get replies from the tool's support team. I am not sure if the tool's team could offer advice or consultations because a local company used to do it for the product, as there are just a few skilled people available at Forcepoint, which is also an issue.

Which other solutions did I evaluate?

Instead of Forcepoint Data Loss Prevention, I recommend Purview to others, especially if you are located on Microsoft platform, since it helps with compliance and not only as a DLP tool. There is a gap we need to close in Forcepoint Data Loss Prevention as it is useful for security operations. For example, it can be used to ask an end user to unlock your blocked emails.

What other advice do I have?

AI is mostly used when you have to check the DLP inside artificial intelligence, and it is not perfect. We were also looking for SSE solutions, and the point is that Forcepoint could have been a good candidate, but it is located in some bad countries, making it one of the main issues why the tool was no longer a satisfying solution for our company. The tool is also quite heavy. In some cases, it is slow, making it not so comfortable to operate.

The tool is fine for the DLP features, especially when you are on an on-premises model with a data center. If you are on the cloud, I would not recommend it.

Purview and Forcepoint are almost the same, as both can be used to block, upload data, or send emails. Once something is blocked, you ask the security operations, who will start, to provide us with the document we can look at to see if it is legitimate or not.

The incident management process is not based directly on Forcepoint. Forcepoint is used to detect and block, but the response is not done inside of Forcepoint. It is done at the data level.

I rate the tool a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Forcepoint Data Loss Prevention
December 2024
Learn what your peers think about Forcepoint Data Loss Prevention. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Muhammad Ali Aziz - PeerSpot reviewer
Senior Manager Cyber Security Services & Solutions at Trillium
Vendor
Top 10
It supports huge deployments of more than 20,000 endpoints
Pros and Cons
  • "Forcepoint offers many policies that conform to global DLP best practices, including requirements specific to regions like the Middle East, Europe, etc. They have a policy database in their product. That feature is unique to Forcepoint. Their AI and fingerprinting are incredibly effective and robust. We have tested it multiple times. It always catches the correct data being leaked."
  • "They can improve a bit in the OCR category. The OCR deployment could be simplified. Right now, you have to set up a separate server to manage all the data going through the network, especially the images. Forcepoint could better integrate the OCR component with central management."

What is our primary use case?

We use Forcepoint for compliance, PCI DSS, and data protection at the network, endpoint, and data discovery levels.

What is most valuable?

Forcepoint has out-of-the-box rules and policies for PCI DSS and GDPR compliance. The compliance features are easy to deploy and implement. If your data is not classified, you need to do that first, but the functionality is out-of-the-box otherwise. 

Forcepoint offers many policies that conform to global DLP best practices, including requirements specific to regions like the Middle East, Europe, etc. They have a policy database in their product. That feature is unique to Forcepoint. Their AI and fingerprinting are incredibly effective and robust. We have tested it multiple times. It always catches the correct data being leaked.

What needs improvement?

They can improve a bit in the OCR category. The OCR deployment could be simplified. Right now, you have to set up a separate server to manage all the data going through the network, especially the images. Forcepoint could better integrate the OCR component with central management. 

Many customers ask how we will detect data in the OCR images. We must tell them that we'll deploy another machine to manage OCR. However, smaller enterprises have limited hardware. An enterprise can provide the necessary hardware but not the SMEs. This is a critical category because data can be leaked through images. 

I would also like Forcepoint to add support for AIX machines and databases. The solution still doesn't support certain machines like IBM AIX machines. Forcepoint typically supports QRadar integration, so maybe they can increase the work support on the server side.

For how long have I used the solution?

We have been using Forcepoint DLP for three years.

What do I think about the stability of the solution?

Forcepoint Data Loss Prevention is a stable product. We have had any serious issues on the client side. 

What do I think about the scalability of the solution?

Forcepoint supports huge deployments of more than 20,000 endpoints. You can scale up from hundreds to thousands. It's easy to scale by adding devices and increasing the hardware to support more systems in the same architecture or the same infrastructure. It covers everything, from clouds to networks and endpoints, Linux servers, Mac laptops, etc.

How are customer service and support?

I rate Forcepoint support eight out of 10. Their support is good, but not excellent. At the same time, their presales service is strong. Overall, their standard support is not bad. They try to resolve problems in time and usually ask relevant questions. They are knowledgeable, but you'll need to pay for a higher tier if you want faster response times and 24/7 support.  

How would you rate customer service and support?

Positive

How was the initial setup?

I rate Forcepoint 10 out of 10 for ease of setup. It's one of the simplest DLP solutions I've used. Symantec is more difficult than Forcepoint. Setting up Forcepoint is straightforward. 

They have an extensive knowledge base online, and the steps are well-defined in those documents. We have a console server called Forcepoint Management Center. We also need to deploy DLP agents a Protective Appliance on the network server. Forcepoint has extensive support for integrating with other vendors, so the setup is quite fast. We can integrate the product with any of the proxies available in the customer environment.

What's my experience with pricing, setup cost, and licensing?

I rate Forcepoint eight out of 10 for pricing. We have a different team that handles the pricing, quotes, and presales. I'm on the technical side, so I'm not sure about the cost.  Our customers tell us they prefer Forcepoint because of their market presence. It's also the leader on Gartner's Magic Quadrant and has high ratings on third-party platforms. They prefer Forcepoint. I don't believe the price is too high, but Forcepoint is a premium service and the cost is consistent with the product they are providing.

I'm referring to the price from a vendor perspective. When a customer asks us to provide this product to meet their budget, Forcepoint will cooperate with us and provide discounts. 

What other advice do I have?

I rate Forcepoint Data Loss Prevention 10 out of 10. It's the best product on the market. When our customers compare it with Symantec, McAfee, or Trend Micro, the response is extremely positive. The product is stable and scalable, and the licensing tiers are fairly simple. It's easy for us to explain to customers which features are available for each pricing tier. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator / Reseller
PeerSpot user
Edwin Eze-Osiago - PeerSpot reviewer
Regional Solutions Manager Sub Saharan Africa at Infodata Professional Services Limited
Real User
Top 5
Integrates well with third-party products and flexible
Pros and Cons
  • "Our organization's intellectual property is not misused or extracted without permission."
  • "I would like to see the product extended into the cloud as a single solution."

What is our primary use case?

The primary use for the product is to protect our intellectual property. Additionally, I use the product for compliance and regulatory purposes, which means ensuring that certain data is protected in accordance with regulations and standard policies. 

How has it helped my organization?

I have seen benefits, particularly in terms of increased confidence in compliance with data protection regulations. When it comes to external auditors, I am confident that they won't find any issues related to data protection. Additionally, it has increased my confidence that our organization's intellectual property is not misused or extracted without permission.

What is most valuable?

I like the product's integration at the network layer, which allows for integration with other vendors' security solutions as long as they are compatible with ICAP integration. For example, integrating DLP with web security or email security solutions. This flexibility is a valuable feature for me as it allows for more efficient use of the product, without necessarily requiring the use of all of Forcepoint's products.

What needs improvement?

I would like to see the product extended into the cloud as a single solution. It currently requires another product, the Cloud Access Security Brokers, to protect both on-premise and cloud data. I hope it can be consolidated into a single suite, offering protection for both On-Premise and cloud data, users on and off the corporate network, and users using corporate devices and BYOD. It would make the whole DLP process much more linear and efficient. I agree that moving to the cloud is the future and the present, and many people who use DLP have already made a move to the cloud.

For how long have I used the solution?

I have been using Forcepoint Data Loss Prevention for six years, and I am currently using the latest version, which is 10.0. 

I have used over eight versions in the past and kept up with the updates as they were released.

What do I think about the stability of the solution?

I would rate it a nine out of ten.

What do I think about the scalability of the solution?

I rate the scalability of Forcepoint DLP as a nine out of ten. It has a supplemental server feature that allows for easy scaling. As the number of users and data traffic increases, all that is needed is to add an additional supplemental server, which is not complex and only requires a Windows machine with minimal specifications.

Let's say you have 10,000 users and one management console or server with two supplemental servers. Your management server stays the same as your user base grows to 20,000. You don't need to increase your management server. All you need to do is add supplemental servers, and you're ready to handle the increased user base and traffic.

How was the initial setup?

Implementing Forcepoint DLP can be a bit complex, as it requires a DLP expert to help with the setup. However, day-to-day administration is quite user-friendly. We are currently using the on-Prem version of Forcepoint DLP as no cloud version is available yet.

What about the implementation team?

We are Forcepoint partners. So as much as we sell the products, we have the technical skill sets to implement the solution.

What's my experience with pricing, setup cost, and licensing?

The term "expensive" is relative. If the ROI is good, no matter the amount of money invested, it is a win-win. If the cost meets the demands or it meets what you set out to do, what you set out to achieve. Holistically, it's not the most expensive compared to its competitors.

Forcepoint is being fully transparent with its costs. There are no hidden costs or extra costs.

What other advice do I have?

Overall, I would rate it a ten out of ten.

If you are considering using Forcepoint DLP, it is miles ahead of its competitors in the realm of DLP. Forcepoint stands out as the clear leader when we compare pure DLP solutions. The closest competitor would be Symantec, but even they are miles behind in terms of capabilities. So, if you're looking for a top-performing DLP solution, Forcepoint is the way to go.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
AjitMatthew - PeerSpot reviewer
Principal. - Head - IT, Information Security and Admin at a consultancy with 201-500 employees
Real User
Top 5
Enables us to monitor file movement and stop exfiltration, but the reporting module is very slow
Pros and Cons
  • "One of the most valuable features is being able to see file movement, where files are going. Every week we review the files. It can identify software codes, so we code files and we know where they're going and who's doing what. It gives us visibility."
  • "I would like to see improvement in the reporting. We can only get one week's worth of data; we can't get more than that. Also, the reporting console is very slow, making it very frustrating to use."

What is our primary use case?

It's for DLP and to monitor and make sure that no key files are being sent out of the organization. It also helps in terms of tracking any abnormal behavior.

We have about 700 users and it's endpoint-based. We add an agent to the endpoints and it coordinates with the server.

How has it helped my organization?

With Forcepoint we found that one employee who left had taken some files, and we were able to stop it. And if somebody is under a notice period, we now monitor whether any files are about to go out. When they take something with them, we can see that. We can also identify any abnormal behaviors that are happening. A lot of times it happens that if somebody is about to leave, they try to take some information away with them. We catch that fast.

It also helps in terms of HR stuff because file movement can indicate people who are looking for jobs. We can see CV movements and it helps as an indicator of a dissatisfied employee. We can at least see the behavior and see if we can do something about it.

Before Forcepoint, we had data in terms of how many terabytes go in and out, but now we can specifically see what goes where.

What is most valuable?

One of the most valuable features is being able to see file movement, where files are going. Every week we review the files. It can identify software codes, so we code files and we know where they're going and who's doing what. It gives us visibility. It shows any key files, any strange behaviors, such as if somebody is taking too many screenshots, and alerts us about that.

What needs improvement?

I would like to see improvement in the reporting. We can only get one week's worth of data; we can't get more than that. Also, the reporting console is very slow, making it very frustrating to use. There are times when I open it up on a Monday and take a download, but it takes so much time. You can get busy with other things and come back and it's still hanging and you can almost forget about it. 

Also, the server goes down and we have raised tickets to resolve that. In the past two weeks, we've had to deal with that two or three times. It's been a little annoying lately.

For how long have I used the solution?

I have been using Forcepoint Data Loss Prevention for one year.

What do I think about the stability of the solution?

The system is stable, but as I mentioned, the reporting portion is very unstable. If I want to get reports out, it takes a long time. Sometimes the server is down, and I have to raise tickets. I have had problems there.

What do I think about the scalability of the solution?

The scalability is okay, there are no problems with that. We can add on more agents as we expand with more people. We haven't had any issues there.

How are customer service and support?

I would rate customer service at 8.5 out of 10. When we have problems with the system, they respond and they generally resolve things within half a day.

Which solution did I use previously and why did I switch?

This is our first solution of this kind.

How was the initial setup?

The initial setup was straightforward but setting up the rules was very complex. It is something where things don't actually work as we think they will work. It generated a lot of false positives in the beginning.

Our deployment took about a month.

Our strategy was to start with auditing first. We haven't actually moved to blocking yet. When we tried to move to blocking critical files, it ended up blocking some other people at work. There are some issues around that and we have had to be careful.

We let it run on its own. I look at the data in Forcepoint on a weekly basis, but we don't have any administration of it, per se. My IT team handles the deployment of new employees coming in, meaning the deployment of the Forcepoint agent on their laptop. That's about it in terms of admin.

What about the implementation team?

An integrator helped us, somebody who deals with Forcepoint products. There were no problems with that, although they were billing by time and the system is a little complex.

What was our ROI?

We have seen return on our investment because we're able to track our data. It's not so much an active return on investment, but more like an insurance policy. It prevents bad things from happening.

What's my experience with pricing, setup cost, and licensing?

The pricing is reasonable. That's why we went with Forcepoint. They were pretty competitive.

There are no additional costs, other than the cost for additional licenses that we have to pay for ad hoc.

Which other solutions did I evaluate?

It's not as easy as Zscaler to connect. To be very honest, I think Zscaler has a better product with a better interface, but the cost of Forcepoint is more attractive. That's why we went for it. We looked at McAfee as well. McAfee is a bit resource-heavy. 

Zscaler was very good. The interface was really good and it's easy to set up. Forcepoint is okay. I spoke to some other customers who used Forcepoint and they said, "Look, the interface is a bit complex, but it has everything in place."

What other advice do I have?

You need to put a lot of time and effort into Forcepoint, you need a dedicated team for it. You also need to have a data classification strategy firmly in place. You should classify your data before you get it. You also need to test your rules thoroughly before you implement them.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1598412 - PeerSpot reviewer
Management Executive at a security firm with 11-50 employees
Real User
Good interface, powerful OCR and data discovery capabilities, customizable
Pros and Cons
  • "The scalability is fantastic. One of the things that I like about Forcepoint is that I can customize the solution to suit my objectives."
  • "With respect to the discovery component, the reports are very hard to interpret because they come out in an illogical format."

What is our primary use case?

We are a solution provider and Forcepoint DLP is one of the products that we implement for our clients. We have Forcepoint DLP at one of the telcos and one of the things that we are trying to discover is information, across the organization, that is of a personal nature. We are using it to comply with POPI, which is the equivalent of GDPR in South Africa. We are also using it for PCI-DSS requirements. This discovery component works quite well with respect to the search.

How has it helped my organization?

When we deployed it for a bank, it proved highly efficient in terms of PCI compliance. It was very quick to pick up where people were divulging personal information regarding credit card holders. We then deployed very simple rules that we had customized, without the need for data classification.

Initially, if you were just doing PCI-DSS, because it's very limited information that you needed to protect, you could do it without data classification. This was good for an organization that had data to protect and wanted to comply with PCI-DSS, but had not done the data classification at that point.

The rules that we put into place were simple. For example, if more than two credit card numbers are being pushed out then block it, or first put it into monitoring mode and then block it.

What is most valuable?

One thing that I really like is that you can customize the rules. 

What needs improvement?

The challenges that we've had are related to deployment, especially around the discovery component, and with the local support that we receive in South Africa.

With respect to the discovery component, the reports are very hard to interpret because they come out in an illogical format. We forwarded the reports to our local support team, who were also unable to help me. Eventually, the problem went to the UK for that team to interpret the report.

Ultimately, my biggest challenge is the discovery component with respect to the reports, as good as it is in terms of the integrity, or the search. It is a question of how you translate technical reports into business language. We tried the cloud version, which is Forcepoint CASB, and we found the same thing.

The local support team is made up more of salespeople than engineers and as such, the support in South Africa can be improved.

For how long have I used the solution?

My experience with Forcepoint Data Loss Prevention goes back to 2005 when it was still called PortAuthority. The product has evolved massively since that time. I have deployed it and worked with it for different organizations at different locations.

What do I think about the stability of the solution?

Initially, it takes a little bit of processing but nothing to be too concerned about. Stability-wise, nothing has really annoyed us. 

What do I think about the scalability of the solution?

The scalability is fantastic. One of the things that I like about Forcepoint is that I can customize the solution to suit my objectives. For example, if I only wanted to prevent PCI then I could just go in and do that.

One of my clients has quite a large deployment, with approximately 30,000 users. They have plans to roll it out to the rest of Africa.

How are customer service and support?

Technical support from the UK is good. However, the experience of local support in South Africa is not at the level it should be. Most of the local staff are salespeople, as opposed to engineers. Support for the deployment of the product is seriously lacking.

In the UK, they were much more knowledgeable about the product, as well as the outputs and how to actually read them to make business sense out of them. It was much better than what we had in South Africa. Locally, they simply said that they didn't understand it. Most customers will shy away from products when the support is like this.

Because they answer the phone, I would rate the local support a two out of ten. The European support was better, so I would rate them a five out of ten. There were delays in their response but I'm not sure if it was related to the difference in time, or it was part of the ticket escalation process.

Which solution did I use previously and why did I switch?

One of our clients was using the Symantec solution prior to Forcepoint. We convinced them to switch because Symantec does not have a great presence in South Africa and support was an issue.

They had been using it for quite a long time and had not seen the necessary return on investment. With the new legislation, it was time for them to change to something that was more practical, and more user-friendly. The product works great now.

How was the initial setup?

The implementation is not as easy as people make it out to be. Once you get it right, the product is fine, but this requires understanding it and getting the proper training. A novice that has begun to work with the tool can find it quite difficult to implement if they don't have a good understanding of the product, and do not have the right support.

For example, in one organization it took us about three months to implement it, whereas it should have taken about a month.

Our clients have hybrid deployments, where they are part on-premises and part cloud. The choice of cloud provider is made by the client but they either choose Microsoft Azure or AWS.

The implementation strategy that we use varies depending on the client. For example, at the bank, we wanted to prevent data breaches, especially with credit card information, and ensure compliance. Therefore, our strategy was focused on just the PCI requirements so that we could take reasonable measures to protect the organization. Essentially, we wanted to go from zero to hero quite quickly. That was possible because of the flexibility and agility of the product.

When it came to the telco, it was a completely different strategy. It was a long-term strategy in terms of protection of personal information and preventing it from being divulged without authority to would-be criminals.

When we deployed it, we literally had to look at the requirements and configure it from a POPI perspective. In this regard, the deployment was skewed toward personal information breaches.

What about the implementation team?

We worked with a local reseller, Performanta.

Their skills were meant to be the best in the country but it left a lot to be desired. We had to use the UK offices and that's a challenge with most of the organizations in South Africa. With big vendors, South Africa is a small market, so the investment in South Africa is not what it should be. Understanding, managing, and integrating products needs to be improved, in general.

For deployment, there were eight of us in total. Two were engineers, there were four analysts because we had to write the business rules and document them, there was a project manager and a few others.

Maintenance is being done by the client, in-house. They have two engineers that are responsible for it, and they have purchased support from the local providers.

What was our ROI?

My clients are seeing ROI because the privacy office is quite comfortable now that they've done everything reasonable to meet the compliance requirements. There is a level of assurance provided by the DLP solution.

What's my experience with pricing, setup cost, and licensing?

In terms of pricing, it is good for a corporation but they do not cater to small to medium businesses. They have to look at a different pricing structure for small to medium-sized enterprises because the cost is too high.

This is compounded for the African market because of the exchange rate. One dollar is equal to approximately 15 rands and if you were to multiply that by the price of the product, it becomes quite costly.

There are no costs in addition to the standard licensing feed, although you still need to understand the operational impact that it has on an organization from a resource perspective. That needs to be factored into the total cost of ownership.

Which other solutions did I evaluate?

We compared Forcepoint with NetSkope to assess its reporting capabilities and we found that the NetSkope report was very easy to translate, understand, and explain to a business. Forcepoint was instead very cumbersome, unstructured, and illogical. It required an expert to actually interpret the report, which is something that you don't want.

We have also looked at the McAfee product, as well as the one from Microsoft. At that stage, the solution from Microsoft was a little immature and I have not looked at it since. Forcepoint was the leader when we implemented it for our clients.

Comparing Forcepoint to the other products in general, the data discovery capability was great, except for the interpretation of the report. The OCR capabilities were also good for us because it's a telco and they have a lot of paper going through. 

What other advice do I have?

The tool works great but they don't talk about the operationalization of the tool from a process perspective. When people sell DLP solutions, they talk about the efficiency of the tool, but they don't talk about the impact that it has on an organization from a resource perspective.

You would need a team to analyze all of the exceptions that you have, like the way they do in a SOC, where you have analysts looking at the incident. They analyze and investigate it, and then determine whether it is positive or negative and something that we have to be worried about. For example, our organization had approximately 70,000 end-users, who were employees. There is quite a large amount of data that is transferred across our network.

In our case, if a person is sending more than one credit card credential out of the bank, it was flagged. If it was more than one, you had to have a whole backend process where the analyst had to look at it, then perhaps ask the person why they were sending out this information.

When we were first looking at this product, there was nobody who informed the customer as to the complete ecosystem that would be required to have an effective DLP solution in play.

My advice for anybody who is looking at Forcepoint is that they need to understand what it is that they are trying to prevent. You cannot be totally dependent on the tool to do everything. This is not a criticism of Forcepoint but rather, a criticism of the way it's sold. The product will do what it's built to do. But, if you're expecting it to automatically manage the incident, then it cannot do everything. It can block, it can monitor, and it can create alerts, but you still need your analysts. For most CSOs or IT managers that are looking to deploy, they must factor in the practical implications of operationalizing it. They need to have a process in place. They need to have an escalation process in place, and they need to have resources like analysts to actually look at the exception reports.

This is an effective data leakage solution, it does what it's meant to be doing, and the interfaces are great. The biggest lesson that I have learned from using it is to understand the total cost of ownership.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Hassan Moussafir - PeerSpot reviewer
Information Security Senior Expert at Wafaassurance
Real User
Top 20
An industry leader providing excellent sensitive data protection that's very stable
Pros and Cons
  • "The solution offers very good sensitive data protection."
  • "It would be wonderful if the solution could develop more AI and machine learning capabilities. It would also be good if the solution was able to integrate with other ML and AI solutions. Right now, this is lacking."

What is our primary use case?

We use the solution for processing our sensitive data which is strategic data and strategic information exchanged between our top management personnel. 

The purpose was to acquire the solution to protect us from incidents involving the sensitive data from our group getting taken. This happened previously, where data was taken from us and given to another competitor. There was another leak as well and since then we've tried to carefully guard our data and implemented, for example, Apple Mail to protect our mail from third parties.

What is most valuable?

The product is interesting. It meets our needs very well. It's the best solution when compared to Symantec, for example. We have both ForcePoint and Gartner as well and it's a leader among similar solutions.

The solution offers very good sensitive data protection.

The solution is excellent at protecting strategic information. I deployed it when I was working in the petrol industry for an oil and gas group. It was the biggest one in Morocco. We held important information about critical activities, including providing gas and oxygen for the hospital. We were considered critical IT and we had to comply with the operative elective and the law. DLP helped us to protect our data and we improved our safety in order to comply with the law and existing regulations.

What needs improvement?

It would be wonderful if the solution could develop more AI and machine learning capabilities. It would also be good if the solution was able to integrate with other ML and AI solutions. Right now, this is lacking.

For how long have I used the solution?

We started working with Forcepoint DLP three years ago. 

What do I think about the stability of the solution?

The solution is stable enough.

What do I think about the scalability of the solution?

The solution easily scales. We are able to expand it as needed.

How are customer service and technical support?

Technical support was good. 

Which solution did I use previously and why did I switch?

The is the first type of solution in this category that we have used.

How was the initial setup?

In terms of implementing the solution, it's not easy and not complex. It's average. The deployment's level of difficulty is average as well. You just need to have the prerequisites satisfied. 

I appreciate their support because their support was with us to assist us until we deployed the two instances in our infrastructure.

I was the CISO, the Chief Information Security Officer of the company, at the time. My scope was to assist and to manage the project from the start to the close. I worked with the operational security to deploy it.

My scope was to cover governance. For example, elaborating on the policy for classification. It was a prerequisite to define the policy target in the DLP and to organize or to plan for the workshop with the strategic and sensitive entities in our group. I made sure they tried the solution and integrated the entities into the pilot side as well. 

What about the implementation team?

The solution's support assisted us throughout the deployment process.

What other advice do I have?

We were on Office 365 on the cloud. It wasn't enough. Since then, we've described our policy to Apple Mail and have elaborated out information classification. Afterward, we invited the business and the strategic entity to workshops to classify the data effectively and try the solution after implementing the DLP.

We use a hybrid deployment model and acquired the solution with the hybrid functionality to help protect our sensitive data in the inter-managed hybrid space.

The solution has been good, and it has responded to our needs. As a group, we were afraid of the safety around our sensitive data which was exchanged in our mail. We had an obligation to protect the data classified as confidential or restricted. The solution, since implementation, has helped us to protect our data and mitigate risk effectively.

ForcePoint also offers a bundle that includes modules that cover URL filtering and app data for other DLPs. It's very good.

Based on my experience, I advise any other organizations to test, try, and to be convinced by the solution before fully implementing it. Users will need to define exactly what it is they need from it and what their exact needs are to effectively deploy it. I think every user will appreciate that solution. 

We've experienced a lot of cyberattacks, so the DLP is necessary for us and would be beneficial to any company that has critical activities or has staff that exchanges sensitive data.

I'd rate the solution nine out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
ITMgr3546 - PeerSpot reviewer
IT Manager at a government with 10,001+ employees
Real User
Easy to configure and offers good support
Pros and Cons
  • "The ease of configuration was probably one of its biggest selling points."
  • "I can't push a report by a certain organizational entity or unit without a lot of work. The reporting could be better."

What is our primary use case?

We use Forcepoint primarily for data loss prevention and detection.

What is most valuable?

The ease of configuration was probably one of its biggest selling points. I know that we took a long time to get it configured properly but it just takes a while. It's a big tool and it does a lot of work.

What needs improvement?

I don't know where they are going as an organization vendor, because my job ends the moment its implemented, so I would go onto other things.

If I were a betting man, though, I would say that they're going to have to find a way of creating what we call multitenancy, because if for example we have a constituency group set of users who don't work for the department and they contract out, then our work with them is highly sensitive. Being able to separate in segment amounts separately from our core would help. We could use better ways of customer or users segmentation capabilities.

For example, if I wanted to push a report by a certain organizational entity or unit, I wouldn't be able to do that without a lot of work. The reporting could be better.

For how long have I used the solution?

We've been using Forcepoint for about 18 months.

What do I think about the stability of the solution?

I think it's going to be hard to beat if they ever decide to replace it. Forcepoint is a pretty good product, we're all pleased with it.

What do I think about the scalability of the solution?

I think it is pretty scalable, at least to the point that we've deployed it to.

We have a workforce of 1,300, of which we have deployed to approximately 800. We also have another set of users who don't work for the department but are contracted out through our agents and sub-agents and they handle the vehicles. We have not deployed to their devices yet, so we have both endpoint and central server data loss prevention technology in place.

We can tell you where anybody went, when they went, how they went, and what they used to get there.

Everybody uses it whether they know it or not, we put out reports monthly on what we call PII information (Personally Identifiable Information). If you know anything about data loss prevention and detection, anytime someone hits a website or even tries to go on, it's logged and captured and we know who went where and what they did, we know what files they looked at and what files they sent, so more power to you. If you want to try something go for it.

We have a CISO, six ISOs (information security officers) or analysts, and over fifteen field service personnel who can work with it. We are pretty broad that way and deep. We have got quite a number of people. Our ISO team itself is comprised of six individuals, a CISO and five analysts.

Security doesn't stop, nor does the pervasiveness of data and its ubiquitous nature. Here at this organization, we don't stop security. We expand it to cover other avenues or channels that come into play. We cover other data structures that are created when another solution takes off. We don't stop simply because it is implemented. It's an ongoing tailored activity we do all the time.

We have six people whose job is just this. Just like technology, we have to stay with it. You can't just throw it up and forget about it. It grows and the rules and policies need to be modified. What people need to remember is that public service is at the whim and fancy of our constituency groups. We report to the legislator, the governor's office, and the citizens of the state. As such, when we put in a system, it has to comply not only with federal regulations but also with state legislators' intent, as well as the governor's office. That is the difference and that is why we take security really personally here.

How are customer service and technical support?

I have heard good things of the support that Forcepoint gives us, so I would have to say that its good.

I don't work with the product directly but I am very well attuned to what they are doing.

Which solution did I use previously and why did I switch?

I don't believe that we had a DLP in place prior to now.

We had security, but two and a half years ago our agency set out to really step up its information security program.

During that time we have made major investments, in process, like data classification, security concerns, risk assessments, risk management, etc. We do this for a living, so it is important to us.

There were products out there for data loss prevention technology, but we didn't believe that they had yet achieved the maturity that they have today, so it would have been premature to pull something in sooner.

The marketing in and of itself is growing, expanding, and changing. Wait until you get ready to do business intelligence and artificial intelligence and try to secure that when it can bypass you on its own. Give learning machines enough instructions and they will figure a way out.

How was the initial setup?

To the best of my knowledge, the initial setup was pretty straightforward. We also had quite a bit of coaching that was done for us by the vendor.

What about the implementation team?

We are still working on deployment. It's going to take two to two and a half years. 

It all depends on the political climate that we're in. We are not a normal state agency. We do not have one constituency group, we have multiple constituency groups. We license vehicles, drivers, and professionals, such as lawyers, attorneys, landscapers, architects, etc.

In addition to all of that, we also have a lot of partnerships with law enforcement agencies, courts, lawyers, and insurance companies, so we do a lot of highly technical security programming here. 

We don't just throw it out. We are methodical in how we do this.

We didn't use an integrator reseller or consultant for the deployment. We are doing it our selves.

What other advice do I have?

If I were to give some advice, I would say don't try to do it all at once, it won't work. Know that you're going to go. It's different from building line-of-business solutions. Whereas from a line-of-business solution you work from the outside in, with security programs you work from the inside out. You have to get your data governance in place, as well as information security governance. You need to assign who will be responsible. Decide who to send information to if something does happen. All that has to happen before you begin trying to bring in a system.

You have to know your organization well enough to be able to configure a product to make effective use of it. Don't do it unless you have the guts to do it.

I would rate this solution as eight out of ten. There are better solutions, but this was better when it came out. When it did come out, this was the best solution we could find. At the same time, I don't know if I would rate anything else higher than that now, either. Every security tool that we have seen has pluses and minuses, advantages and disadvantages.

Another reason we didn't go with the IQ or any management type of component is the deconstruction and the reconstruction of existing security roles. The biggest problem information security has today is the decoupling and deconstruction of active directory designated accounts which for all practical purposes were based on functionality. One role can have multiple pieces of functionality associated with it, so going to a role-based type of solution muddies the waters.

The vernacular needs to change to be more adaptable if they're gonna put out the configuration types of solutions.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Forcepoint Data Loss Prevention Report and get advice and tips from experienced pros sharing their opinions.
Updated: December 2024
Product Categories
Data Loss Prevention (DLP)
Buyer's Guide
Download our free Forcepoint Data Loss Prevention Report and get advice and tips from experienced pros sharing their opinions.