Forcepoint Data Loss Prevention Reviews

We use the solution for processing our sensitive data which is strategic data and strategic information exchanged between our top management personnel. 

The purpose was to acquire the solution to protect us from incidents involving the sensitive data from our group getting taken. This happened previously, where data was taken from us and given to another competitor. There was another leak as well and since then we've tried to carefully guard our data and implemented, for example, Apple Mail to protect our mail from third parties.

The product is interesting. It meets our needs very well. It's the best solution when compared to Symantec, for example. We have both ForcePoint and Gartner as well and it's a leader among similar solutions.

The solution offers very good sensitive data protection.

The solution is excellent at protecting strategic information. I deployed it when I was working in the petrol industry for an oil and gas group. It was the biggest one in Morocco. We held important information about critical activities, including providing gas and oxygen for the hospital. We were considered critical IT and we had to comply with the operative elective and the law. DLP helped us to protect our data and we improved our safety in order to comply with the law and existing regulations.

It would be wonderful if the solution could develop more AI and machine learning capabilities. It would also be good if the solution was able to integrate with other ML and AI solutions. Right now, this is lacking.

We started working with Forcepoint DLP three years ago. 

The solution is stable enough.

The solution easily scales. We are able to expand it as needed.

Technical support was good. 

The is the first type of solution in this category that we have used.

In terms of implementing the solution, it's not easy and not complex. It's average. The deployment's level of difficulty is average as well. You just need to have the prerequisites satisfied. 

I appreciate their support because their support was with us to assist us until we deployed the two instances in our infrastructure.

I was the CISO, the Chief Information Security Officer of the company, at the time. My scope was to assist and to manage the project from the start to the close. I worked with the operational security to deploy it.

My scope was to cover governance. For example, elaborating on the policy for classification. It was a prerequisite to define the policy target in the DLP and to organize or to plan for the workshop with the strategic and sensitive entities in our group. I made sure they tried the solution and integrated the entities into the pilot side as well. 

The solution's support assisted us throughout the deployment process.

We were on Office 365 on the cloud. It wasn't enough. Since then, we've described our policy to Apple Mail and have elaborated out information classification. Afterward, we invited the business and the strategic entity to workshops to classify the data effectively and try the solution after implementing the DLP.

We use a hybrid deployment model and acquired the solution with the hybrid functionality to help protect our sensitive data in the inter-managed hybrid space.

The solution has been good, and it has responded to our needs. As a group, we were afraid of the safety around our sensitive data which was exchanged in our mail. We had an obligation to protect the data classified as confidential or restricted. The solution, since implementation, has helped us to protect our data and mitigate risk effectively.

ForcePoint also offers a bundle that includes modules that cover URL filtering and app data for other DLPs. It's very good.

Based on my experience, I advise any other organizations to test, try, and to be convinced by the solution before fully implementing it. Users will need to define exactly what it is they need from it and what their exact needs are to effectively deploy it. I think every user will appreciate that solution. 

We've experienced a lot of cyberattacks, so the DLP is necessary for us and would be beneficial to any company that has critical activities or has staff that exchanges sensitive data.

I'd rate the solution nine out of ten.

We use Forcepoint primarily for data loss prevention and detection.

The ease of configuration was probably one of its biggest selling points. I know that we took a long time to get it configured properly but it just takes a while. It's a big tool and it does a lot of work.

I don't know where they are going as an organization vendor, because my job ends the moment its implemented, so I would go onto other things.

If I were a betting man, though, I would say that they're going to have to find a way of creating what we call multitenancy, because if for example we have a constituency group set of users who don't work for the department and they contract out, then our work with them is highly sensitive. Being able to separate in segment amounts separately from our core would help. We could use better ways of customer or users segmentation capabilities.

For example, if I wanted to push a report by a certain organizational entity or unit, I wouldn't be able to do that without a lot of work. The reporting could be better.

I think it's going to be hard to beat if they ever decide to replace it. Forcepoint is a pretty good product, we're all pleased with it.

I think it is pretty scalable, at least to the point that we've deployed it to.

We have a workforce of 1,300, of which we have deployed to approximately 800. We also have another set of users who don't work for the department but are contracted out through our agents and sub-agents and they handle the vehicles. We have not deployed to their devices yet, so we have both endpoint and central server data loss prevention technology in place.

We can tell you where anybody went, when they went, how they went, and what they used to get there.

Everybody uses it whether they know it or not, we put out reports monthly on what we call PII information (Personally Identifiable Information). If you know anything about data loss prevention and detection, anytime someone hits a website or even tries to go on, it's logged and captured and we know who went where and what they did, we know what files they looked at and what files they sent, so more power to you. If you want to try something go for it.

We have a CISO, six ISOs (information security officers) or analysts, and over fifteen field service personnel who can work with it. We are pretty broad that way and deep. We have got quite a number of people. Our ISO team itself is comprised of six individuals, a CISO and five analysts.

Security doesn't stop, nor does the pervasiveness of data and its ubiquitous nature. Here at this organization, we don't stop security. We expand it to cover other avenues or channels that come into play. We cover other data structures that are created when another solution takes off. We don't stop simply because it is implemented. It's an ongoing tailored activity we do all the time.

We have six people whose job is just this. Just like technology, we have to stay with it. You can't just throw it up and forget about it. It grows and the rules and policies need to be modified. What people need to remember is that public service is at the whim and fancy of our constituency groups. We report to the legislator, the governor's office, and the citizens of the state. As such, when we put in a system, it has to comply not only with federal regulations but also with state legislators' intent, as well as the governor's office. That is the difference and that is why we take security really personally here.

I have heard good things of the support that Forcepoint gives us, so I would have to say that its good.

I don't work with the product directly but I am very well attuned to what they are doing.

I don't believe that we had a DLP in place prior to now.

We had security, but two and a half years ago our agency set out to really step up its information security program.

During that time we have made major investments, in process, like data classification, security concerns, risk assessments, risk management, etc. We do this for a living, so it is important to us.

There were products out there for data loss prevention technology, but we didn't believe that they had yet achieved the maturity that they have today, so it would have been premature to pull something in sooner.

The marketing in and of itself is growing, expanding, and changing. Wait until you get ready to do business intelligence and artificial intelligence and try to secure that when it can bypass you on its own. Give learning machines enough instructions and they will figure a way out.

To the best of my knowledge, the initial setup was pretty straightforward. We also had quite a bit of coaching that was done for us by the vendor.

We are still working on deployment. It's going to take two to two and a half years. 

It all depends on the political climate that we're in. We are not a normal state agency. We do not have one constituency group, we have multiple constituency groups. We license vehicles, drivers, and professionals, such as lawyers, attorneys, landscapers, architects, etc.

In addition to all of that, we also have a lot of partnerships with law enforcement agencies, courts, lawyers, and insurance companies, so we do a lot of highly technical security programming here. 

We don't just throw it out. We are methodical in how we do this.

We didn't use an integrator reseller or consultant for the deployment. We are doing it our selves.

If I were to give some advice, I would say don't try to do it all at once, it won't work. Know that you're going to go. It's different from building line-of-business solutions. Whereas from a line-of-business solution you work from the outside in, with security programs you work from the inside out. You have to get your data governance in place, as well as information security governance. You need to assign who will be responsible. Decide who to send information to if something does happen. All that has to happen before you begin trying to bring in a system.

You have to know your organization well enough to be able to configure a product to make effective use of it. Don't do it unless you have the guts to do it.

I would rate this solution as eight out of ten. There are better solutions, but this was better when it came out. When it did come out, this was the best solution we could find. At the same time, I don't know if I would rate anything else higher than that now, either. Every security tool that we have seen has pluses and minuses, advantages and disadvantages.

Another reason we didn't go with the IQ or any management type of component is the deconstruction and the reconstruction of existing security roles. The biggest problem information security has today is the decoupling and deconstruction of active directory designated accounts which for all practical purposes were based on functionality. One role can have multiple pieces of functionality associated with it, so going to a role-based type of solution muddies the waters.

The vernacular needs to change to be more adaptable if they're gonna put out the configuration types of solutions.

The solution helps with data loss prevention. It helps to prevent the loss of customer information in the environment.

The solution’s content classification is the best.

The tool needs to integrate data classification.

I have been using Forcepoint for three years.

I would rate the tool’s stability an eight out of ten. The product is stable.

I would rate the solution’s scalability an eight out of ten. The tool is scalable but it depends on the customer using it. Our company has around 80-90 customers for the solution.

The setup is not complex and it will take around two to three hours for deployment to complete.

I would rate the tool a nine out of ten. I would recommend the solution as a digital guardian.

The primary use case is to protect sensitive data going out of the organization and helping the team to manage the incidents to create few to no false-positive incidents. 

Mac users can use Forcepoint DLP without any problem. They can create user-defined policies rather than using pre-defined ones. Using the fingerprinting policy can safeguard any data kept on a particular drive. We're using OCR to protect data being sent out through images implementing discovery policies to check if any particular file is been shared.  

The Forcepoint DLP is such a useful tool for organizations as it protects sensitive data with multiple kinds of functionality such as OCR and an analytics engine (which helps determine if any sensitive data is in danger of policy violations). It's easy to determine the incidents that have been triggered. This has helped to identify what sensitive data has been shared. The only part where it didn't work so well is during agent upgrading. If we automatically try to upgrade the agent it causes a lot of problems.

With OCR and Risk Analysis, we are able to determine if anything sensitive is been shared. OCR helps us to safeguard those things and with risk ranking, we can determine which user is trying to violate policies multiple times even though they have been blocked to him or her. It does require additional servers, as the processing and result of the incident is high, however, it's worth using to see all the use cases being met with these two features as well. They are the best features provided by Forcepoint.

The feature which needs improvement is the Forcepoint agent upgrading. When you automatically try to upgrade the agent it causes problems. For example, the system starts to behave abnormally or the agent is unable to communicate with the policy engine. If we try to upgrade to new version with the old version running, sometimes it works without any issue, but sometimes it causes a lot of issues and it gets disconnected from the DLP servers. 

You can see incidents via delays on the console even if the agent is properly installed and connected with the proper policy updates.

I've used the solution for two years.

For our clients, the use of Forcepoint Data Loss Prevention is to protect their data through web endpoints.

Endpoint security and DLP are the features I have found to be the most valuable ones in the solution.

The solution's interface is still not user-friendly for some customers. So, its interface can be better.

We have a partnership with Forcepoint. Also, we are selling Forcepoint Data Loss Prevention. Basically, we are resellers. I have been working with this solution for the last two to three years. I have been using the latest version of the solution. Currently, my colleagues are using the solution.

Stability-wise, I rate this solution an eight out of ten.

Scalability-wise, I rate this solution a nine out of ten. We serve enterprise-level customers.

I rate the technical support of the solution to be an eight out of ten.

Positive

I rate the initial setup of the solution nine out of ten. The solution's deployment time depends on the customers' requirements. It also depends on the environment of the customers. If the customers have a deployment tool, the deployment will be done quickly. Else, it will take some time. To deploy the solution, we provide the customers with a technician to assist them. After that, the customer is responsible for taking care of the people they need for any additional assistance.

We do not handle pricing ourselves. Our pre-sales and sales teams are responsible for pricing. After deployment, the engineer involved in the deployment also assists with pricing.

From one to ten, where one is low, and ten is high, I rate the solution's pricing to be an eight.

Also, there are some costs in addition to the standard licensing fees.

Its availability as an on-premises solution is something that I like most about the product. Overall, I rate this solution a nine out of ten.

In most of the banks that my company has implemented the tool, we have EMI and credit card information, and they don't want it to go outside the bank. It is also used to prevent company and other financial information.

There is a feature in the product that I use the bank with which it is really easy to capture any data leakages.

The main area of concern is the tool's technical support. I would suggest the technical engineers reply to users as soon as possible since it usually takes them some time to respond.

I have been using Forcepoint Data Loss Prevention for six months. My company functions as a distributor of the tool.

I would suggest that the tool's interface or UI needs to be redesigned since it is a bit outdated. The UI needs to be redesigned for the tool's productive working.

For scalability, we just have to deploy the agent, and we can push it through a CCM tool or something like that to manage it, making it an easy process.

I rate the technical support a five or six out of ten.

Neutral

The product's configuration phase is easy.

Less than two people can deploy the solution.

The solution can be deployed in less than an hour.

Cost-saving is possible with the tool. The tool has saved time and costs.

I don't actually know about prices. I am the technical support engineer of the tool.

The real-time analytics feature is good, and the tool is really easy to use. I have no concerns regarding the tool.

It is easy to integrate the product with other solutions like SIEM solutions. We have multiple products that we have integrated with Forcepoint Data Loss Prevention, including Microsoft.

I have only used the machine learning part of the tool, which is easy to use.

I recommend the tool to others.

I rate the tool an eight out of ten.

Forcepoint DLP is a part of a data protection program. A customer will rely on a main DLP and use a complementary tool, in addition to the DLP, such as a data classification solution like Boldon James or Microsoft Information Protection. They will also complement the solution with a rights management solution like Microsoft Rights Management. Forcepoint is part of a big portfolio for data protection.

We deploy the solution at customer sites. Most of our customers are in two sectors, financial and telecom. All of our deployments are on-prem.

Among the most valuable features are the

• network DLP, which has two components 
• DLP agent installed on endpoints
• discovery, as it covers the endpoints and shared folders on servers. 

These features are important for control. A main part of DLP is its use as a tool that provides different layers of controls.

The Forcepoint tool is well developed. It is ranked in many evaluations at the top when it comes to enterprise DLP solutions. It has good artificial intelligence that enables our customers to focus on specific incidents, instead of having a complicated list of uncategorized incidents.

There is room for improvement regarding OCR. I would like to see it enhanced to handle multiple languages and it should be easier to manage.

There are also options that could be handled smartly in the tool, like the way a web data source is handled. It would be good if any downloaded document could have the same policy.

I've been using Forcepoint Data Loss Prevention for three years. We are not regular users, we are admin. We provide the solution for our customers.

The stability is good. Issues are generally related to the agent. Whenever the agent is stable, the solution is stable. Whenever there are issues, it is common for them to be connected to the agent, making the solution unstable. Based on our experience, the stability has not been very good, but it has also not been bad.

We have implemented the solution on anywhere between 1,000 and 10,000 endpoints.

We get good feedback regarding the support. They respond well and provide support whenever required. They are aware of their product in a professional way. And whenever we escalate to the highest level, we get to a suitable person who can provide us with what we require.

One thing that could be improved is that escalation could be done faster.

Neutral

I have seen Forcepoint replace Symantec or McAfee in some cases. I haven't seen any cases where a client wants to replace Forcepoint.

A mandatory process that should be done before implementing the tool is a data classification analysis and the setting of a policy for data classification. These processes are done through an analysis session with different departments. The session includes teaching them about data classification policies and getting information from them regarding the data that needs to be protected and the recommended classification level that data should have.

We then deploy the server-side in the data center and start installing a sample agent. We test this agent and we test sample policies to ensure everything is okay on the sample agent. Finally, we do a full deployment.

Maintenance, post-deployment, involves making sure the solution is updated to the latest version. It has different components, and each component should be updated to the appropriate version. The same goes for the agents on the computers. The configuration should be reviewed and maintained over time, as well. One person is enough to maintain a Forcepoint instance.

As a partner, we have seen ROI with Forcepoint. We cover our costs through licenses, implementation services, and SLAs in which we support our customers and help resolve their issues whenever they want to open cases or adjust configuration.

They are flexible regarding the pricing and they have a good model for an OEM data classification tool. This makes for good pricing. Forcepoint has been one of the most competitively priced products over the last few years.

Overall, Forcepoint has good strategy and development. It is stable and has not changed as a company for a long time. It is focused on a specific solution and that makes for a good portfolio.

We use it mostly for endpoint protection of PCI information, as well as PII, such as social security numbers.

We have a hybrid system, in that we utilize the cloud as well as our on-premises appliances. Depending on where the customer is, if they're on-premises or if they're working from home or elsewhere, we have that covered with the hybrid solution. Forcepoint has its product available in the cloud and we use the on-premises side when the data is going through the appliances.

The greatest benefit is the detection, detecting either accidental or unauthorized transmission of certain kinds of PCI or PII data that we prohibit. It's very useful to get that from alerts. We can also block them outright, depending on what threshold we have set. That's the most useful thing about DLP, that it prevents unauthorized usage of that kind of data.

Some of the built-in rules, templates, and content classifiers are among the most valuable features. Some of the built-in patterns are good places to get started with. Along with the phrases, they are helpful in putting together policies and fine-tuning our policies. A good example of that would be certain kinds of credit card data. They have a lot of algorithms available to fine-tune what exactly you're looking for, whether it be credit cards from Mexico, or US credit cards, et cetera. They have a good database of those types of predefined algorithms, ways to detect things, and the specific information you're looking for.

These features are valuable because they work and seem to be picking up the right data. They seem accurate. It's also convenient to be able to choose them and not have to figure it out myself or create my own. That goes a long way toward fine-tuning our policies.

The user-friendliness of the interface in formulating DLP policies could be improved. An example would be managing policies. It's a little daunting at first, and can be confusing, at times, when it comes to how to set things up and how to add policies. They could improve on that.

Overall, I would like to see them modernize. I'm on version 8.5, so there are newer versions out. They may have done that already. I'd have to demo the newer versions.

We're planning on upgrading this year to 8.6. I believe that in going to 8.6, we will be gaining some additional features. The newer versions will have better detection capabilities with improvement to their algorithms.

I have been using Forcepoint Data Loss Prevention for about five years or six years.

The on-premises solution has high availability. The appliances that we've used are very stable. They just keep running. We have had very few issues with the appliances in terms of failure. In those situations, they were more on the hardware side. They just needed a reboot and that fixed things. Overall, the stability is good for on-premises. 

In terms of the cloud side, availability doesn't come into play as much because we don't change policies that often. We don't modify the policies on a day-to-day basis. We might modify a policy once a week or once every month, at the most. The client or endpoint really just needs to receive that update once, and it's pretty much good to go. So we're not relying too much on the cloud availability, except for that initial update for each endpoint. The cloud availability is going to be more relevant on the web side of the product, where you're going to want continual web access, filtering, et cetera.

One feature that I'm getting ready to take advantage of more is the ability to add more data crawlers to the DLP on-prem environment, without any extra Forcepoint costs or licensing needed for that additional data server. That will help in reducing the stress on the data server that we're using now. It will help manage all the policies, the clients that connect to it, and all of the network discovery tasks, especially. They will all be handled much more efficiently when we spread the load. We're looking to add an extra one or two Windows Servers for that, so the additional cost would just be related to the Windows setup.

Forcepoint's technical support for the solution is excellent. The technicians that I have dealt with have been with their company for a long time and they know their product inside and out.

There has been no other similar solution here, as long as I have been with the company. I started off with a sister company, and they actually used a very early version of Websense, which is what Forcepoint used to be called before it became Forcepoint. That means we have never used a competing vendor.

I was not involved in the initial deployment, but we've had it ever since I've been on the team here. I've been managing it ever since. I was there for the initial deployment in one of our sister companies. It wasn't anything unusually difficult. It just required installing some hardware and getting all the firewall rules worked out. Once you get all that in place, everything usually works pretty well. That's been my experience, even with upgrades. Most of the time our issues have been firewall blocks within our own company. That's usually the biggest hurdle, overcoming our firewall-related issues.

We use it on about 5,000 endpoints and we have two people who administer  it. They're both information security analysts.

I don't have ROI numbers. I base everything on: "Am I getting the support that I need?" And the answer is "yes."

We have never looked at other solutions at a PoC level.

What I can recommend is getting the highest tier of support that you can afford, because it's absolutely critical. I don't know how I would do everything if I had to submit a request and wait several days for it. I don't know how I would keep things going in that situation. With a higher level of support you can call someone and you also have someone who is managing your account. That's also really nice, because you get some extra benefits out of that.

I'm very satisfied and would rate it at nine out of 10.