Forcepoint Data Loss Prevention Reviews

We use this product to ensure that our intellectual property is protected. DLP gives us control over IPs and company-sensitive data. It also helps us ensure compliance with global policies and industrial policies like CISS, personally identifiable information, and all sorts of data. 

Forcepoint has a unique fingerprinting technology. We set a policy and as soon as a document goes into the repository, the policy applies. When I receive a document from my MD and want it to remain within the organization, I move it into a repository and it's viewed as sensitive. It's an efficient way to ensure that documents are safe. DLP ensures that data doesn't flow out. 

I would also add that the predefining feature is a very simple process. You pick your industry, add the email, choose your country, populate the type of policies that suit your region, and your industry, and then you can choose what to block and what to allow. 

In general, Forcepoint is miles ahead of its competitors. The closest similar solution would be Symantec, but they're still miles behind.

Currently DLP is an on-prem product and the cloud version is an add-on. I'd like to see DLP as a cloud or hybrid option so we can deploy it as a full cloud solution or on-prem as we choose. I hope they're looking in that direction, it would make a huge difference.

Most of my customers are looking for the ability to control or shut down the USB port devices so that content coming out of the port is blocked. Forcepoint added it to the DUP add-on. McAfee DLP has that feature and most of our customers requesting this have moved from McAfee and want it in Forcepoint DLP.

I've been using this solution for five years. 

The solution is stable. It's been around for a while and has never needed a patch or hub fix. 

The solution is scalable, we currently have 2,600 users. 

If I have all the prerequisites, all the firewalls open and everything, I can deploy in one day. The initial setup requires some expertise to implement. It's easy for me because it's something I've been running for a couple of years. Policies are the issue and they have to be tweaked every day. 

The product is very cheap because it's a DLP switch. It comprises DLP for endpoint, DLP for the network, and DLP for discovery. Forcepoint sells the DLP endpoint, the DLP network, and the DLP discovery separately, and you can choose what you want. We go for the suite which comprises all three which is cheaper.

This is a good product. It's important to understand your needs and pain points.  Once you're clear about why you want it, it's easy to set up and then build from scratch in line with what you want to achieve. 

I rate this solution nine out of 10. 

Forcepoint DLP's most valuable feature is that it provides complete end-to-end security. It gives us an understanding of any violation happening in the network or via endpoint.

The post-optical character recognization feature could be improved because it only really works on documents with some length (at least three paragraphs). If someone has copied half a paragraph or half the content from a webpage, it doesn't work. In the next release, Forcepoint should include DLP, antivirus, and encryption in the same solution, which would resolve many of the IT problems we face.

I've been working with Forcepoint DLP for about five years.

Forcepoint DLP is stable.

This is a scalable solution.

Forcepoint's technical support is very good - they help you the moment you log the ticket. They're much more helpful than Broadcom, Symantec, or McAfee.

The initial setup is very simple and can be completed without an integrator.

Forcepoint has been very cost-effective because they gave us a good deal while procuring the DLP solution, and we just needed to add one license as we already had the appliance-based solution for the web proxy.

We evaluated Symantec, McAfee, and Trend Micro but found that Forcepoint was the best for complete on-premise without comparing the CASB solution, had the best UI, and was the most easily maintained.

I would recommend Forcepoint DLP to other users and would give it a rating of nine out of ten.

We have different areas of DLP like drive, chat, email, network, and endpoint protection. We have different data classifications which are regulated in our industry. Based on that data regulation, we created a few policies as per our government standards, like the social identity number, personally identifiable information, and personal health information. 

We categorized data for different sectors, and we have applied policies, and Forcepoint DLP actively filters it. If I'm sending some PII to you, it should get filtered out because it's against the organization's norm. It does its job actively.

I like that you can quickly create policies and enforce them in a matter of minutes. 

It would be better if we could easily integrate with other products. Suppose I want to integrate this DLP with some other CASB solutions or a firewall solution. In that case, it takes a considerable amount of time because Forcepoint DLP doesn't come with a legacy firewall or CASB solutions to integrate with it. We need to do it separately.

It's not improvised for different sectors, and I need to look for other solutions. I'm investing a lot of time researching and implementing other solutions for other areas. That is one point where I can't feel satisfied with this Forcepoint DLP.

The only problem we have faced is that it consumes most of the CPU whenever a Forcepoint DLP is deployed on an endpoint. This is when users feel some lag in their machine's performance or their Internet performance. That's when we uninstall and try to reinstall, or we'll give a cloud link to which it gets access. We use Forcepoint DLP for endpoint protection, not for email or cloud. For email and drive, we went with the Google DLP.

Forcepoint DLP isn't as efficient on drive or chat, or email. For that, we have some specialized solutions, but it would be better to have a single console where you can control all these areas. It would be pretty easy for a consumer who is going to use this product. All in one shot, you can try to track it and enforce your policies on a single dashboard. That is one point currently lacking in Forcepoint, and I feel they need to work on it.

In the next release, I would like to use this DLP across different solutions like network, firewall, email, or chat with a consolidated dashboard and with integration facilities with other solutions.

Security should work as a whole. It shouldn't work individually in blocks. It does not serve our purpose. It should be integrated with multiple solutions. For that, it should have enough intelligence to work with other tools.

I'm looking forward to seeing that kind of capability with Forcepoint.

I have been using Forcepoint Data Loss Prevention for three years.

Forcepoint Data Loss Prevention is a stable solution.

Forcepoint Data Loss Prevention is a scalable solution. 

Technical support is pretty good. I don't see any kind of delay. As soon as we raise the request, we always get support from Forcepoint DLP immediately.

I heard that the implementation was pretty simple. Only the policy creation took time because we had to build use cases for it. Your industry might have a different use case, and my industry might have a different use case. It took a little bit of time, and it came from an implementation standpoint, and I felt it was pretty good. 

You just need one person working in shifts to use this solution. As we have 8,000 employees, we are doing it in shifts with three professionals.

We used an integrator to implement this solution.

We evaluated Google DLP and Netskope DLP. We chose Forcepoint Data Loss Prevention because of the ease of policy creation. For any DLP solution to work effectively, we need to create our use cases. On top of use cases, we need to build policies and enforce them. In Forcepoint DLP, it's pretty simple to create any kind of policy and enforce them. It doesn't take a lot of time to get it enforced. It all takes a matter of minutes, and I feel this is the biggest advantage of using this DLP solution.

If the organization is pretty small, then I can recommend this solution. However, if it's a pretty huge organization, I will step back a little bit because it won't serve its whole purpose.

On a scale from one to ten, I would give Forcepoint Data Loss Prevention a six.

Forcepoint DLP is a part of a data protection program. A customer will rely on a main DLP and use a complementary tool, in addition to the DLP, such as a data classification solution like Boldon James or Microsoft Information Protection. They will also complement the solution with a rights management solution like Microsoft Rights Management. Forcepoint is part of a big portfolio for data protection.

We deploy the solution at customer sites. Most of our customers are in two sectors, financial and telecom. All of our deployments are on-prem.

Among the most valuable features are the

• network DLP, which has two components 
• DLP agent installed on endpoints
• discovery, as it covers the endpoints and shared folders on servers. 

These features are important for control. A main part of DLP is its use as a tool that provides different layers of controls.

The Forcepoint tool is well developed. It is ranked in many evaluations at the top when it comes to enterprise DLP solutions. It has good artificial intelligence that enables our customers to focus on specific incidents, instead of having a complicated list of uncategorized incidents.

There is room for improvement regarding OCR. I would like to see it enhanced to handle multiple languages and it should be easier to manage.

There are also options that could be handled smartly in the tool, like the way a web data source is handled. It would be good if any downloaded document could have the same policy.

I've been using Forcepoint Data Loss Prevention for three years. We are not regular users, we are admin. We provide the solution for our customers.

The stability is good. Issues are generally related to the agent. Whenever the agent is stable, the solution is stable. Whenever there are issues, it is common for them to be connected to the agent, making the solution unstable. Based on our experience, the stability has not been very good, but it has also not been bad.

We have implemented the solution on anywhere between 1,000 and 10,000 endpoints.

We get good feedback regarding the support. They respond well and provide support whenever required. They are aware of their product in a professional way. And whenever we escalate to the highest level, we get to a suitable person who can provide us with what we require.

One thing that could be improved is that escalation could be done faster.

Neutral

I have seen Forcepoint replace Symantec or McAfee in some cases. I haven't seen any cases where a client wants to replace Forcepoint.

A mandatory process that should be done before implementing the tool is a data classification analysis and the setting of a policy for data classification. These processes are done through an analysis session with different departments. The session includes teaching them about data classification policies and getting information from them regarding the data that needs to be protected and the recommended classification level that data should have.

We then deploy the server-side in the data center and start installing a sample agent. We test this agent and we test sample policies to ensure everything is okay on the sample agent. Finally, we do a full deployment.

Maintenance, post-deployment, involves making sure the solution is updated to the latest version. It has different components, and each component should be updated to the appropriate version. The same goes for the agents on the computers. The configuration should be reviewed and maintained over time, as well. One person is enough to maintain a Forcepoint instance.

As a partner, we have seen ROI with Forcepoint. We cover our costs through licenses, implementation services, and SLAs in which we support our customers and help resolve their issues whenever they want to open cases or adjust configuration.

They are flexible regarding the pricing and they have a good model for an OEM data classification tool. This makes for good pricing. Forcepoint has been one of the most competitively priced products over the last few years.

Overall, Forcepoint has good strategy and development. It is stable and has not changed as a company for a long time. It is focused on a specific solution and that makes for a good portfolio.

We do managed services. We analyze customers' requirements, and then we suggest a proper DLP or endpoint data protection solution. We have implemented Forcepoint DLP and Forcepoint Web Gateway for multiple customers.

Forcepoint DLP helped a lot when an incident was created and we tried to have an auto-remediation of the incident. For DLP, an incident is a key factor. DLP is meant to generate an incident, and that incident should be managed. If no one is managing the incident, DLP is of no use. Forcepoint has an email workflow. It provides email incident remediation wherein an automatic email is generated for the manager. If a person violates a policy, we can configure it in a way that one email is sent to the manager. One email will also go to the end-user. The end-user can again analyze the activity and give us feedback about whether it was a genuine business need and we should release that email, or whether it was a mistake and we should quarantine that email. The decision is made by the manager or by the end-user who sent the email. This helped a lot and reduced the incident count. It was very helpful to have such a report and to be able to say that the end-user was aware of the fact that this email has been quarantined. After providing the legal justification, the email was released by him. It reduced 40% of incidents for emails. This kind of feature is not available in other DLP solutions, and I really appreciate having that feature.

The workflow remediation is quite good. That is a key feature because of which it has the upper hand over other DLP solutions.

Endpoint protection, web protection, network protection, and storage use are valuable features. Among these, endpoint protection is most valuable.

It has good policies and good mechanisms to detect incidents.

They can have less memory consumption for their endpoint channels. They are not that adaptive with other endpoints solutions like EPP and EDR. They can improve in this aspect. 

Their discovery or the way they discover the data at risk can also be improved. There are many database servers that are not supported by Forcepoint.

Their login mechanism to find out the issue is another thing they need to improve. We would like to have the finest login to figure out what exactly is happening and why we are not able to communicate with the detection server. One of the products I have used is better in this aspect. We can have the finest level login, and we can figure it out, but I haven't found such an option in Forcepoint. 

I have been into DLP technology for the last eight years. I have been using Forcepoint for three years.

I have worked with another DLP solution in and out, and I find that solution to be more stable than Forcepoint. Once you implement a policy in that solution, the policy will always function. You can be assured that the policy will be functional. With Forcepoint, I always need to check whether the policy is functional or not and whether my policy is getting synchronized on the detection server or not. There won't be any sort of end trigger if the policy synchronization was stopped. 

It is quite scalable. It is comparable to other DLP solutions in terms of scalability.

I haven't interacted that much with their support, but whenever I created a case, there was proper support. As compared to other solutions, Forcepoint's support is more technical and professional.

I have used other solutions. Many of the customers are switching to Forcepoint. They are not getting proper support from one of the vendors. So, they are switching to Forcepoint. They are getting equal or more benefits with Forcepoint, and its cost is also low.

Incident remediation is awesome in Forcepoint. One of the solutions that I used did not have incident remediation. Forcepoint again has the upper hand in terms of policies. It has nearly 1,700 policy templates that we can use. Many compliance-related and PII-related rules are readily available in those templates. Forcepoint also has a time-based policy, wherein they can detect that a policy is active within a certain period of time. This visibility is not there in other solutions. Forcepoint also supports flow data transfer analysis.

Overall, Forcepoint DLP has the upper hand. Stability and scalability are secondary. The primary thing is that an application should be usable. Forcepoint is really user-friendly, and it has multiple options. They say that they can detect the malware if data leakage is happening to malware. They do have some sort of analysis in their detection engine to detect malware.

As compared to other DLP solutions, it is quite complex because they do have their policy server and analytics server in place, and their Forcepoint manager is also there. With other solutions, we need to have an Oracle Database in place, which is not required with Forcepoint. For Forcepoint, SQL Server can be quickly installed and is ready for use.

The installation duration depends on the organization and the size of the organization. For the same set of organizations, Forcepoint will take 30% less time as compared to others. In many organizations, I have implemented it within a month, and in many organizations, the project took one year.

The implementation strategy depends on the customer, but we do follow the implementation steps, such as gathering information and then deciding which detection server to go for, where to place it, and how many counts are required. If I have more than 30,000 agents, then I definitely need to think about one more endpoint prevent server. So, it depends on the organization size and the response of the organization in terms of how quickly they adapt DLP and how friendly they are with the DLP solution. The biggest implementation that we had done had 30,000 users.

Our customers have seen an ROI. 

Its pricing is quite low considering the features they are offering. As compared to other solutions, it is reasonable. 

They do have professional support. If we need professional support, then there will be additional costs.

You definitely need to do a proper calibration of the organization and data flow analysis. Even though there are 1,700 policy templates, each and every organization will have a different set of rules and data to be analyzed. So, data flow analysis is a must with Forcepoint DLP to create a proper policy.

Cost-wise, it is a very good product. An organization should really consider this product if they are in process of DLP implementation, or if they are thinking of switching from any other DLP solution. If there is a budget constraint or you need a good DLP solution, I would definitely recommend Forcepoint DLP.

I would rate Forcepoint Data Loss Prevention an eight out of 10. There is no DLP that will score a 10.

I am using Forcepoint Data Loss Prevention for security.

We have not implemented the solution fully and it is still being configured.

The solution is stable overall.

The implementation could be improved.

I have been using Forcepoint Data Loss Prevention for approximately three months.

I did not experience any crashes. The solution has been stable in my usage.

I rate the scalability of Forcepoint Data Loss Prevention a four out of ten.

I have used the support from Forcepoint Data Loss Prevention.

I rate the support from Forcepoint Data Loss Prevention a seven out of ten.

Neutral

I have used a similar Microsoft solution to Forcepoint Data Loss Prevention, and the Microsoft solution was better. However, we were using Forcepoint Data Loss Prevention because we had a contract.

The initial setup of Forcepoint Data Loss Prevention is of medium difficulty level.

I have not seen an ROI at this time. I have only used the solution for a short time. I would need approximately one year to determine the ROI.

The price of the solution is expensive.

I rate Forcepoint Data Loss Prevention a five out of ten.

For our clients, the use of Forcepoint Data Loss Prevention is to protect their data through web endpoints.

Endpoint security and DLP are the features I have found to be the most valuable ones in the solution.

The solution's interface is still not user-friendly for some customers. So, its interface can be better.

We have a partnership with Forcepoint. Also, we are selling Forcepoint Data Loss Prevention. Basically, we are resellers. I have been working with this solution for the last two to three years. I have been using the latest version of the solution. Currently, my colleagues are using the solution.

Stability-wise, I rate this solution an eight out of ten.

Scalability-wise, I rate this solution a nine out of ten. We serve enterprise-level customers.

I rate the technical support of the solution to be an eight out of ten.

Positive

I rate the initial setup of the solution nine out of ten. The solution's deployment time depends on the customers' requirements. It also depends on the environment of the customers. If the customers have a deployment tool, the deployment will be done quickly. Else, it will take some time. To deploy the solution, we provide the customers with a technician to assist them. After that, the customer is responsible for taking care of the people they need for any additional assistance.

We do not handle pricing ourselves. Our pre-sales and sales teams are responsible for pricing. After deployment, the engineer involved in the deployment also assists with pricing.

From one to ten, where one is low, and ten is high, I rate the solution's pricing to be an eight.

Also, there are some costs in addition to the standard licensing fees.

Its availability as an on-premises solution is something that I like most about the product. Overall, I rate this solution a nine out of ten.

The solution has a lot of use cases. 

In our case, it was to protect content based on keywords and typical actions like copying to external devices, printing, or taking snapshots, et cetera. 

It has helped us protect our internal data from external threats. It ensures no data reaches the outside via intentional or unintentional sharing of data. 

The email-sharing capabilities are good. We can watch email sharing based on content, keywords, key phrases, et cetera.

The initial setup process went well. 

It is stable.

The solution is scalable. 

I'd like the data classification to be better.

I worked with the solution previously and only just started to use the product again. I've used it for about a year and a half.

It's a stable product. I'd rate it eight out of ten. This is a highly reliable solution. We haven't had performance issues. 

The scalability is pretty good. I'd rate it eight out of ten in terms of growth capabilities. 

We have more than 7,000 people on the solution right now. 

I'm currently not using it, although I have been. I'm not sure if there is a plan to increase usage.

We have used McAfee DLP also.

It is straightforward to set up. It's not difficult at all. I'd rate the ease of setup eight out of ten.

The deployment process took us about two months.

We only needed two people to handle the deployment and maintenance tasks. 

The deployment was on a third-party server. We handled the deployment itself in-house using our own personnel. 

I have not seen an ROI. However, it is worth the money we've invested in it so far.

I'd rate the pricing seven out of ten. It's moderately priced and not too expensive. We pay an annual subscription. There are no hidden costs. You just pay one flat fee.

I did look for various advanced switches and other advanced features and chose this product.

I am a partner. 

I'm not sure which version of the solution we're using.

I'd recommend the solution to others. 

Overall, I would rate the solution eight out of ten.