Forcepoint Data Loss Prevention Reviews

We're trying to use the solution for data loss prevention on the endpoints.

Every time I pushed the agent to laptops, I wasn't able to gain visibility.

I do not have any real valuable features at the moment. 

It was mostly stable. 

There is a lot of articles and documentation that technical support direct you to.

Getting tech support to assist us took too long. 

The communication between endpoints and the DLP over the internet was difficult.

The ease of deployment wasn't as flexible as Digital Guardian. We did not have a good deployment experience. 

It needs better pricing.

There is too much going on. We need help understanding all of their tools and offerings. We need to understand their offering, and we don't right now.

An integration deployment feature would be great for APIs. They need to use standard APIs and tools.

They need more resources online to assist users in looking for the most up-to-date documentation. 

I've used the solution for two months. 

I'd rate the stability six out of ten. It was okay. It could have been better. 

I did not look into scalability. 

Customer support simply directs us to links to read up on our own. When we contact support, we need one on one help, not directions to articles. They need to improve the way they deal with customers and be more hands-on. 

Neutral

I've also used Digital Guardian. It is an easier solution to deploy.

The initial setup was not that simple. The solution itself is too big, too vast, to really learn properly. It also wasn't as flexible as we needed it to be 

The cost is too high. They need to work on their pricing model. 

I wasn't a part of the decision-making process. 

I cannot recall the version number we're using. 

I'd advise potential new users to do a proof of concept and check vendor integrations. Increase the POC to two or three months, and don't be rushed into the product until you are ready.

The solution is too fast to learn everything. Digital Guardian was much more manageable. 

I'd rate the solution seven out of ten. 

We are customers of Forcepoint and I'm a senior information security engineer.

I like the encryption feature of this solution as well as the proxy aspect of it. 

The deployment and troubleshooting aspects of Forcepoint are very difficult. Implementation is complex and not user-friendly. In addition, we have a problem because our Mac systems are not able to support Forcepoint which requires us to have two softwares to make it work. 

I've been using this solution for one year. 

The solution could be more stable. 

The solution is somewhat scalable but could be more so. Our whole organization uses the product, we have over 20,000 users. We have at least 10 staff involved in maintenance.

Technical support is good but lacking in troubleshooting skills when it comes to Forcepoint. 

The initial setup is straightforward. 

Licensing costs could be cheaper. 

I rate the solution five out of 10.

We are a solution provider and Forcepoint DLP is one of the products that we implement for our clients. We have Forcepoint DLP at one of the telcos and one of the things that we are trying to discover is information, across the organization, that is of a personal nature. We are using it to comply with POPI, which is the equivalent of GDPR in South Africa. We are also using it for PCI-DSS requirements. This discovery component works quite well with respect to the search.

When we deployed it for a bank, it proved highly efficient in terms of PCI compliance. It was very quick to pick up where people were divulging personal information regarding credit card holders. We then deployed very simple rules that we had customized, without the need for data classification.

Initially, if you were just doing PCI-DSS, because it's very limited information that you needed to protect, you could do it without data classification. This was good for an organization that had data to protect and wanted to comply with PCI-DSS, but had not done the data classification at that point.

The rules that we put into place were simple. For example, if more than two credit card numbers are being pushed out then block it, or first put it into monitoring mode and then block it.

One thing that I really like is that you can customize the rules. 

The challenges that we've had are related to deployment, especially around the discovery component, and with the local support that we receive in South Africa.

With respect to the discovery component, the reports are very hard to interpret because they come out in an illogical format. We forwarded the reports to our local support team, who were also unable to help me. Eventually, the problem went to the UK for that team to interpret the report.

Ultimately, my biggest challenge is the discovery component with respect to the reports, as good as it is in terms of the integrity, or the search. It is a question of how you translate technical reports into business language. We tried the cloud version, which is Forcepoint CASB, and we found the same thing.

The local support team is made up more of salespeople than engineers and as such, the support in South Africa can be improved.

My experience with Forcepoint Data Loss Prevention goes back to 2005 when it was still called PortAuthority. The product has evolved massively since that time. I have deployed it and worked with it for different organizations at different locations.

Initially, it takes a little bit of processing but nothing to be too concerned about. Stability-wise, nothing has really annoyed us. 

The scalability is fantastic. One of the things that I like about Forcepoint is that I can customize the solution to suit my objectives. For example, if I only wanted to prevent PCI then I could just go in and do that.

One of my clients has quite a large deployment, with approximately 30,000 users. They have plans to roll it out to the rest of Africa.

Technical support from the UK is good. However, the experience of local support in South Africa is not at the level it should be. Most of the local staff are salespeople, as opposed to engineers. Support for the deployment of the product is seriously lacking.

In the UK, they were much more knowledgeable about the product, as well as the outputs and how to actually read them to make business sense out of them. It was much better than what we had in South Africa. Locally, they simply said that they didn't understand it. Most customers will shy away from products when the support is like this.

Because they answer the phone, I would rate the local support a two out of ten. The European support was better, so I would rate them a five out of ten. There were delays in their response but I'm not sure if it was related to the difference in time, or it was part of the ticket escalation process.

One of our clients was using the Symantec solution prior to Forcepoint. We convinced them to switch because Symantec does not have a great presence in South Africa and support was an issue.

They had been using it for quite a long time and had not seen the necessary return on investment. With the new legislation, it was time for them to change to something that was more practical, and more user-friendly. The product works great now.

The implementation is not as easy as people make it out to be. Once you get it right, the product is fine, but this requires understanding it and getting the proper training. A novice that has begun to work with the tool can find it quite difficult to implement if they don't have a good understanding of the product, and do not have the right support.

For example, in one organization it took us about three months to implement it, whereas it should have taken about a month.

Our clients have hybrid deployments, where they are part on-premises and part cloud. The choice of cloud provider is made by the client but they either choose Microsoft Azure or AWS.

The implementation strategy that we use varies depending on the client. For example, at the bank, we wanted to prevent data breaches, especially with credit card information, and ensure compliance. Therefore, our strategy was focused on just the PCI requirements so that we could take reasonable measures to protect the organization. Essentially, we wanted to go from zero to hero quite quickly. That was possible because of the flexibility and agility of the product.

When it came to the telco, it was a completely different strategy. It was a long-term strategy in terms of protection of personal information and preventing it from being divulged without authority to would-be criminals.

When we deployed it, we literally had to look at the requirements and configure it from a POPI perspective. In this regard, the deployment was skewed toward personal information breaches.

We worked with a local reseller, Performanta.

Their skills were meant to be the best in the country but it left a lot to be desired. We had to use the UK offices and that's a challenge with most of the organizations in South Africa. With big vendors, South Africa is a small market, so the investment in South Africa is not what it should be. Understanding, managing, and integrating products needs to be improved, in general.

For deployment, there were eight of us in total. Two were engineers, there were four analysts because we had to write the business rules and document them, there was a project manager and a few others.

Maintenance is being done by the client, in-house. They have two engineers that are responsible for it, and they have purchased support from the local providers.

My clients are seeing ROI because the privacy office is quite comfortable now that they've done everything reasonable to meet the compliance requirements. There is a level of assurance provided by the DLP solution.

In terms of pricing, it is good for a corporation but they do not cater to small to medium businesses. They have to look at a different pricing structure for small to medium-sized enterprises because the cost is too high.

This is compounded for the African market because of the exchange rate. One dollar is equal to approximately 15 rands and if you were to multiply that by the price of the product, it becomes quite costly.

There are no costs in addition to the standard licensing feed, although you still need to understand the operational impact that it has on an organization from a resource perspective. That needs to be factored into the total cost of ownership.

We compared Forcepoint with NetSkope to assess its reporting capabilities and we found that the NetSkope report was very easy to translate, understand, and explain to a business. Forcepoint was instead very cumbersome, unstructured, and illogical. It required an expert to actually interpret the report, which is something that you don't want.

We have also looked at the McAfee product, as well as the one from Microsoft. At that stage, the solution from Microsoft was a little immature and I have not looked at it since. Forcepoint was the leader when we implemented it for our clients.

Comparing Forcepoint to the other products in general, the data discovery capability was great, except for the interpretation of the report. The OCR capabilities were also good for us because it's a telco and they have a lot of paper going through. 

The tool works great but they don't talk about the operationalization of the tool from a process perspective. When people sell DLP solutions, they talk about the efficiency of the tool, but they don't talk about the impact that it has on an organization from a resource perspective.

You would need a team to analyze all of the exceptions that you have, like the way they do in a SOC, where you have analysts looking at the incident. They analyze and investigate it, and then determine whether it is positive or negative and something that we have to be worried about. For example, our organization had approximately 70,000 end-users, who were employees. There is quite a large amount of data that is transferred across our network.

In our case, if a person is sending more than one credit card credential out of the bank, it was flagged. If it was more than one, you had to have a whole backend process where the analyst had to look at it, then perhaps ask the person why they were sending out this information.

When we were first looking at this product, there was nobody who informed the customer as to the complete ecosystem that would be required to have an effective DLP solution in play.

My advice for anybody who is looking at Forcepoint is that they need to understand what it is that they are trying to prevent. You cannot be totally dependent on the tool to do everything. This is not a criticism of Forcepoint but rather, a criticism of the way it's sold. The product will do what it's built to do. But, if you're expecting it to automatically manage the incident, then it cannot do everything. It can block, it can monitor, and it can create alerts, but you still need your analysts. For most CSOs or IT managers that are looking to deploy, they must factor in the practical implications of operationalizing it. They need to have a process in place. They need to have an escalation process in place, and they need to have resources like analysts to actually look at the exception reports.

This is an effective data leakage solution, it does what it's meant to be doing, and the interfaces are great. The biggest lesson that I have learned from using it is to understand the total cost of ownership.

I would rate this solution an eight out of ten.

The solution is easy to manage. 

I am not able to get support directly from Forcepoint. 

I have been working with the product for three years. 

I rate the solution's stability a seven out of ten. 

I rate Forcepoint DLP's scalability an eight out of ten. My company has 11,000 users. 

The tool's support does not provide urgent solutions when we face issues. 

Neutral

We have five resources to handle Forcepoint DLP's maintenance. 

I rate the tool's pricing a six out of ten. 

I rate Forcepoint DLP a seven out of ten. 

Forcepoint DLP is a part of a data protection program. A customer will rely on a main DLP and use a complementary tool, in addition to the DLP, such as a data classification solution like Boldon James or Microsoft Information Protection. They will also complement the solution with a rights management solution like Microsoft Rights Management. Forcepoint is part of a big portfolio for data protection.

We deploy the solution at customer sites. Most of our customers are in two sectors, financial and telecom. All of our deployments are on-prem.

Among the most valuable features are the

• network DLP, which has two components 
• DLP agent installed on endpoints
• discovery, as it covers the endpoints and shared folders on servers. 

These features are important for control. A main part of DLP is its use as a tool that provides different layers of controls.

The Forcepoint tool is well developed. It is ranked in many evaluations at the top when it comes to enterprise DLP solutions. It has good artificial intelligence that enables our customers to focus on specific incidents, instead of having a complicated list of uncategorized incidents.

There is room for improvement regarding OCR. I would like to see it enhanced to handle multiple languages and it should be easier to manage.

There are also options that could be handled smartly in the tool, like the way a web data source is handled. It would be good if any downloaded document could have the same policy.

I've been using Forcepoint Data Loss Prevention for three years. We are not regular users, we are admin. We provide the solution for our customers.

The stability is good. Issues are generally related to the agent. Whenever the agent is stable, the solution is stable. Whenever there are issues, it is common for them to be connected to the agent, making the solution unstable. Based on our experience, the stability has not been very good, but it has also not been bad.

We have implemented the solution on anywhere between 1,000 and 10,000 endpoints.

We get good feedback regarding the support. They respond well and provide support whenever required. They are aware of their product in a professional way. And whenever we escalate to the highest level, we get to a suitable person who can provide us with what we require.

One thing that could be improved is that escalation could be done faster.

Neutral

I have seen Forcepoint replace Symantec or McAfee in some cases. I haven't seen any cases where a client wants to replace Forcepoint.

A mandatory process that should be done before implementing the tool is a data classification analysis and the setting of a policy for data classification. These processes are done through an analysis session with different departments. The session includes teaching them about data classification policies and getting information from them regarding the data that needs to be protected and the recommended classification level that data should have.

We then deploy the server-side in the data center and start installing a sample agent. We test this agent and we test sample policies to ensure everything is okay on the sample agent. Finally, we do a full deployment.

Maintenance, post-deployment, involves making sure the solution is updated to the latest version. It has different components, and each component should be updated to the appropriate version. The same goes for the agents on the computers. The configuration should be reviewed and maintained over time, as well. One person is enough to maintain a Forcepoint instance.

As a partner, we have seen ROI with Forcepoint. We cover our costs through licenses, implementation services, and SLAs in which we support our customers and help resolve their issues whenever they want to open cases or adjust configuration.

They are flexible regarding the pricing and they have a good model for an OEM data classification tool. This makes for good pricing. Forcepoint has been one of the most competitively priced products over the last few years.

Overall, Forcepoint has good strategy and development. It is stable and has not changed as a company for a long time. It is focused on a specific solution and that makes for a good portfolio.

I am not satisfied with the tool and will replace it since its integration with the Microsoft platform solution, which the company has chosen currently, would be difficult, and we don't want to spend too much time on it. It is easier to have a fully integrated stack. Forcepoint Data Loss Prevention is not a very well-integrated tool. We also have artificial intelligence, which is easier to directly integrate into the heart of the platform.

The main issue is that you cannot be in security staff and put your data center in Dubai. You need to master your data redundancies. Putting two data centers in Switzerland is fine, and we can use it, but you cannot have DLP rules, and you put your data in Dubai, which can lead to mistakes. Even the rules are really sensitive data. We could think that only the patterns would go in Dubai or whatever, but the rules are the most important part because the rules define what is going to be detected and what won't be detected, and inside the rules, we have everything customized.

No financial institution will be able to keep Forcepoint in Switzerland when they move outside of the data center. The other issue is that when you are doing a setup with the on-premises version of Forcepoint, the big mistake here is the way the software is split. Speaking about the version of Forcepoint you are going to install in your data centers, the issue here is that it is done for a VMware setup inside the data center, so you can have many servers. In the cloud, you are going to pay for what you are using. If you are using eight or ten servers, you are going to pay for ten, making it really expensive. The web version that you can set up of Forcepoint has not been designed for the cloud. The cloud version is located in Dubai.

I have been using Forcepoint Data Loss Prevention for ten years.

The solution's technical support was bad as they have no skills at all. We are not able to get replies from the tool's support team. I am not sure if the tool's team could offer advice or consultations because a local company used to do it for the product, as there are just a few skilled people available at Forcepoint, which is also an issue.

Instead of Forcepoint Data Loss Prevention, I recommend Purview to others, especially if you are located on Microsoft platform, since it helps with compliance and not only as a DLP tool. There is a gap we need to close in Forcepoint Data Loss Prevention as it is useful for security operations. For example, it can be used to ask an end user to unlock your blocked emails.

AI is mostly used when you have to check the DLP inside artificial intelligence, and it is not perfect. We were also looking for SSE solutions, and the point is that Forcepoint could have been a good candidate, but it is located in some bad countries, making it one of the main issues why the tool was no longer a satisfying solution for our company. The tool is also quite heavy. In some cases, it is slow, making it not so comfortable to operate.

The tool is fine for the DLP features, especially when you are on an on-premises model with a data center. If you are on the cloud, I would not recommend it.

Purview and Forcepoint are almost the same, as both can be used to block, upload data, or send emails. Once something is blocked, you ask the security operations, who will start, to provide us with the document we can look at to see if it is legitimate or not.

The incident management process is not based directly on Forcepoint. Forcepoint is used to detect and block, but the response is not done inside of Forcepoint. It is done at the data level.

I rate the tool a seven out of ten.

In most of the banks that my company has implemented the tool, we have EMI and credit card information, and they don't want it to go outside the bank. It is also used to prevent company and other financial information.

There is a feature in the product that I use the bank with which it is really easy to capture any data leakages.

The main area of concern is the tool's technical support. I would suggest the technical engineers reply to users as soon as possible since it usually takes them some time to respond.

I have been using Forcepoint Data Loss Prevention for six months. My company functions as a distributor of the tool.

I would suggest that the tool's interface or UI needs to be redesigned since it is a bit outdated. The UI needs to be redesigned for the tool's productive working.

For scalability, we just have to deploy the agent, and we can push it through a CCM tool or something like that to manage it, making it an easy process.

I rate the technical support a five or six out of ten.

Neutral

The product's configuration phase is easy.

Less than two people can deploy the solution.

The solution can be deployed in less than an hour.

Cost-saving is possible with the tool. The tool has saved time and costs.

I don't actually know about prices. I am the technical support engineer of the tool.

The real-time analytics feature is good, and the tool is really easy to use. I have no concerns regarding the tool.

It is easy to integrate the product with other solutions like SIEM solutions. We have multiple products that we have integrated with Forcepoint Data Loss Prevention, including Microsoft.

I have only used the machine learning part of the tool, which is easy to use.

I recommend the tool to others.

I rate the tool an eight out of ten.

The main purpose of DLP is to protect data from being sent outside of the organization without authorization. So, my client uses it to protect emails and web traffic and to integrate with content classification and USB blocking systems.

Some good features are basically its UAV Analytics engine. And even fingerprinting is really good in Forcepoint.

Forcepoint recently released an in-line proxy feature, which is a great addition. Previously, users had to add an extension to their browsers, but now that's not necessary. Now, that extension is not needed. 

One area that could be improved is the support. The current support is not very good. Because they don't come on time when a customer really needs it, they take a lot of time to troubleshoot anything.

For Mac, they should introduce the feature of airdrop. Currently, no DLP detects the airdrop feature. Like, if we have an airdrop. So, no DLP detects that any file is going from Airdrop. Our customers have these use cases. 

I have been working with this solution for five years. For Forcepoint, we are a titanium partner. 

It's scalable. We sell to medium and enterprise-level businesses. 

It is an easy installation for Forcepoint.

To deploy Forcepoint, we would take almost a week because it's an on-prem solution. But now they have even a cloud platform. So it can be done in one or two days. It depends on the customer and how they provide the insight and everything.

One person is enough for the deployment and installation process. 

For Endpoint DLP, obviously, we are the people who do maintenance. But for SaaS-based, it is GTP service only.

The pricing is fine. It's a yearly based license. For endpoint Forcepoint DLP, they have another license, and for network DLP, they have another license.

Overall, I would rate the solution a ten out of ten. It is a really good product. 

It is very user-friendly, even for admins. However, the support is very low otherwise the product is very good.