Forcepoint Secure Web Gateway Reviews

We are the implementation partner for Forcepoint, and then we configure and integrate Forcepoint into the customer enrollment.

We personally use cloud Websecurity and cloud Email security of Forcepoint.

The initial setup is easy. It's not difficult. 

They have well-integrated web security. They have the enterprise DLP included in the cloud as well.

Technical support has been okay.

The Bitglass part, right now, we are trying to learn it, and then trying to acquire skillsets around it. 

For cloud web security, there are definitely areas where it requires improvement, Policy changes take 20 to 30 minutes for enforcement.

Granular control based on applications can be further enhanced.

I've been dealing with the solution for six or seven years and Websense for the last 15 years.

It is stable. That said, at times we do get complaints from customers. Some of the government and banking sites not being accessible via cloud proxy. At times it is required to bypass them or route it through different data centers. Though Forcepoint has no say in some websites restricting the access if they can out with a solution to detect and bypass or redirect the traffic through a working data center it will add further value. 

We are integrators. We are supporting from 1,000 systems to somewhere around a 10,000 to 20,000 user base.

We have used technical support in the past. There are two aspects. How quickly they respond is one aspect. Then, whatever the answer that they provide, is it of any use. In terms of the response, it varies. Sometimes they will be able to solve it, and then sometimes it may have to be internally taken up to the next level.

Neutral

The initial setup is very simple and not overly difficult. 

I cannot speak to the exact pricing of the solution.

We are integrators. While we typically do cloud deployments off-late, for on-premises, we have deployed Hybrid and on-premises Websecurity deployments.

I'd advise users, if they want to make use of it, to learn the technology and then the approach the product is trying to take. I'd advise users only proceed once they understand it. That way, they'll be in a good position to manage it. As with any technology, learn the basics and building blocks of it.

I'd rate the solution a nine out of ten.

My position means that I'm focused on functionalities and the happiness of the users of this solution. I am the CTO of sales and we are a customer of Forcepoint. 

I think the antiviral sandboxing is a valuable feature. 

The issues we have are more around organizational issues between us and Forcepoint. We don't have problems with the solution although sometimes attacks or new ransomware gets through. Sometimes we need to work together with Forcepoint in order to change the setup and to block it. It would be great if Forcepoint was able to do this without our knowledge and, even better before those mails ever reach us.

The improvement needs to come on both sides – not only from ForcePoint, but the idea is to work on few points:

• The idea is to set up on the ForcePoint side TAM that could help us in the tuning the configuration.
• At the same time we need to work on improving the expertise and increase the number of FTE that will work on the platform (internal or external) in order to be able to really have the benefit of TAM.
• 3^rd point is that some of the attacks come through and after we report it to ForcePoint they manage to improve the environment, while my experience with some other solutons is that the provider is more proactive and does the change/improvement even before we notice it.

I've been using this solution for three years.

The stability of the solution is fine. 

The scalability of the solution is fine. 

We are not so satisfied with the technical support but not because of Forcepoint, rather because of the organization on both sides. We need to work on that.

The initial setup is relatively straightforward. You need to spend some time defining the template of the environment that you would like. After that, the deployment in different domains is pretty easy.

The pricing of the solution is okay. We pay licensing fees but the cost depends on the package that we take. There are no other hidden costs. 

We are happy with the solution for now. One of the reasons we took it is that it gives us the flexibility to change if we do not like it or we are not happy. To be honest, once we made the decision, I didn't look at the marketplace anymore. It's possible that there are better products out there today.

I would rate this solution an eight out of 10. 

All the proxies have the same features, but the idea here is about URL categorization and the support you have. I found this very interesting in Forcepoint.

In terms of functionality, Forcepoint is the best web proxy available.

I'm an engineer, and as an engineer, I often try to use the best solutions and ones I'm most comfortable with. I like Forcepoint. It's very good for implementation, but it's functionality is great. It has very, very deep technical features, and in-depth introduction features. I really encourage anyone to have it in their environment.

If the solution had a lower cost, it would be easier to implement.

In the 8.5 version of the solution, I took some issue with the interface. 

I'd recommend that the company supports more process to matrix files. We've had issues with that.

The solution should be better able to support itself and operate faster. Sometimes the technical support team takes too long to respond.

I was first introduced to Forcepoint in 2013. At that point, it was Websense and has since been acquired. I've been using the solution in total for about two years. I've spent the same amount of time with the email and web security parts of Forcepoint as well.

The solution is very stable. I didn't see any issue regarding stability. The hub itself is very powerful. It's very good that I can look at the hardware good or node maintenance and see where there are vulnerabilities. 

I implemented it in an environment with multiple users and other environments which included about 20 other items and I've found scalability to be great. You can have a lot of appliances that act as a cluster and you could have high availability on a sort of virtual ID server. You can do additional ID configurations from the other appliances so that typically it extends well. You don't have to have something like download X5. If you have two appliances, you just need to distribute both. For example, you can do it from the configuration. I couldn't find any situation in my work with Forcepoint that was not able to satisfactorily scale. So you can really make it as you wish.

Technical support sometimes takes too long to respond to queries.

In terms of implementation, if you are going to implement Forcepoint, you have to think about how you will deploy it in your proxy environment. You have the ability code, as well as other items. 

If you are implementing Forcepoint in web proxy, it has to be P1 or P2. It has to be on the user onsite as V2 on V5. You could, for some environments, have two interfaces that communicate with each other. You cannot get both to interface, however. If you use the P1 for a user's internet, you then have to make P1 access the internet.

We're a Forcepoint business partner in Egypt.

There are a lot of features already in the application and a lot of features that are added every day, so you have to learn how to implement them. If you decide to use the solution, you have to plan it out and prepare for it. You also have to update your knowledge and make sure your system is updated with regard to the solution. The most difficult part about Forcepoint is that if you take some time away from not working with it you forget features and processes. You need to work on it often and continue learning about it all the time.  

I'd rate the solution nine out of ten.

• Reporting
• Custom Block Pages
• AD integration

It allowed our company to not worry about the security of a page, but talk more about the content and the productivity of specific types of web categories.

Allow for faster exemption of websites or the ability to reclassify websites.

Five years.

None.

None.

None.

Great. They made sure that we were choosing the right version and helped us understand the tradeoffs between their different deployment strategies.

Great. I had only a few issues after rollout and their tech support was quick to help.

Cisco Web Security. The AD integration was lacking. The speed was also lacking.

It was straightforward, since I had deployed it at my previous company. The engineer assigned to our deployment was also on hand to make sure that I followed the updated best practices.

In-house with vendor support.

It is a well-priced option.

Zscaler, Barracuda, Sophos, and Cisco Web Security.

I use Forcepoint SWG to monitor and control my employees' internet usage for both security and productivity reasons. 

What I like about Forcepoint SWG is that I can ensure that employees access only appropriate websites, protecting the organization from malicious threats. Moreover, SWG allows me to track internet usage patterns, helping optimize bandwidth and understand how much time each employee spends online.

In terms of improvement, some of my clients find that certain security details could be enhanced in Forcepoint SWG. Additionally, I would suggest focusing on improving the GUI's stability, especially when implementing new filters or patches. Occasionally, there are issues with crashes during these updates, and smoother transitions would greatly enhance the user experience. 

I have been working with Forcepoint SWG for five years.

I would rate the stability of the solution as a ten out of ten.

Forcepoint SWG is scalable and can handle organizations with over 100,000 users. Additionally, through multiple deployments and clustering, it can scale even further, making it well-suited for medium to enterprise-level companies.

I would rate Forcepoint's technical support as a nine out of ten.

Positive

The initial setup for Forcepoint SWG is straightforward and user-friendly. The basic configuration is not very complicated, and you can have the solution deployed in a day. However, when it comes to more advanced configurations or customer-specific enhancements, it can get a bit complex. While the initial steps are smooth, customization might require more effort and expertise.

I would rate the affordability of Forcepoint SWG as a two out of ten. It is relatively expensive. While some other products, such as firewalls and application firewalls, offer similar functionalities, they might be more cost-effective. However, the specific web security features provided by Forcepoint contribute to its high price.

Overall, I would rate Forcepoint SWG as a ten out of ten.

The most valuable feature for me in Forcepoint Secure Web Gateway is URL filtering, though all other features of the product are okay as well.

A room for improvement in Forcepoint Secure Web Gateway is the support it offers. It's very bad.

What I'd like to see in the next release of the product is for it to be less complicated because at the moment Forcepoint Secure Web Gateway is more complicated than other products. Sometimes issues come up that you can't solve without the support team. For example, you should write the root password to fix the issue.

In the next release of the product, it would be good if it had an easy-to-use interface. Troubleshooting issues in Forcepoint Secure Web Gateway should be less complicated as well.

I've been dealing with Forcepoint Secure Web Gateway for about two years now. My company doesn't use the product. It's the customers who use Forcepoint Secure Web Gateway.

Forcepoint Secure Web Gateway is a scalable product.

We had to contact Forcepoint Secure Web Gateway technical support because some of the features didn't work, but it took them a long time to respond. Sometimes, even if you call support many times, they will not respond. In the end, they weren't able to solve our issues. We solved the issues ourselves.

The initial setup for Forcepoint Secure Web Gateway isn't easy. When you compare it to Fortinet, it's very complicated.

For example, for Fortinet FortiProxy, you don't need to install the database or SQL, and there's no need to prepare a server. You also don't need to do a lot of authentication because it's only one appliance, so it will work via proxy, then you can do the installation.

For Forcepoint Secure Web Gateway, you need two servers: one for installing the management software and the second server for SQL, and only then can you control the appliance.

The initial setup for Forcepoint Secure Web Gateway is complicated, especially when compared to Fortinet FortiProxy.

In terms of Forcepoint Secure Web Gateway pricing, I'm not part of the sales team. I'm on the technical team, so I don't have information on the price.

I work for an IT company that provides solutions to customers such as Fortinet, Palo Alto, Forcepoint, and GoSecure. In terms of Forcepoint, my company focuses on web security, particularly Forcepoint Secure Web Gateway.

My company has enterprise customers who use the product.

The number of users of Forcepoint Secure Web Gateway varies. One customer has around six hundred users. Another customer has three hundred users then there's a customer in the banking industry that has a thousand users.

My advice to others looking into implementing Forcepoint Secure Web Gateway is to prepare a lab and create scenarios in the lab before going to the customers.

My rating for the solution is seven out of ten.

We use it for internal monitoring of internet access as well as for controlling internet access.

It has got a really good URL categorization database. It is simple to set up. It is also easy to use and quite intuitive. It has got a nice utility for troubleshooting.

We are using a V10000 G3 appliance. It is just a proxy. It is just HTTP, FTP, and HTTPS. Now, as our website has developed and we are using rich time-connectivity protocols, the proxy doesn't have the ability to work with these protocols. It would be nice if the UDP feature was there for it to filter UDP traffic. It needs firewall capabilities for UDP filtering.

Its upgrades can be quite complex, and they don't always go as per the plan. Its reporting could be a bit more granular. 

I have used it for quite some time.

I am satisfied with its stability. We have got a good network infrastructure.

It is easy to scale. You can just add another box to scale it up. 

We are using it for about 3000 users, but it can take a lot more. You have to look at the box you choose and use it as you require.

I have interacted with them. Nine out of ten times, their support is really good. There are different packages you can buy for support. The one we have is really good. We usually get a response within four hours, and they are available seven days a week. They have been helpful, and they do point you in the right direction. If they don't have a solution, they will go back and solve it through another team member.

I can't remember, but I think we used Blue Coat. We switched because at the time, most of the technology modules were embedded into one appliance in Forcepoint Secure Web Gateway, which is how you can reduce the number of boxes you would have in your server, which is really good. In terms of cost also, it was working out better for us.

The initial setup was straightforward. The upgrades, however, are not straightforward, and they don't always go as per the plan. It also depends on your environment and the configuration. The advantage of going for a cloud solution is that you don't have the overhead of managing upgrades and downtime. The advantage of an on-premises solution is that you have more control, which is really nice. You have ownership, and you have the chance to develop your own solution, which is fantastic.

We got help from a third-party vendor.

I would not recommend the version that we have, that is, V10000 G3. I would recommend the later versions. 

Its implementation depends on your working environment. You might want to go for a hybrid version where it is partly on the cloud and partly on-premises. You also have to look at deploying agents on your systems. So, it just depends on how you are planning on working. Are you working from an office or are you going to be working remotely? That would dictate how you implement the solution. It is a fine product for what it does. Going forward, it would need firewall capabilities for UDP filtering.

I would rate Forcepoint Secure Web Gateway an eight out of ten. It needs UDP support and a bit more granular filtering of reports, but all in all, it ticks most of the boxes.

I use this product for email filtering.

The spam filter is very effective.

It does a good job of detecting ransomware links in email and then blocking them.

We have a lot of false positives, which is one area that can be improved. At the same time, there is a lot of spam that still gets by the filter.

The engine should be enhanced because some malware still gets by the filter.

The login for emails should be more advanced.

I have been using Forcepoint Web Security for four years.

This service is very stable.

It is easy to scale. I can set up more than one Exchange server and more than one domain. We have about 600 users in the company and we do not plan on increasing at this time.

We obtain support from the local partner, rather than from Forcepoint directly.

Prior to this, I was working with Websense. 

It is a cloud-based deployment so the initial setup is not complex. There are a couple of things to configure, pointing them to your mail servers, but it is easy and straightforward. 

We only require a single person for maintenance.

The price of this product should be reduced to make it more competitive.

In summary, this is a good product and I highly recommend it. However, it is important to remember that suitability will vary depending on the environment.

I would rate this solution a nine out of ten.