We use it for our email flow. We use it for our daily operations. For example, it helps in dropping spam and phishing emails.
System Administrator at emco Bau- und Klimatechnik GmbH & Co. KG
Easy to set-up and effectively drops spam and phishing emails
Pros and Cons
- "It was easy to set up."
What is our primary use case?
What needs improvement?
There is room for improvement. One aspect that could be enhanced is finding a better way to follow outgoing mail. This would be particularly useful in situations where customers or suppliers claim they did not receive our messages.
For how long have I used the solution?
We have been using this solution for seven years. We are also using a Proofpoint protection server and Proofpoint Threat Response.
What do I think about the scalability of the solution?
I would rate the scalability a nine out of ten. We have about a thousand people using it.
Buyer's Guide
Proofpoint Email Protection
November 2024
Learn what your peers think about Proofpoint Email Protection. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
823,875 professionals have used our research since 2012.
How are customer service and support?
The customer service and support team is okay.
How would you rate customer service and support?
Positive
How was the initial setup?
It was easy to set up. I would rate my experience with the initial setup a nine out of ten. The deployment took half a day.
What about the implementation team?
We worked on the deployment process together with our provider.
What other advice do I have?
Overall, I would rate the solution a nine out of ten. We are really satisfied with the solution.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Presales Engineer at a tech services company with 1,001-5,000 employees
A user friendly solution fro protection against email threat and bypass email authentication
Pros and Cons
- "It's the top choice because no company can operate without security. Ensuring email protection is a major priority for any organization when building its infrastructure."
- "One major threat is QR code phishing, along with TOAD (Telephone-Oriented Attack Delivery). TOAD attacks don't include links, URLs, or attachments in emails. Instead, attackers try to trick you into calling them, often by offering something enticing like a 50% discount on football matches."
What is our primary use case?
We use the solution to stop email attacks, such as credential phishing, impersonation, and some forms of spear phishing. It also helps prevent attacks that bypass email authentication protocols like SPF and DMARC.
What is most valuable?
It's the top choice because no company can operate without security. Ensuring email protection is a major priority for any organization when building its infrastructure. It effectively stops sophisticated attacks launched by advanced threat actors. It can identify attacks related to impersonation, deception, identity theft, business email compromise, and more.
What needs improvement?
One major threat is QR code phishing, along with TOAD (Telephone-Oriented Attack Delivery). TOAD attacks don't include links, URLs, or attachments in emails. Instead, attackers try to trick you into calling them, often by offering something enticing like a 50% discount on football matches. Once you call, they may try to get your two-factor authentication code or send malicious links to your personal email, bypassing security controls. Proofpoint has consistently detected and prevented these kinds of deceptive attacks.
For how long have I used the solution?
I have been using Proofpoint Email Protection for five years.
What do I think about the stability of the solution?
The product is stable.
What do I think about the scalability of the solution?
It's top-rated for scalability because of its architecture. It uses a central management solution called Master and supports adding up to 25 or 30 agents. Each agent can handle a significant number of users, so with 2 agents, you can cover 5,000 to 10,000 users. Given this setup, 25 to 50 agents can manage even larger user bases. These agents are servers, not software installed on individual machines, which allows for excellent scalability.
How was the initial setup?
The initial setup is straightforward and user-friendly, but it does require experts to implement. It's not something that regular users can handle. You need skilled professionals who have a good understanding of email systems, Office 365, Exchange, email flow, and SMTP protection. While the process is simple, having knowledgeable people is essential for a successful implementation.
It starts with an offline configuration in the first phase, keeping everything inactive and not migrating traffic right away. This allows you to validate policies, mail traffic, and mail flow without affecting live operations. Once everything is validated, the cutover happens in phase two. After ensuring the cutover is successful, you can then move on to the tuning phase.
I’ve done this many times. The initial setup duration depends on the company size, the complexity of the policies, the rules in place, and whether the setup is complex or straightforward.
They have their own dedicated Protection Services team and rely on certified professional service engineers on the ground.
What other advice do I have?
To protect email effectively, you need to secure it across multiple channels—external, internal, and even after delivery. Proofpoint is the top choice for comprehensive email protection because it covers all these aspects. Gartner has stated that to fully protect email, you need coverage across all channels, and Proofpoint is the only vendor with a platform capable of doing that.
It operates using the MLX engine along with AI to protect against business email compromise. Some of the engines within the solution rely purely on AI. The system can be left to learn normal behavior over two to three weeks. Once it understands this behavior, it provides protection based on what it has learned. We also acquired a vendor called TCL, which excels in detecting attacks through advanced analysis and AI.
Tuning requires time; it's not difficult to maintain but needs careful adjustment. It may take about a week to ensure everything is optimized according to best practices, focusing on tuning rather than just configuration.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Last updated: Aug 28, 2024
Flag as inappropriateBuyer's Guide
Proofpoint Email Protection
November 2024
Learn what your peers think about Proofpoint Email Protection. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
823,875 professionals have used our research since 2012.
Security Operations Lead at ChargePoint
Scalable and easy to deploy but needs improvement in preventing phishing attacks
Pros and Cons
- "The most valuable feature is the option to edit the inbound security."
- "There is room for improvement in detecting and preventing phishing attacks. While the solution performs well in some aspects, it struggles with phishing threats."
What is our primary use case?
The primary use case of Proofpoint Email Protection is to ensure email security for both incoming and outgoing emails.
What is most valuable?
The most valuable feature is the option to edit the inbound security.
What needs improvement?
In terms of improvement, I have some concerns regarding the effectiveness of Proofpoint's phishing protection. There is room for improvement in detecting and preventing phishing attacks. While the solution performs well in some aspects, it struggles with phishing threats. There are other solutions on the market that do a good job with that.
For how long have I used the solution?
I have been using the solution for three years.
What do I think about the stability of the solution?
In terms of stability, the solution performs well. We have not experienced any issues or downtime.
What do I think about the scalability of the solution?
The solution is scalable enough for our organization. Approximately 2,000 people use it at our company daily.
Which solution did I use previously and why did I switch?
We are currently working with both Proofpoint and Abnormal Security, but we plan on completely switching to Abnormal Security soon. Proofpoint needs to work on its performance in handling spam and phishing and to improve its services when it comes to AI or ML-based solutions. Even if Proofpoint decides to roll out such features, it will take some time. There are competitors on the market who already offer those features, and that is why we opted for Abnormal Security.
How was the initial setup?
The initial setup is quite easy. It took one day to deploy the solution because our team needed to edit SPF, DKIM, and DMARC records, which took some time as well.
What other advice do I have?
My advice to people who are considering using Proofpoint would be to properly evaluate the services it offers. During the POC phase, you should assess all features offered, including phishing protection, and ensure they are up to date. You should compare Proofpoint with other vendors in the market before making a decision. Overall, I would rate the solution a six out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
A stable solution with a valuable archive feature
Pros and Cons
- "The archive feature is valuable."
- "The scalability can be improved, and the solution can be optimized."
What is most valuable?
The archive feature is valuable.
What needs improvement?
The solution can be improved by including a real-time block list and giving the user more control over customizations.
For how long have I used the solution?
We have used the solution for ten years.
What do I think about the stability of the solution?
The solution is stable. I rate it a ten out of ten.
What do I think about the scalability of the solution?
The solution is not very scalable.
How are customer service and support?
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We previously used Barracuda.
How was the initial setup?
The initial setup took half a day to configure, and two people were required for deployment.
What other advice do I have?
I rate the solution a nine out of ten. The solution is good, but the scalability can be improved and the solution can be optimized.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Information Technology Help Desk Technician at a consumer goods company with 51-200 employees
Flexible, very secure, and offers excellent technical support
Pros and Cons
- "The solution offers very good flexibility. You can blacklist or whitelist with ease."
- "The Secure Mail aspect should have an Outlook add-in, instead of an external dashboard that outside users have to access."
What is our primary use case?
We use it as a corporate or as an exchange email filter to protect, to stop any executables from coming through email, and to halt phishing scams. Basically, the product is for email security. We use it for our network.
Also, if a user thinks that they didn't get an email, we can access the Proofpoint dashboard and go find missing mail that either people didn't get so we can rerelease it to them. Or if it did get quarantined, we can release and approve a sender.
You can blacklist and whitelist sender lists. If you are getting phishing scams that get through the filter, you can end up shutting those down. You can actually block the entire domain so that domain can never email you ever again.
If there is an external email outside of your network or your company, you can whitelist them if it's an unknown sender, so you don't ever have to worry about missing their emails.
How has it helped my organization?
We had an attempt for a ransomware attack and we were able to block them through Proofpoint Essentials. It's keeping us very safe. Our antivirus shut down the first one and then when the attacker tried again, we were able to block and cease all attacks. In the end, we didn't end up becoming a victim of a ransomware attack.
What is most valuable?
The solution offers very good flexibility. You can blacklist or whitelist with ease.
Their entire dashboard is excellent. It's completely user-friendly, it's easy to navigate. Anything you need to get done, you can do right from the dashboard, which is incredible.
What makes it so easy is the features of Proofpoint and how secure it is.
You could have no IT experience and go in there and control Proofpoint. If your company says "Hey, we need somebody to control Proofpoint," you could hire a kid out of high school to learn it. That's how easy it is.
What needs improvement?
The Secure Mail aspect should have an Outlook add-in, instead of an external dashboard that outside users have to access. If we send a payment to one of our customers or an ACH or a form to fill out, they have to go through this entire subscription process on a separate website to read the secure mail.
It should be like Ignite, where you can access the internal portal so then our customers aren't having to go through all these hoops just to read an email that we're trying to send them securely. That would be the one thing I would change. Basically, the Secure Mail portal wouldn't be its own portal; it would be an add-in.
For how long have I used the solution?
I've been using the solution for two years and the company itself has used it for five.
What do I think about the stability of the solution?
The solution is 100% stable. It's incredible. We haven't had any issues with it. No downtime, no hiccups. Obviously, it's not going to catch everything, however, we have the ability to go in there and block stuff that it does miss. It's an incredible solution.
What do I think about the scalability of the solution?
The scalability capability is based on the packages. We're not at the highest package, however, from what I've read, it's got some incredible scalability. With our package, it does everything we need and we have over 200 users.
It does more than what we need it to. There's stuff we don't even use as we don't use those capabilities of it. The scalability would be incredible as with 200 users we still don't touch all of its features.
As far as I know, we'll continue using it. The company has been happy with it for over five years and I've been around it for two years and it doesn't seem to be going anywhere. Now that we've added Secure Mail, it's really probably not going anywhere.
How are customer service and technical support?
I'd rate technical support eight out of ten.
You pay for what you get, and we didn't pay for the enterprise tier, so we're in a middle tier. Sometimes it does take 24 hours to hear back, however, if it's a high priority that they'll call you within 30 minutes. It's pretty incredible how prompt they are.
Once you do get a hold of them, it's not like, "Okay, well, we'll look this up and we'll call you back." No - they sit there and they'll work you through it. They'll remote into your machine if you need them to. They're excellent.
Which solution did I use previously and why did I switch?
I haven't previously used any other solution. Before, the company only used the security features in Exchange Online admin center, which obviously wasn't as secure as they wanted it to be. That's why they went to Proofpoint.
How was the initial setup?
The initial setup was straightforward. It's real easy to integrate with Active Directory exchange online. You just pretty much point and click and follow the prompts and it's there. Now, some of the whitelisting, you would have to have some experience, however, not too much. You would want someone knowledgeable to just navigate some of the approved domains and stuff like that to whitelist IPs as that portion was a little more work.
It probably took about six hours to whitelist IPs. The deployment is a moderate amount of work, however, not much, not a lot.
We didn't do a very complex setup since most of our users are silent users. They have it, however, we don't allow them access as we don't want them to be able to release something onto the network. It probably was a six-hour job to just get everybody added in from Active Directory and integrated into the system.
The maintenance is basically two people. It's all it really takes. It really only takes one person, however, there are usually two of us here that can access it and go in and clean stuff up. And as far as the roles, there's not really assigned roles for who goes in and does what. As far as users, they're silent users and active users, and only active users can actually access the portal, and then the administration is the only one that can change settings.
What about the implementation team?
We did use a consultant to help us with the implementation. Our network admin did most of the work, however, the consultants were there just to guide us through it, just in case we hit a hiccup, which we didn't.
The consultants were great. They were easy to work with. They were prompt in responses.
What was our ROI?
The biggest ROI for us was when it stopped a ransomware attack. It could have cost us a ton of money. It could have been detrimental to the company. It basically paid for itself right there.
What's my experience with pricing, setup cost, and licensing?
The licensing is basically $8/user. We pay yearly, however, they do allow for month-to-month billing.
It's just a straight licensing fee. For support, you'll pay extra for that. If you want to move up to a higher tier, I don't know how much it is, however, I know you pay more to get a higher level of support. Tier One support is way cheaper than Tier Four. You are paying pretty much to have your own project manager. Proofpoint literally assigns someone to you. When you call, it's getting taken care of by his or her team. That's pretty expensive, however, I'm not sure of the cost.
What other advice do I have?
I'd advise users to get the package with the Secure Mail feature and then make sure that you whitelist all your important IPs and then add domains of all known users, so you don't run across any blocked or missing mail.
Our users have learned to be more careful and look for more phishing attempts from it, because now they know what a normal email should look like instead of, "Hey, here's a link you need to update your password." And then just clicking away. Through this they've been able to see, because we can show them, "Look, this is blocked, this wasn't, here's why." Right. So we've been actually able to teach that culture and teach the hesitancy. With this solution, our users have become much more informed.
I'd rate the solution at a nine out of ten. It's a great product and they have great customer service, a great support team.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Chief Information Officer at a consumer goods company with 51-200 employees
Reliable, scalable, protects your email from threats, and has good support
Pros and Cons
- "The setup was easy."
- "I would want better spear phishing protection in the essentials package."
What is our primary use case?
I am the CIO, I have consultants.
We use Proofpoint Email Protection to filter out malicious emails.
How has it helped my organization?
We have a lot fewer malicious emails coming in since implementing this product.
What is most valuable?
The setup was easy.
What needs improvement?
It was easier to use Microsoft than Proofpoint.
We had some issues with their sales consultant. We got into a dispute and he ended up leaving the company. It's unknown if he was unhappy being at the company, or if it was a reflection of the company, but I can say that their sales consultant was not good.
I think they have everything that I would want in the advanced version.
There are certain things, I would want. I would want better spear phishing protection in the essentials package.
For how long have I used the solution?
I have been working with Proofpoint Email Protection for two years.
It's a subscription, and we are always using the latest version.
What do I think about the stability of the solution?
The stability is fine.
What do I think about the scalability of the solution?
The scalability is good.
I am going to reiterate. To move to a more sophisticated email security solution was cost-prohibitive. When you compare it to others, it was too expensive.
All users of the company, all departments were using this solution.
How are customer service and technical support?
The technical support was okay. I think it was good, although it wasn't outstanding.
It would be excellent, f they had chats and instantaneous responses. That would make it better.
We always struggled with getting on the phone with someone.
Which solution did I use previously and why did I switch?
We were able to get the same security levels using Microsoft that we were getting with Proofpoint.
With this company, we used Proofpoint straight out of the gate.
We have now switched to Microsoft. The features were definitely there. It was more integrated; people don't have to go to a different website to see what was quarantined. They can see it right in their account on Outlook.
Microsoft is easier to use, it's more integrated, and it's cheaper. It was cheaper than their advanced module, for sure, but it was comparable to their basic package.
How was the initial setup?
The initial setup was straightforward. It was easy to set up.
It took few hours to set up. It was really quick.
We have an admin that would go in to see what was quarantined every now and again a quarter of full-time equivalent approximately 10 hours a week.
This solution was being used every day, 24 hours a day.
What about the implementation team?
We used a consultant to deploy the solution.
I have had a relationship with this consultant for more than 20 years. If I keep a consultant for that long it's because they are worth their weight.
It is always a pleasant experience working with them.
What was our ROI?
For sure, we have seen a return on investment. It does what it's supposed to do, which is to protects you.
If Proofpoint was the only product out there, I would gladly pay for it. It would be fine and good. But they are not the only game in town. Their competitors managed to give the same level of protection for much less.
What's my experience with pricing, setup cost, and licensing?
The Basic Email Coverage is pretty close to the same price as the Extended Email Security of other companies.
To start basic at Proofpoint, let's say more expensive than other basic packages.
To jump into the Advanced versions of Proofpoint, the costs multiply four or five times, which made it not feasible for us. Being multiple times more expensive, it very much less attractive.
What other advice do I have?
I would advise people to look at the options.
It does what it says it's going to do. The only issue is the cost.
I would rate Proofpoint Email Protection an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
CISO at a retailer with 1,001-5,000 employees
Good stability and a straightforward setup with good URL rewrite capabilities
Pros and Cons
- "The initial implementation is pretty easy to handle."
- "We find the cost to be prohibitive."
What is our primary use case?
We primarily use the solution to block malicious email and spam in bulk.
What is most valuable?
The URL rewrites on the solution are excellent.
The system offers good flexibility.
The initial implementation is pretty easy to handle.
The solution is quite reliable and doesn't fail.
What needs improvement?
The solution needs to better detect emails that don't have a malicious payload. They need to ensure those that have a link to a malicious Google Drive or something like that are captured.
We find the cost to be prohibitive.
Their smart search needs to be much more intuitive and flexible.
For how long have I used the solution?
I've been using the solution for five years.
What do I think about the stability of the solution?
The solution is very stable. It doesn't crash or freeze and we don't experience bugs or glitches. It's quite reliable.
What do I think about the scalability of the solution?
We don't plan on increasing the solution's usage in the future.
How are customer service and technical support?
Technical support is very, very good. We've found them to be knowledgeable and responsive. We're satisfied with the level of service.
How was the initial setup?
The initial setup was not complex at all. It was pretty straightforward.
What's my experience with pricing, setup cost, and licensing?
The solution is quite expensive.
Right now, we're paying about $80,000.
What other advice do I have?
We're simply customers of the solution. We don't have a business relationship with the company.
I'm not sure which version of the solution we are using.
The advice that I would give to other companies who are considering using the solution is to really test the systems, even for outlandish attacks, to see if it will hold up.
For me personally, I actually have two Proofpoint accounts. I have a Proofpoint account for something completely unrelated to B&H and I was able to prove that's almost anything you think of you can do, although it might not say in the documentation or the people at Proofpoint might not think of that scenario, however, it's still a way to achieve almost everything you were trying to achieve with your email filter.
The flexibility is unbelievable. And you could get very creative. You just need to be very careful to not mess it up. However, you could get extremely creative to accommodate real case scenarios.
Overall, I'd rate the solution nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Product Consultant at M.Tech
It provides excellent technical support and has a threat response auto-pull feature
Pros and Cons
- "Proofpoint Email Protection is a good product, and its most beneficial feature is the Threat Response Auto-Pull. I also like that it's an integrated email security solution."
- "The accessibility of Proofpoint Email Protection, particularly access to product trials, could be improved. It's hard to get a trial for Proofpoint Email Protection, and many customers prefer not just to do the POC or demo but try the product out."
What is our primary use case?
Most customers interested in Proofpoint Email Protection have problems with spam, or their email security solution cannot detect phishing or spam, so they want to replace it with Proofpoint Email Protection.
What is most valuable?
Proofpoint Email Protection is a good product, and its most beneficial feature is the Threat Response Auto-Pull. I also like that it's an integrated email security solution.
What needs improvement?
The accessibility of Proofpoint Email Protection, particularly access to product trials, could be improved. It's hard to get a trial for Proofpoint Email Protection, and many customers prefer not just to do the POC or demo but try the product out, including Proofpoint Email Protection add-ons.
In the product's next release, I want more email servers added, such as Lotus Domino, rather than Proofpoint Email Protection focusing on just Microsoft Office 365 Exchange and Gmail.
For how long have I used the solution?
I've been working with Proofpoint Email Protection for about eight months or a year.
What do I think about the stability of the solution?
Proofpoint Email Protection is pretty stable, so it's a nine out of ten for me.
What do I think about the scalability of the solution?
Proofpoint Email Protection is scalable, an eight out of ten, scalability-wise. It has a large capacity, so in most cases, seventy to eighty percent of customers won't have issues with user capacity and email traffic, whether that traffic is coming in or out.
How are customer service and support?
I often contact Proofpoint Email Protection technical support, and it's excellent, so it's a ten out of ten for me.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Proofpoint Email Protection is the first email security solution I've worked with because this is the first company I joined after I graduated.
How was the initial setup?
The initial setup for Proofpoint Email Protection wasn't that easy, but it wasn't too complex either. I'd rate it an eight out of ten.
It took one month to less than two months to deploy Proofpoint Email Protection.
My team configures the platform to receive the incoming email from the domain and then send it to the customer's email server. For other configurations, it would depend on what the customer wants. Another team is in charge of Proofpoint Email Protection deployment while I do the presale work and capture feature requirements.
What's my experience with pricing, setup cost, and licensing?
The licensing model for Proofpoint Email Protection is simple. It's based on the number of users and, in some cases, the amount of email traffic for the on-premise deployment, but the licensing isn't complicated.
The number of users depends on the customer. For example, it could range from one hundred to twenty thousand in the banking industry. The total price for Proofpoint Email Protection depends on the number of licenses you have.
You don't have to pay additional fees apart from the standard licensing fees.
Price-wise, Proofpoint Email Protection is a five out of ten because it's a pretty expensive solution.
What other advice do I have?
My company is not using Proofpoint Email Protection, but it's a distributor based in Thailand.
I am trying to remember the exact version of the solution, but it should be the latest one.
Proofpoint Email Protection is mainly deployed on the cloud because many of my customers prefer a cloud solution unless the customer works in a bank or financial institution. Still, I have some customers that deployed it on-premises.
Two to three people take care of product deployment. My company didn't receive customer Proofpoint Email Protection maintenance requests this year because it just started working with Proofpoint, but maybe next year, it will.
Proofpoint Email Protection is best for medium to large businesses because it's pretty pricey so smaller companies would go for another product, or maybe Proofpoint Essentials. Still, since Proofpoint Essentials cannot customize policies or have the same usability as the enterprise product, smaller companies usually aren't interested in it.
My advice to anyone planning to implement Proofpoint Email Protection is that if you want a complete platform for email security, this product is the answer. There's no better email security solution than Proofpoint Email Protection if you can afford its price.
I'm rating the product as nine out of ten. I took away one point because of its price.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Download our free Proofpoint Email Protection Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Secure Email Gateway (SEG) Email Security Security Awareness Training Digital Risk Protection Office 365 ProtectionPopular Comparisons
Mimecast Email Security
Barracuda Email Security Gateway
Abnormal Security
Trellix Collaboration Security
Fortinet FortiMail Cloud
Symantec Messaging Gateway
Webroot Advanced Email Encryption powered by Zix
MetaDefender Email Security Solutions
Buyer's Guide
Download our free Proofpoint Email Protection Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions: