What needs improvement with Forcepoint Data Loss Prevention?

I am not satisfied with the tool and will replace it since its integration with the Microsoft platform solution, which the company has chosen currently, would be difficult, and we don't want to spend too much time on it. It is easier to have a fully integrated stack. Forcepoint Data Loss Prevention is not a very well-integrated tool. We also have artificial intelligence, which is easier to directly integrate into the heart of the platform. The main issue is that you cannot be in security staff and put your data center in Dubai. You need to master your data redundancies. Putting two data centers in Switzerland is fine, and we can use it, but you cannot have DLP rules, and you put your data in Dubai, which can lead to mistakes. Even the rules are really sensitive data. We could think that only the patterns would go in Dubai or whatever, but the rules are the most important part because the rules define what is going to be detected and what won't be detected, and inside the rules, we have everything customized. No financial institution will be able to keep Forcepoint in Switzerland when they move outside of the data center. The other issue is that when you are doing a setup with the on-premises version of Forcepoint, the big mistake here is the way the software is split. Speaking about the version of Forcepoint you are going to install in your data centers, the issue here is that it is done for a VMware setup inside the data center, so you can have many servers. In the cloud, you are going to pay for what you are using. If you are using eight or ten servers, you are going to pay for ten, making it really expensive. The web version that you can set up of Forcepoint has not been designed for the cloud. The cloud version is located in Dubai.

The main challenge is the solution's high cost. Additionally, there is no discount for bulk purchases, making it difficult to get budget approvals. It could benefit from more AI-based features, such as predictive capabilities and expanded coverage of versatile platforms beyond Google Drive and a few cloud platforms. AI could also suggest appropriate policies during deployment based on the specific environment.

It is a bit expensive.

The main area of concern is the tool's technical support. I would suggest the technical engineers reply to users as soon as possible since it usually takes them some time to respond.

They need to improve their reporting feature as well as the incident response. They have very limited and basic response rules available for incident management so they need to improve them.

Some of our company's customers who want the tool to deal with some of their use cases are macOS users. When it comes to the area of USB control, macOS takes five to ten seconds, meaning there are some solution-designing problems attached to it. With Forcepoint Data Loss Prevention, policies can be applied in Windows within a fraction of a second, but for MacOS users, it takes five to ten seconds, and during these seconds, data leakage from inside to outside an organization can happen. The product is compliant with Windows. My company suggests the product to those who have a Windows operating system in their environment. If you are a macOS user, the problem or concern arises due to the issues attached to the area of USB control. As a whole, macOS is good for users. The aforementioned details regarding macOS need to be considered for improvement.

The solution could improve user ability in their firewall. It still requires regulatory compliance, which should be addressed immediately.

One area that could be improved is the support. The current support is not very good. Because they don't come on time when a customer really needs it, they take a lot of time to troubleshoot anything. For Mac, they should introduce the feature of airdrop. Currently, no DLP detects the airdrop feature. Like, if we have an airdrop. So, no DLP detects that any file is going from Airdrop. Our customers have these use cases.

The support could improve Forcepoint Data Loss Prevention.

The implementation could be improved.

They should support additional customization of SMTP or port customization.

The solution's interface is still not user-friendly for some customers. So, its interface can be better.

I would like to see the product extended into the cloud as a single solution. It currently requires another product, the Cloud Access Security Brokers, to protect both on-premise and cloud data. I hope it can be consolidated into a single suite, offering protection for both On-Premise and cloud data, users on and off the corporate network, and users using corporate devices and BYOD. It would make the whole DLP process much more linear and efficient. I agree that moving to the cloud is the future and the present, and many people who use DLP have already made a move to the cloud.

An area for improvement in Forcepoint Data Loss Prevention is the complex UI and policy deployment. You have to find the policies, and then designing the policies is also tricky. As Forcepoint Data Loss Prevention has some complex policy implementations, I want a more straightforward policy deployment from it in the future.

I'd like the data classification to be better.

The APIs for device integration are limited, so that could be improved. If a feature known as Exact Data Match is present, I cannot detect it. This is an easily accessible feature in the Symantec DLP product and those from other vendors, such as Zscaler. EDM either needs to be added as a feature or made easier to find, as I couldn't find it. It's possible none of my customers got a license for this particular feature, but that seems unlikely.

If DLP can be managed in the cloud then it will be the best thing ever.
I would also like to see Predefined Templates or Content Classifier for Nigeria Data Protection Regulation (NDPR), Same way there is for GDPR and South Africa PHI

Advise to have feasible Integration features with other monitoring products like Nexthink, Bit-9 and MicroFocus with centralized dashboard.

It would be wonderful if the solution could develop more AI and machine learning capabilities. It would also be good if the solution was able to integrate with other ML and AI solutions. Right now, this is lacking.

The product is actually quite a good and reliable product and I don't know what to suggest because we are quite satisfied with it. So I would not want to name something that could be improved because it is a product that the vendor company is continually improving and upgrading on their own. The new features that they add in are quite satisfying for our needs. They seem to stay one step ahead. There are customers that are moving from Fortinet or Cisco to Forcepoint. I think that is mainly because it is coming from military technology, from Raytheon (defense contracting), so it is quite well rated even though it has not been around for a long time. In the next release of Forcepoint DLP, I don't really think that there a lot of things that I would need. I guess that there is always a way to improve the experience surrounding the user interface.

They can improve a bit in the OCR category. The OCR deployment could be simplified. Right now, you have to set up a separate server to manage all the data going through the network, especially the images. Forcepoint could better integrate the OCR component with central management. Many customers ask how we will detect data in the OCR images. We must tell them that we'll deploy another machine to manage OCR. However, smaller enterprises have limited hardware. An enterprise can provide the necessary hardware but not the SMEs. This is a critical category because data can be leaked through images. I would also like Forcepoint to add support for AIX machines and databases. The solution still doesn't support certain machines like IBM AIX machines. Forcepoint typically supports QRadar integration, so maybe they can increase the work support on the server side.

Everything takes a long time, as it does in every software company, especially since COVID. That is something I notice with every product I use.

We faced some issues with the endpoint installation of the agent as it is not from a common ground. Rather than being able to give a command from the central control and install the agents on the laptop, you need to install them one by one.

Forcepoint Data Loss Prevention can improve by having an uninstall option for the client or restart of a client agent can be controlled from the server. This feature is missing which is available with other solutions.

It would be better if we could easily integrate with other products. Suppose I want to integrate this DLP with some other CASB solutions or a firewall solution. In that case, it takes a considerable amount of time because Forcepoint DLP doesn't come with a legacy firewall or CASB solutions to integrate with it. We need to do it separately. It's not improvised for different sectors, and I need to look for other solutions. I'm investing a lot of time researching and implementing other solutions for other areas. That is one point where I can't feel satisfied with this Forcepoint DLP. The only problem we have faced is that it consumes most of the CPU whenever a Forcepoint DLP is deployed on an endpoint. This is when users feel some lag in their machine's performance or their Internet performance. That's when we uninstall and try to reinstall, or we'll give a cloud link to which it gets access. We use Forcepoint DLP for endpoint protection, not for email or cloud. For email and drive, we went with the Google DLP. Forcepoint DLP isn't as efficient on drive or chat, or email. For that, we have some specialized solutions, but it would be better to have a single console where you can control all these areas. It would be pretty easy for a consumer who is going to use this product. All in one shot, you can try to track it and enforce your policies on a single dashboard. That is one point currently lacking in Forcepoint, and I feel they need to work on it. In the next release, I would like to use this DLP across different solutions like network, firewall, email, or chat with a consolidated dashboard and with integration facilities with other solutions. Security should work as a whole. It shouldn't work individually in blocks. It does not serve our purpose. It should be integrated with multiple solutions. For that, it should have enough intelligence to work with other tools. I'm looking forward to seeing that kind of capability with Forcepoint.

There is room for improvement regarding OCR. I would like to see it enhanced to handle multiple languages and it should be easier to manage. There are also options that could be handled smartly in the tool, like the way a web data source is handled. It would be good if any downloaded document could have the same policy.

The challenges that we've had are related to deployment, especially around the discovery component, and with the local support that we receive in South Africa. With respect to the discovery component, the reports are very hard to interpret because they come out in an illogical format. We forwarded the reports to our local support team, who were also unable to help me. Eventually, the problem went to the UK for that team to interpret the report. Ultimately, my biggest challenge is the discovery component with respect to the reports, as good as it is in terms of the integrity, or the search. It is a question of how you translate technical reports into business language. We tried the cloud version, which is Forcepoint CASB, and we found the same thing. The local support team is made up more of salespeople than engineers and as such, the support in South Africa can be improved.

They can have less memory consumption for their endpoint channels. They are not that adaptive with other endpoints solutions like EPP and EDR. They can improve in this aspect. Their discovery or the way they discover the data at risk can also be improved. There are many database servers that are not supported by Forcepoint. Their login mechanism to find out the issue is another thing they need to improve. We would like to have the finest login to figure out what exactly is happening and why we are not able to communicate with the detection server. One of the products I have used is better in this aspect. We can have the finest level login, and we can figure it out, but I haven't found such an option in Forcepoint.

The reporting features, the real-time reporting, can be improved in Forcepoint. On the dashboard, we don't have a feature that shows real-time incidents. We have to schedule a report in the environment.

The user-friendliness of the interface in formulating DLP policies could be improved. An example would be managing policies. It's a little daunting at first, and can be confusing, at times, when it comes to how to set things up and how to add policies. They could improve on that. Overall, I would like to see them modernize. I'm on version 8.5, so there are newer versions out. They may have done that already. I'd have to demo the newer versions. We're planning on upgrading this year to 8.6. I believe that in going to 8.6, we will be gaining some additional features. The newer versions will have better detection capabilities with improvement to their algorithms.

There is an admin and you have to monitor the solution all the time. The same is true even if you use Symantec or Digital Guardian's DLP — it's all the same. They all require one administrator to monitor the system every day. In short, DLP solutions are good to have, but they do require maintenance. In terms of human resources, if you have a DLP solution, you have to monitor it every day. Regardless of budget. I would like to see some file access rights management. This allows users to access whichever files, folders, and resources they choose. This is something Forcepoint and Symantec both don't offer.

In terms of display, the support and the Mac platform requires a lot of improvement. When working with different browsers, we need to upgrade. Being able to upgrade the agent from the console itself would be great.

This solution has a tendency to provide false-positive results. There should be more training provided. For instance, they did not specify how to deal with white and black-listed documents in regards to machine learning. There is no specific training or an example provided to follow; you have to make it up as you go. This is challenging because there are so many documents needed for each machine learning algorithm. Also, configuration management needs to be improved.

The price could be reduced to be more cost-effective.

The data loss prevention and personal data need improvement. The protection of personal data needs to be improved. I would like to see integration with OCS in the next release of this solution.

The Database needs to be improved and fine-tuning is required on this product. If they fine-tune it more, It will reduce the time that the client is spending on doing it. There are competitors on the market who are doing that now. I realized that the engineering team is working on updates and improvements, so it is possible they are working on this now and will make it better. There are more things to see with this solution. There are default policies regarding the source code and your instant messages. They should have been upgraded. I had already raised this and opened a ticket regarding this issue, and they are working on it. The way DLP is now, people are using many different electronic things. DLP needs to put some focus on improving.

Forcepoint should consider developing its own classification technique to complement its fingerprinting technique. That way it will be the most sorted after DLP Solution in the market. Technical support needs improvement. There are long stretches of time between queries and responses. It's worrisome. There's zero Forcepoint presence in West Africa. Customers typically like having these things close to them. It would help if they had a presence here. Right now, Forcepoint West Africa has been administered from South Africa. Because of this, customers can't access premium support in our region.

The requirements for the implementation is quite heavy. Forcepoint needs to look at how they can reduce the terms of the requirement for implementation. They also need to look at providing training for the end user, to enable them to get on it at speed. Their support also need to improve, because the response to support time is not very fast. Their response time is about 8 to 12 hours, so something needs to be done about that.

I don't know where they are going as an organization vendor, because my job ends the moment its implemented, so I would go onto other things. If I were a betting man, though, I would say that they're going to have to find a way of creating what we call multitenancy, because if for example we have a constituency group set of users who don't work for the department and they contract out, then our work with them is highly sensitive. Being able to separate in segment amounts separately from our core would help. We could use better ways of customer or users segmentation capabilities. For example, if I wanted to push a report by a certain organizational entity or unit, I wouldn't be able to do that without a lot of work. The reporting could be better.

The user interface for this solution should be improved. We would like to see OCR from handwritten documents. There is no support for the Bangla (Bengali) language, so we cannot use the Forcepoint technology for Bangla documents. It does support other languages, but Bangla is not one of them. Finally, there are some of our customers who want to have a greater resolution when dealing with these technologies.

We want to be able to do data classification better in the product and reduce false positives, especially on data loss prevention. Because of this, we are currently looking for another solution for the data classification.

Sometimes the agent has trouble communicating with the central management. You need to push a lot of different times to get the policy. Another issue is that the templates are primarily in English and Japanese. They have a lot of Spanish speaking customers and should have more options in Spanish. It should integrate better with email.