What needs improvement with Proofpoint Email Protection?

The support team was a bit slow. It takes months to implement the next feature. So I'd like to see faster support.

Sometimes it doesn't detect actual spam emails, and sometimes it catches normal emails, which is not spam. So I think the filtering should be improved in the future. I believe Proofpoint is already working on that. The pricing is also something that could be improved. It's literally high. AI is not yet fully enabled in this tool. Hopefully, in the future, it will work.

The solution needs to integrate with the owner's labeling solution. Without this integration, the solution is not feasible.

The whole configuration management piece of the product requires some work, as it is one of the areas where the tool has certain shortcomings. Though it is an easy-to-install product, it might be difficult to get the process right for some users. The basics related to the installation process are simple to understand, but it takes a lot of effort to figure out areas to use this tool effectively if you want to do something above the basic level. The high cost of the product is an area of concern where improvements are required. I would like to see a lot of premium content in the product moved to a lower band because the basic version of the tool is relatively cheap compared to the sophisticated versions with additional costs. One person who works full-time needs to take care of the maintenance part.

The price could be improved.

The email DLP portion could be a bit easier.

Proofpoint Email Protection is an expensive solution.

The stability and UI are the two areas of the solution with certain shortcomings that need improvement.

Integration and filtering out who you want and don't want to have integrated ID could be improved. Sometimes it takes longer for an email sent through Proofpoint Email Protection to reach the client.

There is room for improvement. One aspect that could be enhanced is finding a better way to follow outgoing mail. This would be particularly useful in situations where customers or suppliers claim they did not receive our messages.

Sometimes it detects false positives. We'd like the sandbox to integrate with the on-prem device. It needs to identify the paths and signatures. We'd like advanced machine learning for detection. We'd like the have more lunch and learns to get more out of the solution.

The solution can be improved by including a real-time block list and giving the user more control over customizations.

Unfortunately, the whole product is going downhill right now, ever since they were sold to Thoma Bravo. We're constantly having problems with stability and the product in general. Even their sales and support is deteriorating as well. I can't even get them to quote me for the next year, possibly because they are still in disarray from their sale. Because of these issues, we are likely going to move away from it soon. I would prefer not to change, but I might not have a choice, especially if they can't even send me the proper quotes for everything.

The accessibility of Proofpoint Email Protection, particularly access to product trials, could be improved. It's hard to get a trial for Proofpoint Email Protection, and many customers prefer not just to do the POC or demo but try the product out, including Proofpoint Email Protection add-ons. In the product's next release, I want more email servers added, such as Lotus Domino, rather than Proofpoint Email Protection focusing on just Microsoft Office 365 Exchange and Gmail.

Proofpoint Email Protection could improve by allowing more customization of the reports, such as exceptions and black-and-white lists.

The price policy needs to be better. We'd still like lower pricing. The initial setup is complex.

I have some concerns about Proofpoint mail flow rules. It's not smart. Proofpoint has a lot of false alarms. Even their mail flow rules are not the best thing. Mimecast and Microsoft Office 365 are better than them. Many emails are marked as spam unnecessarily. I've had issues and have had to open many tickets.

The false positives are an issue. There are many false positives that come in, which you report to Proofpoint. Sometimes they take time to update those things. They say there's an option that we can use to report false positives. However, it is not a quick remedy. You go and report it, and still, you have to take action on it and clear those emails getting blocked. It's too cumbersome. We don't have the option to scan a password-protected attachment. I have to either blindly whitelist it as it will get blocked since an email with attachments normally gets scanned. We'd like to have some mechanism in place where we can scan these protected attachments or whitelist the domain.

It can be improved pricing-wise. One downfall of the product from the SMB side is the pricing. Currently, everybody can't afford it. Everybody wants a Mercedes, but not everyone has the budget for it. I want Security Awareness Training in there as a package deal. A lot of companies are starting to value email security a little bit more and take it a little bit more seriously, and the great product that we link together with a lot of these sales is a training product called Security Awareness Training. It is an upsell that we do with Proofpoint, and it is definitely something that I recommend everybody with email security to look into. It would be great if Security Awareness Training is included with the email security.

You only receive one model in Proofpoint Email Protection and the other ones you have to purchase at a high price. There should be more available with the solution and additional models should be less expensive. The administrator that manages the service should be better in their role. They don't have enough people to manage the service well.

Proofpoint Email Protection's interface is confusing and could be improved.

Proofpoint Email Protection could improve the Mail Trace feature and make navigation easier.

The only downside with Proofpoint Email Protection is the cost.

We have some use cases that haven't been dealt with yet, so that could be improved.

Integration for reporting needs to be improved, it's a little complex. Right now we have integrated with Power BI to get logs and information from Proofpoint. That has to be improved with the API and there are also latency issues which need to be simplified and improved. Those are the areas I've observed that need improvement.

It was easier to use Microsoft than Proofpoint. We had some issues with their sales consultant. We got into a dispute and he ended up leaving the company. It's unknown if he was unhappy being at the company, or if it was a reflection of the company, but I can say that their sales consultant was not good. I think they have everything that I would want in the advanced version. There are certain things, I would want. I would want better spear phishing protection in the essentials package.

The Secure Mail aspect should have an Outlook add-in, instead of an external dashboard that outside users have to access. If we send a payment to one of our customers or an ACH or a form to fill out, they have to go through this entire subscription process on a separate website to read the secure mail. It should be like Ignite, where you can access the internal portal so then our customers aren't having to go through all these hoops just to read an email that we're trying to send them securely. That would be the one thing I would change. Basically, the Secure Mail portal wouldn't be its own portal; it would be an add-in.

Not one of them is one hundred percent when it comes to reputation scores. It doesn't matter which solution — none of them are. Not one of them is a hundred percent on false negatives or false positives. Proofpoint scores way up there along with Cisco. You used to have a choice with Proofpoint which one you use. They may be using multiples now, too. Proofpoint is the main tool for blocking spam because it denies the connection altogether. I know for a fact that I can set Proofpoint up to what they call SYN attacks. SYN attacks basically open a connection, and then a handshake starts, and thousands of connections form. So, Proofpoint waits for a timeout to occur and then allows you to tie up all your connections, which is basically an out-of-service attack. They have something similar in Office 365, too. Still, the reputation services, the antivirus modules, none of them are a hundred percent when it comes to false positives or false negatives. It's the whole industry. The SMTP protocol needs to be totally rewritten. It was designed in the fifties or sixties. Changing it would be very, very difficult. They put band-aids on it for security — that's essentially what's happened with that. That email is not secure by design because it's still using an old design from many moons ago.

The incident reporting on offer needs to be improved. It's lacking right now. It should be on the platform somewhere.

The largest complaint that we hear from our customers is that there is no local support. We wait for the internet from the US to connect. If the customer has a P1 or P2 issue, they need someone to immediately focus on the solution. We have been trying to build a team to support our local customers because there is no local support available from Proofpoint. I am not sure if there is anything available as a SaaS offering, but that would be good. Also, the threat intelligence of phishing emails is an additional feature that we expect from Proofpoint.

It has too many screens. It is kind of a conglomeration of products. In other words, they built product A, product B, and product C, and they are yet to integrate them into a single administrative console. I would certainly like to see a more seamless administrative interface. I would also like to see them include more bang for the buck, by including features like email fraud protection, rather than making their product so piecemeal, where you are buying little pieces. I agree with the idea of having multiple tiers or layers, but maybe as small, medium, and large, as opposed to an a la carte menu.

They do not have an on-demand scan for the internal viruses and internal users, and they don't have a scan for the exchange server against viruses and spam as Symantec does. Also, they are not able to scan multiple engines as McAfee does. I would like to see a feature included as an email security gateway the way that Symantec does.

The solution needs to better detect emails that don't have a malicious payload. They need to ensure those that have a link to a malicious Google Drive or something like that are captured. We find the cost to be prohibitive. Their smart search needs to be much more intuitive and flexible.

The search functionality is quite small. It could be a bit more in-depth. Right now, it's a bit simple. The solution could be improved with the addition of PLP and email encryption features.

Proofpoint should have better integration with complex environments that need more than one instance of Proofpoint, as there are issues with nested instances.