Some of the old portal features of Proofpoint Email Protection are missing in the new portal, so some of the settings could be modernized. The TRAP mail gateway product of Proofpoint Email Protection also has settings missing from its cloud deployment. The unified admin console in Threat Protection Workbench for managing security operations is still confusing, with many different portals and changing names making it difficult to find all of the features across different products.
I would like to see improvements in Proofpoint Email Protection's portal as it is sometimes slow. The performance of Proofpoint Email Protection's portal needs to be more responsive, and we would like more features added to the admin interface.
Information Security Analyst at a government with 11-50 employees
Real User
Top 20
Feb 26, 2026
There have been a few cases where an obvious phishing email has not been blocked, but perhaps Proofpoint Email Protection was still learning and needed some extra time to figure out that the email was malicious. The detection piece could be improved a little bit more. If one email goes through and somebody clicks it, that's the end of it, regardless of whether further emails were blocked. If Proofpoint Email Protection could detect that first email at the right moment and block it right away, that would be great. I would appreciate some additional dashboards, enhancements showing the trends, and some reporting. I don't have a lot of complaint about Proofpoint Email Protection interface. It's pretty basic, but I'd like to see some GUI improvements, just from a visual perspective, not from the functional perspective, but maybe from a visual perspective. I think it would be nice to separate the admin and the security console in Threat Protection Workbench for managing security operations from a segregation of duties perspective. Since we are a smaller organization, I do have access to both, which is okay. But in a bigger organization, they might need a different dashboard for admin and the SOC analyst or the user, again from a segregation of duties perspective. I think it would be nice to have the option to have both in one or maybe split them out, depending on the organization.
There is nothing in particular that needs improvement; I am very happy with the solution. There is a bit of a learning curve to get started in the unified admin console in Threat Protection Workbench, but once I am familiar with the settings and the tool itself, the day-to-day experience becomes very easy.
Infrastructure Engineer at a government with 1,001-5,000 employees
Real User
Top 20
Feb 25, 2026
I believe if the GUI were more user-friendly for people using it for the first time, or if there were more training available for end users to share with them, that would be good.
Infrastructure Analyst at a consultancy with 51-200 employees
Real User
Top 20
Feb 25, 2026
The management portal of Proofpoint Email Protection has an outdated UI that requires an update for better usability. Additionally, reduction of false positives in TAP alerts is necessary, necessitating constant updating and submission of documentation for training Proofpoint Email Protection's AI agents.
Learn what your peers think about Proofpoint Email Protection. Get advice and tips from experienced pros sharing their opinions. Updated: February 2026.
Release lead at a financial services firm with 10,001+ employees
Real User
Top 20
Feb 25, 2026
At this stage, there is nothing that I can think of to improve Proofpoint Email Protection, and I am happy to see that they're continuously innovating. At this time, I do not wish to add anything else about the features or any small tweaks that could make my experience even better.
From my experience using Proofpoint Email Protection, it has been quite helpful, although there is always room for improvement. I currently do not have any specific improvements to mention, but if I need changes in the future, I would bring up those ideas.
Threat Hunter at a manufacturing company with 10,001+ employees
Real User
Top 20
Feb 4, 2026
A few things about how Proofpoint Email Protection can be improved include implementing artificial intelligence within their platform to start really understanding the organization that is using their product, what sort of emails they are expecting and if the emails that are being expected should be let in and if the emails that are not being expected should not be let in. I'll give you a further example for this. If someone just tries to send an email from a Gmail address, which is a free public service email service provider, then because anyone in the world can create a Gmail account, I think it is nice and good for Proofpoint Email Protection to actually first check and do a reality check if we have received an email from this address and look at the intent of the email to really see what the email is trying to do and then classify based on that. I still see there is a lack. Hence why I started this conversation with AI and hoping that Proofpoint Email Protection will bring AI in and to really start analyzing these emails, the intent, and whether they really fit the customer organization. We are a manufacturing company, so whether it really fits that profile. I would say if we can get a better user experience from Proofpoint Email Protection products, that would be good. For example, other service providers that provide secure email gateway have the functionality where you can split promotional and bulk email and have them sent to a separate folder. I think if we can have that sort of feature, that would be great where Proofpoint Email Protection just keeps the important emails in the inbox folder and move everything else that is not really business related into a promotional, spam, bulk folder. This is an improvement that I would really like to see. I give it an eight because I am expecting a lot more from Proofpoint Email Protection, more automations, more understanding of who their customer is, what sort of business they do, and what sort of email they are supposed to be receiving and letting through. I think the day when I really have only 1% of work to do and 99% is automated by whatever automation services Proofpoint Email Protection uses would be ideal. I think I have covered any other improvements needed for Proofpoint Email Protection pretty well right from AI to splitting emails based on priorities. I think I have given some pretty broad and good examples.
Senior Security Engineer at DCIPHERS IT SOLUTIONS (P) LTD
Real User
Top 5
Feb 3, 2026
Most users might be confused why Proofpoint Email Protection is providing two solutions. They should quickly transition from the old portal to the new one to avoid customer confusion regarding the availability of two portals in the market. I don't think there are many areas for improvement. The only things I mentioned earlier regarding Google Workspace documentation could be better, and they are already working on the two consoles. Everything else is lined up.
Solution Architect Cybersecurity at a computer software company with 5,001-10,000 employees
Real User
Top 10
Feb 2, 2026
From an MSP perspective, multi-tenant administration could be improved. Managing multiple customers from a single, unified console would significantly enhance efficiency when one administrator supports several environments.
Sr Security Engineer at a comms service provider with 201-500 employees
Real User
Top 10
Jan 30, 2026
There are areas that have room for improvement in Proofpoint Email Protection, particularly regarding the interface, since I used the old legacy interface so much. I think they are making strides in that direction already, so I would say continue there. I am not sure how completed the new unified interface is or if they have actually finished and rolled all of the features up in there or not. That is a good area for continued focus. Proofpoint Email Protection was a very powerful product. The older legacy user interface just took a little to work with, and the new unified interface, as it was able to do more and more of the functionality of the old one, the product just got easier and easier to use.
I have not seen specific outcomes or metrics since implementing Proofpoint Email Protection, such as a reduction in phishing incidents or improved response time. Proofpoint Email Protection can improve in how it analyzes alerts by using more AI within its product suite to eliminate repeat alerts, such as filtering down the same attack to generate only one alert. In summary, using AI more within the platform would reduce our workload. I would suggest advanced phishing training that uses AI to generate phishing training simulations and to catch and filter more phishing attacks. Proofpoint Email Protection feels like just the baseline approach, which is very static.
Phishing detection & Response capabilities could improve further to match some of the capabilities offered by competitors. Proofpoint could expand its PDR capabilities to improve its efficiency inside the SOC
MEP at a pharma/biotech company with 10,001+ employees
Real User
Top 10
Jul 12, 2024
Sometimes it doesn't detect actual spam emails, and sometimes it catches normal emails, which is not spam. So I think the filtering should be improved in the future. I believe Proofpoint is already working on that. The pricing is also something that could be improved. It's literally high. AI is not yet fully enabled in this tool. Hopefully, in the future, it will work.
The whole configuration management piece of the product requires some work, as it is one of the areas where the tool has certain shortcomings. Though it is an easy-to-install product, it might be difficult to get the process right for some users. The basics related to the installation process are simple to understand, but it takes a lot of effort to figure out areas to use this tool effectively if you want to do something above the basic level. The high cost of the product is an area of concern where improvements are required. I would like to see a lot of premium content in the product moved to a lower band because the basic version of the tool is relatively cheap compared to the sophisticated versions with additional costs. One person who works full-time needs to take care of the maintenance part.
IT System Administrator at Data 4 Information Technology B.V.
Real User
Jul 11, 2023
Integration and filtering out who you want and don't want to have integrated ID could be improved. Sometimes it takes longer for an email sent through Proofpoint Email Protection to reach the client.
There is room for improvement. One aspect that could be enhanced is finding a better way to follow outgoing mail. This would be particularly useful in situations where customers or suppliers claim they did not receive our messages.
Sometimes it detects false positives. We'd like the sandbox to integrate with the on-prem device. It needs to identify the paths and signatures. We'd like advanced machine learning for detection. We'd like the have more lunch and learns to get more out of the solution.
Director of Infrastructure and Security at Halifax Health
Real User
Jan 18, 2023
Unfortunately, the whole product is going downhill right now, ever since they were sold to Thoma Bravo. We're constantly having problems with stability and the product in general. Even their sales and support is deteriorating as well. I can't even get them to quote me for the next year, possibly because they are still in disarray from their sale. Because of these issues, we are likely going to move away from it soon. I would prefer not to change, but I might not have a choice, especially if they can't even send me the proper quotes for everything.
The accessibility of Proofpoint Email Protection, particularly access to product trials, could be improved. It's hard to get a trial for Proofpoint Email Protection, and many customers prefer not just to do the POC or demo but try the product out, including Proofpoint Email Protection add-ons. In the product's next release, I want more email servers added, such as Lotus Domino, rather than Proofpoint Email Protection focusing on just Microsoft Office 365 Exchange and Gmail.
I have some concerns about Proofpoint mail flow rules. It's not smart. Proofpoint has a lot of false alarms. Even their mail flow rules are not the best thing. Mimecast and Microsoft Office 365 are better than them. Many emails are marked as spam unnecessarily. I've had issues and have had to open many tickets.
Senior Manager - Cybersecurity Operations at Likewize
Real User
Sep 6, 2022
The false positives are an issue. There are many false positives that come in, which you report to Proofpoint. Sometimes they take time to update those things. They say there's an option that we can use to report false positives. However, it is not a quick remedy. You go and report it, and still, you have to take action on it and clear those emails getting blocked. It's too cumbersome. We don't have the option to scan a password-protected attachment. I have to either blindly whitelist it as it will get blocked since an email with attachments normally gets scanned. We'd like to have some mechanism in place where we can scan these protected attachments or whitelist the domain.
Global Account Manager at a computer software company with 51-200 employees
Reseller
Jul 21, 2022
It can be improved pricing-wise. One downfall of the product from the SMB side is the pricing. Currently, everybody can't afford it. Everybody wants a Mercedes, but not everyone has the budget for it. I want Security Awareness Training in there as a package deal. A lot of companies are starting to value email security a little bit more and take it a little bit more seriously, and the great product that we link together with a lot of these sales is a training product called Security Awareness Training. It is an upsell that we do with Proofpoint, and it is definitely something that I recommend everybody with email security to look into. It would be great if Security Awareness Training is included with the email security.
Gerente de operaciones at a tech services company with 11-50 employees
Real User
Jul 3, 2022
You only receive one model in Proofpoint Email Protection and the other ones you have to purchase at a high price. There should be more available with the solution and additional models should be less expensive. The administrator that manages the service should be better in their role. They don't have enough people to manage the service well.
Data Security Engineer at a tech services company with 11-50 employees
Real User
Aug 10, 2021
Integration for reporting needs to be improved, it's a little complex. Right now we have integrated with Power BI to get logs and information from Proofpoint. That has to be improved with the API and there are also latency issues which need to be simplified and improved. Those are the areas I've observed that need improvement.
Chief Information Officer at a consumer goods company with 51-200 employees
Real User
May 10, 2021
It was easier to use Microsoft than Proofpoint. We had some issues with their sales consultant. We got into a dispute and he ended up leaving the company. It's unknown if he was unhappy being at the company, or if it was a reflection of the company, but I can say that their sales consultant was not good. I think they have everything that I would want in the advanced version. There are certain things, I would want. I would want better spear phishing protection in the essentials package.
Information Technology Help Desk Technician at a consumer goods company with 51-200 employees
Real User
Mar 19, 2021
The Secure Mail aspect should have an Outlook add-in, instead of an external dashboard that outside users have to access. If we send a payment to one of our customers or an ACH or a form to fill out, they have to go through this entire subscription process on a separate website to read the secure mail. It should be like Ignite, where you can access the internal portal so then our customers aren't having to go through all these hoops just to read an email that we're trying to send them securely. That would be the one thing I would change. Basically, the Secure Mail portal wouldn't be its own portal; it would be an add-in.
Principal Consultant at a tech services company with 201-500 employees
Consultant
Mar 2, 2021
Not one of them is one hundred percent when it comes to reputation scores. It doesn't matter which solution — none of them are. Not one of them is a hundred percent on false negatives or false positives. Proofpoint scores way up there along with Cisco. You used to have a choice with Proofpoint which one you use. They may be using multiples now, too. Proofpoint is the main tool for blocking spam because it denies the connection altogether. I know for a fact that I can set Proofpoint up to what they call SYN attacks. SYN attacks basically open a connection, and then a handshake starts, and thousands of connections form. So, Proofpoint waits for a timeout to occur and then allows you to tie up all your connections, which is basically an out-of-service attack. They have something similar in Office 365, too. Still, the reputation services, the antivirus modules, none of them are a hundred percent when it comes to false positives or false negatives. It's the whole industry. The SMTP protocol needs to be totally rewritten. It was designed in the fifties or sixties. Changing it would be very, very difficult. They put band-aids on it for security — that's essentially what's happened with that. That email is not secure by design because it's still using an old design from many moons ago.
Security Professional at Qatar Computer Services WLL
Real User
Jan 11, 2021
The largest complaint that we hear from our customers is that there is no local support. We wait for the internet from the US to connect. If the customer has a P1 or P2 issue, they need someone to immediately focus on the solution. We have been trying to build a team to support our local customers because there is no local support available from Proofpoint. I am not sure if there is anything available as a SaaS offering, but that would be good. Also, the threat intelligence of phishing emails is an additional feature that we expect from Proofpoint.
Chief Information Security Officer at a university with 1,001-5,000 employees
Real User
Dec 4, 2020
It has too many screens. It is kind of a conglomeration of products. In other words, they built product A, product B, and product C, and they are yet to integrate them into a single administrative console. I would certainly like to see a more seamless administrative interface. I would also like to see them include more bang for the buck, by including features like email fraud protection, rather than making their product so piecemeal, where you are buying little pieces. I agree with the idea of having multiple tiers or layers, but maybe as small, medium, and large, as opposed to an a la carte menu.
Network Security Engineer at a tech services company with 11-50 employees
Real User
Nov 25, 2020
They do not have an on-demand scan for the internal viruses and internal users, and they don't have a scan for the exchange server against viruses and spam as Symantec does. Also, they are not able to scan multiple engines as McAfee does. I would like to see a feature included as an email security gateway the way that Symantec does.
The solution needs to better detect emails that don't have a malicious payload. They need to ensure those that have a link to a malicious Google Drive or something like that are captured. We find the cost to be prohibitive. Their smart search needs to be much more intuitive and flexible.
Director at a tech services company with 51-200 employees
Real User
Jan 22, 2020
The search functionality is quite small. It could be a bit more in-depth. Right now, it's a bit simple. The solution could be improved with the addition of PLP and email encryption features.
Information Security Officer at UC San Diego Health System
Real User
Dec 23, 2019
Proofpoint should have better integration with complex environments that need more than one instance of Proofpoint, as there are issues with nested instances.
Proofpoint Email Protection provides powerful filtering against spam, phishing, and malware, leveraging effective threat detection and blocking capabilities. This solution integrates smoothly with platforms like Office 365, offering a user-friendly dashboard for seamless operations.
Proofpoint Email Protection focuses on email security, ensuring protection against phishing, malware, and spam. It includes features like URL scanning, anti-phishing, anti-virus protection, and sandboxing for...
Some of the old portal features of Proofpoint Email Protection are missing in the new portal, so some of the settings could be modernized. The TRAP mail gateway product of Proofpoint Email Protection also has settings missing from its cloud deployment. The unified admin console in Threat Protection Workbench for managing security operations is still confusing, with many different portals and changing names making it difficult to find all of the features across different products.
I would like to see improvements in Proofpoint Email Protection's portal as it is sometimes slow. The performance of Proofpoint Email Protection's portal needs to be more responsive, and we would like more features added to the admin interface.
There have been a few cases where an obvious phishing email has not been blocked, but perhaps Proofpoint Email Protection was still learning and needed some extra time to figure out that the email was malicious. The detection piece could be improved a little bit more. If one email goes through and somebody clicks it, that's the end of it, regardless of whether further emails were blocked. If Proofpoint Email Protection could detect that first email at the right moment and block it right away, that would be great. I would appreciate some additional dashboards, enhancements showing the trends, and some reporting. I don't have a lot of complaint about Proofpoint Email Protection interface. It's pretty basic, but I'd like to see some GUI improvements, just from a visual perspective, not from the functional perspective, but maybe from a visual perspective. I think it would be nice to separate the admin and the security console in Threat Protection Workbench for managing security operations from a segregation of duties perspective. Since we are a smaller organization, I do have access to both, which is okay. But in a bigger organization, they might need a different dashboard for admin and the SOC analyst or the user, again from a segregation of duties perspective. I think it would be nice to have the option to have both in one or maybe split them out, depending on the organization.
There is nothing in particular that needs improvement; I am very happy with the solution. There is a bit of a learning curve to get started in the unified admin console in Threat Protection Workbench, but once I am familiar with the settings and the tool itself, the day-to-day experience becomes very easy.
I believe if the GUI were more user-friendly for people using it for the first time, or if there were more training available for end users to share with them, that would be good.
The management portal of Proofpoint Email Protection has an outdated UI that requires an update for better usability. Additionally, reduction of false positives in TAP alerts is necessary, necessitating constant updating and submission of documentation for training Proofpoint Email Protection's AI agents.
At this stage, there is nothing that I can think of to improve Proofpoint Email Protection, and I am happy to see that they're continuously innovating. At this time, I do not wish to add anything else about the features or any small tweaks that could make my experience even better.
From my experience using Proofpoint Email Protection, it has been quite helpful, although there is always room for improvement. I currently do not have any specific improvements to mention, but if I need changes in the future, I would bring up those ideas.
A few things about how Proofpoint Email Protection can be improved include implementing artificial intelligence within their platform to start really understanding the organization that is using their product, what sort of emails they are expecting and if the emails that are being expected should be let in and if the emails that are not being expected should not be let in. I'll give you a further example for this. If someone just tries to send an email from a Gmail address, which is a free public service email service provider, then because anyone in the world can create a Gmail account, I think it is nice and good for Proofpoint Email Protection to actually first check and do a reality check if we have received an email from this address and look at the intent of the email to really see what the email is trying to do and then classify based on that. I still see there is a lack. Hence why I started this conversation with AI and hoping that Proofpoint Email Protection will bring AI in and to really start analyzing these emails, the intent, and whether they really fit the customer organization. We are a manufacturing company, so whether it really fits that profile. I would say if we can get a better user experience from Proofpoint Email Protection products, that would be good. For example, other service providers that provide secure email gateway have the functionality where you can split promotional and bulk email and have them sent to a separate folder. I think if we can have that sort of feature, that would be great where Proofpoint Email Protection just keeps the important emails in the inbox folder and move everything else that is not really business related into a promotional, spam, bulk folder. This is an improvement that I would really like to see. I give it an eight because I am expecting a lot more from Proofpoint Email Protection, more automations, more understanding of who their customer is, what sort of business they do, and what sort of email they are supposed to be receiving and letting through. I think the day when I really have only 1% of work to do and 99% is automated by whatever automation services Proofpoint Email Protection uses would be ideal. I think I have covered any other improvements needed for Proofpoint Email Protection pretty well right from AI to splitting emails based on priorities. I think I have given some pretty broad and good examples.
Most users might be confused why Proofpoint Email Protection is providing two solutions. They should quickly transition from the old portal to the new one to avoid customer confusion regarding the availability of two portals in the market. I don't think there are many areas for improvement. The only things I mentioned earlier regarding Google Workspace documentation could be better, and they are already working on the two consoles. Everything else is lined up.
From an MSP perspective, multi-tenant administration could be improved. Managing multiple customers from a single, unified console would significantly enhance efficiency when one administrator supports several environments.
There are areas that have room for improvement in Proofpoint Email Protection, particularly regarding the interface, since I used the old legacy interface so much. I think they are making strides in that direction already, so I would say continue there. I am not sure how completed the new unified interface is or if they have actually finished and rolled all of the features up in there or not. That is a good area for continued focus. Proofpoint Email Protection was a very powerful product. The older legacy user interface just took a little to work with, and the new unified interface, as it was able to do more and more of the functionality of the old one, the product just got easier and easier to use.
I have not seen specific outcomes or metrics since implementing Proofpoint Email Protection, such as a reduction in phishing incidents or improved response time. Proofpoint Email Protection can improve in how it analyzes alerts by using more AI within its product suite to eliminate repeat alerts, such as filtering down the same attack to generate only one alert. In summary, using AI more within the platform would reduce our workload. I would suggest advanced phishing training that uses AI to generate phishing training simulations and to catch and filter more phishing attacks. Proofpoint Email Protection feels like just the baseline approach, which is very static.
I believe they still need to improve by consolidating some portals, as currently, you have to log in separately to a few of them.
It became very expensive due to the nature of local circumstances, and I may advise Proofpoint to adjust marketing solutions based on each country.
In terms of improvement, the price could be better. Additionally, more security could be implemented.
Phishing detection & Response capabilities could improve further to match some of the capabilities offered by competitors. Proofpoint could expand its PDR capabilities to improve its efficiency inside the SOC
The support team was a bit slow. It takes months to implement the next feature. So I'd like to see faster support.
Sometimes it doesn't detect actual spam emails, and sometimes it catches normal emails, which is not spam. So I think the filtering should be improved in the future. I believe Proofpoint is already working on that. The pricing is also something that could be improved. It's literally high. AI is not yet fully enabled in this tool. Hopefully, in the future, it will work.
The solution needs to integrate with the owner's labeling solution. Without this integration, the solution is not feasible.
The whole configuration management piece of the product requires some work, as it is one of the areas where the tool has certain shortcomings. Though it is an easy-to-install product, it might be difficult to get the process right for some users. The basics related to the installation process are simple to understand, but it takes a lot of effort to figure out areas to use this tool effectively if you want to do something above the basic level. The high cost of the product is an area of concern where improvements are required. I would like to see a lot of premium content in the product moved to a lower band because the basic version of the tool is relatively cheap compared to the sophisticated versions with additional costs. One person who works full-time needs to take care of the maintenance part.
The price could be improved.
The email DLP portion could be a bit easier.
Proofpoint Email Protection is an expensive solution.
The stability and UI are the two areas of the solution with certain shortcomings that need improvement.
Integration and filtering out who you want and don't want to have integrated ID could be improved. Sometimes it takes longer for an email sent through Proofpoint Email Protection to reach the client.
There is room for improvement. One aspect that could be enhanced is finding a better way to follow outgoing mail. This would be particularly useful in situations where customers or suppliers claim they did not receive our messages.
Sometimes it detects false positives. We'd like the sandbox to integrate with the on-prem device. It needs to identify the paths and signatures. We'd like advanced machine learning for detection. We'd like the have more lunch and learns to get more out of the solution.
The solution can be improved by including a real-time block list and giving the user more control over customizations.
Unfortunately, the whole product is going downhill right now, ever since they were sold to Thoma Bravo. We're constantly having problems with stability and the product in general. Even their sales and support is deteriorating as well. I can't even get them to quote me for the next year, possibly because they are still in disarray from their sale. Because of these issues, we are likely going to move away from it soon. I would prefer not to change, but I might not have a choice, especially if they can't even send me the proper quotes for everything.
The accessibility of Proofpoint Email Protection, particularly access to product trials, could be improved. It's hard to get a trial for Proofpoint Email Protection, and many customers prefer not just to do the POC or demo but try the product out, including Proofpoint Email Protection add-ons. In the product's next release, I want more email servers added, such as Lotus Domino, rather than Proofpoint Email Protection focusing on just Microsoft Office 365 Exchange and Gmail.
Proofpoint Email Protection could improve by allowing more customization of the reports, such as exceptions and black-and-white lists.
The price policy needs to be better. We'd still like lower pricing. The initial setup is complex.
I have some concerns about Proofpoint mail flow rules. It's not smart. Proofpoint has a lot of false alarms. Even their mail flow rules are not the best thing. Mimecast and Microsoft Office 365 are better than them. Many emails are marked as spam unnecessarily. I've had issues and have had to open many tickets.
The false positives are an issue. There are many false positives that come in, which you report to Proofpoint. Sometimes they take time to update those things. They say there's an option that we can use to report false positives. However, it is not a quick remedy. You go and report it, and still, you have to take action on it and clear those emails getting blocked. It's too cumbersome. We don't have the option to scan a password-protected attachment. I have to either blindly whitelist it as it will get blocked since an email with attachments normally gets scanned. We'd like to have some mechanism in place where we can scan these protected attachments or whitelist the domain.
It can be improved pricing-wise. One downfall of the product from the SMB side is the pricing. Currently, everybody can't afford it. Everybody wants a Mercedes, but not everyone has the budget for it. I want Security Awareness Training in there as a package deal. A lot of companies are starting to value email security a little bit more and take it a little bit more seriously, and the great product that we link together with a lot of these sales is a training product called Security Awareness Training. It is an upsell that we do with Proofpoint, and it is definitely something that I recommend everybody with email security to look into. It would be great if Security Awareness Training is included with the email security.
You only receive one model in Proofpoint Email Protection and the other ones you have to purchase at a high price. There should be more available with the solution and additional models should be less expensive. The administrator that manages the service should be better in their role. They don't have enough people to manage the service well.
Proofpoint Email Protection's interface is confusing and could be improved.
Proofpoint Email Protection could improve the Mail Trace feature and make navigation easier.
The only downside with Proofpoint Email Protection is the cost.
We have some use cases that haven't been dealt with yet, so that could be improved.
Integration for reporting needs to be improved, it's a little complex. Right now we have integrated with Power BI to get logs and information from Proofpoint. That has to be improved with the API and there are also latency issues which need to be simplified and improved. Those are the areas I've observed that need improvement.
It was easier to use Microsoft than Proofpoint. We had some issues with their sales consultant. We got into a dispute and he ended up leaving the company. It's unknown if he was unhappy being at the company, or if it was a reflection of the company, but I can say that their sales consultant was not good. I think they have everything that I would want in the advanced version. There are certain things, I would want. I would want better spear phishing protection in the essentials package.
The Secure Mail aspect should have an Outlook add-in, instead of an external dashboard that outside users have to access. If we send a payment to one of our customers or an ACH or a form to fill out, they have to go through this entire subscription process on a separate website to read the secure mail. It should be like Ignite, where you can access the internal portal so then our customers aren't having to go through all these hoops just to read an email that we're trying to send them securely. That would be the one thing I would change. Basically, the Secure Mail portal wouldn't be its own portal; it would be an add-in.
Not one of them is one hundred percent when it comes to reputation scores. It doesn't matter which solution — none of them are. Not one of them is a hundred percent on false negatives or false positives. Proofpoint scores way up there along with Cisco. You used to have a choice with Proofpoint which one you use. They may be using multiples now, too. Proofpoint is the main tool for blocking spam because it denies the connection altogether. I know for a fact that I can set Proofpoint up to what they call SYN attacks. SYN attacks basically open a connection, and then a handshake starts, and thousands of connections form. So, Proofpoint waits for a timeout to occur and then allows you to tie up all your connections, which is basically an out-of-service attack. They have something similar in Office 365, too. Still, the reputation services, the antivirus modules, none of them are a hundred percent when it comes to false positives or false negatives. It's the whole industry. The SMTP protocol needs to be totally rewritten. It was designed in the fifties or sixties. Changing it would be very, very difficult. They put band-aids on it for security — that's essentially what's happened with that. That email is not secure by design because it's still using an old design from many moons ago.
The incident reporting on offer needs to be improved. It's lacking right now. It should be on the platform somewhere.
The largest complaint that we hear from our customers is that there is no local support. We wait for the internet from the US to connect. If the customer has a P1 or P2 issue, they need someone to immediately focus on the solution. We have been trying to build a team to support our local customers because there is no local support available from Proofpoint. I am not sure if there is anything available as a SaaS offering, but that would be good. Also, the threat intelligence of phishing emails is an additional feature that we expect from Proofpoint.
It has too many screens. It is kind of a conglomeration of products. In other words, they built product A, product B, and product C, and they are yet to integrate them into a single administrative console. I would certainly like to see a more seamless administrative interface. I would also like to see them include more bang for the buck, by including features like email fraud protection, rather than making their product so piecemeal, where you are buying little pieces. I agree with the idea of having multiple tiers or layers, but maybe as small, medium, and large, as opposed to an a la carte menu.
They do not have an on-demand scan for the internal viruses and internal users, and they don't have a scan for the exchange server against viruses and spam as Symantec does. Also, they are not able to scan multiple engines as McAfee does. I would like to see a feature included as an email security gateway the way that Symantec does.
The solution needs to better detect emails that don't have a malicious payload. They need to ensure those that have a link to a malicious Google Drive or something like that are captured. We find the cost to be prohibitive. Their smart search needs to be much more intuitive and flexible.
The search functionality is quite small. It could be a bit more in-depth. Right now, it's a bit simple. The solution could be improved with the addition of PLP and email encryption features.
Proofpoint should have better integration with complex environments that need more than one instance of Proofpoint, as there are issues with nested instances.