Forcepoint Data Loss Prevention Reviews

We use it for monitoring and blocking sensitive data in emails, following our new governance policy.

We like the ability to customize our requirements and rules, as well as its ease of use and management. It also has a cloud feature and proxy functionality.

The product is good, but the biggest issue is needing direct support from Forcepoint.

In future releases, it would be helpful if the OCR feature supported more standard formats, as currently, Forcepoint cannot block some standard data formats.

I have been using it for three years. 

I would rate the stability a seven out of ten. We occasionally experience some downtime and glitches, mainly on the cloud side.

It is very scalable and we have not encountered any issues.  There are around 11,000 end users using this solution.

I would rate the scalability an eight out of ten.  

It can be hard to contact customer service and support, and their response times and solutions can be slow and sometimes irrelevant.

A lot of time their feedback is not helpful. 

Neutral

Forcepoint offers a more cost-effective solution because everything, including OCR, is included in one package, unlike Symantec, where it is an add-on with an additional cost. We also considered McAfee before choosing Forcepoint.

So, the main reason we chose Forcepoint is the cost because it's a single package.

The initial setup is simple. It's now easier than Microsoft, for example.

We currently use a hybrid model with on-premises deployment for the top and cloud access for laptops.

There are five people in our technical team handling deployment and maintenance of this solution. 

I would rate the pricing a six out of ten, where one is high price, and ten is low price. It can be a low price. 

Overall, I would rate the solution a seven out of ten. There is some room for improvement.

We use Forcepoint for compliance, PCI DSS, and data protection at the network, endpoint, and data discovery levels.

Forcepoint has out-of-the-box rules and policies for PCI DSS and GDPR compliance. The compliance features are easy to deploy and implement. If your data is not classified, you need to do that first, but the functionality is out-of-the-box otherwise. 

Forcepoint offers many policies that conform to global DLP best practices, including requirements specific to regions like the Middle East, Europe, etc. They have a policy database in their product. That feature is unique to Forcepoint. Their AI and fingerprinting are incredibly effective and robust. We have tested it multiple times. It always catches the correct data being leaked.

They can improve a bit in the OCR category. The OCR deployment could be simplified. Right now, you have to set up a separate server to manage all the data going through the network, especially the images. Forcepoint could better integrate the OCR component with central management. 

Many customers ask how we will detect data in the OCR images. We must tell them that we'll deploy another machine to manage OCR. However, smaller enterprises have limited hardware. An enterprise can provide the necessary hardware but not the SMEs. This is a critical category because data can be leaked through images. 

I would also like Forcepoint to add support for AIX machines and databases. The solution still doesn't support certain machines like IBM AIX machines. Forcepoint typically supports QRadar integration, so maybe they can increase the work support on the server side.

We have been using Forcepoint DLP for three years.

Forcepoint Data Loss Prevention is a stable product. We have had any serious issues on the client side. 

Forcepoint supports huge deployments of more than 20,000 endpoints. You can scale up from hundreds to thousands. It's easy to scale by adding devices and increasing the hardware to support more systems in the same architecture or the same infrastructure. It covers everything, from clouds to networks and endpoints, Linux servers, Mac laptops, etc.

I rate Forcepoint support eight out of 10. Their support is good, but not excellent. At the same time, their presales service is strong. Overall, their standard support is not bad. They try to resolve problems in time and usually ask relevant questions. They are knowledgeable, but you'll need to pay for a higher tier if you want faster response times and 24/7 support.  

Positive

I rate Forcepoint 10 out of 10 for ease of setup. It's one of the simplest DLP solutions I've used. Symantec is more difficult than Forcepoint. Setting up Forcepoint is straightforward. 

They have an extensive knowledge base online, and the steps are well-defined in those documents. We have a console server called Forcepoint Management Center. We also need to deploy DLP agents a Protective Appliance on the network server. Forcepoint has extensive support for integrating with other vendors, so the setup is quite fast. We can integrate the product with any of the proxies available in the customer environment.

I rate Forcepoint eight out of 10 for pricing. We have a different team that handles the pricing, quotes, and presales. I'm on the technical side, so I'm not sure about the cost.  Our customers tell us they prefer Forcepoint because of their market presence. It's also the leader on Gartner's Magic Quadrant and has high ratings on third-party platforms. They prefer Forcepoint. I don't believe the price is too high, but Forcepoint is a premium service and the cost is consistent with the product they are providing.

I'm referring to the price from a vendor perspective. When a customer asks us to provide this product to meet their budget, Forcepoint will cooperate with us and provide discounts. 

I rate Forcepoint Data Loss Prevention 10 out of 10. It's the best product on the market. When our customers compare it with Symantec, McAfee, or Trend Micro, the response is extremely positive. The product is stable and scalable, and the licensing tiers are fairly simple. It's easy for us to explain to customers which features are available for each pricing tier. 

Our primary use case for this solution is for malicious activities.

The feature I found most valuable is the DLP. We are using it to do encryptions.

My opinion is that the dashboard could be improved and made more user-friendly. They do not enable a wide range of proper inquiries and we need to identify much of what we need on our own, like incident severity.

In the next release, I'd like to see the updates working properly as the priority apps we have are not upgrading the agent that we have installed.

I have been using this solution for about a year and a half.

I would rate the stability of this solution an eight, on a scale from one to 10, with one being the worst and 10 being the best.

I would rate the scalability of this solution a six, on a scale from one to 10, with one being the worst and 10 being the best.

I would say that their technical support is quite helpful. I would rate them a seven, on a scale from one to 10, with one being the worst and 10 being the best.

Neutral

Our model of deployment is on-premises. The only issue with deployment that we've found is that sometimes OPC is not able to connect to SCM or to a particular vendor. The deployment took around 20 minutes. Everyone was involved in the deployment of this solution, every department. It takes about two to three people to maintain this solution.

We used an in-house team to do the deployment of this solution.

There are around 16,000 users of this solution in our company.

I would recommend this solution to other people.

I would rate this solution as a whole a 10, on a scale from one to 10, with one being the worst and 10 being the best.

We do managed services. We analyze customers' requirements, and then we suggest a proper DLP or endpoint data protection solution. We have implemented Forcepoint DLP and Forcepoint Web Gateway for multiple customers.

Forcepoint DLP helped a lot when an incident was created and we tried to have an auto-remediation of the incident. For DLP, an incident is a key factor. DLP is meant to generate an incident, and that incident should be managed. If no one is managing the incident, DLP is of no use. Forcepoint has an email workflow. It provides email incident remediation wherein an automatic email is generated for the manager. If a person violates a policy, we can configure it in a way that one email is sent to the manager. One email will also go to the end-user. The end-user can again analyze the activity and give us feedback about whether it was a genuine business need and we should release that email, or whether it was a mistake and we should quarantine that email. The decision is made by the manager or by the end-user who sent the email. This helped a lot and reduced the incident count. It was very helpful to have such a report and to be able to say that the end-user was aware of the fact that this email has been quarantined. After providing the legal justification, the email was released by him. It reduced 40% of incidents for emails. This kind of feature is not available in other DLP solutions, and I really appreciate having that feature.

The workflow remediation is quite good. That is a key feature because of which it has the upper hand over other DLP solutions.

Endpoint protection, web protection, network protection, and storage use are valuable features. Among these, endpoint protection is most valuable.

It has good policies and good mechanisms to detect incidents.

They can have less memory consumption for their endpoint channels. They are not that adaptive with other endpoints solutions like EPP and EDR. They can improve in this aspect. 

Their discovery or the way they discover the data at risk can also be improved. There are many database servers that are not supported by Forcepoint.

Their login mechanism to find out the issue is another thing they need to improve. We would like to have the finest login to figure out what exactly is happening and why we are not able to communicate with the detection server. One of the products I have used is better in this aspect. We can have the finest level login, and we can figure it out, but I haven't found such an option in Forcepoint. 

I have been into DLP technology for the last eight years. I have been using Forcepoint for three years.

I have worked with another DLP solution in and out, and I find that solution to be more stable than Forcepoint. Once you implement a policy in that solution, the policy will always function. You can be assured that the policy will be functional. With Forcepoint, I always need to check whether the policy is functional or not and whether my policy is getting synchronized on the detection server or not. There won't be any sort of end trigger if the policy synchronization was stopped. 

It is quite scalable. It is comparable to other DLP solutions in terms of scalability.

I haven't interacted that much with their support, but whenever I created a case, there was proper support. As compared to other solutions, Forcepoint's support is more technical and professional.

I have used other solutions. Many of the customers are switching to Forcepoint. They are not getting proper support from one of the vendors. So, they are switching to Forcepoint. They are getting equal or more benefits with Forcepoint, and its cost is also low.

Incident remediation is awesome in Forcepoint. One of the solutions that I used did not have incident remediation. Forcepoint again has the upper hand in terms of policies. It has nearly 1,700 policy templates that we can use. Many compliance-related and PII-related rules are readily available in those templates. Forcepoint also has a time-based policy, wherein they can detect that a policy is active within a certain period of time. This visibility is not there in other solutions. Forcepoint also supports flow data transfer analysis.

Overall, Forcepoint DLP has the upper hand. Stability and scalability are secondary. The primary thing is that an application should be usable. Forcepoint is really user-friendly, and it has multiple options. They say that they can detect the malware if data leakage is happening to malware. They do have some sort of analysis in their detection engine to detect malware.

As compared to other DLP solutions, it is quite complex because they do have their policy server and analytics server in place, and their Forcepoint manager is also there. With other solutions, we need to have an Oracle Database in place, which is not required with Forcepoint. For Forcepoint, SQL Server can be quickly installed and is ready for use.

The installation duration depends on the organization and the size of the organization. For the same set of organizations, Forcepoint will take 30% less time as compared to others. In many organizations, I have implemented it within a month, and in many organizations, the project took one year.

The implementation strategy depends on the customer, but we do follow the implementation steps, such as gathering information and then deciding which detection server to go for, where to place it, and how many counts are required. If I have more than 30,000 agents, then I definitely need to think about one more endpoint prevent server. So, it depends on the organization size and the response of the organization in terms of how quickly they adapt DLP and how friendly they are with the DLP solution. The biggest implementation that we had done had 30,000 users.

Our customers have seen an ROI. 

Its pricing is quite low considering the features they are offering. As compared to other solutions, it is reasonable. 

They do have professional support. If we need professional support, then there will be additional costs.

You definitely need to do a proper calibration of the organization and data flow analysis. Even though there are 1,700 policy templates, each and every organization will have a different set of rules and data to be analyzed. So, data flow analysis is a must with Forcepoint DLP to create a proper policy.

Cost-wise, it is a very good product. An organization should really consider this product if they are in process of DLP implementation, or if they are thinking of switching from any other DLP solution. If there is a budget constraint or you need a good DLP solution, I would definitely recommend Forcepoint DLP.

I would rate Forcepoint Data Loss Prevention an eight out of 10. There is no DLP that will score a 10.

We use this product to ensure that our intellectual property is protected. DLP gives us control over IPs and company-sensitive data. It also helps us ensure compliance with global policies and industrial policies like CISS, personally identifiable information, and all sorts of data. 

Forcepoint has a unique fingerprinting technology. We set a policy and as soon as a document goes into the repository, the policy applies. When I receive a document from my MD and want it to remain within the organization, I move it into a repository and it's viewed as sensitive. It's an efficient way to ensure that documents are safe. DLP ensures that data doesn't flow out. 

I would also add that the predefining feature is a very simple process. You pick your industry, add the email, choose your country, populate the type of policies that suit your region, and your industry, and then you can choose what to block and what to allow. 

In general, Forcepoint is miles ahead of its competitors. The closest similar solution would be Symantec, but they're still miles behind.

Currently DLP is an on-prem product and the cloud version is an add-on. I'd like to see DLP as a cloud or hybrid option so we can deploy it as a full cloud solution or on-prem as we choose. I hope they're looking in that direction, it would make a huge difference.

Most of my customers are looking for the ability to control or shut down the USB port devices so that content coming out of the port is blocked. Forcepoint added it to the DUP add-on. McAfee DLP has that feature and most of our customers requesting this have moved from McAfee and want it in Forcepoint DLP.

I've been using this solution for five years. 

The solution is stable. It's been around for a while and has never needed a patch or hub fix. 

The solution is scalable, we currently have 2,600 users. 

If I have all the prerequisites, all the firewalls open and everything, I can deploy in one day. The initial setup requires some expertise to implement. It's easy for me because it's something I've been running for a couple of years. Policies are the issue and they have to be tweaked every day. 

The product is very cheap because it's a DLP switch. It comprises DLP for endpoint, DLP for the network, and DLP for discovery. Forcepoint sells the DLP endpoint, the DLP network, and the DLP discovery separately, and you can choose what you want. We go for the suite which comprises all three which is cheaper.

This is a good product. It's important to understand your needs and pain points.  Once you're clear about why you want it, it's easy to set up and then build from scratch in line with what you want to achieve. 

I rate this solution nine out of 10. 

We use it mostly for endpoint protection of PCI information, as well as PII, such as social security numbers.

We have a hybrid system, in that we utilize the cloud as well as our on-premises appliances. Depending on where the customer is, if they're on-premises or if they're working from home or elsewhere, we have that covered with the hybrid solution. Forcepoint has its product available in the cloud and we use the on-premises side when the data is going through the appliances.

The greatest benefit is the detection, detecting either accidental or unauthorized transmission of certain kinds of PCI or PII data that we prohibit. It's very useful to get that from alerts. We can also block them outright, depending on what threshold we have set. That's the most useful thing about DLP, that it prevents unauthorized usage of that kind of data.

Some of the built-in rules, templates, and content classifiers are among the most valuable features. Some of the built-in patterns are good places to get started with. Along with the phrases, they are helpful in putting together policies and fine-tuning our policies. A good example of that would be certain kinds of credit card data. They have a lot of algorithms available to fine-tune what exactly you're looking for, whether it be credit cards from Mexico, or US credit cards, et cetera. They have a good database of those types of predefined algorithms, ways to detect things, and the specific information you're looking for.

These features are valuable because they work and seem to be picking up the right data. They seem accurate. It's also convenient to be able to choose them and not have to figure it out myself or create my own. That goes a long way toward fine-tuning our policies.

The user-friendliness of the interface in formulating DLP policies could be improved. An example would be managing policies. It's a little daunting at first, and can be confusing, at times, when it comes to how to set things up and how to add policies. They could improve on that.

Overall, I would like to see them modernize. I'm on version 8.5, so there are newer versions out. They may have done that already. I'd have to demo the newer versions.

We're planning on upgrading this year to 8.6. I believe that in going to 8.6, we will be gaining some additional features. The newer versions will have better detection capabilities with improvement to their algorithms.

I have been using Forcepoint Data Loss Prevention for about five years or six years.

The on-premises solution has high availability. The appliances that we've used are very stable. They just keep running. We have had very few issues with the appliances in terms of failure. In those situations, they were more on the hardware side. They just needed a reboot and that fixed things. Overall, the stability is good for on-premises. 

In terms of the cloud side, availability doesn't come into play as much because we don't change policies that often. We don't modify the policies on a day-to-day basis. We might modify a policy once a week or once every month, at the most. The client or endpoint really just needs to receive that update once, and it's pretty much good to go. So we're not relying too much on the cloud availability, except for that initial update for each endpoint. The cloud availability is going to be more relevant on the web side of the product, where you're going to want continual web access, filtering, et cetera.

One feature that I'm getting ready to take advantage of more is the ability to add more data crawlers to the DLP on-prem environment, without any extra Forcepoint costs or licensing needed for that additional data server. That will help in reducing the stress on the data server that we're using now. It will help manage all the policies, the clients that connect to it, and all of the network discovery tasks, especially. They will all be handled much more efficiently when we spread the load. We're looking to add an extra one or two Windows Servers for that, so the additional cost would just be related to the Windows setup.

Forcepoint's technical support for the solution is excellent. The technicians that I have dealt with have been with their company for a long time and they know their product inside and out.

There has been no other similar solution here, as long as I have been with the company. I started off with a sister company, and they actually used a very early version of Websense, which is what Forcepoint used to be called before it became Forcepoint. That means we have never used a competing vendor.

I was not involved in the initial deployment, but we've had it ever since I've been on the team here. I've been managing it ever since. I was there for the initial deployment in one of our sister companies. It wasn't anything unusually difficult. It just required installing some hardware and getting all the firewall rules worked out. Once you get all that in place, everything usually works pretty well. That's been my experience, even with upgrades. Most of the time our issues have been firewall blocks within our own company. That's usually the biggest hurdle, overcoming our firewall-related issues.

We use it on about 5,000 endpoints and we have two people who administer  it. They're both information security analysts.

I don't have ROI numbers. I base everything on: "Am I getting the support that I need?" And the answer is "yes."

We have never looked at other solutions at a PoC level.

What I can recommend is getting the highest tier of support that you can afford, because it's absolutely critical. I don't know how I would do everything if I had to submit a request and wait several days for it. I don't know how I would keep things going in that situation. With a higher level of support you can call someone and you also have someone who is managing your account. That's also really nice, because you get some extra benefits out of that.

I'm very satisfied and would rate it at nine out of 10.

The main use case for Forcepoint DLP is its OCR feature, which many customers need. The OCR capability can only be used at the network level, not at the endpoint level. It enables network-based data security, such as scanning emails or web traffic for potential data leaks. It's useful when dealing with scanned documents or screenshots containing sensitive information, preventing data leakage for multiple customers who require this level of security.

DLP also provides a test suite and integrates with a cloud access security broker. This helps protect data in cloud storage environments and gives you more control over data security in the cloud.

First, you need to categorize your data—what kind of data it is, the severity of its sensitivity, how long it needs protection, and the destinations that need protection. Forcepoint provides a dedicated solution with a user-friendly interface that makes it easy to manage. Remember that DLP doesn't handle data classification independently, so you'll need another tool to classify your data. For instance, you might use a classification tool to label documents as confidential, private, or internal.

Once the classification agent is installed on the endpoint, users need to label their data accordingly. For example, a Word document containing sensitive information should be labeled confidential. After labeling, you can create a policy in the DLP solution, such as Forcepoint, to block any data labeled as confidential from being shared. You can specify destination addresses to block at various levels, like the network, email, or RDP.

It is a bit expensive.

When deploying a DLP solution in your environment, it is important to follow best practices and start with monitoring mode. Initially, you may not know where your data resides, which users need access to it, or the nature of the data itself. Deploying an agent and monitoring the data flow and usage for three to six months is essential. 

Forcepoint DLP helped customers save some money at the end of the cyber security field. Data is the most important thing you need to implement for a DLP solution in your environment. You could also face insider threats. Implementing a DLP solution helps prevent potential data leaks by giving you control over what kind of data is being accessed, where it's stored, and how it's being used within your environment. It also allows you to monitor and prevent unauthorized sharing of sensitive data, ensuring better security across your organization.

You have two primary use cases for encryption: one for USB devices and the other for network-level data, like email. For email encryption, you can use an appliance that encrypts emails before sending them to another recipient. You can set up DLP for USB devices to manage and secure the data copied to the USB. By registering the USB with your DLP administrator or security tool, such as Forcepoint Security Manager, you can ensure that any data transferred to the USB is protected through encryption, preventing unauthorized access.

Integrating a DLP solution with your Active Directory is a prerequisite for implementing it in your environment. Ensuring your Active Directory follows best practices and benchmarks is crucial for seamless integration and optimal functionality of the DLP solution. You need to add the Active Directory to the environment. It must be integrated because you cannot block your data if your endpoint is not integrated with the endpoint level.

Overall, I rate the solution a nine out of ten.

We use this solution for data theft and for some forensic work.

Forcepoint DLP has very good reporting whether it is at the gateway or it is the LP. The product is user-friendly. 

We faced some issues with the endpoint installation of the agent as it is not from a common ground. Rather than being able to give a command from the central control and install the agents on the laptop, you need to install them one by one.

I have been using Forcepoint Data Loss Prevention for 10 and a half years.

This solution is stable. There is no specific maintenance of Forcepoint DLP, it is just a matter of tweaking the product to comply with any new or amended corporate policies.

Forcepoint DLP is scalable, it is just a matter of installing the agents.

Previously, I worked with Symantec DLP and McAfee DLP. Forcepoint is more user-friendly than both of these products.

The initial setup of Forcepoint DLP is neither easy nor complex. The technical setup is easy, however, the user education takes time and can be a bit of a strain. 

If you are considering implementing Forcepoint Data Loss Prevention into your organization, be sure to be clear of your initial requirements. Sometimes users are thinking something totally different and the DLP will not meet those needs. 

Overall, I would rate this solution an eight out of 10.