Forcepoint Data Loss Prevention Reviews

It's for DLP and to monitor and make sure that no key files are being sent out of the organization. It also helps in terms of tracking any abnormal behavior.

We have about 700 users and it's endpoint-based. We add an agent to the endpoints and it coordinates with the server.

With Forcepoint we found that one employee who left had taken some files, and we were able to stop it. And if somebody is under a notice period, we now monitor whether any files are about to go out. When they take something with them, we can see that. We can also identify any abnormal behaviors that are happening. A lot of times it happens that if somebody is about to leave, they try to take some information away with them. We catch that fast.

It also helps in terms of HR stuff because file movement can indicate people who are looking for jobs. We can see CV movements and it helps as an indicator of a dissatisfied employee. We can at least see the behavior and see if we can do something about it.

Before Forcepoint, we had data in terms of how many terabytes go in and out, but now we can specifically see what goes where.

One of the most valuable features is being able to see file movement, where files are going. Every week we review the files. It can identify software codes, so we code files and we know where they're going and who's doing what. It gives us visibility. It shows any key files, any strange behaviors, such as if somebody is taking too many screenshots, and alerts us about that.

I would like to see improvement in the reporting. We can only get one week's worth of data; we can't get more than that. Also, the reporting console is very slow, making it very frustrating to use. There are times when I open it up on a Monday and take a download, but it takes so much time. You can get busy with other things and come back and it's still hanging and you can almost forget about it. 

Also, the server goes down and we have raised tickets to resolve that. In the past two weeks, we've had to deal with that two or three times. It's been a little annoying lately.

I have been using Forcepoint Data Loss Prevention for one year.

The system is stable, but as I mentioned, the reporting portion is very unstable. If I want to get reports out, it takes a long time. Sometimes the server is down, and I have to raise tickets. I have had problems there.

The scalability is okay, there are no problems with that. We can add on more agents as we expand with more people. We haven't had any issues there.

I would rate customer service at 8.5 out of 10. When we have problems with the system, they respond and they generally resolve things within half a day.

This is our first solution of this kind.

The initial setup was straightforward but setting up the rules was very complex. It is something where things don't actually work as we think they will work. It generated a lot of false positives in the beginning.

Our deployment took about a month.

Our strategy was to start with auditing first. We haven't actually moved to blocking yet. When we tried to move to blocking critical files, it ended up blocking some other people at work. There are some issues around that and we have had to be careful.

We let it run on its own. I look at the data in Forcepoint on a weekly basis, but we don't have any administration of it, per se. My IT team handles the deployment of new employees coming in, meaning the deployment of the Forcepoint agent on their laptop. That's about it in terms of admin.

An integrator helped us, somebody who deals with Forcepoint products. There were no problems with that, although they were billing by time and the system is a little complex.

We have seen return on our investment because we're able to track our data. It's not so much an active return on investment, but more like an insurance policy. It prevents bad things from happening.

The pricing is reasonable. That's why we went with Forcepoint. They were pretty competitive.

There are no additional costs, other than the cost for additional licenses that we have to pay for ad hoc.

It's not as easy as Zscaler to connect. To be very honest, I think Zscaler has a better product with a better interface, but the cost of Forcepoint is more attractive. That's why we went for it. We looked at McAfee as well. McAfee is a bit resource-heavy. 

Zscaler was very good. The interface was really good and it's easy to set up. Forcepoint is okay. I spoke to some other customers who used Forcepoint and they said, "Look, the interface is a bit complex, but it has everything in place."

You need to put a lot of time and effort into Forcepoint, you need a dedicated team for it. You also need to have a data classification strategy firmly in place. You should classify your data before you get it. You also need to test your rules thoroughly before you implement them.

Forcepoint Data Loss Prevention works to protect data from attacks, which is a company requirement. It works on networks and has an OCR feature, with OCR being the primary use case for it in my company.

The most valuable feature of Forcepoint Data Loss Prevention is the OCR.

An area for improvement in Forcepoint Data Loss Prevention is the complex UI and policy deployment. You have to find the policies, and then designing the policies is also tricky.

As Forcepoint Data Loss Prevention has some complex policy implementations, I want a more straightforward policy deployment from it in the future.

I've been using Forcepoint Data Loss Prevention for the last few years.

Forcepoint Data Loss Prevention is a stable product.

My company logs tickets in the Forcepoint Data Loss Prevention support portal whenever there's an issue. Support-wise, I'm giving the team eight out of ten.

Positive

The initial setup for Forcepoint Data Loss Prevention is easy. My company did a POC and demo session, and the solution is currently in the deployment phase.

The pricing for Forcepoint Data Loss Prevention is more expensive than Symantec, but it's negotiable. It depends on how well you negotiate. The solution is worth the money, though, based on the services and facilities it provides to my company.

My company uses Forcepoint Data Loss Prevention.

I'm using the latest version of the solution because my company updates Forcepoint Data Loss Prevention every time there's a new version.

My company has more than one thousand Forcepoint Data Loss Prevention licenses.

I would recommend Forcepoint Data Loss Prevention, depending on your scenario and the industry you're working in. The primary consideration for using the solution would be your use cases. If it fits your use case, I'd tell you to go for Forcepoint Data Loss Prevention.

The solution is quite mature compared to other DLP products, so my rating for Forcepoint Data Loss Prevention is eight out of ten.

My company is a Forcepoint Data Loss Prevention user.

We use Forcepoint primarily for data loss prevention and detection.

The ease of configuration was probably one of its biggest selling points. I know that we took a long time to get it configured properly but it just takes a while. It's a big tool and it does a lot of work.

I don't know where they are going as an organization vendor, because my job ends the moment its implemented, so I would go onto other things.

If I were a betting man, though, I would say that they're going to have to find a way of creating what we call multitenancy, because if for example we have a constituency group set of users who don't work for the department and they contract out, then our work with them is highly sensitive. Being able to separate in segment amounts separately from our core would help. We could use better ways of customer or users segmentation capabilities.

For example, if I wanted to push a report by a certain organizational entity or unit, I wouldn't be able to do that without a lot of work. The reporting could be better.

I think it's going to be hard to beat if they ever decide to replace it. Forcepoint is a pretty good product, we're all pleased with it.

I think it is pretty scalable, at least to the point that we've deployed it to.

We have a workforce of 1,300, of which we have deployed to approximately 800. We also have another set of users who don't work for the department but are contracted out through our agents and sub-agents and they handle the vehicles. We have not deployed to their devices yet, so we have both endpoint and central server data loss prevention technology in place.

We can tell you where anybody went, when they went, how they went, and what they used to get there.

Everybody uses it whether they know it or not, we put out reports monthly on what we call PII information (Personally Identifiable Information). If you know anything about data loss prevention and detection, anytime someone hits a website or even tries to go on, it's logged and captured and we know who went where and what they did, we know what files they looked at and what files they sent, so more power to you. If you want to try something go for it.

We have a CISO, six ISOs (information security officers) or analysts, and over fifteen field service personnel who can work with it. We are pretty broad that way and deep. We have got quite a number of people. Our ISO team itself is comprised of six individuals, a CISO and five analysts.

Security doesn't stop, nor does the pervasiveness of data and its ubiquitous nature. Here at this organization, we don't stop security. We expand it to cover other avenues or channels that come into play. We cover other data structures that are created when another solution takes off. We don't stop simply because it is implemented. It's an ongoing tailored activity we do all the time.

We have six people whose job is just this. Just like technology, we have to stay with it. You can't just throw it up and forget about it. It grows and the rules and policies need to be modified. What people need to remember is that public service is at the whim and fancy of our constituency groups. We report to the legislator, the governor's office, and the citizens of the state. As such, when we put in a system, it has to comply not only with federal regulations but also with state legislators' intent, as well as the governor's office. That is the difference and that is why we take security really personally here.

I have heard good things of the support that Forcepoint gives us, so I would have to say that its good.

I don't work with the product directly but I am very well attuned to what they are doing.

I don't believe that we had a DLP in place prior to now.

We had security, but two and a half years ago our agency set out to really step up its information security program.

During that time we have made major investments, in process, like data classification, security concerns, risk assessments, risk management, etc. We do this for a living, so it is important to us.

There were products out there for data loss prevention technology, but we didn't believe that they had yet achieved the maturity that they have today, so it would have been premature to pull something in sooner.

The marketing in and of itself is growing, expanding, and changing. Wait until you get ready to do business intelligence and artificial intelligence and try to secure that when it can bypass you on its own. Give learning machines enough instructions and they will figure a way out.

To the best of my knowledge, the initial setup was pretty straightforward. We also had quite a bit of coaching that was done for us by the vendor.

We are still working on deployment. It's going to take two to two and a half years. 

It all depends on the political climate that we're in. We are not a normal state agency. We do not have one constituency group, we have multiple constituency groups. We license vehicles, drivers, and professionals, such as lawyers, attorneys, landscapers, architects, etc.

In addition to all of that, we also have a lot of partnerships with law enforcement agencies, courts, lawyers, and insurance companies, so we do a lot of highly technical security programming here. 

We don't just throw it out. We are methodical in how we do this.

We didn't use an integrator reseller or consultant for the deployment. We are doing it our selves.

If I were to give some advice, I would say don't try to do it all at once, it won't work. Know that you're going to go. It's different from building line-of-business solutions. Whereas from a line-of-business solution you work from the outside in, with security programs you work from the inside out. You have to get your data governance in place, as well as information security governance. You need to assign who will be responsible. Decide who to send information to if something does happen. All that has to happen before you begin trying to bring in a system.

You have to know your organization well enough to be able to configure a product to make effective use of it. Don't do it unless you have the guts to do it.

I would rate this solution as eight out of ten. There are better solutions, but this was better when it came out. When it did come out, this was the best solution we could find. At the same time, I don't know if I would rate anything else higher than that now, either. Every security tool that we have seen has pluses and minuses, advantages and disadvantages.

Another reason we didn't go with the IQ or any management type of component is the deconstruction and the reconstruction of existing security roles. The biggest problem information security has today is the decoupling and deconstruction of active directory designated accounts which for all practical purposes were based on functionality. One role can have multiple pieces of functionality associated with it, so going to a role-based type of solution muddies the waters.

The vernacular needs to change to be more adaptable if they're gonna put out the configuration types of solutions.

Forcepoint is installed on our company-issued laptops to act as an on-premises firewall. This ensures that we cannot access websites that are not whitelisted in the Data Loss Prevention (DLP) system, even when working from home.

The most valuable feature is security.

The administration should take a proactive approach to ensure that research-related websites can be accessed without having to be whitelisted, even if there are some sites that remain off-limits.

The setup is complex and has room for improvement.

The support is slow and has room for improvement.

I have been using the solution for three years.

The solution is as stable as our internet connection.

I give the scalability a nine out of ten.

We have 3,000 employees using the solution.

We use third-party technical support. The turnaround time for support is slow.

I believe the initial setup is complex and is handled by another team.

The deployment was done over the weekends and it took the IT team approximately two to three months to deploy bank-wide.

The licensing is on an annual basis.

I give the solution a nine out of ten.

The solution requires around 15 people for deployment and maintenance.

I recommend the solution to others.

We use the solution for processing our sensitive data which is strategic data and strategic information exchanged between our top management personnel. 

The purpose was to acquire the solution to protect us from incidents involving the sensitive data from our group getting taken. This happened previously, where data was taken from us and given to another competitor. There was another leak as well and since then we've tried to carefully guard our data and implemented, for example, Apple Mail to protect our mail from third parties.

The product is interesting. It meets our needs very well. It's the best solution when compared to Symantec, for example. We have both ForcePoint and Gartner as well and it's a leader among similar solutions.

The solution offers very good sensitive data protection.

The solution is excellent at protecting strategic information. I deployed it when I was working in the petrol industry for an oil and gas group. It was the biggest one in Morocco. We held important information about critical activities, including providing gas and oxygen for the hospital. We were considered critical IT and we had to comply with the operative elective and the law. DLP helped us to protect our data and we improved our safety in order to comply with the law and existing regulations.

It would be wonderful if the solution could develop more AI and machine learning capabilities. It would also be good if the solution was able to integrate with other ML and AI solutions. Right now, this is lacking.

We started working with Forcepoint DLP three years ago. 

The solution is stable enough.

The solution easily scales. We are able to expand it as needed.

Technical support was good. 

The is the first type of solution in this category that we have used.

In terms of implementing the solution, it's not easy and not complex. It's average. The deployment's level of difficulty is average as well. You just need to have the prerequisites satisfied. 

I appreciate their support because their support was with us to assist us until we deployed the two instances in our infrastructure.

I was the CISO, the Chief Information Security Officer of the company, at the time. My scope was to assist and to manage the project from the start to the close. I worked with the operational security to deploy it.

My scope was to cover governance. For example, elaborating on the policy for classification. It was a prerequisite to define the policy target in the DLP and to organize or to plan for the workshop with the strategic and sensitive entities in our group. I made sure they tried the solution and integrated the entities into the pilot side as well. 

The solution's support assisted us throughout the deployment process.

We were on Office 365 on the cloud. It wasn't enough. Since then, we've described our policy to Apple Mail and have elaborated out information classification. Afterward, we invited the business and the strategic entity to workshops to classify the data effectively and try the solution after implementing the DLP.

We use a hybrid deployment model and acquired the solution with the hybrid functionality to help protect our sensitive data in the inter-managed hybrid space.

The solution has been good, and it has responded to our needs. As a group, we were afraid of the safety around our sensitive data which was exchanged in our mail. We had an obligation to protect the data classified as confidential or restricted. The solution, since implementation, has helped us to protect our data and mitigate risk effectively.

ForcePoint also offers a bundle that includes modules that cover URL filtering and app data for other DLPs. It's very good.

Based on my experience, I advise any other organizations to test, try, and to be convinced by the solution before fully implementing it. Users will need to define exactly what it is they need from it and what their exact needs are to effectively deploy it. I think every user will appreciate that solution. 

We've experienced a lot of cyberattacks, so the DLP is necessary for us and would be beneficial to any company that has critical activities or has staff that exchanges sensitive data.

I'd rate the solution nine out of ten.

Some implementations in Forcepoint are easy to do. 

We cannot implement very complex policies or use cases with Forcepoint.

Forcepoint's data visibility is the most valuable feature. 

They need to improve their reporting feature as well as the incident response. They have very limited and basic response rules available for incident management so they need to improve them.

I have been using Forcepoint Data Loss Prevention fora year and a half.

I rate the stability an eight out of ten.

The scalability is an eight out of ten. 

The technical support is average.

Positive

The initial setup is straightforward. It takes about three to four hours to implement this solution.

The solution is expensive. 

Overall, the solution is an eight out of ten. 

We're trying to use the solution for data loss prevention on the endpoints.

Every time I pushed the agent to laptops, I wasn't able to gain visibility.

I do not have any real valuable features at the moment. 

It was mostly stable. 

There is a lot of articles and documentation that technical support direct you to.

Getting tech support to assist us took too long. 

The communication between endpoints and the DLP over the internet was difficult.

The ease of deployment wasn't as flexible as Digital Guardian. We did not have a good deployment experience. 

It needs better pricing.

There is too much going on. We need help understanding all of their tools and offerings. We need to understand their offering, and we don't right now.

An integration deployment feature would be great for APIs. They need to use standard APIs and tools.

They need more resources online to assist users in looking for the most up-to-date documentation. 

I've used the solution for two months. 

I'd rate the stability six out of ten. It was okay. It could have been better. 

I did not look into scalability. 

Customer support simply directs us to links to read up on our own. When we contact support, we need one on one help, not directions to articles. They need to improve the way they deal with customers and be more hands-on. 

Neutral

I've also used Digital Guardian. It is an easier solution to deploy.

The initial setup was not that simple. The solution itself is too big, too vast, to really learn properly. It also wasn't as flexible as we needed it to be 

The cost is too high. They need to work on their pricing model. 

I wasn't a part of the decision-making process. 

I cannot recall the version number we're using. 

I'd advise potential new users to do a proof of concept and check vendor integrations. Increase the POC to two or three months, and don't be rushed into the product until you are ready.

The solution is too fast to learn everything. Digital Guardian was much more manageable. 

I'd rate the solution seven out of ten. 

We are a solution provider and Forcepoint DLP is one of the products that we implement for our clients. We have Forcepoint DLP at one of the telcos and one of the things that we are trying to discover is information, across the organization, that is of a personal nature. We are using it to comply with POPI, which is the equivalent of GDPR in South Africa. We are also using it for PCI-DSS requirements. This discovery component works quite well with respect to the search.

When we deployed it for a bank, it proved highly efficient in terms of PCI compliance. It was very quick to pick up where people were divulging personal information regarding credit card holders. We then deployed very simple rules that we had customized, without the need for data classification.

Initially, if you were just doing PCI-DSS, because it's very limited information that you needed to protect, you could do it without data classification. This was good for an organization that had data to protect and wanted to comply with PCI-DSS, but had not done the data classification at that point.

The rules that we put into place were simple. For example, if more than two credit card numbers are being pushed out then block it, or first put it into monitoring mode and then block it.

One thing that I really like is that you can customize the rules. 

The challenges that we've had are related to deployment, especially around the discovery component, and with the local support that we receive in South Africa.

With respect to the discovery component, the reports are very hard to interpret because they come out in an illogical format. We forwarded the reports to our local support team, who were also unable to help me. Eventually, the problem went to the UK for that team to interpret the report.

Ultimately, my biggest challenge is the discovery component with respect to the reports, as good as it is in terms of the integrity, or the search. It is a question of how you translate technical reports into business language. We tried the cloud version, which is Forcepoint CASB, and we found the same thing.

The local support team is made up more of salespeople than engineers and as such, the support in South Africa can be improved.

My experience with Forcepoint Data Loss Prevention goes back to 2005 when it was still called PortAuthority. The product has evolved massively since that time. I have deployed it and worked with it for different organizations at different locations.

Initially, it takes a little bit of processing but nothing to be too concerned about. Stability-wise, nothing has really annoyed us. 

The scalability is fantastic. One of the things that I like about Forcepoint is that I can customize the solution to suit my objectives. For example, if I only wanted to prevent PCI then I could just go in and do that.

One of my clients has quite a large deployment, with approximately 30,000 users. They have plans to roll it out to the rest of Africa.

Technical support from the UK is good. However, the experience of local support in South Africa is not at the level it should be. Most of the local staff are salespeople, as opposed to engineers. Support for the deployment of the product is seriously lacking.

In the UK, they were much more knowledgeable about the product, as well as the outputs and how to actually read them to make business sense out of them. It was much better than what we had in South Africa. Locally, they simply said that they didn't understand it. Most customers will shy away from products when the support is like this.

Because they answer the phone, I would rate the local support a two out of ten. The European support was better, so I would rate them a five out of ten. There were delays in their response but I'm not sure if it was related to the difference in time, or it was part of the ticket escalation process.

One of our clients was using the Symantec solution prior to Forcepoint. We convinced them to switch because Symantec does not have a great presence in South Africa and support was an issue.

They had been using it for quite a long time and had not seen the necessary return on investment. With the new legislation, it was time for them to change to something that was more practical, and more user-friendly. The product works great now.

The implementation is not as easy as people make it out to be. Once you get it right, the product is fine, but this requires understanding it and getting the proper training. A novice that has begun to work with the tool can find it quite difficult to implement if they don't have a good understanding of the product, and do not have the right support.

For example, in one organization it took us about three months to implement it, whereas it should have taken about a month.

Our clients have hybrid deployments, where they are part on-premises and part cloud. The choice of cloud provider is made by the client but they either choose Microsoft Azure or AWS.

The implementation strategy that we use varies depending on the client. For example, at the bank, we wanted to prevent data breaches, especially with credit card information, and ensure compliance. Therefore, our strategy was focused on just the PCI requirements so that we could take reasonable measures to protect the organization. Essentially, we wanted to go from zero to hero quite quickly. That was possible because of the flexibility and agility of the product.

When it came to the telco, it was a completely different strategy. It was a long-term strategy in terms of protection of personal information and preventing it from being divulged without authority to would-be criminals.

When we deployed it, we literally had to look at the requirements and configure it from a POPI perspective. In this regard, the deployment was skewed toward personal information breaches.

We worked with a local reseller, Performanta.

Their skills were meant to be the best in the country but it left a lot to be desired. We had to use the UK offices and that's a challenge with most of the organizations in South Africa. With big vendors, South Africa is a small market, so the investment in South Africa is not what it should be. Understanding, managing, and integrating products needs to be improved, in general.

For deployment, there were eight of us in total. Two were engineers, there were four analysts because we had to write the business rules and document them, there was a project manager and a few others.

Maintenance is being done by the client, in-house. They have two engineers that are responsible for it, and they have purchased support from the local providers.

My clients are seeing ROI because the privacy office is quite comfortable now that they've done everything reasonable to meet the compliance requirements. There is a level of assurance provided by the DLP solution.

In terms of pricing, it is good for a corporation but they do not cater to small to medium businesses. They have to look at a different pricing structure for small to medium-sized enterprises because the cost is too high.

This is compounded for the African market because of the exchange rate. One dollar is equal to approximately 15 rands and if you were to multiply that by the price of the product, it becomes quite costly.

There are no costs in addition to the standard licensing feed, although you still need to understand the operational impact that it has on an organization from a resource perspective. That needs to be factored into the total cost of ownership.

We compared Forcepoint with NetSkope to assess its reporting capabilities and we found that the NetSkope report was very easy to translate, understand, and explain to a business. Forcepoint was instead very cumbersome, unstructured, and illogical. It required an expert to actually interpret the report, which is something that you don't want.

We have also looked at the McAfee product, as well as the one from Microsoft. At that stage, the solution from Microsoft was a little immature and I have not looked at it since. Forcepoint was the leader when we implemented it for our clients.

Comparing Forcepoint to the other products in general, the data discovery capability was great, except for the interpretation of the report. The OCR capabilities were also good for us because it's a telco and they have a lot of paper going through. 

The tool works great but they don't talk about the operationalization of the tool from a process perspective. When people sell DLP solutions, they talk about the efficiency of the tool, but they don't talk about the impact that it has on an organization from a resource perspective.

You would need a team to analyze all of the exceptions that you have, like the way they do in a SOC, where you have analysts looking at the incident. They analyze and investigate it, and then determine whether it is positive or negative and something that we have to be worried about. For example, our organization had approximately 70,000 end-users, who were employees. There is quite a large amount of data that is transferred across our network.

In our case, if a person is sending more than one credit card credential out of the bank, it was flagged. If it was more than one, you had to have a whole backend process where the analyst had to look at it, then perhaps ask the person why they were sending out this information.

When we were first looking at this product, there was nobody who informed the customer as to the complete ecosystem that would be required to have an effective DLP solution in play.

My advice for anybody who is looking at Forcepoint is that they need to understand what it is that they are trying to prevent. You cannot be totally dependent on the tool to do everything. This is not a criticism of Forcepoint but rather, a criticism of the way it's sold. The product will do what it's built to do. But, if you're expecting it to automatically manage the incident, then it cannot do everything. It can block, it can monitor, and it can create alerts, but you still need your analysts. For most CSOs or IT managers that are looking to deploy, they must factor in the practical implications of operationalizing it. They need to have a process in place. They need to have an escalation process in place, and they need to have resources like analysts to actually look at the exception reports.

This is an effective data leakage solution, it does what it's meant to be doing, and the interfaces are great. The biggest lesson that I have learned from using it is to understand the total cost of ownership.

I would rate this solution an eight out of ten.