Forcepoint Secure Web Gateway Reviews

I use the solution to secure the traffic by allowing some categories and sites.

The solution’s administration is easy.

The technical support team's response time could be improved.

I have been using Forcepoint Secure Web Gateway for two years.

I rate Forcepoint Secure Web Gateway a seven out of ten for stability.

Around 4,000 users are using the solution in our organization.

I rate the solution a nine out of ten for scalability.

I previously used different solutions like Proofpoint and Palo Alto.

The solution’s initial setup is straightforward.

When the hardware is available, the solution's deployment should not take more than two to three weeks.

I am using the latest version of Forcepoint Secure Web Gateway. The categorization for websites feature of Forcepoint has proven to be the most effective for our security needs. Updating the solution has helped us with threat detection. Three engineers are involved in the maintenance and daily troubleshooting of the product.

I would recommend Forcepoint Secure Web Gateway to other users.

Overall, I rate the solution an eight out of ten.

On-premises

We use the solution as an overall proxy. We are using Forcepoint Web Gateway to allow only trusted, valid URLs - whatever is accepted or offered by the cache rate.

It's a landing zone for all kinds of end-user traffic for the internal users, as well as to protect against any attacks from my external users. Also, it controls the internal IT assets and can protect us from hard, new, cyber attacks, ransomware, and other things. That's how it has been used right now specifically.

The agent is acting as a HIPS, host intrusion prevention system, apart from providing trusted access to any external websites. It is doing some real-time monitoring, as well as reporting security events. It can able to give an alert for any security event, which is any unauthorized event. It sends a notification to the reporting manager, who can be immediately alerted. It can happen in nearly real-time. The reporting is very helpful.

There is some sandboxing available, which is quite useful. 

The solution is scalable.

It's fairly easy to set up if you have some prior knowledge. 

The stability is good. 

It offers reasonable pricing. 

The Sandbox solution should be integrated with the NIST to handle whatever new vulnerabilities or new sites are identified as potential threats. That could be dynamically integrated and implemented in a production enrollment, just like intelligence threat production. That would help in an intruder use case.

We've been using the solution for three or more years. 

The stability is okay. The performance is also very good. The threat handling is almost near real-time, and even notifications and reporting happen fast so that we can take corrective actions. Overall, the experience was good. There are no bugs or glitches. It doesn't crash or freeze. 

In our organization, we have 35,000 people.

It is very scalable. We haven't had any issues with the process. 

I don't deal with technical support directly. However, we haven't had any major issues and likely have not needed much support in general. 

We are using multiple products. For an antivirus, we are using Symantec solution as well as Trend Micro. For our deep security, we are using IBM Deep Security. For our SIM product, we are using IBM Suite, as well as, for all other things, Cell Core for data DLP and DLK solutions. Predominantly, that's it. We are also using Forcepoint and a few other cloud-based web solutions.

However, we used something called CrowdStrike only as a validation solution for a very short period. Then immediately, we started migrating to Forcepoint.

CrowdStrike predominantly behaves like a sensor; it's not giving all the features of a proper web application firewall. We have to configure a bunch of things as a part of the CrowdStrike.

If a person understands all the important tools and how they can be integrated with all other security products, it's easier to set up. It's a little bit of a challenge for any new person. There should be a blueprint or a condensing intro matrix. The Secure Web Gateway must be integrated with multiple other security products within the enterprise. There needs to be a compatibility matrix, like how this virtual VDA enrollment and other solutions. Nowadays, VDA enrollment is also coming as a hosted solution in the cloud and virtual software enrollments. It can be either on Azure, AWS, or some other third-party tools, probably that's like VMware Horizon, or it may be coming from Nutanix Frame. There are so many integration complexities in a large enterprise. If there's a blueprint, automation, or workflow, it improves the early adoption of these tools and provides a better onboarding experience.

Most of the deployments we manage through the deployment tools collected, either via IBM patch management solutions, or some automation tools, like Python. Using these agents helps with the rollout.

Initially, we took a week to ten days to deploy the product. However, rolling out the agents now, the agents are adding automated tools. For the initial implementation in our organization, we had more than 2,000 finder servers, plus other NTPs, which is why it took almost ten days.

I'd rate the overall process a four out of five in terms of ease of deployment. 

Following deployment, the maintenance is minimal. It's on the cloud and we have a subscription, so there isn't much to manage. 

While I'm not directly handling the licensing and payments, my understanding is the solution is competitively priced. 

We're internally using the product. I'm not sure which version of the solution we're using. IT and security mostly deal with the product and any updates. 

Potential new users will find it easy to adopt this solution. Most policies can be leveraged from other deployments, and you can confidently run them. 

I'd recommend the solution to other users and companies. 

I would rate the product nine out of ten. 

Public Cloud

Amazon Web Services (AWS)

We primarily use the product for web filtering and enhancing our organization's web security posture.

The web filtering feature, despite its challenges, has been somewhat effective.

The product could improve its automation capabilities, improve integration with virtualization, and enhance its web filtering specifics. Additionally, it could benefit from adopting proprietary ASICs to improve performance and throughput.

Future releases should include features found in FortiGate and Palo Alto, such as improved SD-WAN management, better monitoring of rules and interfaces, live traffic monitoring, and more user-friendly troubleshooting methodologies.

I have been using Forcepoint Secure Web Gateway for three to four years.

The platform is fairly stable but has limitations in terms of performance and throughput.

The product is not as scalable as FortiGate and Palo Alto.

The initial setup was not complex; following the guide allowed a smooth configuration process.

Forcepoint's pricing is moderate. However, transitioning to solutions like Palo Alto or FortiGate, despite potentially higher initial costs, could offer better long-term value due to their advanced features and performance.

We evaluated other technologies including Palo Alto and FortiGate.

The product is relatively easy to configure if you follow the guide, but it lacks throughput and performance compared to competitors. In our experience, the technical support has been underutilized.

The solution needs better SD-WAN management, improved monitoring, and more effective troubleshooting tools like Palo Alto and FortiGate.

I rate it an eight out of ten.

I've done a few deployments with roaming user filtering and with central management consoles on the content creation and on different critical locations.

The DLP database from Forcepoint is also very good.

It's got a very reliable orientation.

It is a scalable solution. We can use it for global-level customers and for separate locations.

This is a highly detailed product with very good key features. When it comes to optimization, it's similar to Blue Coat. It has a very stable architecture.

It's very feature-rich when it comes to visibility and reporting. The reporting module is very handy. We can schedule reports and generate investigations. 

The initial setup is easy.

I'd like to see the solution improve the banded optimization to offer more bandwidth control, similar to what is on offer with Blue Coat. For example, it would be useful if we could arrange the restriction of certain uploads for particular applications.

It would be great if they had classic customization features. I have quite good experience in Check Point solutions, so I experienced how application protocol features help when we want to deploy bandwidth content filtering. I expect to have the same or close to the same level of customization in Forcepoint.

My bread and butter is Forcepoint DLP. I've worked for about seven years with Forcepoint solutions. However, I've worked with the Secure Web Gateway for five years and have deployed it for customers as well.

The solution is stable and reliable. There are no bugs or glitches, and it doesn't crash or freeze. 

It has good architecture. It has an architecture where I have the policy brokers, policy severs, and content creation, as well as an integrated reporting module with a reporting database. I have a team building products with me, including OEM software. When it comes to Forcepoint, it's a very reliable solution.

Many of our customers have between 400 and 800 users. 

I've contacted support many times. 

I cannot say they are excellent support. That said, quite often, I get some good support. Still, I cannot recommend them highly. Luckily, I can manage myself just fine. Now that we are in an apex region, I hope that we will get a good level of support for the application.

Neutral

I am also familiar with Blue Coat

The initial setup is not overly difficult. 

The time it takes to deploy the product depends. If I have all the items I need in my hand, it doesn't take that much time. However, compared to other products, it takes a little while time since you need to get it on the client's field servers for reporting, and you need to have some access with admin privileges. 

I'm able to deploy the solution for my clients. 

I don't deal with licensing and have no visibility on the exact pricing. 

I'm a partner. My company is a system integrator, and I am a consultant. We deploy this solution for clients and have handled five or six high-end deployments so far. 

I'd recommend the solution to others if the requirements make sense and it works in the company environment. 

I would rate the solution seven out of ten. It's very reliable. It just needs more features.

On-premises

Secure Web Gateway's most valuable features are firewall blocking and anti-malware scanning.

The automation lifecycle, integration, and export functionality could all be improved.

I've been using Secure Web Gateway for over three years.

Secure Web Gateway is a stable solution.

This solution is scalable.

Forcepoint's technical support is good, but in the future, I'd like them to provide more tutorial documentation.

The initial setup was simple.

I would rate this solution eight out of ten.

Hybrid Cloud

The use case is that they don't want a proxy on-premises. They want everything to be on the cloud, with all processing happening before it reaches the firewall. Typically, in a traditional scenario, when I try to access a website like gmail.com, the request goes through the firewall. The router, and is cached, with multiple security measures applied on-premises. Forcepoint handles all these processes on the backend, so the customer doesn't need to worry about on-premises infrastructure. 

Everything is handled on the backend side. Users don't need to have any proxy on-premises. The solution handles all the dirty or initial traffic from their network, managing it on the backend itself.

The technical support needs to be improved.

It simplifies security by enabling partners to implement it straightforwardly. DLP is essential and requires capable engineers for effective deployment. Currently, opportunities may involve high implementation costs, handled either by distributors or directly by Forcepoint.

I have been using Forcepoint Secure Web Gateway as a reseller. We are selling Forcepoint V5000 appliances.

Stability depends upon connectivity. If your connectivity is good, you get the best stability.

I rate the solution’s stability a nine out of ten.

You need to add the number of users and configure them. 5000 users are using this solution. It is suitable for enterprise customers.

I rate the solution’s scalability an eight out of ten.

Forcepoint offers two levels of support: standard support and premium support. With standard support, you can open a ticket, but you may need to wait up to 24 hours for a response, and sometimes the engineers might not be available promptly. Premium support, which comes at a higher price, promises quicker response times. There is a lack of qualified engineers and partners to implement the Secure Web Gateway.

Neutral

The initial setup is difficult. Integrating it involves connecting with multiple parameters such as data servers, file servers, and email management systems. This integration process can be pretty complex and challenging.

Forcepoint Secure Web Gateway can typically be installed within one day for a hundred users. However, for larger deployments, such as 1,000 or 5,000 users, the installation process may require at least a month.

The product has average pricing.

I rate the product’s pricing a seven out of ten, where one is cheap and ten is expensive.

If you want to deploy Forcepoint Secure Web Gateway on-premises, you'll need a server, a switch, and a firewall, among other components. This setup involves significant initial investment, which affects ROI and total cost of ownership. While a proxy can handle some aspects, it doesn't provide the comprehensive security features that Forcepoint offers.

Overall, I rate the solution an eight out of ten.

Public Cloud

Microsoft Azure

I have found the simplicity of the solution valuable. The dashboard and reports are good as well.

Our experience thus far with Forcepoint Secure Web Gateway has not been good. The availability of clusters is limited, and the product is very unstable. The development team is slow as well.

There have been a lot of changes in the network at Forcepoint, and we've had downtimes of almost three hours. This happened six times from August to December.

When Forcepoint moves user traffic to another cluster during maintenance, the transaction is not smooth for end users. They lose access to the internet.

In the Middle East, the ISPs block the IPs of Forcepoint, and the Forcepoint compliance team has been unable to resolve these issues.

Forcepoint should focus on understanding how Zscaler works.

In the next release, they should provide an inbuilt, full-fledged DLP CASB feature.

Forcepoint should also work on improving their communication regarding maintenance.

I've been working with this solution for the past seven months.

We have experienced several problems with stability, so I would rate the solution at four out of ten for stability.

I would rate Forcepoint's scalability at seven out of ten. 

We have 75,000 end users and around 300 IT specialists who use this solution.

Technical support staff take a long time to understand and resolve issues. You will need to implement a workaround yourself as technical support may take six months to resolve an issue. This can be the case even when the ticket is escalated. Therefore, I would rate technical support at four on a scale from one to ten.

Neutral

The initial setup can be complex depending on the location. For instance, in the Middle East, we have to use our direct endpoint client. In Europe, we use the proxy endpoint client.

The cost for Forcepoint Secure Web Gateway is lower than that for Zscaler and Netskope. It could be around $4 per user annually.

I would not recommend Forcepoint Secure Web Gateway because of all the issues and give it an overall rating of five out of ten.

Public Cloud

Amazon Web Services (AWS)

The most valuable feature for me in Forcepoint Secure Web Gateway is URL filtering, though all other features of the product are okay as well.

A room for improvement in Forcepoint Secure Web Gateway is the support it offers. It's very bad.

What I'd like to see in the next release of the product is for it to be less complicated because at the moment Forcepoint Secure Web Gateway is more complicated than other products. Sometimes issues come up that you can't solve without the support team. For example, you should write the root password to fix the issue.

In the next release of the product, it would be good if it had an easy-to-use interface. Troubleshooting issues in Forcepoint Secure Web Gateway should be less complicated as well.

I've been dealing with Forcepoint Secure Web Gateway for about two years now. My company doesn't use the product. It's the customers who use Forcepoint Secure Web Gateway.

Forcepoint Secure Web Gateway is a scalable product.

We had to contact Forcepoint Secure Web Gateway technical support because some of the features didn't work, but it took them a long time to respond. Sometimes, even if you call support many times, they will not respond. In the end, they weren't able to solve our issues. We solved the issues ourselves.

The initial setup for Forcepoint Secure Web Gateway isn't easy. When you compare it to Fortinet, it's very complicated.

For example, for Fortinet FortiProxy, you don't need to install the database or SQL, and there's no need to prepare a server. You also don't need to do a lot of authentication because it's only one appliance, so it will work via proxy, then you can do the installation.

For Forcepoint Secure Web Gateway, you need two servers: one for installing the management software and the second server for SQL, and only then can you control the appliance.

The initial setup for Forcepoint Secure Web Gateway is complicated, especially when compared to Fortinet FortiProxy.

In terms of Forcepoint Secure Web Gateway pricing, I'm not part of the sales team. I'm on the technical team, so I don't have information on the price.

I work for an IT company that provides solutions to customers such as Fortinet, Palo Alto, Forcepoint, and GoSecure. In terms of Forcepoint, my company focuses on web security, particularly Forcepoint Secure Web Gateway.

My company has enterprise customers who use the product.

The number of users of Forcepoint Secure Web Gateway varies. One customer has around six hundred users. Another customer has three hundred users then there's a customer in the banking industry that has a thousand users.

My advice to others looking into implementing Forcepoint Secure Web Gateway is to prepare a lab and create scenarios in the lab before going to the customers.

My rating for the solution is seven out of ten.

On-premises

Our primary use case is to control internet access based on security profiles. Users are restricted to legitimate sites and then, based on the business use case, we provide access to streaming sites and the like. We are customers and resellers of Secure Web Gateway and I'm a company director.

All the secure gateways are more or less the same. The value of Secure Web Gateway is the visibility it offers and the ease by which we can put controls in place. We enabled the cloud DLP so we can see what's happening to the data. The solution also provides good filtering features. 

One improvement I'd like to see would be to simplify managing the endpoint for both DLP and web security, so that endpoint management becomes easier. The dashboard is a little old so a new GUI would be helpful as well as updated reporting tools. It currently lacks some features that other solutions have. 

I've been using this solution for over eight years. 

It's reasonably stable but sometimes there are issues in the cloud. 

The scalability is good, our entire organization uses this product including engineers, marketing and administration. 

I'd say that customer service is above average.

The initial setup is straightforward, we deployed in-house and implementation required one person. The initial setup takes two or three days, but rolling it out and making sure that everybody has the required access, and that business applications are accessible, can take a month or so. 

The ROI is like insurance, it's the knowledge that you're protected. The fact that it's taking care of my security needs, is a return.

I'm unaware of licensing costs but there is an extra cost for additional reporting.

It's important to test any solution before making a decision to purchase it. Evaluate your needs and expectations, and carry out a POC. 

I rate this solution eight out of 10. 

Public Cloud

Other

It protects against data leaks and offers us application security.

The solution is a combination of Gatsby web security and the LP. That is why we are pushing Forcepoint ONE. Forcepoint ONE is a product itself that Forcepoint has been recently pushing to the customers.

The product is simple.

It's stable and reliable.

They will require a combination of other brands and other products that actually caters to the data leak portion. Forcepoint ONE, for example, covers for the data leak itself, however, it's just data leaks. In order to have comprehensive security protection for your data, you will need other products, like data encryption. You will need privileged access management and endpoint security to make the Forcepoint product more robust. 

The initial setup can be complex.

I've used the solution for about three years. The company I work for has been working with it for about five years.

The solution is stable.

If you are looking for just data leaks and web security, the product itself should suffice, however, if you want to make your solution or your cyber portion more robust, then you will require other products to be embedded as well to work hand in hand, for your information to be more secure.

Being the distributor for Forcepoint, we have our own engineers to cover from day zero to day two in terms of engineering support for deployment and forming payments and also for troubleshooting. We do leverage Forcepoint, however, we have our own in-house engineers to assist Forcepoint to cover the clinical aspect.

In terms of the policy, the initial setup can be complex.

The solution is simple, however, the complexity comes when you are writing the policy for the data leak part. Even web security is all policy. You would need to translate your business requirements into cyber security requirements so that basically whatever policy that is being in place, covers your business requirements for your cyber footprint.

We help our customers or partners deploy the solution.

We are the authorized distributor for Forcepoint in Asia-Pacific.

Currently, we are pushing Forcepoint ONE into the market.

The thing to consider at the outset is, basically, what they want to protect. Are you protecting internal factors or are you looking at protecting from external factors? Forcepoint DLP covers the internal factor, meaning that you do not want your data to be compromised from internal leaks, and not external. If you're looking to protect against external anomalies, then basically it's Forcepoint Secure Web Gateway that you should be looking at.

I'd rate the solution eight out of ten.