Forcepoint Secure Web Gateway Reviews

For the most part, the solution, when set up correctly, works fine.

Sometimes we find the solution behaves erratically. It may be related to our configuration, which may be incorrect. We are using desktops, laptops, and workstations and the laptops are set to mobile status. We do make connections outside the office premises as well, and desktops or workstations are predominantly located in the same place. 

Overall the software is occupying too much memory space. If they could remedy that, it would be a better experience, because today Windows is occupying too much memory space as well (in terms of the RAM), and this software has also started occupying all the memory. Due to this, I have less space for my other office products and data. I can't, for example, operate a huge Excel sheet or other datasets. 

Product grouping should be made more flexible. We should be in a position to define the product groupings. Also, sometimes the standard product grouping that they are using is not applicable in this part of the world. If they could move it, if they could make it more flexible, it would make our life easier. Otherwise, we are forced to use our own definitions a lot. This sometimes causes problems with performance. The product grouping really should concentrate more on this particular geographic region.

I've been using the solution for about five years.

In my opinion, it's a very stable product.

Companies really have to know how their organization will scale before purchasing the solution. Otherwise, they will be limited. In our case, we've grown far beyond our expectations, and are now facing issues. These products are not that scalable even though the company claims that they are.

The solution is used quite regularly. On average, we use it up to eight hours a day.

We've used technical support in the past. We are one of the major clients for most of these products in India, so we get proper attention from the company. We've been satisfied with the level of support we've received.

We didn't face any major issues at the time of implementation. We were using the facility management of both HP and IBM. They each have their own in-house capability to manage the software. Also, the OEM would have supported them well. As such, we didn't see major issues on any of the software implementation. There were just a few initial hiccups that can happen on any major project.

The version I'm currently using is about four years old.

My recommendation to other companies would be that they should spend more time analyzing their workload including access approvals and whitelisting/blacklisting. They should have a very clear way of defining the blacklist or whitelist.

Companies should also spend more time on sizing the product and considering how they will grow in the future when sizing it. That clarity is a must to decide the proper product size that will last over years as a company potentially grows. 

I'd rate the solution seven out of ten.

We are a professional services company and I use this solution in my office, but I also implement it for some of my customers. This product is used as a security gateway, and more generally, as part of an internet security solution.

I have some customers who have deployed this solution on-premises, while others have a hybrid cloud deployment using Azure or AWS.

I can now go to sleep not being bothered of users accessing sites that are wasteful or can compromise security.

The most valuable feature is the categorization, where you can allow general access to an application but limit specific features. For example, you can allow a user to access Facebook, yet restrict their ability to stream Facebook videos or download pictures. The same thing can be done on services like YouTube. A similar example is that of online storage solutions, where you can approve storage collaboration with Office 365 SharePoint, but limit them from using OneDrive or Box.

I really like the fact that you aren't required to get a Forcepoint appliance. It can be deployed on a VM and I am happy to have my own servers.

Forcepoint integrates well with other appliances.

The deployment is a bit complex and it requires expertise to deploy, which is something that should be improved and made easier to do.

I have been working with Forcepoint Web Security for approximately three years. 

We have not had any problems with the stability of Forcepoint.

I have been in contact with technical support and they are great. Every time I call for assistance, they always help. Whether it is weekdays or weekends, if I need a technical session or I request materials or ask them to guide me through something, they've always been very helpful. If you have a pending case then they call you to give you updates and see what else can be done to resolve the problem. They don't allow you to just hunt down issues on your own. Rather, they will help and you are assured that they will work with you.

This is the kind of assurance that we give to our customers or anybody else who is looking into implementing Forcepoint. Especially in my region, I am very confident with the helpfulness and capability of the support, no matter who the customer is.

I am a reseller for many different types of security solutions, and I have a preference in favor of Forcepoint. There are downsides to other solutions that I have not encountered with Forcepoint, and moreover, the support in my region is massive.

The deployment is a bit complex. If you have all of the prerequisites and know all of the sites then the deployment can be done in a few days or a week. It's very rare not to encounter issues because customers will make requests, and you get stuck because of the different environments. You have to contact the customer to figure out how to resolve problems, and it can be time-consuming. The important thing is to have the planning done before starting the implementation.

The simple part of the deployment is the installation on the VM. You just have to get the license, visit the support portal, download the image, and install it on the virtual machine. When deploying on the cloud, you just have to make sure that you have space in Azure.

We have an in-house team to handle deployment.

The Prices are fair and you are assured of getting the value for your money.

Forcepoint looks ahead at what is needed and they seem to be on track. Two years ago, they knew what they would be doing in 2020, and they are on the right path.

I would rate this solution a nine out of ten.

All the proxies have the same features, but the idea here is about URL categorization and the support you have. I found this very interesting in Forcepoint.

In terms of functionality, Forcepoint is the best web proxy available.

I'm an engineer, and as an engineer, I often try to use the best solutions and ones I'm most comfortable with. I like Forcepoint. It's very good for implementation, but it's functionality is great. It has very, very deep technical features, and in-depth introduction features. I really encourage anyone to have it in their environment.

If the solution had a lower cost, it would be easier to implement.

In the 8.5 version of the solution, I took some issue with the interface. 

I'd recommend that the company supports more process to matrix files. We've had issues with that.

The solution should be better able to support itself and operate faster. Sometimes the technical support team takes too long to respond.

I was first introduced to Forcepoint in 2013. At that point, it was Websense and has since been acquired. I've been using the solution in total for about two years. I've spent the same amount of time with the email and web security parts of Forcepoint as well.

The solution is very stable. I didn't see any issue regarding stability. The hub itself is very powerful. It's very good that I can look at the hardware good or node maintenance and see where there are vulnerabilities. 

I implemented it in an environment with multiple users and other environments which included about 20 other items and I've found scalability to be great. You can have a lot of appliances that act as a cluster and you could have high availability on a sort of virtual ID server. You can do additional ID configurations from the other appliances so that typically it extends well. You don't have to have something like download X5. If you have two appliances, you just need to distribute both. For example, you can do it from the configuration. I couldn't find any situation in my work with Forcepoint that was not able to satisfactorily scale. So you can really make it as you wish.

Technical support sometimes takes too long to respond to queries.

In terms of implementation, if you are going to implement Forcepoint, you have to think about how you will deploy it in your proxy environment. You have the ability code, as well as other items. 

If you are implementing Forcepoint in web proxy, it has to be P1 or P2. It has to be on the user onsite as V2 on V5. You could, for some environments, have two interfaces that communicate with each other. You cannot get both to interface, however. If you use the P1 for a user's internet, you then have to make P1 access the internet.

We're a Forcepoint business partner in Egypt.

There are a lot of features already in the application and a lot of features that are added every day, so you have to learn how to implement them. If you decide to use the solution, you have to plan it out and prepare for it. You also have to update your knowledge and make sure your system is updated with regard to the solution. The most difficult part about Forcepoint is that if you take some time away from not working with it you forget features and processes. You need to work on it often and continue learning about it all the time.  

I'd rate the solution nine out of ten.

The primary use that we have for Forcepoint Web Security is for server clusters plus multi-link sites, sites that require not multi-linked ISPs. 

We use Forcepoint Web Security for multi-cluster servers with multi-links so that we can cluster all the multi-links into one link.

For our organization, when we initially deployed Forcepoint Web Security, we were looking to have four different ISP's joined, all the ISP's as one. 

We wanted to utilize all of the network resources in a unified manner. We didn't want to waste other ISP resources. That is the reason why we purchased this firewall.

The most valuable feature of Forcepoint Web Security is creating the easy to install policies that are deployed through the Forcepoint security manual at some stage. Just drag and drop and the policies are there. The cluster is very easy in comparison with other firewalls and the multi-link VPN support is there.

For improvement, we cannot deploy the Forcepoint Web Security firewall directly without ISP. The firewall doesn't have any features because some customers are requesting they will install the firewall without licensing. 

At this time we cannot go further without licensing. Licensing is a must with Forcepoint Web Security firewalls.

I'm not sure that those features are included with Forcepoint Web Security. We checked the other features but we have not checked out their performance.

The stability of Forcepoint Web Security is very good. I have no issues from the customers. They are very happy with the product.

If you are testing any firewalls, there is no downtime with Forcepoint Web Security. We can directly upgrade our firewalls and we can remove the old plans. We can apply newer plans without any downtime.

Scalability with Forcepoint I would rate with an eight out of ten. It is pretty scalable. You can upgrade if you want to expand.

We have a major customer, they are using it with more than 12,000 users. There are currently two security admins and a network admin. They're managing all the firewalls. 

We have a total of 55 firewalls under Forcepoint Web Security. In a year, we are planning to buy new firewalls and expand.

Technical support with Forcepoint Web Security is very good.

The initial setup is straightforward. Deployment, like the initial setup, to configure with the licensing, can be done in two days.

Our use of Forcepoint Web Security is not built on the calculation or the policies, i.e. how the configuration will take place. Based on that, we have two different areas.

The pricing on Forcepoint Web Security is fair. Fair pricing at current market rates, if you are comparing with the competition. 

Forcepoint Web Security is better than Fortinet because Fortinet is free. They still come under the enterprise level of security implementation though.

It is easy to deploy Forcepoint Web Security for whatever type of policies there are out there. We can manage any of our firewalls through one console. Our users prefer Forcepoint Web Security over any other firewall. We look for what the policy of the firewall is and through the console, we can run all the firewall settings.

With Forcepoint Web Security, we can push the policies to all the firewalls. For the upgrade, it can be implemented with no downtime.

I would rate Forcepoint Web Security an eight out of ten. It is easy so we can understand what the policies are and which policy belongs to which firewalls. 

There is no downtime when we are building any firewalls. If any firewall goes down, there will be little to no impact. 

• It has improved our services.
• It has protected clients against cyberattacks.
• It has created more and better end user experiences.

• Protection against ransomware.
• Giving visibility to people's actions in the network, while keeping attackers out: across data centers, offices, branches, and the cloud.

Ease of use could be improved.

The solution was used as a replacement to Microsoft TMG as well as meeting compliance requirements.

Primary use is as web proxies for a government agency.

This product improved the security of web traffic in our environment.

Most valuable features were content filtering and monitoring. As a government agency, it is highly important that the internet is being used for appropriate reasons and we need to track inappropriate behavior.

There were several issues with the product.

• Version 8.4 can only be managed with a CLI, they removed the nice GUI interface from version 8.1. 
• The load-balancing needs massive improvements.
• The incident lists don’t sync between appliances, they need to be manually edited for each one.

Web Proxy deployment in transparent mode with data loss prevention (DLP) and protocol based filtering.

• Transparent mode implementation
• Detect threats on SSL traffic
• Multiple customization options to allow or block a specific content within the web pages has allowed us to simplify the user experience without loss of productivity.
• Ease of updating the latest hotfixes and patches on the appliance.

Transparent Mode: Since we have multiple sites and roaming users, it has helped us in deploying the proxy to users without having to push any configurations to end users.

• FTP access via transparent proxy
• SSL Certificate updates
• Detailed guidelines to deploy the transparent proxy to Firefox users.

• SSL Inspection
• Ability to send decrypted traffic to other security solutions for inspection.

It allowed us to analyze the decrypted SSL web traffic for malware.

Security of browsing.

Seven years.

Yes. When we first began working with it, the product was not mature and we had performance issues.

Now, the product is quite stable.

No.

Good, because we have a MCS (mission critical support) level.

Good, especially for the second line.

No.

It was complex with a lot of technical issues.

We implemented it with a skilled vendor team.

Not applicable.

It is quite expensive.

Yes, Blue Coat and McAfee.

Real-time analytics.

It helps constantly with phishing and cryptolocker attacks.

The reporting could be improved.

Since it was released.

It works as described.

None.

Queries can be slow on multiple terabyte databases.

There is room for improvement.

Their lead technical engineers are excellent.

I have used SurfControl and Websense. I have also tried Zscaler.

It went as planned.

In-house.

Not documented.

Do your homework and base it on facts.

Looked at open tender for all products and evaluated all current products at the time.

It was the best solution available when selecting a product.

Real-time category protection.

There is less need to investigate if a site is malicious. The majority of site gets reported.

• Database synchronization failures
• Encrypted packet inspection

10 years.

The latest deployment was a fairly smooth transition, but previous upgrades and hardware replacements have been very painful.

Stability has been good with this version of code (can say the say with previous versions).

No, but we have stayed with the same scale and have not needed to scale anything.

They are okay. We haven't needed to deal with them too much.

Depends on what tech you get.

Prior to my position here, but I would know what.

Our environment is complex, so it is hard to say.

We implemented using a vendor team.

I don't track this.

Due to staffing needs, we did not consider other solutions.