Forcepoint Secure Web Gateway Reviews

Primary use is as web proxies for a government agency.

This product improved the security of web traffic in our environment.

Most valuable features were content filtering and monitoring. As a government agency, it is highly important that the internet is being used for appropriate reasons and we need to track inappropriate behavior.

There were several issues with the product.

• Version 8.4 can only be managed with a CLI, they removed the nice GUI interface from version 8.1. 
• The load-balancing needs massive improvements.
• The incident lists don’t sync between appliances, they need to be manually edited for each one.

Web Proxy deployment in transparent mode with data loss prevention (DLP) and protocol based filtering.

• Transparent mode implementation
• Detect threats on SSL traffic
• Multiple customization options to allow or block a specific content within the web pages has allowed us to simplify the user experience without loss of productivity.
• Ease of updating the latest hotfixes and patches on the appliance.

Transparent Mode: Since we have multiple sites and roaming users, it has helped us in deploying the proxy to users without having to push any configurations to end users.

• FTP access via transparent proxy
• SSL Certificate updates
• Detailed guidelines to deploy the transparent proxy to Firefox users.

• SSL Inspection
• Ability to send decrypted traffic to other security solutions for inspection.

It allowed us to analyze the decrypted SSL web traffic for malware.

Security of browsing.

Seven years.

Yes. When we first began working with it, the product was not mature and we had performance issues.

Now, the product is quite stable.

No.

Good, because we have a MCS (mission critical support) level.

Good, especially for the second line.

No.

It was complex with a lot of technical issues.

We implemented it with a skilled vendor team.

Not applicable.

It is quite expensive.

Yes, Blue Coat and McAfee.

Real-time analytics.

It helps constantly with phishing and cryptolocker attacks.

The reporting could be improved.

Since it was released.

It works as described.

None.

Queries can be slow on multiple terabyte databases.

There is room for improvement.

Their lead technical engineers are excellent.

I have used SurfControl and Websense. I have also tried Zscaler.

It went as planned.

In-house.

Not documented.

Do your homework and base it on facts.

Looked at open tender for all products and evaluated all current products at the time.

It was the best solution available when selecting a product.

Real-time category protection.

There is less need to investigate if a site is malicious. The majority of site gets reported.

• Database synchronization failures
• Encrypted packet inspection

10 years.

The latest deployment was a fairly smooth transition, but previous upgrades and hardware replacements have been very painful.

Stability has been good with this version of code (can say the say with previous versions).

No, but we have stayed with the same scale and have not needed to scale anything.

They are okay. We haven't needed to deal with them too much.

Depends on what tech you get.

Prior to my position here, but I would know what.

Our environment is complex, so it is hard to say.

We implemented using a vendor team.

I don't track this.

Due to staffing needs, we did not consider other solutions.

• Reporting
• Custom Block Pages
• AD integration

It allowed our company to not worry about the security of a page, but talk more about the content and the productivity of specific types of web categories.

Allow for faster exemption of websites or the ability to reclassify websites.

Five years.

None.

None.

None.

Great. They made sure that we were choosing the right version and helped us understand the tradeoffs between their different deployment strategies.

Great. I had only a few issues after rollout and their tech support was quick to help.

Cisco Web Security. The AD integration was lacking. The speed was also lacking.

It was straightforward, since I had deployed it at my previous company. The engineer assigned to our deployment was also on hand to make sure that I followed the updated best practices.

In-house with vendor support.

It is a well-priced option.

Zscaler, Barracuda, Sophos, and Cisco Web Security.

Reporting and automatic updates of website categorization.

• Being able to have managers or department leads run their own reports has saved us an incredible amount of time.
• Web filtering of malicious sites has increased our security posture.

• The documentation is almost too much, it could be laid out in an easier to understand.
• Upgrades can be challenging. For us, it has required a third party to assist.

Seven years.

No, but a few major upgrades were bumpy.

Not once live in production, it seems to just work.

No.

Excellent! We always find ourselves paired with knowledgeable technicians who resolve most of our problems on the first call.

Excellent.

Yes, Blue Coat Systems.

Complex, only in it offers a huge amount of features.

A vendor team, which was very knowledge.

Hard to calculate, but definitely there.

Get a qualified third party to assist with the web implementation.

Yes. Cisco and Barracuda.

Forcepoint Web Security is a complete web security solution, not just a web filter, like many other solution offerings. The customization and control of URL filtering and the integration with other Forcepoint solutions are great features.

It has definitely added to the security level of the company network and keeps out accidental or purposeful web traffic that can be malicious or inappropriate.

I am looking forward to the full integration of the endpoints that they offer for web security and DLP.

Three years.

It was already done when I came onboard. I have made significant improvements to the deployment.

Not once after the deployment was corrected. Although, we do have an issue with the Real-Time Monitor service stopping on occasion.

No, this solution can be scaled quite high as long as you understand how to expand the architecture.

Customer service is at an extremely high level.

The technical support has improved drastically over the three years that I have been administering it.

I have, but at a different company.

it was a fairly straightforward implementation.

You need to plan it out carefully, so your deployment is good.

This was and continues to be an in-house deployment.

We are getting a high value return from our deployment.

Make sure to understand your environmental needs. Take your time scoping the project, otherwise you will have hardship later on down the road.

Yes, others were evaluated.