Forcepoint Secure Web Gateway Reviews

All the proxies have the same features, but the idea here is about URL categorization and the support you have. I found this very interesting in Forcepoint.

In terms of functionality, Forcepoint is the best web proxy available.

I'm an engineer, and as an engineer, I often try to use the best solutions and ones I'm most comfortable with. I like Forcepoint. It's very good for implementation, but it's functionality is great. It has very, very deep technical features, and in-depth introduction features. I really encourage anyone to have it in their environment.

If the solution had a lower cost, it would be easier to implement.

In the 8.5 version of the solution, I took some issue with the interface. 

I'd recommend that the company supports more process to matrix files. We've had issues with that.

The solution should be better able to support itself and operate faster. Sometimes the technical support team takes too long to respond.

I was first introduced to Forcepoint in 2013. At that point, it was Websense and has since been acquired. I've been using the solution in total for about two years. I've spent the same amount of time with the email and web security parts of Forcepoint as well.

The solution is very stable. I didn't see any issue regarding stability. The hub itself is very powerful. It's very good that I can look at the hardware good or node maintenance and see where there are vulnerabilities. 

I implemented it in an environment with multiple users and other environments which included about 20 other items and I've found scalability to be great. You can have a lot of appliances that act as a cluster and you could have high availability on a sort of virtual ID server. You can do additional ID configurations from the other appliances so that typically it extends well. You don't have to have something like download X5. If you have two appliances, you just need to distribute both. For example, you can do it from the configuration. I couldn't find any situation in my work with Forcepoint that was not able to satisfactorily scale. So you can really make it as you wish.

Technical support sometimes takes too long to respond to queries.

In terms of implementation, if you are going to implement Forcepoint, you have to think about how you will deploy it in your proxy environment. You have the ability code, as well as other items. 

If you are implementing Forcepoint in web proxy, it has to be P1 or P2. It has to be on the user onsite as V2 on V5. You could, for some environments, have two interfaces that communicate with each other. You cannot get both to interface, however. If you use the P1 for a user's internet, you then have to make P1 access the internet.

We're a Forcepoint business partner in Egypt.

There are a lot of features already in the application and a lot of features that are added every day, so you have to learn how to implement them. If you decide to use the solution, you have to plan it out and prepare for it. You also have to update your knowledge and make sure your system is updated with regard to the solution. The most difficult part about Forcepoint is that if you take some time away from not working with it you forget features and processes. You need to work on it often and continue learning about it all the time.  

I'd rate the solution nine out of ten.

The primary use that we have for Forcepoint Web Security is for server clusters plus multi-link sites, sites that require not multi-linked ISPs. 

We use Forcepoint Web Security for multi-cluster servers with multi-links so that we can cluster all the multi-links into one link.

For our organization, when we initially deployed Forcepoint Web Security, we were looking to have four different ISP's joined, all the ISP's as one. 

We wanted to utilize all of the network resources in a unified manner. We didn't want to waste other ISP resources. That is the reason why we purchased this firewall.

The most valuable feature of Forcepoint Web Security is creating the easy to install policies that are deployed through the Forcepoint security manual at some stage. Just drag and drop and the policies are there. The cluster is very easy in comparison with other firewalls and the multi-link VPN support is there.

For improvement, we cannot deploy the Forcepoint Web Security firewall directly without ISP. The firewall doesn't have any features because some customers are requesting they will install the firewall without licensing. 

At this time we cannot go further without licensing. Licensing is a must with Forcepoint Web Security firewalls.

I'm not sure that those features are included with Forcepoint Web Security. We checked the other features but we have not checked out their performance.

The stability of Forcepoint Web Security is very good. I have no issues from the customers. They are very happy with the product.

If you are testing any firewalls, there is no downtime with Forcepoint Web Security. We can directly upgrade our firewalls and we can remove the old plans. We can apply newer plans without any downtime.

Scalability with Forcepoint I would rate with an eight out of ten. It is pretty scalable. You can upgrade if you want to expand.

We have a major customer, they are using it with more than 12,000 users. There are currently two security admins and a network admin. They're managing all the firewalls. 

We have a total of 55 firewalls under Forcepoint Web Security. In a year, we are planning to buy new firewalls and expand.

Technical support with Forcepoint Web Security is very good.

The initial setup is straightforward. Deployment, like the initial setup, to configure with the licensing, can be done in two days.

Our use of Forcepoint Web Security is not built on the calculation or the policies, i.e. how the configuration will take place. Based on that, we have two different areas.

The pricing on Forcepoint Web Security is fair. Fair pricing at current market rates, if you are comparing with the competition. 

Forcepoint Web Security is better than Fortinet because Fortinet is free. They still come under the enterprise level of security implementation though.

It is easy to deploy Forcepoint Web Security for whatever type of policies there are out there. We can manage any of our firewalls through one console. Our users prefer Forcepoint Web Security over any other firewall. We look for what the policy of the firewall is and through the console, we can run all the firewall settings.

With Forcepoint Web Security, we can push the policies to all the firewalls. For the upgrade, it can be implemented with no downtime.

I would rate Forcepoint Web Security an eight out of ten. It is easy so we can understand what the policies are and which policy belongs to which firewalls. 

There is no downtime when we are building any firewalls. If any firewall goes down, there will be little to no impact. 

• It has improved our services.
• It has protected clients against cyberattacks.
• It has created more and better end user experiences.

• Protection against ransomware.
• Giving visibility to people's actions in the network, while keeping attackers out: across data centers, offices, branches, and the cloud.

Ease of use could be improved.

The solution was used as a replacement to Microsoft TMG as well as meeting compliance requirements.

Primary use is as web proxies for a government agency.

This product improved the security of web traffic in our environment.

Most valuable features were content filtering and monitoring. As a government agency, it is highly important that the internet is being used for appropriate reasons and we need to track inappropriate behavior.

There were several issues with the product.

• Version 8.4 can only be managed with a CLI, they removed the nice GUI interface from version 8.1. 
• The load-balancing needs massive improvements.
• The incident lists don’t sync between appliances, they need to be manually edited for each one.

Web Proxy deployment in transparent mode with data loss prevention (DLP) and protocol based filtering.

• Transparent mode implementation
• Detect threats on SSL traffic
• Multiple customization options to allow or block a specific content within the web pages has allowed us to simplify the user experience without loss of productivity.
• Ease of updating the latest hotfixes and patches on the appliance.

Transparent Mode: Since we have multiple sites and roaming users, it has helped us in deploying the proxy to users without having to push any configurations to end users.

• FTP access via transparent proxy
• SSL Certificate updates
• Detailed guidelines to deploy the transparent proxy to Firefox users.

• SSL Inspection
• Ability to send decrypted traffic to other security solutions for inspection.

It allowed us to analyze the decrypted SSL web traffic for malware.

Security of browsing.

Seven years.

Yes. When we first began working with it, the product was not mature and we had performance issues.

Now, the product is quite stable.

No.

Good, because we have a MCS (mission critical support) level.

Good, especially for the second line.

No.

It was complex with a lot of technical issues.

We implemented it with a skilled vendor team.

Not applicable.

It is quite expensive.

Yes, Blue Coat and McAfee.

Real-time analytics.

It helps constantly with phishing and cryptolocker attacks.

The reporting could be improved.

Since it was released.

It works as described.

None.

Queries can be slow on multiple terabyte databases.

There is room for improvement.

Their lead technical engineers are excellent.

I have used SurfControl and Websense. I have also tried Zscaler.

It went as planned.

In-house.

Not documented.

Do your homework and base it on facts.

Looked at open tender for all products and evaluated all current products at the time.

It was the best solution available when selecting a product.

Real-time category protection.

There is less need to investigate if a site is malicious. The majority of site gets reported.

• Database synchronization failures
• Encrypted packet inspection

10 years.

The latest deployment was a fairly smooth transition, but previous upgrades and hardware replacements have been very painful.

Stability has been good with this version of code (can say the say with previous versions).

No, but we have stayed with the same scale and have not needed to scale anything.

They are okay. We haven't needed to deal with them too much.

Depends on what tech you get.

Prior to my position here, but I would know what.

Our environment is complex, so it is hard to say.

We implemented using a vendor team.

I don't track this.

Due to staffing needs, we did not consider other solutions.