Forcepoint Data Loss Prevention Review

Ensures that data within the organization is also protected, whether it's in motion, in use, or at rest but support needs improvement


What is our primary use case?

We've been using this solution for about five, six years now. Our primary use case for Forcepoint Data Loss Prevention is for internal and external compliance, based on banking regulations. It also allows us to ensure that data within the organization is also protected - whether this data is in motion, in use, or at rest. At any point in time, data is always in a three-state situation. Either the data is at rest, which means it's not being used at all, or the data is being used. If someone works on the data, the data is in motion, which means it's moving from one location to another in the network.

How has it helped my organization?

This solution improved our organization in the sense that, when we switched over to Office 365, we were able to apply the DLP policies to our Office 365 traffic. It also increased the visibility of what is happening regarding data moving in and out. Thirdly, it offers executive reporting and allows us to see what is going on for executive decision making. Finally, it helps the organization in meeting the compliance requirements of the Central Bank.

What is most valuable?

One of the features I find most valuable is that it is very easy to install. Secondly, it has a very deep reporting mechanism, so it can give you a very detailed report. Then, thirdly, it gives you protection, either at the endpoint, at the network level, and also at the server level. Which also includes the endpoint.

It can also easily be integrated into the data cloud protection and be integrated with cloud protection software or application. This gives us wide visibility and control over our network, for both inbound and outbound data.

Another valuable feature is that it provides integration to things like Cloud Access Security Broker, which provides security around cloud applications. 

It also gives integration with SIEM solution, which means that from a SIEM, you'll be able to actually see what is happening around your data. It has some very unique capabilities, such as optical character recognition and custom encryption identification. It has an out of the box library of templates, which enables you to easily set it up and deploy, making it possible for you to identify and stop data theft. You can even integrate it to your email if you want to extend it, where you can actually have DLP around the email and not just around the web and network.

What needs improvement?

The requirements for the implementation is quite heavy. Forcepoint needs to look at how they can reduce the terms of the requirement for implementation. They also need to look at providing training for the end user, to enable them to get on it at speed. Their support also need to improve, because the response to support time is not very fast. Their response time is about 8 to 12 hours, so something needs to be done about that.

What do I think about the stability of the solution?

It's reasonably stable. But for every solution there will always be challenges every now and then. Because of the high movement of data from one location to another things become challenging to the client. So it creates a false impression of instability.

We currently have 9,000 users.

What do I think about the scalability of the solution?

The solution is absolutely scalable in the sense that it is important to also have a discussion with customers about having visibility on their growth path.

If you have visibility of their growth path, for instance, a three-year visibility, it means that you can tell the customer that they will grow from 5,000 users to 10,000 users during this time. If the customer agrees, it is important to ensure that you have a solution that can accommodate the 10,000 users and one that has a three-year warranty.

So we can build on that from the beginning by extending the number of licenses. It is therefore very scalable.

How are customer service and technical support?

I will rate their technical support a seven out of ten because their response time is very slow.

How was the initial setup?

The initial setup was fast and straightforward and we did everything ourselves. Our implementation strategy was to assess the environment, in terms of the infrastructure. Most of the key departments were involved. Then we did a one-day workshop to enable some of the key stakeholders to understand what it's all about. After the workshop, we were able to come up with use cases. After that, we started with the implementation.

After installation and setting up of the database, we started configuring the application, which depended on our internal policies and security requirements.

Then we did some test runs on a few desktops. That went on well so we continued with quite a number of devices until everything was up and running. 

What other advice do I have?

My advice would be to make sure that you do a BOT at the beginning before you take any DLP decision, do a BOT. If you're going with Forcepoint, ensure that you have the prices locked down properly, and the user licenses clearly defined.

Then finally, ensure that you sign the right support, you get the right support contract, or support flavor with them. Then you do your sizing properly, especially if you are using Office 365, because Office 365, the mini-environment, has huge performance issues around solutions. So be sure to do your sizing properly.

I rate this solution a seven out of ten. I am really impressed by the interface and management console but the requirements are very high and the response time is too slow.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Add a Comment
Guest
Sign Up with Email