We just raised a $30M Series A: Read our story

Forcepoint Data Loss Prevention OverviewUNIXBusinessApplication

Forcepoint Data Loss Prevention is #3 ranked solution in top Data Loss Prevention (DLP) tools. IT Central Station users give Forcepoint Data Loss Prevention an average rating of 8 out of 10. Forcepoint Data Loss Prevention is most commonly compared to Symantec Data Loss Prevention:Forcepoint Data Loss Prevention vs Symantec Data Loss Prevention. The top industry researching this solution are professionals from a comms service provider, accounting for 26% of all views.
What is Forcepoint Data Loss Prevention?
Forcepoint DLP addresses human-centric risk with visibility and control everywhere your people work and everywhere your data resides. Security teams apply user-risk scoring to focus on the events that matter most and to accelerate compliance with global data regulations.

Forcepoint Data Loss Prevention was previously known as Forcepoint DLP, Forcepoint Data Security Suite, Websense Data Security Suite.

Forcepoint Data Loss Prevention Buyer's Guide

Download the Forcepoint Data Loss Prevention Buyer's Guide including reviews and more. Updated: December 2021

Forcepoint Data Loss Prevention Customers
Alphawest, Betsson, Cellcom Israel Ltd., Chelsea & Westminster Hospital, Confartigianato Vicenza, EverBank, Finansbank, iGATE, Landa Digital Printing, Northern California Bank, Reliance Capital, Remosa, Toyota, Scavolini, Zim Integrated Shipping Services
Forcepoint Data Loss Prevention Video

Pricing Advice

What users are saying about Forcepoint Data Loss Prevention pricing:
  • "They have to look at a different pricing structure for small to medium-sized enterprises because the cost is too high."
  • "Its pricing is quite low considering the features they are offering. As compared to other solutions, it is reasonable. They do have professional support. If we need professional support, then there will be additional costs."
  • "The pricing is reasonable. That's why we went with Forcepoint. They were pretty competitive."
  • "The licensing of Forcepoint is quite straightforward. It's based on the number of users. The support fees are a separate cost."
  • "The cost for the product for our use is less than $10 per user."

Forcepoint Data Loss Prevention Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
PP
Management Executive at a security firm with 11-50 employees
Real User
Top 5Leaderboard
Good interface, powerful OCR and data discovery capabilities, customizable

Pros and Cons

  • "The scalability is fantastic. One of the things that I like about Forcepoint is that I can customize the solution to suit my objectives."
  • "With respect to the discovery component, the reports are very hard to interpret because they come out in an illogical format."

What is our primary use case?

We are a solution provider and Forcepoint DLP is one of the products that we implement for our clients. We have Forcepoint DLP at one of the telcos and one of the things that we are trying to discover is information, across the organization, that is of a personal nature. We are using it to comply with POPI, which is the equivalent of GDPR in South Africa. We are also using it for PCI-DSS requirements. This discovery component works quite well with respect to the search.

How has it helped my organization?

When we deployed it for a bank, it proved highly efficient in terms of PCI compliance. It was very quick to pick up where people were divulging personal information regarding credit card holders. We then deployed very simple rules that we had customized, without the need for data classification.

Initially, if you were just doing PCI-DSS, because it's very limited information that you needed to protect, you could do it without data classification. This was good for an organization that had data to protect and wanted to comply with PCI-DSS, but had not done the data classification at that point.

The rules that we put into place were simple. For example, if more than two credit card numbers are being pushed out then block it, or first put it into monitoring mode and then block it.

What is most valuable?

One thing that I really like is that you can customize the rules. 

What needs improvement?

The challenges that we've had are related to deployment, especially around the discovery component, and with the local support that we receive in South Africa.

With respect to the discovery component, the reports are very hard to interpret because they come out in an illogical format. We forwarded the reports to our local support team, who were also unable to help me. Eventually, the problem went to the UK for that team to interpret the report.

Ultimately, my biggest challenge is the discovery component with respect to the reports, as good as it is in terms of the integrity, or the search. It is a question of how you translate technical reports into business language. We tried the cloud version, which is Forcepoint CASB, and we found the same thing.

The local support team is made up more of salespeople than engineers and as such, the support in South Africa can be improved.

For how long have I used the solution?

My experience with Forcepoint Data Loss Prevention goes back to 2005 when it was still called PortAuthority. The product has evolved massively since that time. I have deployed it and worked with it for different organizations at different locations.

What do I think about the stability of the solution?

Initially, it takes a little bit of processing but nothing to be too concerned about. Stability-wise, nothing has really annoyed us. 

What do I think about the scalability of the solution?

The scalability is fantastic. One of the things that I like about Forcepoint is that I can customize the solution to suit my objectives. For example, if I only wanted to prevent PCI then I could just go in and do that.

One of my clients has quite a large deployment, with approximately 30,000 users. They have plans to roll it out to the rest of Africa.

How are customer service and support?

Technical support from the UK is good. However, the experience of local support in South Africa is not at the level it should be. Most of the local staff are salespeople, as opposed to engineers. Support for the deployment of the product is seriously lacking.

In the UK, they were much more knowledgeable about the product, as well as the outputs and how to actually read them to make business sense out of them. It was much better than what we had in South Africa. Locally, they simply said that they didn't understand it. Most customers will shy away from products when the support is like this.

Because they answer the phone, I would rate the local support a two out of ten. The European support was better, so I would rate them a five out of ten. There were delays in their response but I'm not sure if it was related to the difference in time, or it was part of the ticket escalation process.

Which solution did I use previously and why did I switch?

One of our clients was using the Symantec solution prior to Forcepoint. We convinced them to switch because Symantec does not have a great presence in South Africa and support was an issue.

They had been using it for quite a long time and had not seen the necessary return on investment. With the new legislation, it was time for them to change to something that was more practical, and more user-friendly. The product works great now.

How was the initial setup?

The implementation is not as easy as people make it out to be. Once you get it right, the product is fine, but this requires understanding it and getting the proper training. A novice that has begun to work with the tool can find it quite difficult to implement if they don't have a good understanding of the product, and do not have the right support.

For example, in one organization it took us about three months to implement it, whereas it should have taken about a month.

Our clients have hybrid deployments, where they are part on-premises and part cloud. The choice of cloud provider is made by the client but they either choose Microsoft Azure or AWS.

The implementation strategy that we use varies depending on the client. For example, at the bank, we wanted to prevent data breaches, especially with credit card information, and ensure compliance. Therefore, our strategy was focused on just the PCI requirements so that we could take reasonable measures to protect the organization. Essentially, we wanted to go from zero to hero quite quickly. That was possible because of the flexibility and agility of the product.

When it came to the telco, it was a completely different strategy. It was a long-term strategy in terms of protection of personal information and preventing it from being divulged without authority to would-be criminals.

When we deployed it, we literally had to look at the requirements and configure it from a POPI perspective. In this regard, the deployment was skewed toward personal information breaches.

What about the implementation team?

We worked with a local reseller, Performanta.

Their skills were meant to be the best in the country but it left a lot to be desired. We had to use the UK offices and that's a challenge with most of the organizations in South Africa. With big vendors, South Africa is a small market, so the investment in South Africa is not what it should be. Understanding, managing, and integrating products needs to be improved, in general.

For deployment, there were eight of us in total. Two were engineers, there were four analysts because we had to write the business rules and document them, there was a project manager and a few others.

Maintenance is being done by the client, in-house. They have two engineers that are responsible for it, and they have purchased support from the local providers.

What was our ROI?

My clients are seeing ROI because the privacy office is quite comfortable now that they've done everything reasonable to meet the compliance requirements. There is a level of assurance provided by the DLP solution.

What's my experience with pricing, setup cost, and licensing?

In terms of pricing, it is good for a corporation but they do not cater to small to medium businesses. They have to look at a different pricing structure for small to medium-sized enterprises because the cost is too high.

This is compounded for the African market because of the exchange rate. One dollar is equal to approximately 15 rands and if you were to multiply that by the price of the product, it becomes quite costly.

There are no costs in addition to the standard licensing feed, although you still need to understand the operational impact that it has on an organization from a resource perspective. That needs to be factored into the total cost of ownership.

Which other solutions did I evaluate?

We compared Forcepoint with NetSkope to assess its reporting capabilities and we found that the NetSkope report was very easy to translate, understand, and explain to a business. Forcepoint was instead very cumbersome, unstructured, and illogical. It required an expert to actually interpret the report, which is something that you don't want.

We have also looked at the McAfee product, as well as the one from Microsoft. At that stage, the solution from Microsoft was a little immature and I have not looked at it since. Forcepoint was the leader when we implemented it for our clients.

Comparing Forcepoint to the other products in general, the data discovery capability was great, except for the interpretation of the report. The OCR capabilities were also good for us because it's a telco and they have a lot of paper going through. 

What other advice do I have?

The tool works great but they don't talk about the operationalization of the tool from a process perspective. When people sell DLP solutions, they talk about the efficiency of the tool, but they don't talk about the impact that it has on an organization from a resource perspective.

You would need a team to analyze all of the exceptions that you have, like the way they do in a SOC, where you have analysts looking at the incident. They analyze and investigate it, and then determine whether it is positive or negative and something that we have to be worried about. For example, our organization had approximately 70,000 end-users, who were employees. There is quite a large amount of data that is transferred across our network.

In our case, if a person is sending more than one credit card credential out of the bank, it was flagged. If it was more than one, you had to have a whole backend process where the analyst had to look at it, then perhaps ask the person why they were sending out this information.

When we were first looking at this product, there was nobody who informed the customer as to the complete ecosystem that would be required to have an effective DLP solution in play.

My advice for anybody who is looking at Forcepoint is that they need to understand what it is that they are trying to prevent. You cannot be totally dependent on the tool to do everything. This is not a criticism of Forcepoint but rather, a criticism of the way it's sold. The product will do what it's built to do. But, if you're expecting it to automatically manage the incident, then it cannot do everything. It can block, it can monitor, and it can create alerts, but you still need your analysts. For most CSOs or IT managers that are looking to deploy, they must factor in the practical implications of operationalizing it. They need to have a process in place. They need to have an escalation process in place, and they need to have resources like analysts to actually look at the exception reports.

This is an effective data leakage solution, it does what it's meant to be doing, and the interfaces are great. The biggest lesson that I have learned from using it is to understand the total cost of ownership.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
MD
Sr. Manager at 2Five1
Real User
Top 20
Good price, reduces the incident count, and has workflow remediation and good policies for incident detection

Pros and Cons

  • "The workflow remediation is quite good. That is a key feature because of which it has the upper hand over other DLP solutions."
  • "Their discovery or the way they discover the data at risk can also be improved. There are many database servers that are not supported by Forcepoint."

What is our primary use case?

We do managed services. We analyze customers' requirements, and then we suggest a proper DLP or endpoint data protection solution. We have implemented Forcepoint DLP and Forcepoint Web Gateway for multiple customers.

How has it helped my organization?

Forcepoint DLP helped a lot when an incident was created and we tried to have an auto-remediation of the incident. For DLP, an incident is a key factor. DLP is meant to generate an incident, and that incident should be managed. If no one is managing the incident, DLP is of no use. Forcepoint has an email workflow. It provides email incident remediation wherein an automatic email is generated for the manager. If a person violates a policy, we can configure it in a way that one email is sent to the manager. One email will also go to the end-user. The end-user can again analyze the activity and give us feedback about whether it was a genuine business need and we should release that email, or whether it was a mistake and we should quarantine that email. The decision is made by the manager or by the end-user who sent the email. This helped a lot and reduced the incident count. It was very helpful to have such a report and to be able to say that the end-user was aware of the fact that this email has been quarantined. After providing the legal justification, the email was released by him. It reduced 40% of incidents for emails. This kind of feature is not available in other DLP solutions, and I really appreciate having that feature.

What is most valuable?

The workflow remediation is quite good. That is a key feature because of which it has the upper hand over other DLP solutions.

Endpoint protection, web protection, network protection, and storage use are valuable features. Among these, endpoint protection is most valuable.

It has good policies and good mechanisms to detect incidents.

What needs improvement?

They can have less memory consumption for their endpoint channels. They are not that adaptive with other endpoints solutions like EPP and EDR. They can improve in this aspect. 

Their discovery or the way they discover the data at risk can also be improved. There are many database servers that are not supported by Forcepoint.

Their login mechanism to find out the issue is another thing they need to improve. We would like to have the finest login to figure out what exactly is happening and why we are not able to communicate with the detection server. One of the products I have used is better in this aspect. We can have the finest level login, and we can figure it out, but I haven't found such an option in Forcepoint. 

For how long have I used the solution?

I have been into DLP technology for the last eight years. I have been using Forcepoint for three years.

What do I think about the stability of the solution?

I have worked with another DLP solution in and out, and I find that solution to be more stable than Forcepoint. Once you implement a policy in that solution, the policy will always function. You can be assured that the policy will be functional. With Forcepoint, I always need to check whether the policy is functional or not and whether my policy is getting synchronized on the detection server or not. There won't be any sort of end trigger if the policy synchronization was stopped. 

What do I think about the scalability of the solution?

It is quite scalable. It is comparable to other DLP solutions in terms of scalability.

How are customer service and support?

I haven't interacted that much with their support, but whenever I created a case, there was proper support. As compared to other solutions, Forcepoint's support is more technical and professional.

Which solution did I use previously and why did I switch?

I have used other solutions. Many of the customers are switching to Forcepoint. They are not getting proper support from one of the vendors. So, they are switching to Forcepoint. They are getting equal or more benefits with Forcepoint, and its cost is also low.

Incident remediation is awesome in Forcepoint. One of the solutions that I used did not have incident remediation. Forcepoint again has the upper hand in terms of policies. It has nearly 1,700 policy templates that we can use. Many compliance-related and PII-related rules are readily available in those templates. Forcepoint also has a time-based policy, wherein they can detect that a policy is active within a certain period of time. This visibility is not there in other solutions. Forcepoint also supports flow data transfer analysis.

Overall, Forcepoint DLP has the upper hand. Stability and scalability are secondary. The primary thing is that an application should be usable. Forcepoint is really user-friendly, and it has multiple options. They say that they can detect the malware if data leakage is happening to malware. They do have some sort of analysis in their detection engine to detect malware.

How was the initial setup?

As compared to other DLP solutions, it is quite complex because they do have their policy server and analytics server in place, and their Forcepoint manager is also there. With other solutions, we need to have an Oracle Database in place, which is not required with Forcepoint. For Forcepoint, SQL Server can be quickly installed and is ready for use.

The installation duration depends on the organization and the size of the organization. For the same set of organizations, Forcepoint will take 30% less time as compared to others. In many organizations, I have implemented it within a month, and in many organizations, the project took one year.

The implementation strategy depends on the customer, but we do follow the implementation steps, such as gathering information and then deciding which detection server to go for, where to place it, and how many counts are required. If I have more than 30,000 agents, then I definitely need to think about one more endpoint prevent server. So, it depends on the organization size and the response of the organization in terms of how quickly they adapt DLP and how friendly they are with the DLP solution. The biggest implementation that we had done had 30,000 users.

What was our ROI?

Our customers have seen an ROI. 

What's my experience with pricing, setup cost, and licensing?

Its pricing is quite low considering the features they are offering. As compared to other solutions, it is reasonable. 

They do have professional support. If we need professional support, then there will be additional costs.

What other advice do I have?

You definitely need to do a proper calibration of the organization and data flow analysis. Even though there are 1,700 policy templates, each and every organization will have a different set of rules and data to be analyzed. So, data flow analysis is a must with Forcepoint DLP to create a proper policy.

Cost-wise, it is a very good product. An organization should really consider this product if they are in process of DLP implementation, or if they are thinking of switching from any other DLP solution. If there is a budget constraint or you need a good DLP solution, I would definitely recommend Forcepoint DLP.

I would rate Forcepoint Data Loss Prevention an eight out of 10. There is no DLP that will score a 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Learn what your peers think about Forcepoint Data Loss Prevention. Get advice and tips from experienced pros sharing their opinions. Updated: December 2021.
554,873 professionals have used our research since 2012.
AM
Enterprise Information Security Analyst at a retailer with 5,001-10,000 employees
Real User
Top 20
Alerts us about transmission of prohibited PCI or PII data, and we can outright block it, depending on our thresholds

Pros and Cons

  • "The built-in rules, templates, and content classifiers are among the most valuable features. Some of the built-in patterns are good places to get started with. Along with the phrases, they are helpful in putting together policies and fine-tuning our policies."
  • "The user-friendliness of the interface in formulating DLP policies could be improved. An example would be managing policies. It's a little daunting at first, and can be confusing, at times, when it comes to how to set things up and how to add policies. They could improve on that."

What is our primary use case?

We use it mostly for endpoint protection of PCI information, as well as PII, such as social security numbers.

We have a hybrid system, in that we utilize the cloud as well as our on-premises appliances. Depending on where the customer is, if they're on-premises or if they're working from home or elsewhere, we have that covered with the hybrid solution. Forcepoint has its product available in the cloud and we use the on-premises side when the data is going through the appliances.

How has it helped my organization?

The greatest benefit is the detection, detecting either accidental or unauthorized transmission of certain kinds of PCI or PII data that we prohibit. It's very useful to get that from alerts. We can also block them outright, depending on what threshold we have set. That's the most useful thing about DLP, that it prevents unauthorized usage of that kind of data.

What is most valuable?

Some of the built-in rules, templates, and content classifiers are among the most valuable features. Some of the built-in patterns are good places to get started with. Along with the phrases, they are helpful in putting together policies and fine-tuning our policies. A good example of that would be certain kinds of credit card data. They have a lot of algorithms available to fine-tune what exactly you're looking for, whether it be credit cards from Mexico, or US credit cards, et cetera. They have a good database of those types of predefined algorithms, ways to detect things, and the specific information you're looking for.

These features are valuable because they work and seem to be picking up the right data. They seem accurate. It's also convenient to be able to choose them and not have to figure it out myself or create my own. That goes a long way toward fine-tuning our policies.

What needs improvement?

The user-friendliness of the interface in formulating DLP policies could be improved. An example would be managing policies. It's a little daunting at first, and can be confusing, at times, when it comes to how to set things up and how to add policies. They could improve on that.

Overall, I would like to see them modernize. I'm on version 8.5, so there are newer versions out. They may have done that already. I'd have to demo the newer versions.

We're planning on upgrading this year to 8.6. I believe that in going to 8.6, we will be gaining some additional features. The newer versions will have better detection capabilities with improvement to their algorithms.

For how long have I used the solution?

I have been using Forcepoint Data Loss Prevention for about five years or six years.

What do I think about the stability of the solution?

The on-premises solution is high-availability. The appliances that we've used are very stable. They just keep running. We have had very few issues with the appliances in terms of failure. In those situations, they were more on the hardware side. They just needed a reboot and that fixed things. Overall, the stability is good for on-premises. 

In terms of the cloud side, availability doesn't come into play as much because we don't change policies that often. We don't modify the policies on a day-to-day basis. We might modify a policy once a week or once every month, at the most. The client or endpoint really just needs to receive that update once, and it's pretty much good to go. So we're not relying too much on the cloud availability, except for that initial update for each endpoint. The cloud availability is going to be more relevant on the web side of the product, where you're going to want continual web access, filtering, et cetera.

What do I think about the scalability of the solution?

One feature that I'm getting ready to take advantage of more is the ability to add more data crawlers to the DLP on-prem environment, without any extra Forcepoint costs or licensing needed for that additional data server. That will help in reducing the stress on the data server that we're using now. It will help manage all the policies, the clients that connect to it, and all of the network discovery tasks, especially. They will all be handled much more efficiently when we spread the load. We're looking to add an extra one or two Windows Servers for that, so the additional cost would just be related to the Windows setup.

How are customer service and technical support?

Forcepoint's technical support for the solution is excellent. The technicians that I have dealt with have been with their company for a long time and they know their product inside and out.

Which solution did I use previously and why did I switch?

There has been no other similar solution here, as long as I have been with the company. I started off with a sister company, and they actually used a very early version of Websense, which is what Forcepoint used to be called before it became Forcepoint. That means we have never used a competing vendor.

How was the initial setup?

I was not involved in the initial deployment, but we've had it ever since I've been on the team here. I've been managing it ever since. I was there for the initial deployment in one of our sister companies. It wasn't anything unusually difficult. It just required installing some hardware and getting all the firewall rules worked out. Once you get all that in place, everything usually works pretty well. That's been my experience, even with upgrades. Most of the time our issues have been firewall blocks within our own company. That's usually the biggest hurdle, overcoming our firewall-related issues.

We use it on about 5,000 endpoints and we have two people who administer  it. They're both information security analysts.

What was our ROI?

I don't have ROI numbers. I base everything on: "Am I getting the support that I need?" And the answer is "yes."

Which other solutions did I evaluate?

We have never looked at other solutions at a PoC level.

What other advice do I have?

What I can recommend is getting the highest tier of support that you can afford, because it's absolutely critical. I don't know how I would do everything if I had to submit a request and wait several days for it. I don't know how I would keep things going in that situation. With a higher level of support you can call someone and you also have someone who is managing your account. That's also really nice, because you get some extra benefits out of that.

I'm very satisfied and would rate it at nine out of 10.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
ITCS user
Sr. Partner IT and Information Security at a consultancy with 501-1,000 employees
Real User
Enables us to monitor file movement and stop exfiltration, but the reporting module is very slow

Pros and Cons

  • "One of the most valuable features is being able to see file movement, where files are going. Every week we review the files. It can identify software codes, so we code files and we know where they're going and who's doing what. It gives us visibility."
  • "I would like to see improvement in the reporting. We can only get one week's worth of data; we can't get more than that. Also, the reporting console is very slow, making it very frustrating to use."

What is our primary use case?

It's for DLP and to monitor and make sure that no key files are being sent out of the organization. It also helps in terms of tracking any abnormal behavior.

We have about 700 users and it's endpoint-based. We add an agent to the endpoints and it coordinates with the server.

How has it helped my organization?

With Forcepoint we found that one employee who left had taken some files, and we were able to stop it. And if somebody is under a notice period, we now monitor whether any files are about to go out. When they take something with them, we can see that. We can also identify any abnormal behaviors that are happening. A lot of times it happens that if somebody is about to leave, they try to take some information away with them. We catch that fast.

It also helps in terms of HR stuff because file movement can indicate people who are looking for jobs. We can see CV movements and it helps as an indicator of a dissatisfied employee. We can at least see the behavior and see if we can do something about it.

Before Forcepoint, we had data in terms of how many terabytes go in and out, but now we can specifically see what goes where.

What is most valuable?

One of the most valuable features is being able to see file movement, where files are going. Every week we review the files. It can identify software codes, so we code files and we know where they're going and who's doing what. It gives us visibility. It shows any key files, any strange behaviors, such as if somebody is taking too many screenshots, and alerts us about that.

What needs improvement?

I would like to see improvement in the reporting. We can only get one week's worth of data; we can't get more than that. Also, the reporting console is very slow, making it very frustrating to use. There are times when I open it up on a Monday and take a download, but it takes so much time. You can get busy with other things and come back and it's still hanging and you can almost forget about it. 

Also, the server goes down and we have raised tickets to resolve that. In the past two weeks, we've had to deal with that two or three times. It's been a little annoying lately.

For how long have I used the solution?

I have been using Forcepoint Data Loss Prevention for one year.

What do I think about the stability of the solution?

The system is stable, but as I mentioned, the reporting portion is very unstable. If I want to get reports out, it takes a long time. Sometimes the server is down, and I have to raise tickets. I have had problems there.

What do I think about the scalability of the solution?

The scalability is okay, there are no problems with that. We can add on more agents as we expand with more people. We haven't had any issues there.

How are customer service and support?

I would rate customer service at 8.5 out of 10. When we have problems with the system, they respond and they generally resolve things within half a day.

Which solution did I use previously and why did I switch?

This is our first solution of this kind.

How was the initial setup?

The initial setup was straightforward but setting up the rules was very complex. It is something where things don't actually work as we think they will work. It generated a lot of false positives in the beginning.

Our deployment took about a month.

Our strategy was to start with auditing first. We haven't actually moved to blocking yet. When we tried to move to blocking critical files, it ended up blocking some other people at work. There are some issues around that and we have had to be careful.

We let it run on its own. I look at the data in Forcepoint on a weekly basis, but we don't have any administration of it, per se. My IT team handles the deployment of new employees coming in, meaning the deployment of the Forcepoint agent on their laptop. That's about it in terms of admin.

What about the implementation team?

An integrator helped us, somebody who deals with Forcepoint products. There were no problems with that, although they were billing by time and the system is a little complex.

What was our ROI?

We have seen return on our investment because we're able to track our data. It's not so much an active return on investment, but more like an insurance policy. It prevents bad things from happening.

What's my experience with pricing, setup cost, and licensing?

The pricing is reasonable. That's why we went with Forcepoint. They were pretty competitive.

There are no additional costs, other than the cost for additional licenses that we have to pay for ad hoc.

Which other solutions did I evaluate?

It's not as easy as Zscaler to connect. To be very honest, I think Zscaler has a better product with a better interface, but the cost of Forcepoint is more attractive. That's why we went for it. We looked at McAfee as well. McAfee is a bit resource-heavy. 

Zscaler was very good. The interface was really good and it's easy to set up. Forcepoint is okay. I spoke to some other customers who used Forcepoint and they said, "Look, the interface is a bit complex, but it has everything in place."

What other advice do I have?

You need to put a lot of time and effort into Forcepoint, you need a dedicated team for it. You also need to have a data classification strategy firmly in place. You should classify your data before you get it. You also need to test your rules thoroughly before you implement them.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
HM
Chief Information Security Officer and Founder at a insurance company with 201-500 employees
Real User
Top 5Leaderboard
An industry leader providing excellent sensitive data protection that's very stable

Pros and Cons

  • "The solution offers very good sensitive data protection."
  • "It would be wonderful if the solution could develop more AI and machine learning capabilities. It would also be good if the solution was able to integrate with other ML and AI solutions. Right now, this is lacking."

What is our primary use case?

We use the solution for processing our sensitive data which is strategic data and strategic information exchanged between our top management personnel. 

The purpose was to acquire the solution to protect us from incidents involving the sensitive data from our group getting taken. This happened previously, where data was taken from us and given to another competitor. There was another leak as well and since then we've tried to carefully guard our data and implemented, for example, Apple Mail to protect our mail from third parties.

What is most valuable?

The product is interesting. It meets our needs very well. It's the best solution when compared to Symantec, for example. We have both ForcePoint and Gartner as well and it's a leader among similar solutions.

The solution offers very good sensitive data protection.

The solution is excellent at protecting strategic information. I deployed it when I was working in the petrol industry for an oil and gas group. It was the biggest one in Morocco. We held important information about critical activities, including providing gas and oxygen for the hospital. We were considered critical IT and we had to comply with the operative elective and the law. DLP helped us to protect our data and we improved our safety in order to comply with the law and existing regulations.

What needs improvement?

It would be wonderful if the solution could develop more AI and machine learning capabilities. It would also be good if the solution was able to integrate with other ML and AI solutions. Right now, this is lacking.

For how long have I used the solution?

We started working with Forcepoint DLP three years ago. 

What do I think about the stability of the solution?

The solution is stable enough.

What do I think about the scalability of the solution?

The solution easily scales. We are able to expand it as needed.

How are customer service and technical support?

Technical support was good. 

Which solution did I use previously and why did I switch?

The is the first type of solution in this category that we have used.

How was the initial setup?

In terms of implementing the solution, it's not easy and not complex. It's average. The deployment's level of difficulty is average as well. You just need to have the prerequisites satisfied. 

I appreciate their support because their support was with us to assist us until we deployed the two instances in our infrastructure.

I was the CISO, the Chief Information Security Officer of the company, at the time. My scope was to assist and to manage the project from the start to the close. I worked with the operational security to deploy it.

My scope was to cover governance. For example, elaborating on the policy for classification. It was a prerequisite to define the policy target in the DLP and to organize or to plan for the workshop with the strategic and sensitive entities in our group. I made sure they tried the solution and integrated the entities into the pilot side as well. 

What about the implementation team?

The solution's support assisted us throughout the deployment process.

What other advice do I have?

We were on Office 365 on the cloud. It wasn't enough. Since then, we've described our policy to Apple Mail and have elaborated out information classification. Afterward, we invited the business and the strategic entity to workshops to classify the data effectively and try the solution after implementing the DLP.

We use a hybrid deployment model and acquired the solution with the hybrid functionality to help protect our sensitive data in the inter-managed hybrid space.

The solution has been good, and it has responded to our needs. As a group, we were afraid of the safety around our sensitive data which was exchanged in our mail. We had an obligation to protect the data classified as confidential or restricted. The solution, since implementation, has helped us to protect our data and mitigate risk effectively.

ForcePoint also offers a bundle that includes modules that cover URL filtering and app data for other DLPs. It's very good.

Based on my experience, I advise any other organizations to test, try, and to be convinced by the solution before fully implementing it. Users will need to define exactly what it is they need from it and what their exact needs are to effectively deploy it. I think every user will appreciate that solution. 

We've experienced a lot of cyberattacks, so the DLP is necessary for us and would be beneficial to any company that has critical activities or has staff that exchanges sensitive data.

I'd rate the solution nine out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: I am a real user, and this review is based on my own experience and opinions.
MUHAMMAD FAHAD  HASSAN
System Engineer at ABM Info. tech
Real User
Top 5
Built-in PCI policies are helpful and we can download updates to those policies as they become available

Pros and Cons

  • "One of the most valuable features is the set of built-in policies that Forcepoint has for PCI compliance. We just need to activate them and start working. Without them, it would be a big task to do a data transformation."
  • "The reporting features, the real-time reporting, can be improved in Forcepoint. On the dashboard, we don't have a feature that shows real-time incidents. We have to schedule a report in the environment."

What is our primary use case?

We are using it for PCI compliance.

What is most valuable?

One of the most valuable features is the set of built-in policies that Forcepoint has for PCI compliance. We just need to activate them and start working. Without them, it would be a big task to do a data transformation. Another advantage is that Forcepoint also updates these policies. If there is a new control for PCI compliance, Forcepoint updates it in its system and it can be downloaded.

Forcepoint is also easy to use and manage.

What needs improvement?

The reporting features, the real-time reporting, can be improved in Forcepoint. On the dashboard, we don't have a feature that shows real-time incidents. We have to schedule a report in the environment.

For how long have I used the solution?

I have been using Forcepoint Data Loss Prevention for two years. I am a partner for Forcepoint and Symantec. I suggest DLP solutions to my customers.

What do I think about the stability of the solution?

Forcepoint is very stable. Symantec is also very stable.

What do I think about the scalability of the solution?

Forcepoint is quite scalable. If we have more network traffic, we can add an appliance and it will be enough for that increased traffic. It scales up.

The number of users in environments where we have deployed Forcepoint is between 5,000 and 7,000.

How are customer service and technical support?

I would rate Forcepoint's technical support at eight to nine out of 10. The support has separate sections, including essential support and basic support.

How was the initial setup?

The initial setup of Forcepoint is straightforward. It uses a Microsoft SQL database and the solution is implemented on Microsoft Windows Servers. When it's based on Microsoft, the solution is very integratable. Optimization of the installation is not complex. It is just like installing other software on Windows. We just need to learn the setup process and click some tabs and the solution is installed.

In general, the initial setup of the different components of Forcepoint takes only two to three days.

Our process is that we first install the database and then we install the Forcepoint Security Manager, which is the centralized location for policy management and reporting for all the solutions' components. Then, if required, we install the additional Security Manager. It is straightforward. Next, we implement the DLP on the endpoints, and then we work through the network side.

What was our ROI?

One of our recent deployments of Forcepoint was for a bank that has requirements for PCI compliance. In terms of what they invested in the solution, they got the value back within a quarter.

What's my experience with pricing, setup cost, and licensing?

The licensing of Forcepoint is quite straightforward. It's based on the number of users. The support fees are a separate cost.

Which other solutions did I evaluate?

The main functionality of both Forcepoint and Symantec is actually the same. But when it comes to deployment, Symantec's solution is difficult to deploy. To deploy Forcepoint I only need three Windows servers, but to deploy Symantec DLP I need eight Windows Servers.

With Forcepoint, we can take backups automatically from the appliance itself, using the Security Manager, in case of disaster. We just schedule a backup job and it takes the backup from there. But with Symantec DLP there is no feature for backing up and we have to do the backup manually.

But for larger enterprises, Symantec provides an Oracle Database where there are no limitations for keeping incident data in the database. Forcepoint uses a SQL database that can't hold as much data. Large enterprises often use the Linux operating system for their core applications. Symantec fully supports a Linux implementation of the core architecture of PLP in a Linux environment, but Forcepoint is only installed on Microsoft. This is one of the biggest factors for larger organizations, given that they often require a PLP solution.

What other advice do I have?

If an organization is small or medium in size, I would deploy Forcepoint for it. The price and the architecture requirements, and the equipment required for small and medium businesses, is reasonable. For large enterprises, with more than 20,000 users, I would deploy Symantec.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
DB
Co-Founder at Critical Technologies
Reseller
Top 10
Protection for your critical data that is quick to deploy and inexpensive

Pros and Cons

  • "The product is good and reliable. The vendor company is continually improving it and they seem to stay one step ahead."
  • "Everything can be improved and maybe there is a way to improve the user experience through the interface."

What is our primary use case?

We mainly use this solution for data protection and access to our critical company information.  

What is most valuable?

I do not think I should name a specific feature that is the most valuable because it is a product we are using as a unified solution and that is very important because it is one of the leaders in the Gartner Magic Quadrant. So there is not a specific feature that is more important than the whole of it together.  

What needs improvement?

The product is actually quite a good and reliable product and I don't know what to suggest because we are quite satisfied with it. So I would not want to name something that could be improved because it is a product that the vendor company is continually improving and upgrading on their own. The new features that they add in are quite satisfying for our needs. They seem to stay one step ahead.  

There are customers that are moving from Fortinet or Cisco to Forcepoint. I think that is mainly because it is coming from military technology, from Raytheon (defense contracting), so it is quite well rated even though it has not been around for a long time.  

In the next release of Forcepoint DLP, I don't really think that there a lot of things that I would need. I guess that there is always a way to improve the experience surrounding the user interface.  

For how long have I used the solution?

We have been using this solution for about two years now.  

What do I think about the stability of the solution?

The product is very stable.  

What do I think about the scalability of the solution?

It is very easy to scale this product because it is made to be used by big enterprises and also fleet management sites all over the world. We have about 100 users who are working with the solution within our company. They are normal end-users, not administrators, and the product is installed on each computer. We only require one person on staff for deployment and maintenance. It is actually less than one person. But it is one person dedicated to the task of supporting the product.  

How are customer service and technical support?

We have had the opportunity to use their technical support. They were very prompt and very good about getting us what we needed. They are very skilled and we were satisfied with their work.  

Which solution did I use previously and why did I switch?

We did not use another solution previously before using Forcepoint DLP.  

How was the initial setup?

The setup for the product is quite straightforward. It takes maybe 10 or 15 minutes to be installed before it is ready to be used. For the integration, it took maybe one day. In all, it was very fast.  

What about the implementation team?

We did the deployment of the solution with the help of our own team. I was not directly involved.  

What's my experience with pricing, setup cost, and licensing?

The cost for the product for us is less than $10 per user. We do not pay any additional costs for technical support. Everything is included.  

Which other solutions did I evaluate?

Before choosing Forcepoint DLP we did evaluate other options in the product category like from CA Technologies (Computer Associates, acquired by Broadcom, Inc.). We also considered a DLP product by Symantec.  

What other advice do I have?

Advice that I would give to someone looking into implementing Forcepoint DLP is to take care and compare it to other solutions. Other solutions may have a more established reputation because Forcepoint is a new name on the market. But I would recommend taking a look at all the technical features and the pricing as part of their consideration before making a decision.  

On a scale from one to ten where one is the worst and ten is the best, I would rate Forcepoint DLP as a nine-out-of-ten. The thing that would make it a ten for me would be for the company to improve the technical implementation. It should be better organized.  

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: distributor
MS
Presales Network & Security Engineer at a tech services company with 51-200 employees
Reseller
Top 5Leaderboard
Prevents the theft of data in motion through email and web channels

Pros and Cons

  • "I like the SaaS solution they're offering now a little bit more. It's a new product but it's easy to install and configure."
  • "You have to monitor the solution all the time."

What is our primary use case?

Our main target is banking, insurance, and pharmacy — my main clientele.

What is most valuable?

I like the SaaS solution they're offering now a little bit more. It's a new product but it's easy to install and configure.

What needs improvement?

There is an admin and you have to monitor the solution all the time. The same is true even if you use Symantec or Digital Guardian's DLP — it's all the same. They all require one administrator to monitor the system every day. In short, DLP solutions are good to have, but they do require maintenance.

In terms of human resources, if you have a DLP solution, you have to monitor it every day. Regardless of budget.

I would like to see some file access rights management. This allows users to access whichever files, folders, and resources they choose. This is something Forcepoint and Symantec both don't offer. 

For how long have I used the solution?

I have been using this solution for roughly four years.

What do I think about the scalability of the solution?

Forcepoint Data Loss Prevention is really scalable. Some of my customers have 20,000 licenses, others have five licenses.

How are customer service and technical support?

The technical support is very good. From a Forcepoint perspective, they're quite responsive. If I were to open a ticket now, they would respond within an hour. They're quite quick.

Which solution did I use previously and why did I switch?

I used to use Symantec DLP. Licensing-wise, Forcepoint is easier to deploy with less infrastructure. But at the end of the day, if you want the full suite, Forcepoint seems a little bit easier.

How was the initial setup?

Deployment can take anywhere from four to five hours. It can take up to two days depending on the infrastructure.

What about the implementation team?

The size of the deployment team can vary. One company could require one admin to check the logs every day and another could need to check only once a week. It depends on the department — DLP is complex.

What's my experience with pricing, setup cost, and licensing?

All of the vendors that I know have the same licensing fee — all of them. The ones that I've used, like Forcepoint, Symantec, and Digital Guardian, all have similar licensing, either perpetual or subscription — it depends on what you want. Do you want only endpoint DLP or do you want a DLP suite? Either way, they do have similar licensing. 

What other advice do I have?

I would certainly recommend this solution to others. It's one of the best DLP solutions on the market.

Overall, on a scale from one to ten, I would give this solution a rating of nine.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Product Categories
Data Loss Prevention (DLP)
Buyer's Guide
Download our free Forcepoint Data Loss Prevention Report and get advice and tips from experienced pros sharing their opinions.