If you were talking to someone whose organization is considering Forcepoint Next Generation Firewall, what would you say?
How would you rate it and why? Any other tips or advice?
We tried a few implementations and we did not have very much success because the interface is not user-friendly and the product is complicated. If we had the training on time then it may have been easy but that wasn't the case. The biggest lesson that I learned from using this solution is that you can't trust what people tell you. When they say that they will take care of things and support it, that is not included. My advice for anybody who is implementing this solution is to make sure that the training is completed first, ahead of trying to implement it. I would rate this solution a four out of ten.
It's a nice product. I haven't come across anything that needs to be improved. It is very capable, very reliable, and easy to deploy. It covers all your networking needs for a big enterprise network. If you have a small business you should go with FortiGate or Cisco.
My advice to anybody who is researching this solution is to consider the company's budget. Forcepoint is a very expensive solution but it is also very secure. For smaller companies, I would recommend Fortinet and Cisco, but if you have the money then you can look at Forcepoint. I would rate this solution a nine out of ten.
I like this product and it is one that I recommend. I would rate this solution an eight out of ten.
I recommended Forcepoint to be implemented. I would rate this solution as nine out of ten. It would be a full ten if it had integration with endpoints.
Hello Ahmad, why could it not integrate with the endpoints?
We use the on-premises deployment model. I'd recommend the solution, but it depends on the requirements of the user. I'd rate it eight out of ten.
They just need to make sure that their environment is ready for implementing the firewall. They have to prepare for about two hours of downtime because we need some downtime to do the initial configuration. They need to be prepared for the deployment plan. That's all. The biggest lesson I learned is that you cannot provide everything in one box. You can provide everything in one box, but you cannot provide everything deeply with the same quality all in one box. You need to give up on something to gain another. I'm always telling the customer, what's your biggest issue? Is it security or performance? Is it task optimization? What is your biggest concern? Based on their answer, I recommend one of the vendors that we work with. If he said that he does not have any problems with anything, he just wants to get everything, then I provide them with Forcepoint and tell them that they will have some issues in a certain area. If he is okay with that, we go with the product. If he isn't okay and cannot accept that risk or that point, then we go with another vendor. What I learned from them is that you can provide everything in one box, but you cannot provide everything with the same quality in that box. They have really good capabilities if you want to use it. So I do recommend them in some cases, when the customer needs some optimization, along with performance and security. If they want everything in one package, I recommend Forcepoint because they have everything. That's why I recommend Forcepoint in that situation. I would rate the solution as eight out of ten. If they solve the problem of optimization and added those IPS rules, I believe that they would deserve nine of ten. Nothing is perfect, though.
Forcepoint is my favorite enterprise firewall. The security management center is the best part of this solution. It is always very simple to see the state of the firewall and to configure it to look for faults. The quality of this component is very high. Previous solutions were not very good with respect to the management center, but now, in this solution, it is very good. This is the main reason that I recommend this solution to others. This feature is absolutely necessary if you want to configure devices to prevent attacks. I would rate this solution a ten out of ten.
I recommended this solution mostly for large enterprises, a project that needs more than 100 firewalls to be managed. They have a very good management tool as security management centers. I would rate it an eight out of ten.
What others need to know is that they need to have a clear idea of why they're going for this particular firewall. They need to know if are they looking for clustering or if are they looking for link load balancing. If they're not going for clustering, I would suggest they go with the most moderate firewalls like Palo Alto or Fortinet. A certain type of attack, such as evasion techniques, isn't something that other firewalls really protect against. According to NSS Labs, Forcepoint firewall has been on top for the last consecutive four or so years because of the detection rate of evasion techniques that other firewalls failed to detect. The clustering of our ISP links is a nice feature that other firewalls also should have. It is a helpful feature, but it is not a user-friendly solution as a whole. I would rate the solution five out of ten. User-friendliness is the most important reason I've rated it so low. After Cisco firewalls, no next-gen firewalls have come to the market. So if they want to compete with these firewalls, they need to enhance the overall user-friendliness of the solution.