Please share with the community what you think needs improvement with Forcepoint Secure Web Gateway.
What are its weaknesses? What would you like to see changed in a future version?
A feature of Forcepoint Secure Web Gateway that can be improved is the speed of data analysis. Also, there should be enhanced detection when it comes to the loading of encrypted data. A feature we wish to see addressed in the next release of the product involves its administration. I do not consider the product to be excellent and would rate it an eight out of ten.
The functionality of this product in the current version is not up to our expectations. This product does not have an integrated strategy for securing your web gateway with DLP.
The biggest issues within the product were that it had become stagnant. For about four or five years, there was very little real innovation going on. It felt as if they were just sitting back. They were lacking in regards to keeping up with the developments within the cloud. Overall, I think they had a good, solid product. I think they failed to add features. It was not as feature-rich as other products. I would say the biggest problem was the lack of features, they just hadn't kept up. Under Raytheon, they were starting to correct this, but it was a work in progress. Overall, the biggest problem with the product itself was the lack of features. I knew that they needed to handle web sockets in some way, all we could do was effectively bypass it. There were too many times when the connections just didn't work right through the proxy. Our customers would have to bypass and basically go around the product. There were various levels to this and it was a real pain for our customers to diagnose those problems. There needed to be an end-product protocol analyzer output (for lack of a better way to put it), that would help administrators understand why the connection wasn't working. There was so much legwork involved: someone would have to take a laptop and set up in front of the proxy; then they would have to load Wireshark (as I used to call it) and pull their captures; then they would have to give that to Forcepoint, or they would have to try to reason it out themselves. That caused a lot of problems because most administrations weren't confident or competent enough to do it. They didn't have the skill-set needed to make proper use of those tools in the first place for analysis. There were a lot of customers who could've gotten value from the product but who were put in a position where they had to basically bypass the product because of certain connections. Some form of connection-troubleshooting should be included within the product, more than just looking at a log that nobody knows how to read except for support. There was no way to troubleshoot connections in an effective manner that didn't require a lot of legwork by the user. Whenever you ask a user to do that, nine out of 10 times, they're not going to do it. They're just going to take the easy way out, bypass it, and then they'll bitch about the product, but they won't actually fix it. They won't want to make the extra effort. The problem just remains unsolved. They needed something like a connection analyzer tool to explain why, or at least give a better indication of why this was failing. Again, it was the lack of development. The GUI is quite nice. I think it's very natural for people once they get used to it. Ironically, the company I'm working for now is actually POCing the DOV product and one of the things they like is the interface. They had a lot of good synergy with their other products. They failed to capitalize on it, ultimately. They're getting there. They got better, but it might be too little too late. That's the problem.
We are using a V10000 G3 appliance. It is just a proxy. It is just HTTP, FTP, and HTTPS. Now, as our website has developed and we are using rich time-connectivity protocols, the proxy doesn't have the ability to work with these protocols. It would be nice if the UDP feature was there for it to filter UDP traffic. It needs firewall capabilities for UDP filtering. Its upgrades can be quite complex, and they don't always go as per the plan. Its reporting could be a bit more granular.
Forcepoint giving only on-premises solutions and hybrid solutions. They're also providing the Cloud Web Security, but there is limited functionality, limited categorization, and limited protection. Stability needs some improvement, we have on occasion experienced some delay when it is synchronized.
We have a lot of false positives, which is one area that can be improved. At the same time, there is a lot of spam that still gets by the filter. The engine should be enhanced because some malware still gets by the filter. The login for emails should be more advanced.
The issues we have are more around organizational issues between us and Forcepoint. We don't have problems with the solution although sometimes attacks or new ransomware gets through. Sometimes we need to work together with Forcepoint in order to change the setup and to block it. It would be great if Forcepoint was able to do this without our knowledge and, even better before those mails ever reach us. The improvement needs to come on both sides – not only from ForcePoint, but the idea is to work on few points: * The idea is to set up on the ForcePoint side TAM that could help us in the tuning the configuration. * At the same time we need to work on improving the expertise and increase the number of FTE that will work on the platform (internal or external) in order to be able to really have the benefit of TAM. * 3rd point is that some of the attacks come through and after we report it to ForcePoint they manage to improve the environment, while my experience with some other solutons is that the provider is more proactive and does the change/improvement even before we notice it.
In the on-premises version, I don't like the deployment and structuring of the device. It is time-consuming and not as easy to implement as Blue Coat Web Security.
Sometimes we find the solution behaves erratically. It may be related to our configuration, which may be incorrect. We are using desktops, laptops, and workstations and the laptops are set to mobile status. We do make connections outside the office premises as well, and desktops or workstations are predominantly located in the same place. Overall the software is occupying too much memory space. If they could remedy that, it would be a better experience, because today Windows is occupying too much memory space as well (in terms of the RAM), and this software has also started occupying all the memory. Due to this, I have less space for my other office products and data. I can't, for example, operate a huge Excel sheet or other datasets. Product grouping should be made more flexible. We should be in a position to define the product groupings. Also, sometimes the standard product grouping that they are using is not applicable in this part of the world. If they could move it, if they could make it more flexible, it would make our life easier. Otherwise, we are forced to use our own definitions a lot. This sometimes causes problems with performance. The product grouping really should concentrate more on this particular geographic region.
The deployment is a bit complex and it requires expertise to deploy, which is something that should be improved and made easier to do.
If the solution had a lower cost, it would be easier to implement. In the 8.5 version of the solution, I took some issue with the interface. I'd recommend that the company supports more process to matrix files. We've had issues with that. The solution should be better able to support itself and operate faster. Sometimes the technical support team takes too long to respond.
For improvement, we cannot deploy the Forcepoint Web Security firewall directly without ISP. The firewall doesn't have any features because some customers are requesting they will install the firewall without licensing. At this time we cannot go further without licensing. Licensing is a must with Forcepoint Web Security firewalls. I'm not sure that those features are included with Forcepoint Web Security. We checked the other features but we have not checked out their performance.
What do you like most about Forcepoint Secure Web Gateway?
Thanks for sharing your thoughts with the community!