Forcepoint Data Loss Prevention Reviews

Some implementations in Forcepoint are easy to do. 

We cannot implement very complex policies or use cases with Forcepoint.

Forcepoint's data visibility is the most valuable feature. 

They need to improve their reporting feature as well as the incident response. They have very limited and basic response rules available for incident management so they need to improve them.

I have been using Forcepoint Data Loss Prevention fora year and a half.

I rate the stability an eight out of ten.

The scalability is an eight out of ten. 

The technical support is average.

Positive

The initial setup is straightforward. It takes about three to four hours to implement this solution.

The solution is expensive. 

Overall, the solution is an eight out of ten. 

Our primary use case for this solution is for malicious activities.

The feature I found most valuable is the DLP. We are using it to do encryptions.

My opinion is that the dashboard could be improved and made more user-friendly. They do not enable a wide range of proper inquiries and we need to identify much of what we need on our own, like incident severity.

In the next release, I'd like to see the updates working properly as the priority apps we have are not upgrading the agent that we have installed.

I have been using this solution for about a year and a half.

I would rate the stability of this solution an eight, on a scale from one to 10, with one being the worst and 10 being the best.

I would rate the scalability of this solution a six, on a scale from one to 10, with one being the worst and 10 being the best.

I would say that their technical support is quite helpful. I would rate them a seven, on a scale from one to 10, with one being the worst and 10 being the best.

Neutral

Our model of deployment is on-premises. The only issue with deployment that we've found is that sometimes OPC is not able to connect to SCM or to a particular vendor. The deployment took around 20 minutes. Everyone was involved in the deployment of this solution, every department. It takes about two to three people to maintain this solution.

We used an in-house team to do the deployment of this solution.

There are around 16,000 users of this solution in our company.

I would recommend this solution to other people.

I would rate this solution as a whole a 10, on a scale from one to 10, with one being the worst and 10 being the best.

Forcepoint is installed on our company-issued laptops to act as an on-premises firewall. This ensures that we cannot access websites that are not whitelisted in the Data Loss Prevention (DLP) system, even when working from home.

The most valuable feature is security.

The administration should take a proactive approach to ensure that research-related websites can be accessed without having to be whitelisted, even if there are some sites that remain off-limits.

The setup is complex and has room for improvement.

The support is slow and has room for improvement.

I have been using the solution for three years.

The solution is as stable as our internet connection.

I give the scalability a nine out of ten.

We have 3,000 employees using the solution.

We use third-party technical support. The turnaround time for support is slow.

I believe the initial setup is complex and is handled by another team.

The deployment was done over the weekends and it took the IT team approximately two to three months to deploy bank-wide.

The licensing is on an annual basis.

I give the solution a nine out of ten.

The solution requires around 15 people for deployment and maintenance.

I recommend the solution to others.

I deployed the solution for three of our customers, and the primary use case is data loss prevention.

The feature with which the solution integrates with the proxy, the ICAP protocol that logs the inline traffic or real-time traffic, is valuable.

The Optical Character Recognition (OCR) functionality is another helpful feature, especially for unstructured data. Being able to discover sensitive data in an unstructured format is the most beneficial element of the solution.

We can add tags to table format or Excel documents, such as ''confidential'' or ''sensitive information'', and the DLP suite takes action according to the defined policy for each tag.

The APIs for device integration are limited, so that could be improved.

If a feature known as Exact Data Match is present, I cannot detect it. This is an easily accessible feature in the Symantec DLP product and those from other vendors, such as Zscaler. EDM either needs to be added as a feature or made easier to find, as I couldn't find it. It's possible none of my customers got a license for this particular feature, but that seems unlikely.

Forcepoint is very stable; I rate it a nine out of ten for stability. 

The solution has excellent scalability; I rate it eight out of ten here. 

The customer support is outstanding. 

Positive

The deployment is straightforward once you understand the solution's architecture. A proper understanding of the different components of Forcepoint DLP is essential, as deploying an enterprise-level DLP could be confusing because the policy server is separate from the main engine sitting on the Triton server. Understanding the components of the enterprise DLP suite is the most critical element for a successful deployment. Still, I rate the solution seven out of ten in terms of ease of setup.

The scale of the particular DLP deployment is also a factor; we had cases where the customer only required endpoint or network DLP, a relatively quick job that two staff can complete. A complete DLP suite, including email, web, and network DLP, plus data classification and labelling, would require four associates. Our most recent deployment was a complete enterprise DLP, which required four staff. The entire deployment took almost three months, including a one-month planning phase. During the planning phase, we prepared the documentation, designed the HLDs and LLDs, and high and low-level diagrams. Following acceptance from the customer, we started the implementation, which took roughly 50 to 60 days.

The level of maintenance required depends on how many events per hour a particular tool is putting out. If a customer wants to check analytics or identify an email or data leak, that situation doesn't require much policy fine-tuning, and a single staff member could deal with it. The customer can also decide what coverage they want, which may be 24/7, an admin to monitor events only, or Monday-to-Friday support. The coverage determines how many engineers will be required.

Another factor in maintenance requirements is the volume of events, as an extensive client could have more than 10,000 servers with many sensitive data in motion. The customer had 24,000 users for our last deployment, and there wasn't a dedicated team for the DLP. The engineering team took care of the network, endpoint, and data security together. There were ten of us on the team, with two engineers per shift for 24/7 coverage.

I can't comment on the cost, as a different department handles that.

I rate the solution eight out of ten. 

Forcepoint is the best DLP solution in the industry. I have yet to see another DLP solution on the market that provides as much security for endpoints; their endpoint DLP is unbeatable. Forcepoint also has an enormous number of features. It's handy, lightweight, easy to deploy, captures all the details, and never gives false positives; it's an excellent product.

The main use case for Forcepoint DLP is its OCR feature, which many customers need. The OCR capability can only be used at the network level, not at the endpoint level. It enables network-based data security, such as scanning emails or web traffic for potential data leaks. It's useful when dealing with scanned documents or screenshots containing sensitive information, preventing data leakage for multiple customers who require this level of security.

DLP also provides a test suite and integrates with a cloud access security broker. This helps protect data in cloud storage environments and gives you more control over data security in the cloud.

First, you need to categorize your data—what kind of data it is, the severity of its sensitivity, how long it needs protection, and the destinations that need protection. Forcepoint provides a dedicated solution with a user-friendly interface that makes it easy to manage. Remember that DLP doesn't handle data classification independently, so you'll need another tool to classify your data. For instance, you might use a classification tool to label documents as confidential, private, or internal.

Once the classification agent is installed on the endpoint, users need to label their data accordingly. For example, a Word document containing sensitive information should be labeled confidential. After labeling, you can create a policy in the DLP solution, such as Forcepoint, to block any data labeled as confidential from being shared. You can specify destination addresses to block at various levels, like the network, email, or RDP.

It is a bit expensive.

When deploying a DLP solution in your environment, it is important to follow best practices and start with monitoring mode. Initially, you may not know where your data resides, which users need access to it, or the nature of the data itself. Deploying an agent and monitoring the data flow and usage for three to six months is essential. 

Forcepoint DLP helped customers save some money at the end of the cyber security field. Data is the most important thing you need to implement for a DLP solution in your environment. You could also face insider threats. Implementing a DLP solution helps prevent potential data leaks by giving you control over what kind of data is being accessed, where it's stored, and how it's being used within your environment. It also allows you to monitor and prevent unauthorized sharing of sensitive data, ensuring better security across your organization.

You have two primary use cases for encryption: one for USB devices and the other for network-level data, like email. For email encryption, you can use an appliance that encrypts emails before sending them to another recipient. You can set up DLP for USB devices to manage and secure the data copied to the USB. By registering the USB with your DLP administrator or security tool, such as Forcepoint Security Manager, you can ensure that any data transferred to the USB is protected through encryption, preventing unauthorized access.

Integrating a DLP solution with your Active Directory is a prerequisite for implementing it in your environment. Ensuring your Active Directory follows best practices and benchmarks is crucial for seamless integration and optimal functionality of the DLP solution. You need to add the Active Directory to the environment. It must be integrated because you cannot block your data if your endpoint is not integrated with the endpoint level.

Overall, I rate the solution a nine out of ten.

We use it for monitoring and blocking sensitive data in emails, following our new governance policy.

We like the ability to customize our requirements and rules, as well as its ease of use and management. It also has a cloud feature and proxy functionality.

The product is good, but the biggest issue is needing direct support from Forcepoint.

In future releases, it would be helpful if the OCR feature supported more standard formats, as currently, Forcepoint cannot block some standard data formats.

I have been using it for three years. 

I would rate the stability a seven out of ten. We occasionally experience some downtime and glitches, mainly on the cloud side.

It is very scalable and we have not encountered any issues.  There are around 11,000 end users using this solution.

I would rate the scalability an eight out of ten.  

It can be hard to contact customer service and support, and their response times and solutions can be slow and sometimes irrelevant.

A lot of time their feedback is not helpful. 

Neutral

Forcepoint offers a more cost-effective solution because everything, including OCR, is included in one package, unlike Symantec, where it is an add-on with an additional cost. We also considered McAfee before choosing Forcepoint.

So, the main reason we chose Forcepoint is the cost because it's a single package.

The initial setup is simple. It's now easier than Microsoft, for example.

We currently use a hybrid model with on-premises deployment for the top and cloud access for laptops.

There are five people in our technical team handling deployment and maintenance of this solution. 

I would rate the pricing a six out of ten, where one is high price, and ten is low price. It can be a low price. 

Overall, I would rate the solution a seven out of ten. There is some room for improvement.

Forcepoint Data Loss Prevention works to protect data from attacks, which is a company requirement. It works on networks and has an OCR feature, with OCR being the primary use case for it in my company.

The most valuable feature of Forcepoint Data Loss Prevention is the OCR.

An area for improvement in Forcepoint Data Loss Prevention is the complex UI and policy deployment. You have to find the policies, and then designing the policies is also tricky.

As Forcepoint Data Loss Prevention has some complex policy implementations, I want a more straightforward policy deployment from it in the future.

I've been using Forcepoint Data Loss Prevention for the last few years.

Forcepoint Data Loss Prevention is a stable product.

My company logs tickets in the Forcepoint Data Loss Prevention support portal whenever there's an issue. Support-wise, I'm giving the team eight out of ten.

Positive

The initial setup for Forcepoint Data Loss Prevention is easy. My company did a POC and demo session, and the solution is currently in the deployment phase.

The pricing for Forcepoint Data Loss Prevention is more expensive than Symantec, but it's negotiable. It depends on how well you negotiate. The solution is worth the money, though, based on the services and facilities it provides to my company.

My company uses Forcepoint Data Loss Prevention.

I'm using the latest version of the solution because my company updates Forcepoint Data Loss Prevention every time there's a new version.

My company has more than one thousand Forcepoint Data Loss Prevention licenses.

I would recommend Forcepoint Data Loss Prevention, depending on your scenario and the industry you're working in. The primary consideration for using the solution would be your use cases. If it fits your use case, I'd tell you to go for Forcepoint Data Loss Prevention.

The solution is quite mature compared to other DLP products, so my rating for Forcepoint Data Loss Prevention is eight out of ten.

My company is a Forcepoint Data Loss Prevention user.

We're trying to use the solution for data loss prevention on the endpoints.

Every time I pushed the agent to laptops, I wasn't able to gain visibility.

I do not have any real valuable features at the moment. 

It was mostly stable. 

There is a lot of articles and documentation that technical support direct you to.

Getting tech support to assist us took too long. 

The communication between endpoints and the DLP over the internet was difficult.

The ease of deployment wasn't as flexible as Digital Guardian. We did not have a good deployment experience. 

It needs better pricing.

There is too much going on. We need help understanding all of their tools and offerings. We need to understand their offering, and we don't right now.

An integration deployment feature would be great for APIs. They need to use standard APIs and tools.

They need more resources online to assist users in looking for the most up-to-date documentation. 

I've used the solution for two months. 

I'd rate the stability six out of ten. It was okay. It could have been better. 

I did not look into scalability. 

Customer support simply directs us to links to read up on our own. When we contact support, we need one on one help, not directions to articles. They need to improve the way they deal with customers and be more hands-on. 

Neutral

I've also used Digital Guardian. It is an easier solution to deploy.

The initial setup was not that simple. The solution itself is too big, too vast, to really learn properly. It also wasn't as flexible as we needed it to be 

The cost is too high. They need to work on their pricing model. 

I wasn't a part of the decision-making process. 

I cannot recall the version number we're using. 

I'd advise potential new users to do a proof of concept and check vendor integrations. Increase the POC to two or three months, and don't be rushed into the product until you are ready.

The solution is too fast to learn everything. Digital Guardian was much more manageable. 

I'd rate the solution seven out of ten.