The company should work to improve its VPN capabilities.

For the most part, there aren't really any features or services that are missing.

The implementation may be a bit more complex for a person who doesn't have much experience with the process.

The company should update the URL filtering database. They need to enhance the URL filtering and make it easier to customize.

The interface is not user-friendly.

We were told that we would receive training but it came late and we had already started to deal with the product, which ultimately caused problems because we did it incorrectly. If the vendor focused more heavily on training as opposed to implementation then it would be a big improvement.

The UTM features are missing.

Application filtering is supported at a high level, but not at a low level. If I want to allow access to Facebook, yet not allow the user to access videos, then I am not able to do it with this product. Essentially, I'm allowed to block but I'm not allowed to limit. With other vendors, I can impose limits.

They need to add support for the Routing Information Protocol, RIP.

There is no support for the Built.io NIC driver.

While they offer a comprehensive bundled solution, some users may prefer on-premise deployments for certain features, such as URL filtering. Currently, Forcepoint offers WebSense for URL filtering in the cloud, but users who prefer on-premise solutions may find this lacking. They could improve these particular areas.

Configuration is not easy because it has an old-fashioned interface. The configuration interface is highly complex, and it's been the same for years. They have to change the interface.

The structure of the configuration interface isn't like Palo Alto or FortiGate where you can do everything from a single screen. With Forcepoint, you have to import or assign rules because it's working with SMC, the central firewall management. Also, you cannot communicate directly with the product. You have to communicate with the product through the management interface. 

The dashboard also should be updated. 

The capacity for reading the users in a domain and the capacity to integrate the solution with the active directory or any kind of directory services need improvement. 

You do need knowledge of the solution in order to set the product up properly.

Next Generation Firewall's configuration could be improved.

There is certainly room for improvement. In larger companies with extensive infrastructure, retrieving logs for a longer period of time can sometimes take a bit longer than desired.

In bigger companies with a larger volume of logs; it takes more time to retrieve them due to the increased amount of data.

It's a complicated firewall. Until you come to know the firewall inducers, most people don't like the firewall because the components for it are a little bit complex. User-friendliness is a little bit tough. It needs to be more user-friendly when creating policies, and pushing policies. Committing takes more time compared to Palo Alto.

The solution needs to invest in its GUI. The interface is very bad and not user-friendly.

Forcepoint could make the interface more reasonable and easier to navigate. If you are not good at Forcepoint, you cannot easily manage it. Fortinet is easy to navigate and reach.

Forcepoint should focus on upgrades. Sometimes, service is impacted or disrupted after an upgrade. You have to read the release notes carefully before doing anything.

They should provide more details on potential cyber-attacks over a dashboard or email for the solution. Also, they should include centralized dashboard configuration and management.

A pain point worth mentioning is the need of the customer or client to properly know the environment as it relates to the presentation of Forcepoint and to have a better knowledge of the product's implementation. 

They need to improve their alerts. If I could integrate some of the alerts on WhatsApp, that would be nice. I should have the option to get my alerts, not just by email. I'd like to also see them, for example, on WhatsApp. 

From a managerial point of view, as long as you have proper training, it's very easy to manage this firewall. Something that I've noticed that Forcepoint lacks, is the training that they offer to their customers. It's quite expensive, I believe it costs roughly $11,000. Because of this, we haven't been fully trained in this solution; to get the most out of this product, you need proper training. That is the only negative comment I have surrounding Forcepoint.

Aside from the expensive training, I honestly can't think of another issue. It's a fully-featured firewall that comes with everything required. The version that we are using has a single power supply, whereas we would prefer having dual power supplies on or firewalls.  

Forcepoint Next Generation Firewall could change its interface, allowing standard or direct connect modes to be configured. While group design and configuration generally function well, there are issues related to OSSL. These issues may necessitate troubleshooting that involves accessing hidden features by adjusting product routes. This level of troubleshooting is currently restricted to technical personnel, not partners or customers.

I think some of the customers who already use Forcepoint will benefit from using SD-WAN because it has features like auto-scaling, but I think the auto-scaling needs improvement since only Forcepoint NGFW comes with the SD-WAN solution. Plus, auto-scaling is an important tool and it still may not be good enough for some customers, so I think there is room for more improvement in the auto-scaling feature in SD-WAN.

We have also gotten a slow response from technical support when we experienced hiccups, errors, and bugs. I think there is a lot of room for improvement in the support capabilities.

Forcepoint Next Generation Firewall could improve with applying policies. Also, improvement with publishing websites and VPN agent.

The solution needs to add an antivirus profile and anti-spyware profile, not just policies and VPN.

It's a good firewall but we are looking for features that are available in Palo Alto.

My team is looking for more throughput and better integration with our security framework. Better integration with other platforms would be an improvement.

Its interface is complex when compared with a firewall like FortiGate. Forcepoint Next Generation Firewall needs a management console, whereas FortiGate doesn't need any console. When you have a few devices, a console is not really necessary. It's good to have a private console only when you have a lot of devices.

The security features need to be improved.

They need to increase the local support here. There are also some bugs or fixes on which they need to work. They very well know about these bugs.

In terms of licensing, I would like them to either increase the number of features in a single license or make licensing more flexible.

We had some licensing issues with its web filtering capabilities. That's why we migrated our web filtering to Cisco Umbrella.

Moreover, the interface is complicated. It's difficult to locate all the necessary menus and functions.

For example, one of the many issues is with SSH. Even now, we haven't successfully opened the port to connect using SSH mode when we want to change the configuration. It's like a black box—not very open to changes and customization. It's simply not easy to configure.

There are other problems, too. For example regarding Forcepoint's Websense component. We had a lot of problems managing the web settings within Websense. That's why we migrated to Cisco Umbrella for cloud-based web filtering.

It's not that Forcepoint is inherently bad. The issue is that it's not user-friendly. It is not easy to use. The developers need to redesign the interface (GUI) for better management. It is very difficult to manage. For example, simple actions require too many clicks compared to FortiGate or Palo Alto. That's the main problem. 

Management could be better. They can improve the management. I think all our customers can't accept firewalls that have standalone management. So, they prefer Fortinet or Palo Alto. But overall, inspection and other features are working fine.

No firewall is perfect but they could improve on the detections of threats.

There is no support available in Fiji, and it would make it easier to have local support and somebody that we can speak with.

The pricing for this solution should be more competitive.

Forcepoint would be improved if there were more training available.

The vendor should make loaner units available for test and evaluation in test environments.

The first point to improve is just a matter of updates. We are moving to the cloud, so we want to use virtual licenses on the cloud. We need to move from on-premises to the cloud.

We would love to take another solution from Forcepoint, but unfortunately, the price is too high. That's why we are not considering using Forcepoing for our proxy and DLB. They have a very good DLB, but the matter, in the end, is the cost.

This solution would be improved with the inclusion of custom reporting. The pre-prepared reports are ok, but sometimes, perhaps once a month, I would like to create some custom reports.

In the next release of this solution, I would like to have an application proxy. In our previous solution, Sidewinder, we had this capability. For example, if you want to allow SSH traffic then you can set or restrict some features of this protocol, and you can look into the traffic using SSH Insight. Some examples of applications that I would like to see are Oracle and RDP.

The network interface could be better, and it could be cheaper. It's very difficult for us to compete with Fortinet. I would like to see an Application Control feature in the next release.

They should have a GUI on the product itself, not a separate management tool to be used on the management server or on a server to be used to manage the file. It should be all in one device. The device should be controlled through its own GUI. They also have to improve the learning center and the documents as the documents don't really help.

In the next release, they should improve the documentation.

It lacks something called a change of authority. It also lacks more integration with other VPN clients. Also, the ability to dynamically change policies could be improved. 

Its management center should be easier to use. The management interface of Forcepoint is unique and a little bit different from some of the firewall solutions on which people might have worked before. Sometimes, the customers say that it is not very friendly, and we help them with how to use this management interface. It just takes a little bit of time, and after some time, it gets easy to manage or use. It is quite similar to Palo Alto, Fortinet, and legacy Juniper solutions. 

Their support should be faster. We have received complaints that they are not responding fast, which is not good for the vendor and us.

They are great in every single area except for the optimization feature. The optimization is not really ready. If you want very good optimization, you have to add it to the network. I think if they make some enhancements in that area, they will replace every other product in no time.

We also need more IPS detection rules.

I would like to see more sizing in the next release, and the roadmap should be clear. More models are needed to compete in terms of firewall sizing.

Decryption needs improvement. It could be better in terms of the bandwidth and in terms of the speed of the tasks.

The solution needs to build upon its network functionality. It needs to be a bit smarter.

Communication with the cloud will be integral to the future of this solution. It needs to be easily deployed with the cloud going forward. 

The solution would also benefit from working within a multi-cloud environment. It should work with everything from Google to Azure to Salesforce. They need to have a more complex API to be able to successfully connect with other clouds and stations.

Making this solution easier to use would be an improvement.

The implementation could be made easier.

The solution's support could use improvement. 

I'm in the MENA region so most of the time we were getting support from Europe.

They should include a license watch solution on their back-end.

Forcepoint is a little difficult to configure compared to its competitors. 

The product could be more user friendly. Firewalls are getting better in graphical user interfaces. If there is an issue with the appliances then the engineering team can work on the command line controls. A cheaper way is a graphical user interface for any users to be able to quickly configuration and implement.

Intel could ditch the Java-based GUI rendering and could use some serious revamp on the way they manage their GUI. A lot of bugs happen on their GUI but their system is working fine.