Forcepoint ONE Reviews

Forcepoint ONE is a very, very good product, especially for my SOC (security operations center) team though you'll need to get a lot of training to optimize the solution and ensure that it meets your needs. Forcepoint ONE is a very good monitoring solution, and it gives my organization a lot of information on how to boost security and how to keep new products or new applications secure.

Forcepoint ONE is okay for me, and I find it a very good solution. Its most valuable feature is monitoring. Its monitoring is very good, and it can communicate with a SIEM system. I also find the DLP feature of Forcepoint ONE good.

One area for improvement in Forcepoint ONE is that you'll need more training to install the solution yourself. I practiced in a laboratory and I needed more technical information to do the installation.

In the laboratory, Forcepoint ONE is stable, but I don't know if it's stable in a real environment because I have not installed it yet in the real world. In a laboratory setting, it is pretty stable.

Forcepoint ONE is a very scalable solution.

The technical support for Forcepoint ONE is very good, at least when I needed support in a laboratory setting. On a scale of one to five, with five being the best, I'm rating the support a four.

In terms of the initial setup for Forcepoint ONE, I'm rating it a three out of five. I'm giving it a score of 60 percent out of one hundred percent. I currently don't have an implementation strategy, but if I need to implement the solution, I would need more training, or even take a special course on how to implement Forcepoint ONE.

Forcepoint ONE was deployed through an integrator or consultant.

I don't have information on the ROI from Forcepoint ONE.

The licensing cost for Forcepoint ONE would depend on the features, but the pricing is very competitive here in Brazil. The solution offers a good price, and I would rate it a three or a four in terms of pricing. I don't have information on whether there are additional costs apart from the standard licensing fees for Forcepoint ONE.

My company didn't evaluate other options because it is an integrator of Forcepoint ONE, so it only has Forcepoint ONE as its solution. This means I didn't do any testing with competitors such as Zscaler and Netskope.

My company is a partner and reseller of Forcepoint ONE. I work with the solution, though I'm not as experienced with it. I had my training in the Forcepoint laboratory in Brazil because I just started working with the solution, but I know how Forcepoint ONE works, how to use it, and how to implement it. I'm using the latest version of the solution.

The number of staff required to deploy and maintain Forcepoint ONE depends on the number of users because the solution can also be used individually or by a single user.

My advice for people looking into implementing Forcepoint ONE is to take a course or go into training because the solution may seem easy, but it's not, particularly during implementation, because it would still depend on your tool. You need to understand your tool well and how you can adapt it to Forcepoint ONE. The solution is not easy if it doesn't have a direct integration with your tool. When you go direct to the cloud, there's no problem, but when you need it to be a hybrid solution, it could be a bit difficult in terms of integrating it well. The integration, though it's not very, very difficult, still requires attention and care for it to be successful.

My rating for Forcepoint ONE is eight out of ten. For me to rate it a ten out of ten, the support, price, and functionality should first be improved. There would be a need to speak with the Forcepoint team about it, and the team is very, very dedicated in terms of explaining and helping you understand the solution.

We started with a very clear primary use case, which is what landed us on Bitglass: The need to protect Office 365. More specifically, we wanted to make sure that untrusted devices would not be able to download the full O365 client. 

Granted, you can do that with Microsoft tools, if you purchase some of their additional solutions. However, we decided that it made more sense for us to go with an independent CASB that we could leverage for other things as well.

Since the initial deployment, we have looked to expand well beyond the initial use case to protect additional cloud-based environments as well as implement additional functionality, such as DLP.

While you can't ever guarantee you can prevent a breach, I think Bitglass and their solution are a key component in helping secure our environment. We would not be with them if they weren't a valuable partner, as CASBs, in general, are a key piece of an overall security ecosystem.

In our case, controlling unmanaged devices and preventing them from being able to download full clients is a significant piece of the security and governance overall puzzle. To really control specific data leakage, you would need to fully implement DLP. So, we are in the process of evaluating the Bitglass DLP functionality, though we have not operationalized it yet. It certainly has the capability to secure against data leakage.

The platform has a lot of great features that can be utilized, e.g., we have been looking at DLP. 

They have some tie-ins to other partners, which is good. 

A few minor items for consideration:

• Enhanced reporting ( e.g. a report to find out how many users are in specific Bitglass group).
• MFA Enhancement: Perhaps adding an MFA Application.

We started looking at them back in 2017, but we didn't implement until 2018.

We haven't had any issues with latency; certainly nothing systemic. It operates seamlessly behind the scenes and the uptime has been excellent. 

100 percent dedicated staff is not needed. We have one engineer, who is the primary contact for the solution, but is not even remotely close to be dedicated to it.

The scalability is excellent. I don't have any concerns. We have a tremendous number of clients, not agents, routing through it. 

We are in the process of expanding our usage now. Our longer-term plan is to sweep much more under CASB.

The support and company engagement from day one have been great about being open and available. Over time, I have gotten to know all levels of people within their company, including the CEO, and you can't always say that. It goes to their dedication to their customers and company culture. 

It has been a tremendous partnership working with Bitglass. They took the time to understand our use case and have remained just as engaged today, even through their tremendous growth, as they were in the initial sale cycle. One of the things I say a lot, "There are vendors and there are partners." Everybody is good at doing the right thing when everything's going well. But, how a company reacts when you need help or if you have an issue is the true measure of the relationship. To that point, Bitglass has really been a true partner.

This was our first foray into CASBs.

The initial setup was straightforward, which was a huge win. That mostly goes to the fact that they are agentless. We didn't have to sit there deploying thousands of agents and all the things that go along with that type of deployment. We were up and running very quickly.

We do have a very small number of users using the agent as their standard proxy. However, almost our entire deployment is agentless, which is one of the things that attracted us to Bitglass.

Once testing was complete, and given the agentless nature of the solution, the deployment was straightforward and the time to realize benefit was really short.

We were initially up and running (with some tweaking and tuning) in about a day. Once Bitglass had the environment setup, it was just a matter pointing our Office 365 environment to route through them.

ROI on a security tool is always kind of a tough one, because it's usually risk mitigation. There isn't always a hard dollar ROI, but the solution has absolutely done what we wanted it to do.

Typically, the longer you price forward, the better off you're going to be. They have been very willing to work with us on pricing.

We certainly evaluated several other products. 

A true single pane of glass is not easy to achieve. The more you do with them, the more you can move towards that goal. As they continue to increase their functionality, the solutions that they offer, and the partners/integrations they have, they are certainly moving more in the single pane of glass direction. For security professionals and CISOs, as much as we can declutter and simplify, that's a great thing.

For us, it has done exactly what we wanted it to do. Bitglass continues to be a valuable partner: 

• The relationship is good. 
• Support is good. 
• The solution works well.

I would rate this solution as a nine plus out of 10.

I did a video with Bitglass a couple years ago. It's out on YouTube. If you Google my company, Ricoh, and Bitglass on YouTube, the video will pop right up. There is a lot of good info there.

The use case is around protecting data on BYOD devices where users can access any type of data.

It is overall a good solution for securing against data breaches and attacks, but there is no 100 percent guarantee in software. We feel that it is a pretty solid product for protecting data on the public cloud.

The solution’s AJAX-VM provides constant reverse proxy uptime. It has been very positive for our security operations. When people are trying to access the SaaS solution, it protects us from downloading any of that data and experiencing any type of attacks.

We mostly use it for CASB. It has a very light weight impact in that it doesn't really affect anything from an operations perspective. It is helping our monitoring, which results in better security, threat protection, or security posture.

When we have had enhancement requests, they have been able to fulfill those based on our changing needs. Therefore, we feel it's a pretty good solution.

Depending on the company, the data leak prevention or protection is the most valuable feature. DLP is the capability that we leverage. 

We leverage the impossible travel event type of capabilities and the reverse proxy capabilities. They protect and provide data protection, which basically help us with unauthorized access and protecting data on all transactions. This is important. These features focus on cloud applications, and that's where we use them.

We have tested and monitor how the solution secures us against data leakage. We feel that it is pretty good from that perspective.

Through their security portal, that is where we configure policies and any sort of security. This positively affects our security operations. We can go to one place and make the changes we need to, which saves time by providing easy access.

They need to mature the SmartEdge Secure Web Gateway (SASE) solution. It is still very early as a product based on industry standards.

Two years.

The stability is excellent. We have not seen any issues.

We have not seen any latency issues, whatsoever. It has been very seamless.

The solution's overall uptime is excellent.

The solution is pretty scalable. Right now, we have 12,000 end users on it. 

We do plan to increase usage by expanding the solution to five other applications. We find the solution to be integrable. 

Initially, we had some challenges that Bitglass resolved quickly. The challenges were around communication. There didn't seem like there was the right level of communication within the Bitglass organization. Once we brought the issues up at a higher level, then they were resolved.

We have found the technical support to be responsive. The turnaround time is within an hour or two.

At a previous organization, I used Netskope.

My current organization did not previously use another solution.

The initial setup was complex. We had special use cases, which needed to be addressed. There was a little more configuration needed for data protection.

The deployment took two months to get the resources design completed.

For the use cases that we had identified, we PoC the solution first as part of our evaluation criteria. When we saw the results from it, then we were able to move ahead with design and roll up.

We did the deployment ourselves with one architect and two engineers.

It is definitely providing us value.

We have our pricing by user. We do our pricing agreements annually. There are also additional costs for maintenance.

We also looked at Microsoft and McAfee's CASB: MVISION Cloud (formerly Skyhigh Networks). The biggest goal that we had with Bitglass was our use case was actualized on BYOD. We could not get those other solutions to really provide the level of protection we were looking for coming in from a BYOD device.

We have used competitive solutions that rely on private cloud architectures. Bitglass's uptime is very good in comparison. 

In comparison to Netskope, Bitglass has better ease of implementation. Also, Netskope was where they said the product was two years ago.

The product works, and their organization is pretty dynamic.

Get a very clear understanding of your use case before bringing the product in. That applies to all CASBs because there are different problems for different people. I feel like a lot of people think this type of solution can solve every problem. You have to figure out what problem you're going to solve, e.g., data protection or user access. From there, the idea is to jump in and bring it on.

This industry, as a landscape, is changing from a product perspective. I see CASB converging with other Zero Trust solutions. I am prepared to see evolution of this industry sector because of the changing cloud needs.

I would rate this solution as a seven out of a 10. SASA and some other things are a bit premature. As an organization, they have not been in business for a very long time. That comes with some level of challenges. We had an initial support challenge, which got resolved, but that kind of highlighted, as a software company, they're still maturing and productizing their product.

We use it for our cloud-based solutions. For instance, we use it for Office 365, Salesforce, and a couple of web applications that are cloud-based. It gives us an added layer of security with a little more visibility into those applications, as far as: who's logging in and who's not. It's kind of a firewall, in a sense. Since none of our business is really overseas, we don't really have employees or customers who should be logging in from outside of the United States. We just block any attempt that is coming in from offshore.

Another thing that it does, if people are not able to connect, then it gives us an easy view into why they may not be connecting. For instance, if their iPhone is not connecting, then sometimes we can see if they are entering the wrong password or something else. It has a little simpler navigation than what Office 365 gives us. It is also a little quicker to see login failures.

It has given us a more secure environment. If we weren't using their certificate and some of the other rule sets where we can verify their identity, we would probably not allow people to connect remotely unless they were coming through our VPN. 

We are able to see attempted connections and that sort of thing. 

We are able to verify what is getting saved out onto the cloud. It allows us to have some DLP rules, since we have to be HIPAA compliant. If some personal health information has been uploaded to Office 365, then we are able to detect that sort of thing and account for it. We have set up rules to prevent people from doing that. 

We can create rules to prevent people from copying things. We can see what sort of security rights are set up in SharePoint. We use a sort of combination of a native Office 365 rules set with Bitglass rules.

It has allowed us to have people working remotely during this pandemic so we can make sure they have valid certificates to connect to applications. If they don't have a valid certificate, then they can't connect.

The solution provides a single policy page to secure all of our interactions to the cloud and our on-premise resources. For example, there is a policy page where we go to define our policies. On that policy page, we have Office 365 and Salesforce policies.

I find the login features probably the most valuable. If somebody is having trouble logging into Office 365 or Salesforce, I can typically verify, "Yes, indeed. I see you're not able to connect." I can usually figure out why they're not connecting correctly, such as, putting in the wrong user ID or password. Or, they might not have a valid certificate to connect to those applications.

Identity simplifies our cloud security ops. It gives us a single pane of glass for our cloud-based apps. Because Office 365 tends to be slow to navigate though, this gives us quicker access. 

The initial login into Salesforce or Office 365 can be slow. However, once Bitglass has been established, it's not really noticeable.

They are improving their interface all the time, which is helpful. They have done some changes to make it simpler.

In our environment, when an Active Directory password changes, we tend to have some latency issues with access. It takes about 15 minutes before that password is accessible through Bitglass after the change. That would be the major thing I see as a negative.

The Active Directory password thing created a lot of negative feedback from our end user staff. As we move forward, we will probably have to evaluate that to see if it appears in other applications. At this point, we don't have any plans to discontinue it, but as we scale up, we will probably have that conversation.

Where I missed a step: I didn't provide enough training to our end user staff and system admin staff. This created some elements of frustration for them as they migrated to the cloud applications. The password synchronization piece seemed to be the big negative thing. When people can't log into an application, they get pretty uptight about it. That is probably my biggest misgiving.

The synchronization/password change issue is probably the most glaring problem that we have with it. Unfortunately, it's one that hits anybody who uses the product. Anytime their password changes, it becomes an issue.

About a year and a half.

The solution's overall uptime is excellent. We have never really had any downtime.

We don't really do much maintenance, because there's not a whole lot to maintain. Maintenance is pretty much done by a system administrator and me.

We only have about five applications that we are using. 

Our whole company is going through the solution, so there are about 170 users.

Their technical support is excellent, accessible, and quick to respond. There is very little delay. We are not waiting around to hear back from them because they are right on top of it. Therefore, I would give their support staff excellent reviews.

It seemed complex in terms of getting used to navigating the interface.

Our deployment took a bit longer because we were in the process of migrating to Office 365. I am not sure I can pin that on Bitglass, as we would have to contact them when we got a new set of users. A lot of that was us getting use to managing Bitglass. They held our hands for several months. I don't think it was because of Bitglass as much as the timing of implementing Office 365.

We were in the process of implementing Office 365 and Salesforce. This was chaotic, and not the best example of an organization going to the cloud, but we got through it.

With their support, onboarding it was excellent. They helped us through the entire process and were easily accessible when we needed them. Their support has been excellent.

It was a good solution at the time because I didn't feel Office 365 was giving us a very robust solution. They have gotten better. So, when our renewal comes up, we will have to evaluate if we want to continue with Bitglass or if we feel that Microsoft is giving us enough of a solution.

We did really evaluate other solutions. We wanted something that was cloud-based, not an appliance.

This solution was recommended by a couple of third-parties who were using it.

I would spend more time on the proof of concept than we did. We didn't really have the available applications to test it as robustly as we probably normally would have.

I would give the solution an eight out of 10. 

Bitglass allows us to leverage cloud applications with security. What that means for us is that, as our applications are moving from on-premise to the cloud, we can have security controls on who logs in, around when they log in, and what data they're accessing. That's what Bitglass allows us to do.

We're not using the proxies. We're only using it for the login policy management.

We can now allow people to access cloud apps on their laptops, safely and securely, when they're not in the office. It allows us to have more flexibility, working from home or remotely during COVID. This is a security platform that allows all that to happen. Without having Bitglass, our work from home strategy would be drastically different and our potential for productivity would be reduced.

The solution provides a single platform for CASB, web security, advanced threat protection, identity, data loss protection, and zero-trust network access. It does all that in one product. It's good because it allows us to adopt more and more cloud apps. It really gives us the flexibility to pursue any new technology that is going to benefit our organization and that is in the cloud.

Bitglass also provides a single policy page to secure all of our interactions to the cloud applications. It does not do it for on-prem, in our case. It could do so, but not the way that we have it configured. But for our cloud interactions, we have unifying policies; a single spot on the platform. From there, we can say, "This set of cloud applications needs to follow this policy." From that point, we can see which policies are being applied. So it's a single spot for policy management. It simplifies our security operations.

The core CASB solution is the most valuable part. It allows us to put policies in place around which devices can log into our cloud applications. We have a policy that states that only company devices can access these cloud applications. Our most sensitive data lives in our email, which is in the cloud, and in Slack, which is our messaging platform, and it lives in Box which has all of our files. The ability to access all of that, our critical data, has to be from a device that's company-issued so we know that the security level and the encryption level are up to a certain point.

It does a great job of securing us against data breaches and attacks. Prior to our moving over to Bitglass, we had one incident where someone's password was compromised. Whoever the hacker was, was able to log in and then send emails on behalf of this individual at our company. After we implemented the Bitglass solution in front of email, that scenario was no longer possible. They can't log in from a device that's not company-issued because now we have these policies set in place.

In terms of how the solution secures us against data leakage, their technology is good in the sense that it resides at the login point. That means that at the point that you're trying to get to the application, you need to fulfill a certain set of applications or a certain set of policies.

Their new SASE (secure access service edge) product would have been the one thing I would have requested. Now that they have that platform, I'd like to see it as integrated and seamless as possible with the core product. That's what they're working towards and that's where we're seeing the advancements.

I have been using Bitglass for over two years.

The solution's overall uptime is good. We haven't had downtime for Bitglass in production. 

For us, it's scalable. We have not seen any issues.

We've got a 50-user license for our company. The users are from across the company, and our adoption rate is 100 percent.

Their tech support is good. They're a 10 out of 10 in responsiveness and they're an eight out of 10 in getting the resolution, which usually involves code changes.

This is our first CASB solution. We went with Bitglass for the security of our cloud apps.

The setup is fairly straightforward. It's not perfectly straightforward because you need to understand how it integrates within your cloud apps. Once you have the connection, the identity providers, then setting up the policies is easy.

We ran deployment and testing for about a month before going live.

In terms of our implementation strategy, we had a separate instance of the cloud apps running in parallel to test out all the policies and to fine-tune all of our policies. Once that was complete, we used that on our production tenant.

We worked with an integrator called RFA, but we did most of the testing on our side.

We have absolutely seen return on our investment with Bitglass. From a cybersecurity standpoint, we have more controls. And from a productivity standpoint, we have more and more cloud apps that we have deployed, and that's really working in our favor.

We looked at Netskope and Skyhigh, but that was this two years ago so our comparisons are fairly outdated now. But at that time, Bitglass had the best SAML integration, which is the identification and integration services. That was the key for us as we were looking to connect into a lot of cloud applications.

You should definitely look at Bitglass as part of your process. I think it's still best of class and I think there is a lot of innovation that's happening at Bitglass. In terms of a CASB, and in terms of this new product for SASE as well, they are the best in terms of the feature set that they're offering.

As for maintenance, we've got one infrastructure engineer and part of his responsibilities is to look at the weekly logs for Bitglass to see if there are any unusual connections.

• Location proximity mapping
• Data type inventory
• Simple integration

It allows a window into who is sharing what types of data internally and externally. It allows us know where sensitive data is really stored and offers the ability to quarantine based on data types and sharing criteria.

• Reporting
• Simpler policy creation

I have used it for 16 months.

The cloud-based portal tends to get slow as the number of events increase.

The sales staff promised more than they can deliver, but the technical staff is excellent.

I did not previously use a different solution.

Initial setup was simple.

Negotiate for the pricing model that fits your budget. The vendor is willing to customize pricing.

Before choosing this product, we also evaluated CloudLock, CipherCloud and Skyhigh Networks.

Take your time and have each vendor set up an actual proof of concept, rather than just relying on a demo. Get your network and support staff engaged in the process early on because they will be instrumental in deployment and support. Know what you’re trying to accomplish.