Forcepoint Secure Web Gateway Reviews

We use the solution as an overall proxy. We are using Forcepoint Web Gateway to allow only trusted, valid URLs - whatever is accepted or offered by the cache rate.

It's a landing zone for all kinds of end-user traffic for the internal users, as well as to protect against any attacks from my external users. Also, it controls the internal IT assets and can protect us from hard, new, cyber attacks, ransomware, and other things. That's how it has been used right now specifically.

The agent is acting as a HIPS, host intrusion prevention system, apart from providing trusted access to any external websites. It is doing some real-time monitoring, as well as reporting security events. It can able to give an alert for any security event, which is any unauthorized event. It sends a notification to the reporting manager, who can be immediately alerted. It can happen in nearly real-time. The reporting is very helpful.

There is some sandboxing available, which is quite useful. 

The solution is scalable.

It's fairly easy to set up if you have some prior knowledge. 

The stability is good. 

It offers reasonable pricing. 

The Sandbox solution should be integrated with the NIST to handle whatever new vulnerabilities or new sites are identified as potential threats. That could be dynamically integrated and implemented in a production enrollment, just like intelligence threat production. That would help in an intruder use case.

We've been using the solution for three or more years. 

The stability is okay. The performance is also very good. The threat handling is almost near real-time, and even notifications and reporting happen fast so that we can take corrective actions. Overall, the experience was good. There are no bugs or glitches. It doesn't crash or freeze. 

In our organization, we have 35,000 people.

It is very scalable. We haven't had any issues with the process. 

I don't deal with technical support directly. However, we haven't had any major issues and likely have not needed much support in general. 

We are using multiple products. For an antivirus, we are using Symantec solution as well as Trend Micro. For our deep security, we are using IBM Deep Security. For our SIM product, we are using IBM Suite, as well as, for all other things, Cell Core for data DLP and DLK solutions. Predominantly, that's it. We are also using Forcepoint and a few other cloud-based web solutions.

However, we used something called CrowdStrike only as a validation solution for a very short period. Then immediately, we started migrating to Forcepoint.

CrowdStrike predominantly behaves like a sensor; it's not giving all the features of a proper web application firewall. We have to configure a bunch of things as a part of the CrowdStrike.

If a person understands all the important tools and how they can be integrated with all other security products, it's easier to set up. It's a little bit of a challenge for any new person. There should be a blueprint or a condensing intro matrix. The Secure Web Gateway must be integrated with multiple other security products within the enterprise. There needs to be a compatibility matrix, like how this virtual VDA enrollment and other solutions. Nowadays, VDA enrollment is also coming as a hosted solution in the cloud and virtual software enrollments. It can be either on Azure, AWS, or some other third-party tools, probably that's like VMware Horizon, or it may be coming from Nutanix Frame. There are so many integration complexities in a large enterprise. If there's a blueprint, automation, or workflow, it improves the early adoption of these tools and provides a better onboarding experience.

Most of the deployments we manage through the deployment tools collected, either via IBM patch management solutions, or some automation tools, like Python. Using these agents helps with the rollout.

Initially, we took a week to ten days to deploy the product. However, rolling out the agents now, the agents are adding automated tools. For the initial implementation in our organization, we had more than 2,000 finder servers, plus other NTPs, which is why it took almost ten days.

I'd rate the overall process a four out of five in terms of ease of deployment. 

Following deployment, the maintenance is minimal. It's on the cloud and we have a subscription, so there isn't much to manage. 

While I'm not directly handling the licensing and payments, my understanding is the solution is competitively priced. 

We're internally using the product. I'm not sure which version of the solution we're using. IT and security mostly deal with the product and any updates. 

Potential new users will find it easy to adopt this solution. Most policies can be leveraged from other deployments, and you can confidently run them. 

I'd recommend the solution to other users and companies. 

I would rate the product nine out of ten. 

Public Cloud

Amazon Web Services (AWS)

I use the solution to secure the traffic by allowing some categories and sites.

The solution’s administration is easy.

The technical support team's response time could be improved.

I have been using Forcepoint Secure Web Gateway for two years.

I rate Forcepoint Secure Web Gateway a seven out of ten for stability.

Around 4,000 users are using the solution in our organization.

I rate the solution a nine out of ten for scalability.

I previously used different solutions like Proofpoint and Palo Alto.

The solution’s initial setup is straightforward.

When the hardware is available, the solution's deployment should not take more than two to three weeks.

I am using the latest version of Forcepoint Secure Web Gateway. The categorization for websites feature of Forcepoint has proven to be the most effective for our security needs. Updating the solution has helped us with threat detection. Three engineers are involved in the maintenance and daily troubleshooting of the product.

I would recommend Forcepoint Secure Web Gateway to other users.

Overall, I rate the solution an eight out of ten.

On-premises

Basically, we are the system integrators. We apply it to clients for use cases such as productivity increases. For example, if they want to block Facebook and those kinds of social networking sites, it will help stop users from off-work distractions. They also are now catering to the use case of remote working to control access off-site. That involves cloud solutions.

The reporting part of it is pretty awesome. With the reporting, you can drill down effectively. It gives us a lot of power to really look into what we are looking for. That is one very crucial feature. In the remote filtering part, the agent that they have on Forcepoint is pretty light. That also is a very, very good feature that we look into and sell.

The setup is simple.

It’s pretty stable after you get up and running.

The solution scales well.

Right now, Forcepoint is in very, very good shape. They are developing and evolving very fast. There is not any particular enhancement necessary.

We have had latency issues.

The cloud portal that they have should be more flexible, and we should have a practice portal. For example, if we want to implement something specific, we can’t practice making sure it will be right before going ahead and doing it live.

I’ve been using the solution for eleven years now. It’s been more than a decade. I’ve used it for a while.

Sometimes we do face issues with hiccups in latency. There could be hiccups in, for example, the user setup or the user education part, however, after that, it's okay. It’s not very often we have any issues.

The solution is 100% scalable. It’s not a problem at all. It scales well whether you are on the cloud or on-premises.

We’ve been in touch with technical support. That's nearly our daily task. The tech support is also very good. We are based out of India, so sometimes, being in the India region, we face an issue with timing as we have to deal with time zones. However, they are improving this.

Positive

I am also now starting to work on the McAfee Web Gateway and we are also working with Cisco. I am not particularly dealing with it. Forcepoint has still proven to be the best for me.

The initial setup is very straightforward and simple. It’s not overly complex or challenging.

In terms of maintenance, there is none at all, actually. If you implement it correctly in the initial phase, it requires very little interaction throughout.

I don’t deal with any aspects surrounding the costs or licensing. I don’t know what the exact price is.

On the DLP, we are on version 8.9.1, and on the Web Gateway, we are on version 8.5.4. We are using both on-premises and cloud deployments.

We are integrators. I am mainly dealing in Forcepoint, including Forcepoint Web Gateway, Forcepoint DLP, and a little bit of Forcepoint Email as well.

The presales part of the onboarding process has to be very, very proper. Whatever requirements the users are looking for, that should be put on paper, however. Otherwise, if they're expecting something else and the solution is providing something else, this sometimes creates an issue at a later date. Clients need to know what they are getting into.

I’d rate the solution eight out of ten.

Public Cloud

We primarily use the product for web filtering and enhancing our organization's web security posture.

The web filtering feature, despite its challenges, has been somewhat effective.

The product could improve its automation capabilities, improve integration with virtualization, and enhance its web filtering specifics. Additionally, it could benefit from adopting proprietary ASICs to improve performance and throughput.

Future releases should include features found in FortiGate and Palo Alto, such as improved SD-WAN management, better monitoring of rules and interfaces, live traffic monitoring, and more user-friendly troubleshooting methodologies.

I have been using Forcepoint Secure Web Gateway for three to four years.

The platform is fairly stable but has limitations in terms of performance and throughput.

The product is not as scalable as FortiGate and Palo Alto.

The initial setup was not complex; following the guide allowed a smooth configuration process.

Forcepoint's pricing is moderate. However, transitioning to solutions like Palo Alto or FortiGate, despite potentially higher initial costs, could offer better long-term value due to their advanced features and performance.

We evaluated other technologies including Palo Alto and FortiGate.

The product is relatively easy to configure if you follow the guide, but it lacks throughput and performance compared to competitors. In our experience, the technical support has been underutilized.

The solution needs better SD-WAN management, improved monitoring, and more effective troubleshooting tools like Palo Alto and FortiGate.

I rate it an eight out of ten.

It is used for security purposes, CASB, and application controls.

I like the product's scalability and stability.

I want improvements in the application control. Also, the solution should have a secure channel because of malware.

I want technical support to be improved so that they can be faster and more knowledgeable.

I have been using Forcepoint Secure Web Gateway since 2016. Though I want to move to the cloud, I currently use an on-prem version.

It is a stable product.

It is a scalable solution. Around 1,50,000 users are using the solution in my company. We do have plans to increase the number of users in our company.

I have used Forcepoint's technical support, and I feel that it is average.

The initial setup was complex. The time taken for deployment was a year.

The deployment process involved the making of software-based applications. Then, we install it.

For the deployment and maintenance, we need five to seven people, including engineers and managers.

The implementation was done in-house.

I recommend the solution for small-scale businesses using a cloud-based version. For large-scale businesses, it is not fine.

Overall, I rate the solution a six out of ten.

On-premises

I have found the simplicity of the solution valuable. The dashboard and reports are good as well.

Our experience thus far with Forcepoint Secure Web Gateway has not been good. The availability of clusters is limited, and the product is very unstable. The development team is slow as well.

There have been a lot of changes in the network at Forcepoint, and we've had downtimes of almost three hours. This happened six times from August to December.

When Forcepoint moves user traffic to another cluster during maintenance, the transaction is not smooth for end users. They lose access to the internet.

In the Middle East, the ISPs block the IPs of Forcepoint, and the Forcepoint compliance team has been unable to resolve these issues.

Forcepoint should focus on understanding how Zscaler works.

In the next release, they should provide an inbuilt, full-fledged DLP CASB feature.

Forcepoint should also work on improving their communication regarding maintenance.

I've been working with this solution for the past seven months.

We have experienced several problems with stability, so I would rate the solution at four out of ten for stability.

I would rate Forcepoint's scalability at seven out of ten. 

We have 75,000 end users and around 300 IT specialists who use this solution.

Technical support staff take a long time to understand and resolve issues. You will need to implement a workaround yourself as technical support may take six months to resolve an issue. This can be the case even when the ticket is escalated. Therefore, I would rate technical support at four on a scale from one to ten.

Neutral

The initial setup can be complex depending on the location. For instance, in the Middle East, we have to use our direct endpoint client. In Europe, we use the proxy endpoint client.

The cost for Forcepoint Secure Web Gateway is lower than that for Zscaler and Netskope. It could be around $4 per user annually.

I would not recommend Forcepoint Secure Web Gateway because of all the issues and give it an overall rating of five out of ten.

Public Cloud

Amazon Web Services (AWS)

I've done a few deployments with roaming user filtering and with central management consoles on the content creation and on different critical locations.

The DLP database from Forcepoint is also very good.

It's got a very reliable orientation.

It is a scalable solution. We can use it for global-level customers and for separate locations.

This is a highly detailed product with very good key features. When it comes to optimization, it's similar to Blue Coat. It has a very stable architecture.

It's very feature-rich when it comes to visibility and reporting. The reporting module is very handy. We can schedule reports and generate investigations. 

The initial setup is easy.

I'd like to see the solution improve the banded optimization to offer more bandwidth control, similar to what is on offer with Blue Coat. For example, it would be useful if we could arrange the restriction of certain uploads for particular applications.

It would be great if they had classic customization features. I have quite good experience in Check Point solutions, so I experienced how application protocol features help when we want to deploy bandwidth content filtering. I expect to have the same or close to the same level of customization in Forcepoint.

My bread and butter is Forcepoint DLP. I've worked for about seven years with Forcepoint solutions. However, I've worked with the Secure Web Gateway for five years and have deployed it for customers as well.

The solution is stable and reliable. There are no bugs or glitches, and it doesn't crash or freeze. 

It has good architecture. It has an architecture where I have the policy brokers, policy severs, and content creation, as well as an integrated reporting module with a reporting database. I have a team building products with me, including OEM software. When it comes to Forcepoint, it's a very reliable solution.

Many of our customers have between 400 and 800 users. 

I've contacted support many times. 

I cannot say they are excellent support. That said, quite often, I get some good support. Still, I cannot recommend them highly. Luckily, I can manage myself just fine. Now that we are in an apex region, I hope that we will get a good level of support for the application.

Neutral

I am also familiar with Blue Coat

The initial setup is not overly difficult. 

The time it takes to deploy the product depends. If I have all the items I need in my hand, it doesn't take that much time. However, compared to other products, it takes a little while time since you need to get it on the client's field servers for reporting, and you need to have some access with admin privileges. 

I'm able to deploy the solution for my clients. 

I don't deal with licensing and have no visibility on the exact pricing. 

I'm a partner. My company is a system integrator, and I am a consultant. We deploy this solution for clients and have handled five or six high-end deployments so far. 

I'd recommend the solution to others if the requirements make sense and it works in the company environment. 

I would rate the solution seven out of ten. It's very reliable. It just needs more features.

On-premises

The most valuable feature for me in Forcepoint Secure Web Gateway is URL filtering, though all other features of the product are okay as well.

A room for improvement in Forcepoint Secure Web Gateway is the support it offers. It's very bad.

What I'd like to see in the next release of the product is for it to be less complicated because at the moment Forcepoint Secure Web Gateway is more complicated than other products. Sometimes issues come up that you can't solve without the support team. For example, you should write the root password to fix the issue.

In the next release of the product, it would be good if it had an easy-to-use interface. Troubleshooting issues in Forcepoint Secure Web Gateway should be less complicated as well.

I've been dealing with Forcepoint Secure Web Gateway for about two years now. My company doesn't use the product. It's the customers who use Forcepoint Secure Web Gateway.

Forcepoint Secure Web Gateway is a scalable product.

We had to contact Forcepoint Secure Web Gateway technical support because some of the features didn't work, but it took them a long time to respond. Sometimes, even if you call support many times, they will not respond. In the end, they weren't able to solve our issues. We solved the issues ourselves.

The initial setup for Forcepoint Secure Web Gateway isn't easy. When you compare it to Fortinet, it's very complicated.

For example, for Fortinet FortiProxy, you don't need to install the database or SQL, and there's no need to prepare a server. You also don't need to do a lot of authentication because it's only one appliance, so it will work via proxy, then you can do the installation.

For Forcepoint Secure Web Gateway, you need two servers: one for installing the management software and the second server for SQL, and only then can you control the appliance.

The initial setup for Forcepoint Secure Web Gateway is complicated, especially when compared to Fortinet FortiProxy.

In terms of Forcepoint Secure Web Gateway pricing, I'm not part of the sales team. I'm on the technical team, so I don't have information on the price.

I work for an IT company that provides solutions to customers such as Fortinet, Palo Alto, Forcepoint, and GoSecure. In terms of Forcepoint, my company focuses on web security, particularly Forcepoint Secure Web Gateway.

My company has enterprise customers who use the product.

The number of users of Forcepoint Secure Web Gateway varies. One customer has around six hundred users. Another customer has three hundred users then there's a customer in the banking industry that has a thousand users.

My advice to others looking into implementing Forcepoint Secure Web Gateway is to prepare a lab and create scenarios in the lab before going to the customers.

My rating for the solution is seven out of ten.

On-premises