Forcepoint Secure Web Gateway Reviews

I use the solution to secure the traffic by allowing some categories and sites.

The solution’s administration is easy.

The technical support team's response time could be improved.

I have been using Forcepoint Secure Web Gateway for two years.

I rate Forcepoint Secure Web Gateway a seven out of ten for stability.

Around 4,000 users are using the solution in our organization.

I rate the solution a nine out of ten for scalability.

I previously used different solutions like Proofpoint and Palo Alto.

The solution’s initial setup is straightforward.

When the hardware is available, the solution's deployment should not take more than two to three weeks.

I am using the latest version of Forcepoint Secure Web Gateway. The categorization for websites feature of Forcepoint has proven to be the most effective for our security needs. Updating the solution has helped us with threat detection. Three engineers are involved in the maintenance and daily troubleshooting of the product.

I would recommend Forcepoint Secure Web Gateway to other users.

Overall, I rate the solution an eight out of ten.

On-premises

Basically, we are the system integrators. We apply it to clients for use cases such as productivity increases. For example, if they want to block Facebook and those kinds of social networking sites, it will help stop users from off-work distractions. They also are now catering to the use case of remote working to control access off-site. That involves cloud solutions.

The reporting part of it is pretty awesome. With the reporting, you can drill down effectively. It gives us a lot of power to really look into what we are looking for. That is one very crucial feature. In the remote filtering part, the agent that they have on Forcepoint is pretty light. That also is a very, very good feature that we look into and sell.

The setup is simple.

It’s pretty stable after you get up and running.

The solution scales well.

Right now, Forcepoint is in very, very good shape. They are developing and evolving very fast. There is not any particular enhancement necessary.

We have had latency issues.

The cloud portal that they have should be more flexible, and we should have a practice portal. For example, if we want to implement something specific, we can’t practice making sure it will be right before going ahead and doing it live.

I’ve been using the solution for eleven years now. It’s been more than a decade. I’ve used it for a while.

Sometimes we do face issues with hiccups in latency. There could be hiccups in, for example, the user setup or the user education part, however, after that, it's okay. It’s not very often we have any issues.

The solution is 100% scalable. It’s not a problem at all. It scales well whether you are on the cloud or on-premises.

We’ve been in touch with technical support. That's nearly our daily task. The tech support is also very good. We are based out of India, so sometimes, being in the India region, we face an issue with timing as we have to deal with time zones. However, they are improving this.

Positive

I am also now starting to work on the McAfee Web Gateway and we are also working with Cisco. I am not particularly dealing with it. Forcepoint has still proven to be the best for me.

The initial setup is very straightforward and simple. It’s not overly complex or challenging.

In terms of maintenance, there is none at all, actually. If you implement it correctly in the initial phase, it requires very little interaction throughout.

I don’t deal with any aspects surrounding the costs or licensing. I don’t know what the exact price is.

On the DLP, we are on version 8.9.1, and on the Web Gateway, we are on version 8.5.4. We are using both on-premises and cloud deployments.

We are integrators. I am mainly dealing in Forcepoint, including Forcepoint Web Gateway, Forcepoint DLP, and a little bit of Forcepoint Email as well.

The presales part of the onboarding process has to be very, very proper. Whatever requirements the users are looking for, that should be put on paper, however. Otherwise, if they're expecting something else and the solution is providing something else, this sometimes creates an issue at a later date. Clients need to know what they are getting into.

I’d rate the solution eight out of ten.

Public Cloud

We primarily use the product for web filtering and enhancing our organization's web security posture.

The web filtering feature, despite its challenges, has been somewhat effective.

The product could improve its automation capabilities, improve integration with virtualization, and enhance its web filtering specifics. Additionally, it could benefit from adopting proprietary ASICs to improve performance and throughput.

Future releases should include features found in FortiGate and Palo Alto, such as improved SD-WAN management, better monitoring of rules and interfaces, live traffic monitoring, and more user-friendly troubleshooting methodologies.

I have been using Forcepoint Secure Web Gateway for three to four years.

The platform is fairly stable but has limitations in terms of performance and throughput.

The product is not as scalable as FortiGate and Palo Alto.

The initial setup was not complex; following the guide allowed a smooth configuration process.

Forcepoint's pricing is moderate. However, transitioning to solutions like Palo Alto or FortiGate, despite potentially higher initial costs, could offer better long-term value due to their advanced features and performance.

We evaluated other technologies including Palo Alto and FortiGate.

The product is relatively easy to configure if you follow the guide, but it lacks throughput and performance compared to competitors. In our experience, the technical support has been underutilized.

The solution needs better SD-WAN management, improved monitoring, and more effective troubleshooting tools like Palo Alto and FortiGate.

I rate it an eight out of ten.

It is used for security purposes, CASB, and application controls.

I like the product's scalability and stability.

I want improvements in the application control. Also, the solution should have a secure channel because of malware.

I want technical support to be improved so that they can be faster and more knowledgeable.

I have been using Forcepoint Secure Web Gateway since 2016. Though I want to move to the cloud, I currently use an on-prem version.

It is a stable product.

It is a scalable solution. Around 1,50,000 users are using the solution in my company. We do have plans to increase the number of users in our company.

I have used Forcepoint's technical support, and I feel that it is average.

The initial setup was complex. The time taken for deployment was a year.

The deployment process involved the making of software-based applications. Then, we install it.

For the deployment and maintenance, we need five to seven people, including engineers and managers.

The implementation was done in-house.

I recommend the solution for small-scale businesses using a cloud-based version. For large-scale businesses, it is not fine.

Overall, I rate the solution a six out of ten.

On-premises

I have found the simplicity of the solution valuable. The dashboard and reports are good as well.

Our experience thus far with Forcepoint Secure Web Gateway has not been good. The availability of clusters is limited, and the product is very unstable. The development team is slow as well.

There have been a lot of changes in the network at Forcepoint, and we've had downtimes of almost three hours. This happened six times from August to December.

When Forcepoint moves user traffic to another cluster during maintenance, the transaction is not smooth for end users. They lose access to the internet.

In the Middle East, the ISPs block the IPs of Forcepoint, and the Forcepoint compliance team has been unable to resolve these issues.

Forcepoint should focus on understanding how Zscaler works.

In the next release, they should provide an inbuilt, full-fledged DLP CASB feature.

Forcepoint should also work on improving their communication regarding maintenance.

I've been working with this solution for the past seven months.

We have experienced several problems with stability, so I would rate the solution at four out of ten for stability.

I would rate Forcepoint's scalability at seven out of ten. 

We have 75,000 end users and around 300 IT specialists who use this solution.

Technical support staff take a long time to understand and resolve issues. You will need to implement a workaround yourself as technical support may take six months to resolve an issue. This can be the case even when the ticket is escalated. Therefore, I would rate technical support at four on a scale from one to ten.

Neutral

The initial setup can be complex depending on the location. For instance, in the Middle East, we have to use our direct endpoint client. In Europe, we use the proxy endpoint client.

The cost for Forcepoint Secure Web Gateway is lower than that for Zscaler and Netskope. It could be around $4 per user annually.

I would not recommend Forcepoint Secure Web Gateway because of all the issues and give it an overall rating of five out of ten.

Public Cloud

Amazon Web Services (AWS)

I've done a few deployments with roaming user filtering and with central management consoles on the content creation and on different critical locations.

The DLP database from Forcepoint is also very good.

It's got a very reliable orientation.

It is a scalable solution. We can use it for global-level customers and for separate locations.

This is a highly detailed product with very good key features. When it comes to optimization, it's similar to Blue Coat. It has a very stable architecture.

It's very feature-rich when it comes to visibility and reporting. The reporting module is very handy. We can schedule reports and generate investigations. 

The initial setup is easy.

I'd like to see the solution improve the banded optimization to offer more bandwidth control, similar to what is on offer with Blue Coat. For example, it would be useful if we could arrange the restriction of certain uploads for particular applications.

It would be great if they had classic customization features. I have quite good experience in Check Point solutions, so I experienced how application protocol features help when we want to deploy bandwidth content filtering. I expect to have the same or close to the same level of customization in Forcepoint.

My bread and butter is Forcepoint DLP. I've worked for about seven years with Forcepoint solutions. However, I've worked with the Secure Web Gateway for five years and have deployed it for customers as well.

The solution is stable and reliable. There are no bugs or glitches, and it doesn't crash or freeze. 

It has good architecture. It has an architecture where I have the policy brokers, policy severs, and content creation, as well as an integrated reporting module with a reporting database. I have a team building products with me, including OEM software. When it comes to Forcepoint, it's a very reliable solution.

Many of our customers have between 400 and 800 users. 

I've contacted support many times. 

I cannot say they are excellent support. That said, quite often, I get some good support. Still, I cannot recommend them highly. Luckily, I can manage myself just fine. Now that we are in an apex region, I hope that we will get a good level of support for the application.

Neutral

I am also familiar with Blue Coat

The initial setup is not overly difficult. 

The time it takes to deploy the product depends. If I have all the items I need in my hand, it doesn't take that much time. However, compared to other products, it takes a little while time since you need to get it on the client's field servers for reporting, and you need to have some access with admin privileges. 

I'm able to deploy the solution for my clients. 

I don't deal with licensing and have no visibility on the exact pricing. 

I'm a partner. My company is a system integrator, and I am a consultant. We deploy this solution for clients and have handled five or six high-end deployments so far. 

I'd recommend the solution to others if the requirements make sense and it works in the company environment. 

I would rate the solution seven out of ten. It's very reliable. It just needs more features.

On-premises

The most valuable feature for me in Forcepoint Secure Web Gateway is URL filtering, though all other features of the product are okay as well.

A room for improvement in Forcepoint Secure Web Gateway is the support it offers. It's very bad.

What I'd like to see in the next release of the product is for it to be less complicated because at the moment Forcepoint Secure Web Gateway is more complicated than other products. Sometimes issues come up that you can't solve without the support team. For example, you should write the root password to fix the issue.

In the next release of the product, it would be good if it had an easy-to-use interface. Troubleshooting issues in Forcepoint Secure Web Gateway should be less complicated as well.

I've been dealing with Forcepoint Secure Web Gateway for about two years now. My company doesn't use the product. It's the customers who use Forcepoint Secure Web Gateway.

Forcepoint Secure Web Gateway is a scalable product.

We had to contact Forcepoint Secure Web Gateway technical support because some of the features didn't work, but it took them a long time to respond. Sometimes, even if you call support many times, they will not respond. In the end, they weren't able to solve our issues. We solved the issues ourselves.

The initial setup for Forcepoint Secure Web Gateway isn't easy. When you compare it to Fortinet, it's very complicated.

For example, for Fortinet FortiProxy, you don't need to install the database or SQL, and there's no need to prepare a server. You also don't need to do a lot of authentication because it's only one appliance, so it will work via proxy, then you can do the installation.

For Forcepoint Secure Web Gateway, you need two servers: one for installing the management software and the second server for SQL, and only then can you control the appliance.

The initial setup for Forcepoint Secure Web Gateway is complicated, especially when compared to Fortinet FortiProxy.

In terms of Forcepoint Secure Web Gateway pricing, I'm not part of the sales team. I'm on the technical team, so I don't have information on the price.

I work for an IT company that provides solutions to customers such as Fortinet, Palo Alto, Forcepoint, and GoSecure. In terms of Forcepoint, my company focuses on web security, particularly Forcepoint Secure Web Gateway.

My company has enterprise customers who use the product.

The number of users of Forcepoint Secure Web Gateway varies. One customer has around six hundred users. Another customer has three hundred users then there's a customer in the banking industry that has a thousand users.

My advice to others looking into implementing Forcepoint Secure Web Gateway is to prepare a lab and create scenarios in the lab before going to the customers.

My rating for the solution is seven out of ten.

On-premises

The biggest issues within the product were that it had become stagnant. For about four or five years, there was very little real innovation going on.

It felt as if they were just sitting back. They were lacking in regards to keeping up with the developments within the cloud. 

Overall, I think they had a good, solid product. I think they failed to add features. It was not as feature-rich as other products. I would say the biggest problem was the lack of features, they just hadn't kept up. Under Raytheon, they were starting to correct this, but it was a work in progress. Overall, the biggest problem with the product itself was the lack of features.

I knew that they needed to handle web sockets in some way, all we could do was effectively bypass it. There were too many times when the connections just didn't work right through the proxy. Our customers would have to bypass and basically go around the product. There were various levels to this and it was a real pain for our customers to diagnose those problems. There needed to be an end-product protocol analyzer output (for lack of a better way to put it), that would help administrators understand why the connection wasn't working.

There was so much legwork involved: someone would have to take a laptop and set up in front of the proxy; then they would have to load Wireshark (as I used to call it) and pull their captures; then they would have to give that to Forcepoint, or they would have to try to reason it out themselves. That caused a lot of problems because most administrations weren't confident or competent enough to do it.

They didn't have the skill-set needed to make proper use of those tools in the first place for analysis. There were a lot of customers who could've gotten value from the product but who were put in a position where they had to basically bypass the product because of certain connections. Some form of connection-troubleshooting should be included within the product, more than just looking at a log that nobody knows how to read except for support. 
There was no way to troubleshoot connections in an effective manner that didn't require a lot of legwork by the user. Whenever you ask a user to do that, nine out of 10 times, they're not going to do it. They're just going to take the easy way out, bypass it, and then they'll bitch about the product, but they won't actually fix it. They won't want to make the extra effort. The problem just remains unsolved. They needed something like a connection analyzer tool to explain why, or at least give a better indication of why this was failing.

Again, it was the lack of development. The GUI is quite nice. I think it's very natural for people once they get used to it. Ironically, the company I'm working for now is actually POCing the DOV product and one of the things they like is the interface. They had a lot of good synergy with their other products. They failed to capitalize on it, ultimately. They're getting there. They got better, but it might be too little too late. That's the problem.

I have been using this solution for nine and a half years.

Forcepoint Secure Web Gateway was pretty stable.

Scalability-wise, It was pretty good. We had deployments that were easily over 10,000 — it could handle it if you scaled it properly with the right hardware. There were deployments that were 34,000 at that point. Now, with very large enterprises (with over 60,000 employees), that's where it starts to get a little tricky. They managed to get the product to that point but it was not cheap either, but it was achieved on the scale pretty well.

The biggest issue that hampered Forcepoint was the lack of development and good consistent support. Because of this, they went from 50,000 to 60,000 customers, down to 16,000 in the space of about three years.

That's a huge drop. A lot of that came down to Palo Alto and a couple of others jumping in the game with filtering but at the same time, Forcepoint had people who were loyal, but they were giving up because of the support situation. 

I constantly dealt with customer support. There wasn't a week that went by where I didn't have to talk to somebody.

They knew me by name and I knew them by name and we were all one big happy family, but when they moved from San Diego to Austin, they lost people.

They gave good, consistent support for about a year, but then they began losing staff because they weren't paying enough. They hired a bunch of people and claimed that they adjusted their wages, but then the same cycle occurred another year later.

That's been the biggest problem. It wasn't the product that caused them to lose people (even though they had some innovation issues), it was the support. At the end of the day, the innovation was causing them to look weak in customers' eyes; when you couple that with the support problems, that's when they started really losing customers.

The initial setup was pretty straightforward.

In fact, you could literally load it, install it, and have it up and working in no time. All you had to do was point a browser to it and you could prove it worked. Now, if we wanted to take it and fully integrate it onto the network, then nine times out of ten, we used one particular method called WCCP.

Overall, on a scale from one to ten, I would give this solution a rating of seven. 

The product was sitting at about a seven. Support was dragging it down to a six. So, if I had to be honest, they had some very good analytics — just counting the product itself, I would say it's a seven.

It wasn't perfectly stable, but it was pretty good. I would say it would need to be more feature-rich. It would need to be more helpful for troubleshooting problems with connections and it would need more stability — then I would give it a higher rating. Under all of those things, it's the support that's the problem because that's a different question from the product itself — it's the Achilles heel.

On-premises