IT Central Station is now PeerSpot: Here's why
Buyer's Guide
Data Loss Prevention (DLP)
July 2022
Get our free report covering Microsoft, Forcepoint, Cisco, and other competitors of McAfee Total Protection for Data Loss Prevention. Updated: July 2022.
620,319 professionals have used our research since 2012.

Read reviews of McAfee Total Protection for Data Loss Prevention alternatives and competitors

Management Executive at a security firm with 11-50 employees
Real User
Top 5
Good interface, powerful OCR and data discovery capabilities, customizable
Pros and Cons
  • "The scalability is fantastic. One of the things that I like about Forcepoint is that I can customize the solution to suit my objectives."
  • "With respect to the discovery component, the reports are very hard to interpret because they come out in an illogical format."

What is our primary use case?

We are a solution provider and Forcepoint DLP is one of the products that we implement for our clients. We have Forcepoint DLP at one of the telcos and one of the things that we are trying to discover is information, across the organization, that is of a personal nature. We are using it to comply with POPI, which is the equivalent of GDPR in South Africa. We are also using it for PCI-DSS requirements. This discovery component works quite well with respect to the search.

How has it helped my organization?

When we deployed it for a bank, it proved highly efficient in terms of PCI compliance. It was very quick to pick up where people were divulging personal information regarding credit card holders. We then deployed very simple rules that we had customized, without the need for data classification.

Initially, if you were just doing PCI-DSS, because it's very limited information that you needed to protect, you could do it without data classification. This was good for an organization that had data to protect and wanted to comply with PCI-DSS, but had not done the data classification at that point.

The rules that we put into place were simple. For example, if more than two credit card numbers are being pushed out then block it, or first put it into monitoring mode and then block it.

What is most valuable?

One thing that I really like is that you can customize the rules. 

What needs improvement?

The challenges that we've had are related to deployment, especially around the discovery component, and with the local support that we receive in South Africa.

With respect to the discovery component, the reports are very hard to interpret because they come out in an illogical format. We forwarded the reports to our local support team, who were also unable to help me. Eventually, the problem went to the UK for that team to interpret the report.

Ultimately, my biggest challenge is the discovery component with respect to the reports, as good as it is in terms of the integrity, or the search. It is a question of how you translate technical reports into business language. We tried the cloud version, which is Forcepoint CASB, and we found the same thing.

The local support team is made up more of salespeople than engineers and as such, the support in South Africa can be improved.

For how long have I used the solution?

My experience with Forcepoint Data Loss Prevention goes back to 2005 when it was still called PortAuthority. The product has evolved massively since that time. I have deployed it and worked with it for different organizations at different locations.

What do I think about the stability of the solution?

Initially, it takes a little bit of processing but nothing to be too concerned about. Stability-wise, nothing has really annoyed us. 

What do I think about the scalability of the solution?

The scalability is fantastic. One of the things that I like about Forcepoint is that I can customize the solution to suit my objectives. For example, if I only wanted to prevent PCI then I could just go in and do that.

One of my clients has quite a large deployment, with approximately 30,000 users. They have plans to roll it out to the rest of Africa.

How are customer service and support?

Technical support from the UK is good. However, the experience of local support in South Africa is not at the level it should be. Most of the local staff are salespeople, as opposed to engineers. Support for the deployment of the product is seriously lacking.

In the UK, they were much more knowledgeable about the product, as well as the outputs and how to actually read them to make business sense out of them. It was much better than what we had in South Africa. Locally, they simply said that they didn't understand it. Most customers will shy away from products when the support is like this.

Because they answer the phone, I would rate the local support a two out of ten. The European support was better, so I would rate them a five out of ten. There were delays in their response but I'm not sure if it was related to the difference in time, or it was part of the ticket escalation process.

Which solution did I use previously and why did I switch?

One of our clients was using the Symantec solution prior to Forcepoint. We convinced them to switch because Symantec does not have a great presence in South Africa and support was an issue.

They had been using it for quite a long time and had not seen the necessary return on investment. With the new legislation, it was time for them to change to something that was more practical, and more user-friendly. The product works great now.

How was the initial setup?

The implementation is not as easy as people make it out to be. Once you get it right, the product is fine, but this requires understanding it and getting the proper training. A novice that has begun to work with the tool can find it quite difficult to implement if they don't have a good understanding of the product, and do not have the right support.

For example, in one organization it took us about three months to implement it, whereas it should have taken about a month.

Our clients have hybrid deployments, where they are part on-premises and part cloud. The choice of cloud provider is made by the client but they either choose Microsoft Azure or AWS.

The implementation strategy that we use varies depending on the client. For example, at the bank, we wanted to prevent data breaches, especially with credit card information, and ensure compliance. Therefore, our strategy was focused on just the PCI requirements so that we could take reasonable measures to protect the organization. Essentially, we wanted to go from zero to hero quite quickly. That was possible because of the flexibility and agility of the product.

When it came to the telco, it was a completely different strategy. It was a long-term strategy in terms of protection of personal information and preventing it from being divulged without authority to would-be criminals.

When we deployed it, we literally had to look at the requirements and configure it from a POPI perspective. In this regard, the deployment was skewed toward personal information breaches.

What about the implementation team?

We worked with a local reseller, Performanta.

Their skills were meant to be the best in the country but it left a lot to be desired. We had to use the UK offices and that's a challenge with most of the organizations in South Africa. With big vendors, South Africa is a small market, so the investment in South Africa is not what it should be. Understanding, managing, and integrating products needs to be improved, in general.

For deployment, there were eight of us in total. Two were engineers, there were four analysts because we had to write the business rules and document them, there was a project manager and a few others.

Maintenance is being done by the client, in-house. They have two engineers that are responsible for it, and they have purchased support from the local providers.

What was our ROI?

My clients are seeing ROI because the privacy office is quite comfortable now that they've done everything reasonable to meet the compliance requirements. There is a level of assurance provided by the DLP solution.

What's my experience with pricing, setup cost, and licensing?

In terms of pricing, it is good for a corporation but they do not cater to small to medium businesses. They have to look at a different pricing structure for small to medium-sized enterprises because the cost is too high.

This is compounded for the African market because of the exchange rate. One dollar is equal to approximately 15 rands and if you were to multiply that by the price of the product, it becomes quite costly.

There are no costs in addition to the standard licensing feed, although you still need to understand the operational impact that it has on an organization from a resource perspective. That needs to be factored into the total cost of ownership.

Which other solutions did I evaluate?

We compared Forcepoint with NetSkope to assess its reporting capabilities and we found that the NetSkope report was very easy to translate, understand, and explain to a business. Forcepoint was instead very cumbersome, unstructured, and illogical. It required an expert to actually interpret the report, which is something that you don't want.

We have also looked at the McAfee product, as well as the one from Microsoft. At that stage, the solution from Microsoft was a little immature and I have not looked at it since. Forcepoint was the leader when we implemented it for our clients.

Comparing Forcepoint to the other products in general, the data discovery capability was great, except for the interpretation of the report. The OCR capabilities were also good for us because it's a telco and they have a lot of paper going through. 

What other advice do I have?

The tool works great but they don't talk about the operationalization of the tool from a process perspective. When people sell DLP solutions, they talk about the efficiency of the tool, but they don't talk about the impact that it has on an organization from a resource perspective.

You would need a team to analyze all of the exceptions that you have, like the way they do in a SOC, where you have analysts looking at the incident. They analyze and investigate it, and then determine whether it is positive or negative and something that we have to be worried about. For example, our organization had approximately 70,000 end-users, who were employees. There is quite a large amount of data that is transferred across our network.

In our case, if a person is sending more than one credit card credential out of the bank, it was flagged. If it was more than one, you had to have a whole backend process where the analyst had to look at it, then perhaps ask the person why they were sending out this information.

When we were first looking at this product, there was nobody who informed the customer as to the complete ecosystem that would be required to have an effective DLP solution in play.

My advice for anybody who is looking at Forcepoint is that they need to understand what it is that they are trying to prevent. You cannot be totally dependent on the tool to do everything. This is not a criticism of Forcepoint but rather, a criticism of the way it's sold. The product will do what it's built to do. But, if you're expecting it to automatically manage the incident, then it cannot do everything. It can block, it can monitor, and it can create alerts, but you still need your analysts. For most CSOs or IT managers that are looking to deploy, they must factor in the practical implications of operationalizing it. They need to have a process in place. They need to have an escalation process in place, and they need to have resources like analysts to actually look at the exception reports.

This is an effective data leakage solution, it does what it's meant to be doing, and the interfaces are great. The biggest lesson that I have learned from using it is to understand the total cost of ownership.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Subbu Madhira - PeerSpot reviewer
CEO at OmniNet Systems
Real User
Top 5Leaderboard
Easy to set up with good features but lacks good technical support
Pros and Cons
  • "There's a good amount of documentation in case you run into any problems."
  • "Technical support is awful."

What is our primary use case?

With this product, you can protect your data from getting out of the company, or falling in the wrong hands. You protect your data leakages. It's a very huge subject. It's very important.

What is most valuable?

The main part I like about it is, that quite a few of the DLP features are built into the latest server operating systems. The reliability of these is good and there's a good amount of documentation in case you run into any problems. They work well. 

The setup is straightforward. 

What needs improvement?

VM people say you cannot use just one product; you need multiple products across the network and you have to deploy to the backups.

The DLP could always be better.

Overall, they should make their Hyper-V and the clustering more stable. VMware offers very good clustering, for example. Microsoft needs to improve a lot in terms of stability.

Technical support is awful.

For how long have I used the solution?

I've used the solution for almost 10 years.

What do I think about the stability of the solution?

The solution is very stable and extremely reliable. There are no bugs or glitches. It doesn't crash or freeze.

What do I think about the scalability of the solution?

The solution has been very scalable. 

As an integrator, we don't have a single client. We have so many clients. The average number of users can be as low as 100 and can go as higher 1,000. It varies. Not everyone implements DLP. A basic level of DLP is implemented, however, it is a very niche implementation and DLP is done only if someone has to be compliant. For example, a company might need either an SSA 2018 certification or SOC 1 Type 2 certifications. 

How are customer service and support?

You can troubleshoot easily via documentation, which is readily available. 

Technical support seriously needs work. They are not helpful at all.

Microsoft has kind of become a monopoly now and there are so many users. They are more interested in selling the products. They're not interested in supporting them. Unlike the other companies who have at least a ticket system, here, when you are a monopolistic company, you don't care. You know the products will sell, and people will buy them.

How would you rate customer service and support?

Negative

Which solution did I use previously and why did I switch?

You have the full encryption file and folder, however, for that, we use a different product. We don't use Microsoft. BitLocker has given us encryption features, however, we don't use that. Mostly, we prefer McAfee for that.

How was the initial setup?

The initial setup is pretty straightforward. I see a lot of improvement on the installation part when compared to earlier days when it was a little bit tough. Right now, the documentation is good and implementation is not taking that much time. You're up and running quickly. The final aspects might require additional time, however, 80% of it you finish pretty fast. 20% of the time is when you want to fine-tune, depending on your site requirements There it might require an extra effort.

What's my experience with pricing, setup cost, and licensing?

There are some products that are available on a subscription basis. Predominantly, what I use is the one that comes with the operating system and I use other third-party products basically to cover anything that's missing.

What other advice do I have?

We are an integrator as well for Microsoft DLP.

Our deployments are mostly on-premise or private cloud, not on the public cloud.

Overall, I'd rate the solution a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Flag as inappropriate
Buyer's Guide
Data Loss Prevention (DLP)
July 2022
Get our free report covering Microsoft, Forcepoint, Cisco, and other competitors of McAfee Total Protection for Data Loss Prevention. Updated: July 2022.
620,319 professionals have used our research since 2012.