IT Central Station is now PeerSpot: Here's why

Menlo Security Secure Web Gateway OverviewUNIXBusinessApplication

Menlo Security Secure Web Gateway is #11 ranked solution in top Web Security Gateways and top Secure Access Service Edge (SASE) tools. PeerSpot users give Menlo Security Secure Web Gateway an average rating of 10.0 out of 10. Menlo Security Secure Web Gateway is most commonly compared to CrowdStrike Falcon: Menlo Security Secure Web Gateway vs CrowdStrike Falcon. Menlo Security Secure Web Gateway is popular among the large enterprise segment, accounting for 65% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 26% of all views.
Buyer's Guide

Download the Secure Web Gateways (SWG) Buyer's Guide including reviews and more. Updated: July 2022

What is Menlo Security Secure Web Gateway?

Menlo Security's SWG employs Zero Trust principles, isolating threats from reaching users and always staying ahead of the next attack, eliminating the need for allow-or-block band-aids. Our approach converges SWG capabilities into a single cloud-native platform, eliminating multiple appliances and giving managers one interface to navigate. Delivered as a cloud service or on-premise, our SWG quickly integrates with existing infrastructure and supports any device including mobile users.

Menlo Security Secure Web Gateway was previously known as Menlo Security Web Security, Menlo Web Security.

Menlo Security Secure Web Gateway Video

Menlo Security Secure Web Gateway Pricing Advice

What users are saying about Menlo Security Secure Web Gateway pricing:
"We save a ton of money and time. Previously, the numerous hits that we were receiving from our security tools, prior to implementing them, had to all be chased down, dispositioned, and endpoints had to be reimaged. It was just a ton of effort to do all that. That is where the savings from time and money come in."

Menlo Security Secure Web Gateway Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Chief Technology Officer at a financial services firm with 1,001-5,000 employees
Real User
Provides a seamless browsing experience while it shields us
Pros and Cons
  • "It has reduced security events to follow up on. While it is not 100%, there has been probably a 90% or more reduction. We were getting hit left, right, and center constantly from people browsing the Internet and hitting bad websites. It was not just bad websites that were stood up to be malicious, but good sites that were compromised."
  • "In the best of all worlds, we wouldn't have to make any exceptions. However, that is a big ask because a lot of that depends on how websites are constructed. For example, there are some very complex, application-oriented sites that we end up making exceptions for. It is really not that big an issue for us to make the exceptions. We feel like we are doing that without a huge impact on our security posture, but we do have to make some exceptions for complex sites, e.g., mostly SaaS-type sites and applications."

What is our primary use case?

Open browsing of systems on the web from endpoints within our network that could be vulnerable as a pretty quick avenue to exploitation is the primary issue that we are addressing. What I like about the Menlo Security solution is that it isolates all that browsing activity well and away from our infrastructure, keeping all of the noise out. Therefore, if our security tools hit on something, then it is something worth looking at, not just a bunch of garbage.

All our endpoints are designed to hit the Forcepoint proxies, then the Forcepoint proxy directs it out to the Menlo Security Cloud environment.

How has it helped my organization?

For the most part, the solution is invisible to our end users, which is important to us and impacted our choice in going with this solution. It does the best that it could possibly do given what it is doing. There are certain sites that don't work well with isolation on business sites. So, we have a process for creating exceptions to bypass isolation for those sites.

It has reduced security events to follow up on. While it is not 100%, there has been probably a 90% or more reduction. We were getting hit left, right, and center constantly from people browsing the Internet and hitting bad websites. It was not just bad websites that were stood up to be malicious, but good sites that were compromised.

It is pretty important to be able to inspect the traffic that might be maliciously encrypted. Although, decryption is becoming less of a thing as time goes by. There is a changing mindset amongst the security community on it, and we see that in some of the changing standards.

What is most valuable?

  • The technology itself
  • Web isolation
  • Doing it seamlessly from an end user perspective.

These features are critical. 

The solution provides a single console for security policy and management. This just makes things more efficient for us, which is pretty important.

The solution’s ability to combine user-friendliness for admins and security for our organization is about as good as it gets. We can provide open browsing access to the Internet, disallowing the usual suspect categories like gambling. So, we allow access to the rest of the Internet, which is a wealth of information for business users. It provides them with a seamless way to engage without any noticeable differences, yet doing that very safely. From the administrator's perspective, being able to get in, quickly and easily, to make the adjustments that need to be made for exceptions for valid business sites is important to us.

What needs improvement?

In the best of all worlds, we wouldn't have to make any exceptions. However, that is a big ask because a lot of that depends on how websites are constructed. For example, there are some very complex, application-oriented sites that we end up making exceptions for. It is really not that big an issue for us to make the exceptions. We feel like we are doing that without a huge impact on our security posture, but we do have to make some exceptions for complex sites, e.g., mostly SaaS-type sites and applications.

Buyer's Guide
Secure Web Gateways (SWG)
July 2022
Find out what your peers are saying about Menlo Security, Netskope, Cisco and others in Secure Web Gateways (SWG). Updated: July 2022.
620,987 professionals have used our research since 2012.

For how long have I used the solution?

I have been using it since 2016.

What do I think about the stability of the solution?

They handle all the maintenance. They manage it very well. They continuously update it and let us know. They provide updates without disrupting the service. So, it is really well done.

What do I think about the scalability of the solution?

It is almost infinitely scalable because it is SaaS-based. We only have about 2,500 endpoints, but I think they have onboarded some huge banks and other organizations as well as a huge segment of the federal government recently. While I don't know what their total endpoint count is, it must be pretty huge by now.

How are customer service and support?

The technical support is excellent. I would rate them as 10 out of 10.

There have been very few problems or bits of downtime. I can only remember one in the last six years, and that was before business hours. It was a total of 10 minutes, or something like that. It was pretty small.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We were previously using Forcepoint, which is pretty similar. We still actually have a Forcepoint proxy in place as another layer. We were using SSL decryption in that environment as well. We got Menlo Security on top of Forcepoint for the isolation piece because we wanted the full prevention. 

With Forcepoint, it was just watching the traffic to figure out what is good and bad, then alert on what it thinks is bad. Menlo Security doesn't try to figure that out. It just keeps it out. It is very preventive.

Every solution has to fit the organization and its needs. We happened to have had other tools in place prior to Menlo that we have integrated and kept as part of our layered defense on purpose. There has been some redundancy in that too, and we have made that choice purposefully. That is why we haven't engaged in more of their services. If I was starting out brand new and didn't have an Internet proxy, i.e., no email nor a gateway service already, then I would consider going with them as a full stack.

How was the initial setup?

We purposefully did a phase deployment instead of turning it on enterprise-wide. We used Forcepoint to direct traffic from the different network segments to Menlo Security, as we wanted to continue the phased approach. So, it took us probably four to five weeks to roll out completely. After those four to five weeks, the drop in security incidents was really significant.

What about the implementation team?

I was running the security operations function back then. I am the one that brought the solution in. With the help of just one other person, we got it deployed. I was managing the area. The other person did most of the work.

What was our ROI?

We have definitely seen ROI.

We save a ton of money and time. Previously, the numerous hits that we were receiving from our security tools, prior to implementing them, had to all be chased down, dispositioned, and endpoints had to be reimaged. It was just a ton of effort to do all that. That is where the savings from time and money come in.

We saw immediate results after deployment.

Which other solutions did I evaluate?

We looked at a few solutions and they were pretty clunky and disruptive. The thing that we liked about Menlo Security is it provides a seamless browsing experience while shielding us. Also, the administrative interface to the system is really well-designed. It is very easy to manage.

I did a spot check of some of the others who were available at the time. There weren't many. At the time, Menlo was the only company that offered this type of isolation. We were even thinking about serving up browsers over Citrix, before we went to Menlo Security, to keep all of the traffic isolated to an environment, not at a bunch of individual endpoints all over the enterprise. 

Menlo allowed us to do it seamlessly without deploying a special browser. It was really the only alternative at the time. I know there are some competing products now. 

What other advice do I have?

Isolating web sessions couldn't be done any better than it currently is being done.

We haven't engaged the email and SaaS application use cases yet. This is something that we are looking at. There is some protection in email since a lot of the phishing emails have links out to web servers, which then get shielded by Menlo Security. It is the attachment isolation piece that we haven't yet onboarded.

We are not yet using the Menlo Private Access feature, but we are looking at it. They provide other services that we don't happen to yet engage. We just started with their initial use case and stuck with that.

I would rate it as 10 out of 10. It is the cornerstone of our security posture. It keeps the noise out. If you have too much noise, then all the processes that you have to invoke to deal with that are expensive, requiring resources that are hard to find and maintain, in terms of humans. It just prevents so much of that need.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free Secure Web Gateways (SWG) Report and find out what your peers are saying about Menlo Security, Netskope, Cisco, and more!
Updated: July 2022
Buyer's Guide
Download our free Secure Web Gateways (SWG) Report and find out what your peers are saying about Menlo Security, Netskope, Cisco, and more!