Proofpoint Email Protection Reviews

Email security is the primary use case for which our clients mainly used Proofpoint Email Protection.

We have used it for email security.

From my perspective as a partner, the most beneficial feature of Proofpoint Email Protection is mostly spam filtering; it was very efficient, and we were very happy with the functionality as only relevant emails were allowed for mailboxes.

The Advanced Threat Protection feature was also effective, and we have used the sandbox feature, which was very beneficial.

From a business perspective, the solution was very helpful as it speeded our business flow and increased email delivery.

It became very expensive due to the nature of local circumstances, and I may advise Proofpoint to adjust marketing solutions based on each country.

I had experience with Proofpoint Email Protection for more than five or six years.

It was very fast, and we didn't experience any interruptions whatsoever.

I would rate scalability of Proofpoint Email Protection as very scalable.

We are still using Exchange, but left Proofpoint Email Protection.

The installation of Proofpoint Email Protection was very straightforward as we used the web interface, so simple settings and definitions on the ISP site were enough for the whole setup.

At the very beginning, we were working directly with the UK, but then we have been redirected to a local partner, and as far as I remember, we worked for one year with the local partner.

We used to get a partner business partner in my country.

The reason we stopped using Proofpoint Email Protection was cost.

Pricing was the issue.

I would rate pricing from 8 to 10.

The integration with our on-premise Exchange was very straightforward as we just redirected all email traffic over Proofpoint Email Protection.

I am still receiving emails from Proofpoint's site.

My job title is IT director.

On a scale of 1-10, I rate Proofpoint Email Protection a 7.

Public Cloud

My main use case for Proofpoint Email Protection is to handle phishing emails.

When an email comes from a spoofed email or domain, we get alerted, and we check the domain and attachments flowing from that email. Proofpoint directly redirects any suspicious emails to us as an alert, allowing us to check the authentication paths such as SPF, DKIM, and DMARC, and we also analyze the suspicious IPs or domains.

Another use case with Proofpoint TAP involves checking if the URL in the email is blocked or re-injected by Proofpoint. If blocked, it redirects to a sandbox environment to keep users safe from attacks. Re-injected URLs mean the user is protected when they unknowingly click on malicious content.

The best features that Proofpoint Email Protection offers me include Proofpoint TAP, Proofpoint user click, and Proofpoint detection based on threat intelligence.

I rely most on Proofpoint TAP because it gives a wide view of the email, indicating whether it is shared or comes from a suspicious source, and it provides clear information on the safety of URLs and attachments present in the email.

Proofpoint Email Protection has positively impacted my organization by simplifying the analysis of emails since it provides segregated statements that highlight the important parameters we need to check, allowing us to efficiently conclude if the alerts are false positives or true positives.

It saves us a lot of time because emails from Proofpoint gateway are typically rewritten for safety, which reduces the need for high-impact actions such as isolating devices immediately since we can rely on Proofpoint Email Protection to ensure safety.

From my experience using Proofpoint Email Protection, it has been quite helpful, although there is always room for improvement. I currently do not have any specific improvements to mention, but if I need changes in the future, I would bring up those ideas.

I started using Proofpoint Email Protection on August 11, 2025.

Proofpoint Email Protection is stable.

I have not faced issues that required customer support; our infrastructure team handles such matters, so I cannot speak to my experience with Proofpoint Email Protection support.

Neutral

I have only used Proofpoint Email Protection for email security in my current company, although I have previously used Microsoft Defender for email security, which differs from a gateway.

Proofpoint Email Protection obviously helps save money by preventing the chaos caused by compromised accounts, and it normalizes many threats.

Users in my organization often lack knowledge about phishing emails despite quarterly training, and they can fall victim to social engineering emails, which is where Proofpoint Email Protection helps efficiently check those kinds of emails.

I do not have detailed information about operational efficiencies or cost savings because my role focuses solely on using Proofpoint Email Protection for analysis.

My advice for others looking to use Proofpoint Email Protection is to focus on threat detection and ease of management, and it is crucial to plan properly, testing with a subset of users first to minimize disruptions during onboarding.

Additional thoughts on Proofpoint Email Protection include that it is an AI-driven solution excelling in real-time threat blocking, featuring a dynamic scoring system to focus security teams on high-impact threats and the need for careful tuning to avoid over-quarantining legitimate emails. My overall review rating for Proofpoint Email Protection is nine out of ten.

Hybrid Cloud

Other

My main use case for Proofpoint Email Protection is email defense, monitoring of malware, and protection. I use Proofpoint Email Protection for monitoring malware or protecting patient information to analyze incoming mail, and I also use it for its DMARC capability.

The best features Proofpoint Email Protection offers include an email detection engine that is very strong. Advanced Threat Detection stands out to me as a great feature, and the spam filtering reduces users' daily operation time quite a bit, while URL Defense is also quite strong.

Proofpoint Email Protection has positively impacted my organization by definitely reducing the load on administrators for releasing emails and other spam operations that used to be handled by administrators. The threat detection is also much stronger, resulting in reduced incidents and reduced time around resolving those incidents.

I think Proofpoint Email Protection could be improved if the user interface portals could be consolidated into a single portal, as there are currently four, five, or six separate ones. If they could be combined, that would be beneficial.

I have been using Proofpoint Email Protection for three years.

Protection is crucial. The spam filtering has reduced triage time significantly.

Hybrid Cloud

Microsoft Azure

Proofpoint is used as an email security gateway for big enterprises, primarily for their on-premises servers. Many customers also use it alongside Office 365.

Proofpoint offers a complete solution for email security with features like DLP, email archiving, and encryption. The most valuable features are the sandbox and trap, which are crucial for dealing with phishing attacks and quarantining suspicious emails.

The most valuable offerings are TAP and TRAP. TAP is the sandbox of Proofpoint, which is extremely effective for phishing attacks, while TRAP serves as an auto-quarantine solution. 

Proofpoint provides an expandable project model, including DLP, email archiving, and encryption, which makes it a complete email security solution.

Phishing detection & Response capabilities could improve further to match some of the capabilities offered by competitors. Proofpoint could expand its PDR capabilities to improve its efficiency inside the SOC

I have been working with Proofpoint Email Protection for about seven years.

Proofpoint offers a high level of stability. Email, being an essential IT service, requires constant availability. I have never encountered a situation where the Proofpoint service was unavailable.

Proofpoint is scalable for multi-site organizations with thousands of users. In Egypt, 50% of deployments are on the cloud and 50% on-premises. I rate it an eight out of ten for scalability.

I have limited experience with Proofpoint's technical support, however, I know that their support is quite good.

Positive

Some of my clients use FortiMail, however, they are considering migrating to Proofpoint due to its depth and superior protection level.

The setup requires expertise. It needs someone with experience on managing it, and I would rate the implementation as needing someone experienced.

I act as a solution architect. My team handles deployments, however, Proofpoint provides strong support, ensuring reliable implementations.

Proofpoint is considered a very expensive solution compared to others like FortiMail, being double in cost. Customers pay around $90,000 yearly for a 1,000-user organization, with the subscription license being the main expense, apart from implementation fees.

I recommend all of my customers to migrate and start using Proofpoint as it is secure, minimizes risk, and eliminates phishing attacks. 

Overall, I rate Proofpoint eight out of ten.

Hybrid Cloud

Other

We use the solution to stop email attacks, such as credential phishing, impersonation, and some forms of spear phishing. It also helps prevent attacks that bypass email authentication protocols like SPF and DMARC.

It's the top choice because no company can operate without security. Ensuring email protection is a major priority for any organization when building its infrastructure. It effectively stops sophisticated attacks launched by advanced threat actors. It can identify attacks related to impersonation, deception, identity theft, business email compromise, and more.

One major threat is QR code phishing, along with TOAD (Telephone-Oriented Attack Delivery). TOAD attacks don't include links, URLs, or attachments in emails. Instead, attackers try to trick you into calling them, often by offering something enticing like a 50% discount on football matches. Once you call, they may try to get your two-factor authentication code or send malicious links to your personal email, bypassing security controls. Proofpoint has consistently detected and prevented these kinds of deceptive attacks.

I have been using Proofpoint Email Protection for five years.

The product is stable. 

It's top-rated for scalability because of its architecture. It uses a central management solution called Master and supports adding up to 25 or 30 agents. Each agent can handle a significant number of users, so with 2 agents, you can cover 5,000 to 10,000 users. Given this setup, 25 to 50 agents can manage even larger user bases. These agents are servers, not software installed on individual machines, which allows for excellent scalability.

The initial setup is straightforward and user-friendly, but it does require experts to implement. It's not something that regular users can handle. You need skilled professionals who have a good understanding of email systems, Office 365, Exchange, email flow, and SMTP protection. While the process is simple, having knowledgeable people is essential for a successful implementation.

It starts with an offline configuration in the first phase, keeping everything inactive and not migrating traffic right away. This allows you to validate policies, mail traffic, and mail flow without affecting live operations. Once everything is validated, the cutover happens in phase two. After ensuring the cutover is successful, you can then move on to the tuning phase.

I’ve done this many times. The initial setup duration depends on the company size, the complexity of the policies, the rules in place, and whether the setup is complex or straightforward.

They have their own dedicated Protection Services team and rely on certified professional service engineers on the ground.

To protect email effectively, you need to secure it across multiple channels—external, internal, and even after delivery. Proofpoint is the top choice for comprehensive email protection because it covers all these aspects. Gartner has stated that to fully protect email, you need coverage across all channels, and Proofpoint is the only vendor with a platform capable of doing that.

It operates using the MLX engine along with AI to protect against business email compromise. Some of the engines within the solution rely purely on AI. The system can be left to learn normal behavior over two to three weeks. Once it understands this behavior, it provides protection based on what it has learned. We also acquired a vendor called TCL, which excels in detecting attacks through advanced analysis and AI.

Tuning requires time; it's not difficult to maintain but needs careful adjustment. It may take about a week to ensure everything is optimized according to best practices, focusing on tuning rather than just configuration.

I am an administrator. I manage it as an admin for each and every inbound and outbound email.

The phishing and spam filters are the most effective features. There is also a trap feature that is most effective.

Sometimes it doesn't detect actual spam emails, and sometimes it catches normal emails, which is not spam. So I think the filtering should be improved in the future. I believe Proofpoint is already working on that.

The pricing is also something that could be improved. It's literally high.

AI is not yet fully enabled in this tool. Hopefully, in the future, it will work.

I have been using it for 3+ years.

I would rate the stability 8/10.

I would rate the scalability a seven out of ten. There are around 70,000 end users. It is used daily. As a admin, I have to use it daily for various use cases.

The customer service and support are good.

Positive

I believe Proofpoint is more effective in blocking spam and malicious emails than Exchange Online Protection because I've worked with both.

It has a better spam filter than Exchange Online Protection.

I don't have much experience with any other tool, but I know the basics of Exchange Online Protection (EOP). Mostly, I use Proofpoint.

EOP is included with Microsoft and is free. But even though Proofpoint is paid, it gives a lot of features. Its filters are better than EOP.

The initial setup has average complexity. It is on the cloud. 

It takes days, not hours. For the organization I work in, most of the data is on-premises. So, syncing takes time.

The deployment was done in-house.

It's time-saving because it catches a lot of spam and phishing emails. Users are fine with it, even though it's a little costly. It does its work.

It is expensive.

I would recommend Proofpoint Email Protection to other people. 

It's easy to use, even for those new to IT. The UI is simple and easy to learn. Many courses and articles are available if you want to learn more. It's easy and efficient.

Overall, I would rate it 9/10.

Hybrid Cloud

Microsoft Azure

I use Proofpoint Email Protection to filter and scan doubtful emails. The solution screens emails, quarantines suspicious ones, and only sends through legitimate emails.

The main feature I find most effective is that Proofpoint Email Protection scans emails and quarantines the doubtful ones. This is the main purpose of the software and it serves that function very well.

In terms of improvement, the price could be better. Additionally, more security could be implemented.

I have been using Proofpoint Email Protection for almost five years.

I would rate the stability of Proofpoint Email Protection as a nine out of ten.

I would rate the scalability at eight point five out of ten.

Technical support is rated as eight out of ten, indicating that the support quality is quite good.

Positive

Before using Proofpoint Email Protection, I did not use a different solution.

The initial setup was easy to use and simple.

The deployment was done by a third party.

In terms of pricing, it is okay compared to others. I would say it is normal. Additional costs do come in, but it enhances security.

I had other options but chose to go with Proofpoint. I cannot recall the specifics.

I would recommend Proofpoint Email Protection to others because it is useful, simple to use, and provides whatever is required. My overall rating for the solution is eight point five out of ten.

Private Cloud

Other

We use it for user queries. For example, if a user flags that they're not receiving emails from a particular sender, we investigate where it got blocked in Proofpoint, if it was delivered successfully, or if it was quarantined. 

We also onboard new domains, adding SPF and DKIM records to the DNS records so that all incoming mail is processed by Proofpoint before reaching the internal network.

The Tap and Trap features. They are the best features, in my opinion. I've worked with other tools which didn't have these features.

The support team was a bit slow. It takes months to implement the next feature.

So I'd like to see faster support.

The company has been using it for two or three years, but I recently joined. In my previous organization, we also used a Proofpoint tool. So I've used Proofpoint products for about six to eight months now.

Once there was a breakdown. Proofpoint was shut down for four hours due to a server issue. But other than that, there have been no other issues. It is stable.

We are a very big company with around 25 to 30 business units. We are slowly onboarding those units to Proofpoint. 

Every email to those units will go through Proofpoint. As of now, we have onboarded 15 or 16. We are in the process of fully onboarding all domains.

I didn't work on the installation and deployment, but I know the procedure. It's easy, not complicated. We just need to have servers and storage capacity. 

In our organization, it was an on-premises Proofpoint Protection, so we had a server, capacity storage, and all. We also need to connect that server with our internal environment and Active Directory. It's all easy. 

There's documentation from Proofpoint on how to do it. And we also have support from their team to guide us.

It's a bit expensive compared to other tools.

The decision also depends on the budget. But going with Proofpoint is the best option because it has so many advanced features that other tools don't have. It will be good for company security.

It is easy for a beginner to learn to use Proofpoint Email Protection. Proofpoint provides free courses to its customers. They can take those courses and learn how to use it. It will take them one or two months to get to know all the features, and then they're good to go.

Overall, I would rate it an eight out of ten.