We changed our name from IT Central Station: Here's why
Get our free report covering CoSoSys, Forcepoint, Microsoft, and other competitors of Symantec Data Loss Prevention. Updated: January 2022.
563,148 professionals have used our research since 2012.

Read reviews of Symantec Data Loss Prevention alternatives and competitors

Management Executive at a security firm with 11-50 employees
Real User
Top 5Leaderboard
Good interface, powerful OCR and data discovery capabilities, customizable
Pros and Cons
  • "The scalability is fantastic. One of the things that I like about Forcepoint is that I can customize the solution to suit my objectives."
  • "With respect to the discovery component, the reports are very hard to interpret because they come out in an illogical format."

What is our primary use case?

We are a solution provider and Forcepoint DLP is one of the products that we implement for our clients. We have Forcepoint DLP at one of the telcos and one of the things that we are trying to discover is information, across the organization, that is of a personal nature. We are using it to comply with POPI, which is the equivalent of GDPR in South Africa. We are also using it for PCI-DSS requirements. This discovery component works quite well with respect to the search.

How has it helped my organization?

When we deployed it for a bank, it proved highly efficient in terms of PCI compliance. It was very quick to pick up where people were divulging personal information regarding credit card holders. We then deployed very simple rules that we had customized, without the need for data classification.

Initially, if you were just doing PCI-DSS, because it's very limited information that you needed to protect, you could do it without data classification. This was good for an organization that had data to protect and wanted to comply with PCI-DSS, but had not done the data classification at that point.

The rules that we put into place were simple. For example, if more than two credit card numbers are being pushed out then block it, or first put it into monitoring mode and then block it.

What is most valuable?

One thing that I really like is that you can customize the rules. 

What needs improvement?

The challenges that we've had are related to deployment, especially around the discovery component, and with the local support that we receive in South Africa.

With respect to the discovery component, the reports are very hard to interpret because they come out in an illogical format. We forwarded the reports to our local support team, who were also unable to help me. Eventually, the problem went to the UK for that team to interpret the report.

Ultimately, my biggest challenge is the discovery component with respect to the reports, as good as it is in terms of the integrity, or the search. It is a question of how you translate technical reports into business language. We tried the cloud version, which is Forcepoint CASB, and we found the same thing.

The local support team is made up more of salespeople than engineers and as such, the support in South Africa can be improved.

For how long have I used the solution?

My experience with Forcepoint Data Loss Prevention goes back to 2005 when it was still called PortAuthority. The product has evolved massively since that time. I have deployed it and worked with it for different organizations at different locations.

What do I think about the stability of the solution?

Initially, it takes a little bit of processing but nothing to be too concerned about. Stability-wise, nothing has really annoyed us. 

What do I think about the scalability of the solution?

The scalability is fantastic. One of the things that I like about Forcepoint is that I can customize the solution to suit my objectives. For example, if I only wanted to prevent PCI then I could just go in and do that.

One of my clients has quite a large deployment, with approximately 30,000 users. They have plans to roll it out to the rest of Africa.

How are customer service and support?

Technical support from the UK is good. However, the experience of local support in South Africa is not at the level it should be. Most of the local staff are salespeople, as opposed to engineers. Support for the deployment of the product is seriously lacking.

In the UK, they were much more knowledgeable about the product, as well as the outputs and how to actually read them to make business sense out of them. It was much better than what we had in South Africa. Locally, they simply said that they didn't understand it. Most customers will shy away from products when the support is like this.

Because they answer the phone, I would rate the local support a two out of ten. The European support was better, so I would rate them a five out of ten. There were delays in their response but I'm not sure if it was related to the difference in time, or it was part of the ticket escalation process.

Which solution did I use previously and why did I switch?

One of our clients was using the Symantec solution prior to Forcepoint. We convinced them to switch because Symantec does not have a great presence in South Africa and support was an issue.

They had been using it for quite a long time and had not seen the necessary return on investment. With the new legislation, it was time for them to change to something that was more practical, and more user-friendly. The product works great now.

How was the initial setup?

The implementation is not as easy as people make it out to be. Once you get it right, the product is fine, but this requires understanding it and getting the proper training. A novice that has begun to work with the tool can find it quite difficult to implement if they don't have a good understanding of the product, and do not have the right support.

For example, in one organization it took us about three months to implement it, whereas it should have taken about a month.

Our clients have hybrid deployments, where they are part on-premises and part cloud. The choice of cloud provider is made by the client but they either choose Microsoft Azure or AWS.

The implementation strategy that we use varies depending on the client. For example, at the bank, we wanted to prevent data breaches, especially with credit card information, and ensure compliance. Therefore, our strategy was focused on just the PCI requirements so that we could take reasonable measures to protect the organization. Essentially, we wanted to go from zero to hero quite quickly. That was possible because of the flexibility and agility of the product.

When it came to the telco, it was a completely different strategy. It was a long-term strategy in terms of protection of personal information and preventing it from being divulged without authority to would-be criminals.

When we deployed it, we literally had to look at the requirements and configure it from a POPI perspective. In this regard, the deployment was skewed toward personal information breaches.

What about the implementation team?

We worked with a local reseller, Performanta.

Their skills were meant to be the best in the country but it left a lot to be desired. We had to use the UK offices and that's a challenge with most of the organizations in South Africa. With big vendors, South Africa is a small market, so the investment in South Africa is not what it should be. Understanding, managing, and integrating products needs to be improved, in general.

For deployment, there were eight of us in total. Two were engineers, there were four analysts because we had to write the business rules and document them, there was a project manager and a few others.

Maintenance is being done by the client, in-house. They have two engineers that are responsible for it, and they have purchased support from the local providers.

What was our ROI?

My clients are seeing ROI because the privacy office is quite comfortable now that they've done everything reasonable to meet the compliance requirements. There is a level of assurance provided by the DLP solution.

What's my experience with pricing, setup cost, and licensing?

In terms of pricing, it is good for a corporation but they do not cater to small to medium businesses. They have to look at a different pricing structure for small to medium-sized enterprises because the cost is too high.

This is compounded for the African market because of the exchange rate. One dollar is equal to approximately 15 rands and if you were to multiply that by the price of the product, it becomes quite costly.

There are no costs in addition to the standard licensing feed, although you still need to understand the operational impact that it has on an organization from a resource perspective. That needs to be factored into the total cost of ownership.

Which other solutions did I evaluate?

We compared Forcepoint with NetSkope to assess its reporting capabilities and we found that the NetSkope report was very easy to translate, understand, and explain to a business. Forcepoint was instead very cumbersome, unstructured, and illogical. It required an expert to actually interpret the report, which is something that you don't want.

We have also looked at the McAfee product, as well as the one from Microsoft. At that stage, the solution from Microsoft was a little immature and I have not looked at it since. Forcepoint was the leader when we implemented it for our clients.

Comparing Forcepoint to the other products in general, the data discovery capability was great, except for the interpretation of the report. The OCR capabilities were also good for us because it's a telco and they have a lot of paper going through. 

What other advice do I have?

The tool works great but they don't talk about the operationalization of the tool from a process perspective. When people sell DLP solutions, they talk about the efficiency of the tool, but they don't talk about the impact that it has on an organization from a resource perspective.

You would need a team to analyze all of the exceptions that you have, like the way they do in a SOC, where you have analysts looking at the incident. They analyze and investigate it, and then determine whether it is positive or negative and something that we have to be worried about. For example, our organization had approximately 70,000 end-users, who were employees. There is quite a large amount of data that is transferred across our network.

In our case, if a person is sending more than one credit card credential out of the bank, it was flagged. If it was more than one, you had to have a whole backend process where the analyst had to look at it, then perhaps ask the person why they were sending out this information.

When we were first looking at this product, there was nobody who informed the customer as to the complete ecosystem that would be required to have an effective DLP solution in play.

My advice for anybody who is looking at Forcepoint is that they need to understand what it is that they are trying to prevent. You cannot be totally dependent on the tool to do everything. This is not a criticism of Forcepoint but rather, a criticism of the way it's sold. The product will do what it's built to do. But, if you're expecting it to automatically manage the incident, then it cannot do everything. It can block, it can monitor, and it can create alerts, but you still need your analysts. For most CSOs or IT managers that are looking to deploy, they must factor in the practical implications of operationalizing it. They need to have a process in place. They need to have an escalation process in place, and they need to have resources like analysts to actually look at the exception reports.

This is an effective data leakage solution, it does what it's meant to be doing, and the interfaces are great. The biggest lesson that I have learned from using it is to understand the total cost of ownership.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Sanjit Achary
Senior Manager at a tech services company with 1,001-5,000 employees
Real User
Top 5
Stable with good central management and good technical support
Pros and Cons
  • "The central management console is the solution's most valuable aspect."
  • "There needs to be support for Mac computers. Currently, McAfee does not work on iOS."

What is our primary use case?

The solution handles risk and compliance aspects for our company. It handles everything including uploading documents, etc.

What is most valuable?

I don't use the solution in a technical way, so the technical aspects of the solution I'm not clear on.

The central management console is the solution's most valuable aspect.

What needs improvement?

The solution needs to be more clear about the licensing. They should have a way for users to educate themselves on the costs so that companies can figure out how to reduce costs.

There needs to be support for Mac computers. Currently, McAfee does not work on iOS.

For how long have I used the solution?

I've been working with the solution for the last five years.

What do I think about the stability of the solution?

The solution has been quite stable for us. We haven't had any issues at all.

What do I think about the scalability of the solution?

We have about 2500 people using the solution in our organization. They're a mix of people, including engineers and architects. We use it quite extensively - on a regular basis.

The solution is scalable, but the issue for us is that the pricing can be quite high.

How are customer service and technical support?

We've been in touch with technical support in the past. They've been quite good. We've been satisfied with their level of service.

Which solution did I use previously and why did I switch?

In the past, we've worked with Symantec, ForcePoint, and Barracuda. McAfee has some features that aren't part of other competitor's feature sets. Overall, however, from a technical point of view, they are all mostly the same.

How was the initial setup?

The initial setup is quite simple. We didn't find it complex at all.

I was not there during the original implementation. I'm very new to this organization. I had just joined the team a few months ago. This solution has been running for the last five years, so I don't have more historical data in relation to the original setup.

We have two software engineers overseeing the project.

What's my experience with pricing, setup cost, and licensing?

Comparatively, the pricing is quite low.

What other advice do I have?

We're a McAfee customer. We don't have a specific relationship with the organization. We are using the latest version of the solution.

The solution is quite good and stable right now, but there are a lot of other products coming to the market. I'm currently investigating what other features customers need or are using to see if we can develop these out on this solution or not. 

Many organizations will find the solution has may features that would suit their needs and reduce the number of issues they face. However, it does depend on the individual company and what their unique requirements are.

I'd rate the solution eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Owner at xconsult
Real User
Top 5
Offers good control over external devices, but it is complex to set up and configure, and the interface needs to be simplified
Pros and Cons
  • "The most valuable feature is the ability to control access to USB drives and other external devices."
  • "There needs to be support for blocking the sending of files by email because even if you block or remove an external disk, the files are not protected."

What is our primary use case?

We are a consulting firm and this is one of the solutions that we implement for our clients.

Our customers primarily use it to protect local files that they are saving to external devices.

What is most valuable?

The most valuable feature is the ability to control access to USB drives and other external devices.

What needs improvement?

The interface is very complicated to use and it is easy to forget how it works.

There needs to be support for blocking the sending of files by email because even if you block or remove an external disk, the files are not protected. As long as the files can still be sent via email, it is useless to protect them from being copied to an external drive.

For how long have I used the solution?

I have been working with this McAfee data protection product for more than two years.

What do I think about the scalability of the solution?

Scalability is not really applicable because it is only dealing with an endpoint device. There is no impact on scalability.

How are customer service and technical support?

I have not been in contact with McAfee's technical support.

Which solution did I use previously and why did I switch?

Symantec has a similar solution available.

How was the initial setup?

The initial setup is complex. The configuration requires that many points have to be considered before it can be done properly.

What's my experience with pricing, setup cost, and licensing?

The price is high for this type of product.

What other advice do I have?

I would rate this solution a five out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Get our free report covering CoSoSys, Forcepoint, Microsoft, and other competitors of Symantec Data Loss Prevention. Updated: January 2022.
563,148 professionals have used our research since 2012.