Competitor
# Comparisons
Rating
Buyer's Guide
Secure Web Gateways (SWG)
November 2022
Get our free report covering Fortinet, and other competitors of Symantec Virtual Secure Web Gateway. Updated: November 2022.
655,113 professionals have used our research since 2012.

Read reviews of Symantec Virtual Secure Web Gateway alternatives and competitors

Olivier DALOY - PeerSpot reviewer
Group Information Systems Security Director - CISO at Faurecia
Real User
Top 10
Secures users wherever they are and enable us to inspect SSL traffic, but we encountered too many issues
Pros and Cons
  • "The fact that it is a cloud proxy solution is another feature we like. For example, if you acquire a new company, you can use it to protect that new company without the need to install anything physically on their networks."
  • "We are now transitioning to another solution. The main reason for that is that managing all of the exceptions and troubleshooting all of the issues our users have had connecting to the internet has become too significant in terms of workload, compared to what we hope we will have with another solution."

What is our primary use case?

We use it to secure the internet connection of all of our users, ensuring that they can connect as transparently as possible to all of the websites that are, of course, not hazardous. And anything hazardous is prevented as much as possible.

How has it helped my organization?

We were looking for an isolation solution so that there would be no impact at all on the systems that we are responsible for protecting. We didn't want to wait until a first attack was successful and then find out what the impact was and how we should react to it. That's why we chose Menlo. Either you have access to something or don't have access to it. And if you do, we can ensure, 100 percent of the time, that there is nothing malicious that is going to impact our system in any way. And that's for the on-prem users who are connected to the corporate offices, as well as for the users who are roaming.

The primary benefit is that it secures users wherever they are, whether they are roaming, or they are using their PC at home, at work, or at the airport. We are able to do that, and we are even able to do it with companies that we recently acquired.

Another move forward was that we started inspecting SSL traffic, which was something we were not inspecting before. We were closing our eyes to what was happening to 98 percent of the traffic because it was encrypted. Today, we are not closing our eyes. Menlo enabled us to inspect more traffic and avoid relying on traffic that clearly can be hazardous. That may be one of the reasons we discovered new use cases that were difficult to test before, and for which we have had issues configuring Menlo to handle.

Another advantage is the ability to produce reports that help us to understand what our users are doing, even within the website. For example, are they posting files or are they downloading files? That is clearly an ability that we acquired with the solution as well.

And when it comes to isolation, we haven't seen any threats that have succeeded in coming in through Menlo. I have evidence, of course, that in some cases we were infected by malware, but it was not able to avoid Menlo's protection and connect back to the internet to get instructions from the command and control service. We have clearly demonstrated that those threats just cannot harm us.

What is most valuable?

The isolation is one of the most valuable features.

The fact that it is a cloud proxy solution is another feature we like. For example, if you acquire a new company, you can use it to protect that new company without the need to install anything physically on their networks. 

Also, the ability to rewrite the links in emails so that nobody can connect to a link without going through Menlo's protection is something we have found very valuable. 

And the reporting feature, which involves a kind of programming language to query the logs or the data from the Menlo console is something we consider to be quite useful.

What needs improvement?

The solution should have no impact but it does have a bit of impact on end-users. For example, we encountered some issues in the downloads that took longer than they did without using Menlo. That is clearly not transparent for users. We expected not to have any latency when downloading anything from the internet with Menlo compared to without Menlo.

We are now transitioning to another solution. The main reason for that is that managing all of the exceptions and troubleshooting all of the issues our users have had connecting to the internet has become too significant in terms of workload, compared to what we hope we will have with another solution. In other words, we hope to get the same level of protection, while reducing the number of visible bugs, issues, latencies, impacts on performance, et cetera, that we have today with Menlo. We already solved most of them, but we still have too many such instances of issues with Menlo, even though it is protecting us for sure.

The weak point of the solution is that it has consumed far too much of my team's time, taking them away from operations and projects and design. It took far too much time to implement it and get rid of all of the live issues that we encountered when our users started using the solution. The good point is that I'm sure it is protecting us and it's probably protecting us more than any other solution, which is something I appreciate a lot as a CISO.

But on the other hand, the number of issues reported by the users, and the amount of time that has been necessary for either my team or the infrastructure team to spend diagnosing, troubleshooting, and fixing the issues that we had with the solution was too much. And that doesn't include the need to still use our previous solution, Blue Coat, that we have kept active so that whatever is not compatible or doesn't work with Menlo, can be handled by that other solution. It is far too demanding in terms of effort and workload and even cost, at the end of the day. That is why we decided to transition to another solution.

If we had known in the beginning that we would not be able to get rid of Blue Coat, we probably would not have chosen Menlo because we were planning to replace Blue Coat with something that was at least able to do the same and more. We discovered that it was able to do more but it was not able to replace it, which is an issue.

It is not only a matter of cost but is also a matter of not being able to reduce the number of partners that you have to deal with.

In addition, they could enhance the ability to troubleshoot. Whenever a connection going through Menlo fails for any reason, being able to troubleshoot what the configuration of Menlo should be to allow it through would help, as would knowing what level of additional risk we would be taking with that configuration.

For how long have I used the solution?

We have been using Menlo Security Secure Web Gateway for two years.

What do I think about the stability of the solution?

Now, the stability is quite good. I would rate it an eight out of 10.

What do I think about the scalability of the solution?

We have it deployed worldwide, in about 300 locations.

In the case where we acquired a new company with a significant number of systems, the ability to deploy Menlo to all of them, even if we were talking about 40,000 people, would not be an issue at all. 

One thing which could be a real issue is the ability of the solution, within the development plan of Menlo, to fit our needs. This is what led to our decision to remove Menlo.

Which solution did I use previously and why did I switch?

We were using Blue Coat Systems before. First, that was clearly not protecting users who were at home or roaming. Second, it was not possible to use it to protect companies that we acquired until they confirmed that they were going to implement Blue Coat appliances on their networks. So Menlo was a huge move forward.

How was the initial setup?

The initial setup was complex from the beginning, and even once it was in operation. We even needed to have an on-prem meeting with my team in charge of the implementation and the techs from Menlo to determine the best configuration settings to make it work and avoid issues as much as possible (which we still had afterward). It is not at all simple to deploy.

We had between five and 10 people involved in the setup. They were in charge of operations, meaning any changes to or troubleshooting on equipment that was live. Others were in charge of the implementation of this type of system, including defining the proper architecture and configuration and adapting and tuning the configuration.

A couple of years later, we still had a significant number of open tickets with their help desk due to issues connecting through Menlo.

It is deployed on the cloud. We were planning to use Menlo on-prem in China, but we are rerouting the traffic from China to Hong Kong and going from Hong Kong to the internet.

The maintenace is not lightweight. I don't know what portion of the time that we were spending on the tool was due to maintenance and what part was due to new issues that were raised by our users. The maintenance is a split responsibility between the local IT operational guys and the people from my team.

What about the implementation team?

Our experience with their consultants was very good. 

Our only issue is that we kept asking them how they managed, with their other customers, the issues we were encountering. An area for improvement for them would be that when they meet their customers, don't let them think that they're troubleshooting something for the first time. There is no reason that they wouldn't have seen something different with another customer.

They were not leveraging the experience they had with other customers enough to anticipate and prevent the issues on our networks; or, at least, when they happened, to solve them much quicker than they would have if they had never been seen before. We consider that as a lack. They need to learn how to let other customers benefit from the experience they had with us.

What was our ROI?

We haven't seen a decrease in the number of security alerts that our security ops team has to follow up on, but we were not even able to measure that before deploying Menlo. It's very hard to demonstrate the return on investment by looking at the decrease in the number of incidents compared to before, as we had nothing before that was truly able to demonstrate to us what was really happening. 

If we had implemented a solution from a Menlo competitor before, and we were moving to Menlo, that would have enabled us to compare both solutions. That is something we are going to do after we transition from Menlo to Skyhigh Security, even though the alerts will not, of course, have occurred at the same time. We will be comparing things that are a couple of months, or years, apart. We will try to demonstrate the different levels of protection provided by Menlo compared to Skyhigh. But that will happen half a year from now.

What's my experience with pricing, setup cost, and licensing?

The pricing is good. We were convinced that it was the right price for such a solution at that time. Again, we didn't know that we would have to keep Blue Coat. At that time, we were thinking that we would be able to get rid of Blue Coat, and for that reason, the price would be good.

Which other solutions did I evaluate?

We evaluated several other solutions, including Zscaler and the complete portfolio of Symantec as well.

We went with Menlo because of the connection to the execs of Menlo and the ability to talk to them. The size of the company, compared to Symantec, was definitely a factor, but the ability to get in touch with the right people as quickly as possible, and trust their strategy and their level of protection, were important. The ability to get a contract where they commit to protecting, 100 percent, against any threat, as long as you use isolation, was a clear improvement for us. And the fact that it was a cloud proxy solution, was another part of the decision.

What other advice do I have?

My advice is to pay attention to all of the use cases you have and try to understand what Menlo is or isn't addressing so that you don't discover that you still need to keep an old technology that may even be outdated. To do that, you need to be very clear about your use cases and how you will cover them with Menlo or if Menlo will not cover them.

While the solution provides a single console for security policy and management, which is an interesting feature, as long as you're able to connect through APIs to all your SaaS solutions, the fact that you use the very same SaaS solution or not is probably less important. I'm not saying it is not important that Menlo has a console, but it's a bit less important if you're using an orchestration automation solution. We also have Palo Alto Cortex XSOAR that we are using to automate and orchestrate.

Regarding the fact that Menlo secures the web, email, SaaS, and private applications, the latter, private applications, is very important, as is email although probably less so. The magnitude of risk is higher for private applications that are exposed without protection on internet. It depends on the use cases that you are looking to cover. If, for example, you don't have any private applications that you need to expose, then of course that type of protection is not important at all, but you still receive emails within which you need to rewrite the links. If you have both requirements, meaning a bunch of private applications that are exposed plus emails for which you need to rewrite links, in that case, rewriting the links is probably less important than ensuring the protection of your private applications.

It doesn't make sense to only perform partial protection. Everything you implement to secure the connections and the assets you are responsible for should, at some point, merge together. It should be SD-WAN and web gateways and probably even CASBs and email protection. All of that probably will tend to merge together and you can look forward to reducing costs and the number of partners.

Don't look at it as: "I have a new need, I want a new solution," because if you do that, you will end up with a huge number of vendors and solutions on your systems and it's going to be super difficult to ensure that you manage all of that consistently. Whereas if you really have a vendor that is at least addressing, if not all the possible needs, at least all of your needs, and you are able to manage that in a consistent way, even if you have to program something in your orchestration solution, you will be able to manage all of it in a consistent way and in a timely manner.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
Service Manager at a construction company with 10,001+ employees
Real User
Top 10
AI decision-making on quarantined documents reduces manual work
Pros and Cons
  • "For our needs, the cloud-native proxy architecture is a very good solution. We are moving away from on-prem appliances and moving more toward cloud-based solutions. Zscaler is a good fit for our strategy. This architecture helps with cyber threats because we inspect most of the traffic and we can see that a lot of threats are stopped directly in the secure web gateway."
  • "The reporting functionality could be a bit easier to use. There is a reporting function, but it's quite hard to do any good reporting, from a user-management perspective. For example, if a department manager wants to know how his department is using the web, there is a way to get the data, but it's quite cumbersome to get it and show it well. And that's true for comparing between departments."

What is our primary use case?

It's primarily for end-user access to the public internet. We use the proxy functionality and the URL Filtering.

We have a global policy for all our users. While there are a few categories of URLs that we are not allowed to do SSL inspection on, the primary function for us is to do SSL inspection so that we can make use of the built-in anti-malware and antivirus—the advanced-threat features—within the platform. We do SSL inspection of some 80 percent of all the traffic and we can evaluate if it's malicious or not.

It is a cloud solution where pretty much everything is handled by Zscaler.

How has it helped my organization?

Zscaler has helped to reduce the time we spend managing security policies. That is very important to us. A lot of the features it has are AI-based decision-making. For instance, if we implement a sandboxing rule for how files of a certain type should be inspected, we also can activate the AI decision-making process. That way, even if a file is new to the sandboxing environment, it can still see that it is a PDF and has these and these characteristics. Based on that, the AI says that "No, this file is not malicious," even though it normally would have been quarantined and sandboxed and have gone through the whole analysis process. The AI helps out in minimizing the time to do that analysis. And that also helps in reducing the burden of someone actually having to do things manually.

If you count everything that was involved in managing the appliances, the lifecycle management, and support contracts, in our old environment, we have reduced the number of FTEs managing the environment from five or six to about two.

It has also definitely helped reduce the number of infected devices in our organization by proactively preventing attacks. Since we scan almost all of the traffic, we now see how much of the traffic is "malicious." In our environment, we block about 1.6 million threats every quarter, but we don't know the severity of those threats. Maybe 1 million of them are malicious content in some way, while half a million are adware. But there are real threats that are being blocked, like botnet callbacks, cross-site scripting, and browser exploits. On average, we are blocking about 500,000 threats per month. 

What is most valuable?

There are a bunch of different capabilities that are valuable within the platform. We use quite a lot of them, but not everything. The ones that are most important to us are the URL Filtering and the application control. 

For our needs, the cloud-native proxy architecture is a very good solution. We are moving away from on-prem appliances and moving more toward cloud-based solutions. Zscaler is a good fit for our strategy. This architecture helps with cyber threats because we inspect most of the traffic and we can see that a lot of threats are stopped directly in the secure web gateway. But there are parts of it that we don't use yet, like the DLP functions. Instead, we are using the Zscaler Cloud Sandbox feature for content that is downloaded as files. We detonate the document in a sandbox and see if it's malicious or not.

It's a very easy-to-learn and easy-to-use platform, even for me as a more non-technical person. I'm still able to do a lot of work in this platform.

What needs improvement?

The reporting functionality could be a bit easier to use. There is a reporting function, but it's quite hard to do any good reporting, from a user-management perspective. For example, if a department manager wants to know how his department is using the web, there is a way to get the data, but it's quite cumbersome to get it and show it well. And that's true for comparing between departments. It's quite hard to get a good report. 

Another issue is that the API documentation could be a bit more up-to-date. They're implementing stuff, but not updating the documentation all the time.

For how long have I used the solution?

We have been using Zscaler Internet Access for the last five years.

What do I think about the stability of the solution?

Since we have global reach, we are seeing a bit more instability in Asia, primarily in China, but I'm not sure that it's related to Zscaler. I think it's more due to how China does things in terms of internet access.

What do I think about the scalability of the solution?

It scales very well, if you go for the cloud-based solution alone. In certain regions in the world, we have started to implement local appliances, like a VEN node, where we don't have good coverage from Zscaler's public data centers. But if you only use the public data centers, it's getting a lot better. A while back, there were 35 or 40 data centers that we could use globally, but now there are over 80. So the scalability is quite good for us.

How are customer service and support?

Zscaler's technical support team is good at what they do, and they help us fix our problems quite fast. I would rate them eight on a scale of one to 10. There's always room for improvement.

We have had issues from time to time where they don't really see our problem as a problem, but we, as a customer, are being affected. They have a few different ISPs that take care of traffic to and from their data centers, and when their ISP is not performing, we, as customers, are suffering. There have been occasions when we have seen that our traffic is being routed very strangely within the Zscaler network, but they don't see that as a problem. We do, because all of a sudden, all of our Swedish users are going to the data center in Norway instead of Sweden. For Zscaler that is not a problem because they are still doing their job. But for our users, it's complicated because Norway is not part of the European Union, whereas Sweden is. If they go through the VEN node in Oslo, Norway, we cannot reach stuff that is EU-regulated, such as export and import functions within the EU. That is a big part of what we do. At times, it has been hard to get the Zscaler TAC team to understand that this is a problem for us, as a company.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We used to have an on-prem solution doing pretty much the same thing as Zscaler, but as our strategy is cloud-first and internet-first, we thought that we should also use a cloud-based solution. We started to look at the alternatives, five or six years ago. What we saw was that there was only one, at the time, that was mature enough for our needs.

Since then, Zscaler has evolved quite a lot. In the beginning, there was no Zscaler Client Connector, an agent on your computer. It was all cloud-based, but that changed about a half a year after we started to use Zscaler. We assessed whether Zscaler fit our needs or not and we saw that for 75 or 80 percent of our needs, it was a good fit. Some aspects were not mature back then but they have matured over time.

How was the initial setup?

The initial deployment was quite straightforward. I wasn't really on board at the time the implementation of Zscaler took place, but overall, when new features and functionalities are added to the product, it's quite straightforward to implement them and to roll them out to large user groups, or globally. From a rollout perspective, it's quite easy to use.

Initially, one of our demands was that everything should be cloud-based, meaning we shouldn't have any agents on each computer. We learned the hard way that such an approach doesn't work well, because you need something to control the path from the user's computer to the Zscaler cloud. You need to be able to steer how the traffic goes. You can do that with PAC files. But ultimately, together with Zscaler, we figured out that a client was needed, at least for our needs.

What was our ROI?

Zscaler has helped us save costs by enabling us to decommission all of our legacy proxies. We had at least nine locations with appliances, and we had multiple appliances per location. It has helped us save money.

We have also seen ROI in terms of the cost of both the lifecycle management and the service and support contract that we previously needed. We have saved quite a lot there. I don't know the exact numbers, because I'm not in charge of the finances, but if you count the resources needed to manage the platform, we have saved up to 45 or 50 percent of the cost we used to have.

Which other solutions did I evaluate?

Back then, there weren't many other cloud-based solutions available. There were hybrid models, but we wanted a completely cloud-based solution. 

At the time, Symantec had the beginning of a cloud-based solution, but it was very immature and it didn't work as well as Zscaler. Zscaler had been around since around 2010 and was five years into their journey, while Symantec was only a year or two into their journey. We opted for the most mature at that time.

Since then, we have looked at other solutions, including Netskope and a few others. They are similar in their design, but Zscaler has features in its design that make it stand out from the competitors. For instance, their scanning methodology is something like, "Scan once, analyze many times." That means there is a one-time scan of the traffic, but with multiple different threat engines, for antivirus and anti-malware, et cetera. And they do it only in the RAM memory of their cloud solution machines, which makes it super-fast. They can scan a lot of traffic in a very short amount of time. That part is something that a lot of other vendors are not doing. They're scanning in sequence, not in parallel.

What other advice do I have?

Make use of the Zscaler Client Connector as much as you can, with all of the functionality that comes with it. Also, do not allow the users to disable the Zscaler Client Connector, because then you don't know if traffic is actually going through Zscaler or not. If it's always on, you know that if something is not working, it's your policies that are doing something to the traffic. We used to make it possible for a user to disable the Zscaler Client Connector, which then made it impossible for us, as the team that troubleshoots problems, to know if the traffic was actually going through Zscaler or not. If you don't have that control, you don't know where the problem is. Now, at least we know that it's either on the client or it's on Zscaler or it's on the destination that they're trying to reach.

As for saving time with this system versus deploying and managing traditional network security hardware, it depends on how you build your management of the solution. We have opted for a solution where we manage everything centrally. We have one IT team that manages all of the Zscaler Internet Access policies and settings. But there is an option, and it's one of the strengths of Zscaler, to delegate control of parts or all of the solution to other teams. For instance, you could have URL Filtering policies that are managed by a local IT team in a given country. We don't do that. We manage everything from one team and we control everything, for our whole organization, from this management platform. We control the forwarding policies, the application access policies, the URL Filtering policies—pretty much everything.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
President at PJM Digital Design
Consultant
Boosts productivity, intuitive setup, and it required no new investment in hardware
Pros and Cons
  • "The most valuable feature is web filtering, where we are able to blacklist and whitelist sites on the fly."
  • "On occasion, we whitelist a site and it still gets blocked. To get it working, we have to remove it and then re-add it a couple of times, until it finally takes hold."

What is our primary use case?

We primarily use this solution for filtering. It handles whitelisting and blacklisting URLs and websites that the client machines can go to.

We use the onsite DNS proxy running on a Hyper-V machine, and we use the WebTitan DNS servers for our forwarders.

How has it helped my organization?

Using this solution has helped to boost productivity in the company. For example, it has prevented people from watching basketball, be it the Final Four or March Madness. It has also prevented people from going to Amazon and shopping. We have subsets of users that purchase things for the business that are allowed to go to sites like Amazon, but overall, it has boosted productivity by blocking users from going to unwanted sites during the business day.

In terms of helping to reduce viruses, ransomware, phishing, and malware attacks, it is difficult to quantify. We haven't had a ransomware attack, either previous to our implementation or since that time. Typically, phishing attacks come in via email, but we use Office 365 for that. We do have spoof emails coming in, although the email feature is not something that we have enabled in WebTitan.

Using WebTitan helps to protect our staff, regardless of where they are working from. We have a SonicWall set up and we use the NetExtender VPN. All of the DNS is pointed toward the WebTitan proxy, as well as our wireless connections. Anybody that comes into the office with that phone that connects to the network is served through the WebTitan proxy through DNS.

This is critically important for our organization because it's the number one thing that is protecting the environment. The biggest task these days is preventing malware, ransomware, and phishing. As part of a combined approach, it's been effective.

We were able to use our existing server with Hyper-V on it to set up the DNS proxy. Other than the licensing of the software itself, there was really no extra cost added because we used existing hardware.

What is most valuable?

The most valuable feature is web filtering, where we are able to blacklist and whitelist sites on the fly.

Overall, the system is fairly easy to use. I would rate it a seven out of ten in terms of how easy it is to understand and use the customization options.

It was very important to us that WebTitan doesn't need to install an agent or other software on individual workstations. That was one of the reasons we didn't go with some of the other options; we really don't want an agent running on a machine, taking up resources. It makes bringing new machines into the environment more difficult and more time-consuming.

What needs improvement?

Although the interface is easy to use, it takes some getting used to.

The main issue that I have with the product is related to the DNS proxy. The fact that all of our clients are pointed to the DNS proxy for DNS has caused us some problems. The serious one was that there was a Microsoft update that was released and when we updated the server that the DNS proxy resides on, it stopped the Hyper-V service from starting. That brought down the entire business, which was not good for us. Due to issues like this, the DNS proxy is my least favorite part of this solution.

On occasion, we whitelist a site and it still gets blocked. To get it working, we have to remove it and then re-add it a couple of times, until it finally takes hold. The same thing happens with the blacklist but it happens more often with the whitelist. It doesn't happen all of the time, or very often, but it happens.

For how long have I used the solution?

I have been working with TitanHQ WebTitan for between two and a half and three years.

What do I think about the stability of the solution?

This is a stable solution, as long as our DNS proxy stays up.

What do I think about the scalability of the solution?

We have added some PCs and some servers to our infrastructure, and it scaled up okay. I haven't doubled or tripled the number of client or server machines, so it would be hard to speak to that. However, it scales fine for our purposes.

We have between 30 and 35 workstations, with a couple of servers. Every user typically brings in their phone and connects to the wireless network. In total, we probably have between 60 and 70 devices connected on any given day.

How are customer service and support?

Technical support has been good and they've been supportive. That said, it could be a little easier to navigate. Sometimes, we're not sure what number to call or who to contact, so if there could just be a screen presented to us, that would just make support a little easier.

It's been a while since I opened a ticket, but I think it's a phone call. Submitting a case is a little onerous. I would prefer a more specific protocol to be able to use to submit a case and track it, rather than just calling support and talking to someone. It's fine, but it's nice to be able to reference back and have a web interface where I can manage the support calls.

We did not use live support to help us with onboarding. We were provided with documentation, so that was the extent of what we had used.

I would rate the support an eight out of ten. It's more the process that I would criticize, and not the actual people in support. They have been fine.

The last issue that we had to deal with was difficult. When the proxy failed because of the update, we handled it by changing our DNS back to our domain controllers. The problem was that we were still having issues.

It may have been my fault because I had forgotten that the DCs were also set to have WebTitan as their forwarders. Nobody reminded me, either. We chased our tails for half a day and then finally realized that we should check the configuration. Once I saw the forwarders configured, I removed them and put in our Verizon forwarders. After that, everything started working. Things like that just happen, and it's really nobody's fault.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Prior to WebTitan, we did not have another web filtering solution in place.

How was the initial setup?

The initial setup was not complex, although I'm in IT. It certainly would be complex for a layperson that's not familiar with these types of things.

The most difficult part was probably getting Hyper-V and the remote DNS machine set up and running. Besides that, it was fairly intuitive.

The deployment was completed in one business day but building the whitelist and the blacklist is an ongoing task. Initially, that probably took another half business day.

Our implementation strategy began with an online demo with a WebTitan representative. We looked at the product and the documentation, and read case reports. We did not test it. Rather, once we decided we were going to use it, we committed and installed it.

What about the implementation team?

Two of us were responsible for the deployment. I'm the IT consultant and handle all of the IT tasks. The other person wears many hats, primarily office manager, but does day-to-day IT.

Once it is installed, it's pretty much hands-off after that. There were two instances when the DNS proxy failed, which we had to look after. Also, there is basic day-to-day maintenance of the different sites. Overall, however, it's hands-off as long as nothing breaks.

What was our ROI?

In the sense that it's increased productivity, we have seen ROI.

What's my experience with pricing, setup cost, and licensing?

WebTitan is an inexpensive product compared to others on the market, so it has helped to reduce costs associated with web filtering. I estimate that it is between 20% and 30%, compared to the alternatives that we looked at.

It's very aggressively priced, which is something that we definitely like. With corporations, everything is the bottom line. That's what they look at first and that's what they were satisfied with.

Which other solutions did I evaluate?

We looked at several solutions when we were evaluating products. One was Barracuda, and there was a Symantec product along with a couple of others.

The advantage that we saw with WebTitan was that we didn't have to install a local client. It was also cost-effective.

Our main reason for choosing it was that it worked.

What other advice do I have?

My advice for anybody who is implementing WebTitan is to look at the environment carefully. Make sure that wherever you're using the DNS proxy is very stable, because that's the heartbeat of the product. If that fails, everything fails.

Also, try to get used to using the interface to build your white and blacklists. I think the key thing is making sure that the DNS proxy is on a stable machine, and that you're going to test updates before you apply them. Microsoft is notorious for breaking something every other month with an update.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
Lead Integration Architect at DXC Technology
Real User
Top 20
Reasonably priced, easy to set up, and offers near real-time reporting capabilities
Pros and Cons
  • "There is some sandboxing available, which is quite useful."
  • "The Sandbox solution should be integrated with the NIST to handle whatever new vulnerabilities or new sites are identified as potential threats."

What is our primary use case?

We use the solution as an overall proxy. We are using Forcepoint Web Gateway to allow only trusted, valid URLs - whatever is accepted or offered by the cache rate.

It's a landing zone for all kinds of end-user traffic for the internal users, as well as to protect against any attacks from my external users. Also, it controls the internal IT assets and can protect us from hard, new, cyber attacks, ransomware, and other things. That's how it has been used right now specifically.

What is most valuable?

The agent is acting as a HIPS, host intrusion prevention system, apart from providing trusted access to any external websites. It is doing some real-time monitoring, as well as reporting security events. It can able to give an alert for any security event, which is any unauthorized event. It sends a notification to the reporting manager, who can be immediately alerted. It can happen in nearly real-time. The reporting is very helpful.

There is some sandboxing available, which is quite useful. 

The solution is scalable.

It's fairly easy to set up if you have some prior knowledge. 

The stability is good. 

It offers reasonable pricing. 

What needs improvement?

The Sandbox solution should be integrated with the NIST to handle whatever new vulnerabilities or new sites are identified as potential threats. That could be dynamically integrated and implemented in a production enrollment, just like intelligence threat production. That would help in an intruder use case.

For how long have I used the solution?

We've been using the solution for three or more years. 

What do I think about the stability of the solution?

The stability is okay. The performance is also very good. The threat handling is almost near real-time, and even notifications and reporting happen fast so that we can take corrective actions. Overall, the experience was good. There are no bugs or glitches. It doesn't crash or freeze. 

What do I think about the scalability of the solution?

In our organization, we have 35,000 people.

It is very scalable. We haven't had any issues with the process. 

How are customer service and support?

I don't deal with technical support directly. However, we haven't had any major issues and likely have not needed much support in general. 

Which solution did I use previously and why did I switch?

We are using multiple products. For an antivirus, we are using Symantec solution as well as Trend Micro. For our deep security, we are using IBM Deep Security. For our SIM product, we are using IBM Suite, as well as, for all other things, Cell Core for data DLP and DLK solutions. Predominantly, that's it. We are also using Forcepoint and a few other cloud-based web solutions.

However, we used something called CrowdStrike only as a validation solution for a very short period. Then immediately, we started migrating to Forcepoint.

CrowdStrike predominantly behaves like a sensor; it's not giving all the features of a proper web application firewall. We have to configure a bunch of things as a part of the CrowdStrike.

How was the initial setup?

If a person understands all the important tools and how they can be integrated with all other security products, it's easier to set up. It's a little bit of a challenge for any new person. There should be a blueprint or a condensing intro matrix. The Secure Web Gateway must be integrated with multiple other security products within the enterprise. There needs to be a compatibility matrix, like how this virtual VDA enrollment and other solutions. Nowadays, VDA enrollment is also coming as a hosted solution in the cloud and virtual software enrollments. It can be either on Azure, AWS, or some other third-party tools, probably that's like VMware Horizon, or it may be coming from Nutanix Frame. There are so many integration complexities in a large enterprise. If there's a blueprint, automation, or workflow, it improves the early adoption of these tools and provides a better onboarding experience.

Most of the deployments we manage through the deployment tools collected, either via IBM patch management solutions, or some automation tools, like Python. Using these agents helps with the rollout.

Initially, we took a week to ten days to deploy the product. However, rolling out the agents now, the agents are adding automated tools. For the initial implementation in our organization, we had more than 2,000 finder servers, plus other NTPs, which is why it took almost ten days.

I'd rate the overall process a four out of five in terms of ease of deployment. 

Following deployment, the maintenance is minimal. It's on the cloud and we have a subscription, so there isn't much to manage. 

What's my experience with pricing, setup cost, and licensing?

While I'm not directly handling the licensing and payments, my understanding is the solution is competitively priced. 

What other advice do I have?

We're internally using the product. I'm not sure which version of the solution we're using. IT and security mostly deal with the product and any updates. 

Potential new users will find it easy to adopt this solution. Most policies can be leveraged from other deployments, and you can confidently run them. 

I'd recommend the solution to other users and companies. 

I would rate the product nine out of ten. 

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Buyer's Guide
Secure Web Gateways (SWG)
November 2022
Get our free report covering Fortinet, and other competitors of Symantec Virtual Secure Web Gateway. Updated: November 2022.
655,113 professionals have used our research since 2012.