2019-08-30T04:51:00Z
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
  • 0
  • 4

What needs improvement with Forcepoint Next Generation Firewall?

Please share with the community what you think needs improvement with Forcepoint Next Generation Firewall.

What are its weaknesses? What would you like to see changed in a future version?

28
PeerSpot user
28 Answers
KhadimeGAYE - PeerSpot reviewer
Ambassador UTT - UTBM - UTC at a university with 201-500 employees
Real User
Top 10
2022-09-20T16:50:14Z
Sep 20, 2022

Next Generation Firewall's configuration could be improved.

Search for a product comparison
MR
Network Engineer at a tech services company with 51-200 employees
Real User
Top 5
2022-05-12T22:20:00Z
May 12, 2022

I think some of the customers who already use Forcepoint will benefit from using SD-WAN because it has features like auto-scaling, but I think the auto-scaling needs improvement since only Forcepoint NGFW comes with the SD-WAN solution. Plus, auto-scaling is an important tool and it still may not be good enough for some customers, so I think there is room for more improvement in the auto-scaling feature in SD-WAN. We have also gotten a slow response from technical support when we experienced hiccups, errors, and bugs. I think there is a lot of room for improvement in the support capabilities.

TO
Security Product Manager at a tech services company with 201-500 employees
Real User
Top 5Leaderboard
2022-03-17T12:49:02Z
Mar 17, 2022

I would like to see more sizing in the next release, and the roadmap should be clear. More models are needed to compete in terms of firewall sizing.

HF
Assistant Manager, Information Security at a financial services firm with 5,001-10,000 employees
Real User
Top 10
2022-02-16T17:57:00Z
Feb 16, 2022

Forcepoint Next Generation Firewall could improve with applying policies. Also, improvement with publishing websites and VPN agent. The solution needs to add an antivirus profile and anti-spyware profile, not just policies and VPN.

MF
PS & Technical Manager at a integrator with 11-50 employees
Real User
Top 10
2022-01-05T07:10:55Z
Jan 5, 2022

Configuration is not easy because it has an old-fashioned interface. The configuration interface is highly complex, and it's been the same for years. They have to change the interface. The structure of the configuration interface isn't like Palo Alto or FortiGate where you can do everything from a single screen. With Forcepoint, you have to import or assign rules because it's working with SMC, the central firewall management. Also, you cannot communicate directly with the product. You have to communicate with the product through the management interface. The dashboard also should be updated.

Mustafa Adel - PeerSpot reviewer
Senior Solutions Architect at Infort
Real User
Top 5
2021-05-25T23:00:05Z
May 25, 2021

Management could be better. They can improve the management. I think all our customers can't accept firewalls that have standalone management. So, they prefer Fortinet or Palo Alto. But overall, inspection and other features are working fine.

Learn what your peers think about Forcepoint Next Generation Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
655,465 professionals have used our research since 2012.
RG
CIO at Content-ti
Real User
Top 5
2021-04-21T18:22:00Z
Apr 21, 2021

A pain point worth mentioning is the need of the customer or client to properly know the environment as it relates to the presentation of Forcepoint and to have a better knowledge of the product's implementation.

LP
Product Manager at a computer software company with 1-10 employees
Reseller
Top 5Leaderboard
2021-04-15T05:09:23Z
Apr 15, 2021

The network interface could be better, and it could be cheaper. It's very difficult for us to compete with Fortinet. I would like to see an Application Control feature in the next release.

Anwar Sleem - PeerSpot reviewer
Regional Director at Ceitcon
Real User
Top 5
2021-04-12T10:17:06Z
Apr 12, 2021

It lacks something called a change of authority. It also lacks more integration with other VPN clients. Also, the ability to dynamically change policies could be improved.

DM
Associate Consultant at SoftwareONE
Reseller
Top 20
2021-04-05T14:16:59Z
Apr 5, 2021

The company should work to improve its VPN capabilities. For the most part, there aren't really any features or services that are missing. The implementation may be a bit more complex for a person who doesn't have much experience with the process. The company should update the URL filtering database. They need to enhance the URL filtering and make it easier to customize.

GM
IT Infra Head at a consumer goods company with 1,001-5,000 employees
Real User
Top 5Leaderboard
2021-02-18T13:31:01Z
Feb 18, 2021

The security features need to be improved.

SZ
Team Lead Network Infrastructure at a tech services company with 1-10 employees
Real User
Top 5Leaderboard
2021-01-13T14:35:28Z
Jan 13, 2021

Forcepoint is a little difficult to configure compared to its competitors. The product could be more user friendly. Firewalls are getting better in graphical user interfaces. If there is an issue with the appliances then the engineering team can work on the command line controls. A cheaper way is a graphical user interface for any users to be able to quickly configuration and implement.

Yasir Zubair - PeerSpot reviewer
Senior Manager - ICT Technical at CNS Engineering
Real User
Top 5
2021-01-07T19:33:21Z
Jan 7, 2021

No firewall is perfect but they could improve on the detections of threats.

TA
Systems Engineer at a tech services company with 11-50 employees
Reseller
Top 5Leaderboard
2021-01-06T15:21:49Z
Jan 6, 2021

Its management center should be easier to use. The management interface of Forcepoint is unique and a little bit different from some of the firewall solutions on which people might have worked before. Sometimes, the customers say that it is not very friendly, and we help them with how to use this management interface. It just takes a little bit of time, and after some time, it gets easy to manage or use. It is quite similar to Palo Alto, Fortinet, and legacy Juniper solutions. Their support should be faster. We have received complaints that they are not responding fast, which is not good for the vendor and us.

SC
IT Director at a comms service provider with 201-500 employees
Real User
Top 10
2020-12-29T12:36:30Z
Dec 29, 2020

It's a good firewall but we are looking for features that are available in Palo Alto. My team is looking for more throughput and better integration with our security framework. Better integration with other platforms would be an improvement.

Mohamed Abdel Hassanein - PeerSpot reviewer
Managing Director at FORESEC
Reseller
Top 5
2020-12-27T09:12:01Z
Dec 27, 2020

They need to increase the local support here. There are also some bugs or fixes on which they need to work. They very well know about these bugs. In terms of licensing, I would like them to either increase the number of features in a single license or make licensing more flexible.

AN
Head of Infrastructure & Cloud Section at a computer software company with 1,001-5,000 employees
Real User
2020-09-06T08:04:33Z
Sep 6, 2020

Its interface is complex when compared with a firewall like FortiGate. Forcepoint Next Generation Firewall needs a management console, whereas FortiGate doesn't need any console. When you have a few devices, a console is not really necessary. It's good to have a private console only when you have a lot of devices.

AW
Technical Support Specialist Networks at a tech services company with 10,001+ employees
Real User
2020-08-11T06:17:00Z
Aug 11, 2020

From a managerial point of view, as long as you have proper training, it's very easy to manage this firewall. Something that I've noticed that Forcepoint lacks, is the training that they offer to their customers. It's quite expensive, I believe it costs roughly $11,000. Because of this, we haven't been fully trained in this solution; to get the most out of this product, you need proper training. That is the only negative comment I have surrounding Forcepoint. Aside from the expensive training, I honestly can't think of another issue. It's a fully-featured firewall that comes with everything required. The version that we are using has a single power supply, whereas we would prefer having dual power supplies on or firewalls.

MS
Managing Director at a tech vendor with 11-50 employees
Real User
2020-07-05T15:50:28Z
Jul 5, 2020

Decryption needs improvement. It could be better in terms of the bandwidth and in terms of the speed of the tasks. The solution needs to build upon its network functionality. It needs to be a bit smarter. Communication with the cloud will be integral to the future of this solution. It needs to be easily deployed with the cloud going forward. The solution would also benefit from working within a multi-cloud environment. It should work with everything from Google to Azure to Salesforce. They need to have a more complex API to be able to successfully connect with other clouds and stations.

Lipaz Hessel - PeerSpot reviewer
Country Manager at Gilat Satellite Networks
Real User
Top 5Leaderboard
2020-04-26T09:29:00Z
Apr 26, 2020

The interface is not user-friendly. We were told that we would receive training but it came late and we had already started to deal with the product, which ultimately caused problems because we did it incorrectly. If the vendor focused more heavily on training as opposed to implementation then it would be a big improvement. The UTM features are missing. Application filtering is supported at a high level, but not at a low level. If I want to allow access to Facebook, yet not allow the user to access videos, then I am not able to do it with this product. Essentially, I'm allowed to block but I'm not allowed to limit. With other vendors, I can impose limits. They need to add support for the Routing Information Protocol, RIP. There is no support for the Built.io NIC driver.

Koroi Anise - PeerSpot reviewer
Senior Network Engineer at a tech services company with 51-200 employees
Real User
2020-02-03T09:10:15Z
Feb 3, 2020

There is no support available in Fiji, and it would make it easier to have local support and somebody that we can speak with. The pricing for this solution should be more competitive. Forcepoint would be improved if there were more training available. The vendor should make loaner units available for test and evaluation in test environments.

AW
Manager at Readytech
Real User
2020-01-29T11:22:33Z
Jan 29, 2020

Making this solution easier to use would be an improvement. The implementation could be made easier.

AhmadAlshami - PeerSpot reviewer
Senior IT Operations Manager at a retailer with 1,001-5,000 employees
Real User
2019-12-04T05:40:00Z
Dec 4, 2019

The first point to improve is just a matter of updates. We are moving to the cloud, so we want to use virtual licenses on the cloud. We need to move from on-premises to the cloud. We would love to take another solution from Forcepoint, but unfortunately, the price is too high. That's why we are not considering using Forcepoing for our proxy and DLB. They have a very good DLB, but the matter, in the end, is the cost.

EL
Sr. Network Engineer at a university with 201-500 employees
Real User
2019-10-31T06:27:00Z
Oct 31, 2019

The solution's support could use improvement. I'm in the MENA region so most of the time we were getting support from Europe. They should include a license watch solution on their back-end.

BH
Security Pre-Sales Manager at a tech services company with 51-200 employees
Real User
2019-10-27T06:19:00Z
Oct 27, 2019

They are great in every single area except for the optimization feature. The optimization is not really ready. If you want very good optimization, you have to add it to the network. I think if they make some enhancements in that area, they will replace every other product in no time. We also need more IPS detection rules.

PM
Security Specialist at a energy/utilities company with 51-200 employees
Real User
2019-10-06T16:38:00Z
Oct 6, 2019

This solution would be improved with the inclusion of custom reporting. The pre-prepared reports are ok, but sometimes, perhaps once a month, I would like to create some custom reports. In the next release of this solution, I would like to have an application proxy. In our previous solution, Sidewinder, we had this capability. For example, if you want to allow SSH traffic then you can set or restrict some features of this protocol, and you can look into the traffic using SSH Insight. Some examples of applications that I would like to see are Oracle and RDP.

MarkEdward - PeerSpot reviewer
Technical Support Engineer at MCS
Real User
2019-09-23T06:33:00Z
Sep 23, 2019

They should have a GUI on the product itself, not a separate management tool to be used on the management server or on a server to be used to manage the file. It should be all in one device. The device should be controlled through its own GUI. They also have to improve the learning center and the documents as the documents don't really help. In the next release, they should improve the documentation.

it_user972015 - PeerSpot reviewer
Information Security Consultant at a tech services company with 51-200 employees
Real User
2019-08-30T04:51:00Z
Aug 30, 2019

It's a complicated firewall. Until you come to know the firewall inducers, most people don't like the firewall because the components for it are a little bit complex. User-friendliness is a little bit tough. It needs to be more user-friendly when creating policies, and pushing policies. Committing takes more time compared to Palo Alto. The solution needs to invest in its GUI. The interface is very bad and not user-friendly.

Related Questions
reviewer1740369 - PeerSpot reviewer
User at Jkumar infra
Jan 13, 2022
Hi all, I just want to understand the below requirements about Forcepoint Next-Generation Firewall: As per the below bullets, I am able to assume that my client requires two firewalls with the HA configuration. However, I don't understand about (N+1) clustering with up to 6 nodes in a cluster. The firewall shall be configured in active-active. Configuration and horizontal scaling with N...
See 1 answer
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Jan 13, 2022
Hi @Anwar Sleem, @Mustafa Adel, @Yasir Zubair, @reviewer1210437 and @Koroi Anise, Can you please assist this community member with this question?​
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
Sep 20, 2022
Hi, We all know it's really hard to get good pricing and cost information. Please share what you can so you can help your peers.
2 out of 19 answers
PM
Security Specialist at a energy/utilities company with 51-200 employees
Oct 6, 2019
This is not a very expensive solution. The big advantage of this solution is that we can select the right model for our requirements, which is not too expensive. There are many hardware models and different appliances. We have a license for an unlimited number of users because it is necessary for our solution. If it were not unlimited then we would have a problem. This is probably dependent on the appliance model.
BH
Security Pre-Sales Manager at a tech services company with 51-200 employees
Oct 27, 2019
I believe the licensing fee is for one year, three years, and five years, or something like that. If you want to increase the support level from a simpler level to platinum, I think that there's a cost. There are differences between every kind of support, but I don't know the numbers.
Download Free Report
Download our free Forcepoint Next Generation Firewall Report and get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
DOWNLOAD NOW
655,465 professionals have used our research since 2012.