What needs improvement with Forcepoint Secure Web Gateway?

If there is a category of generative AI or GenAI, it is not a very detailed category, as there are many AI-based sites where data exfiltration can happen. In the category of generative AI or GenAI, the tool is not updated, and the solution has targeted only four or five sites to be included in the aforementioned category. Categories like generative AI or GenAI are not updated regularly in the solution, making it a problematic area where improvements are required. The performance issues in the product are an area of concern where improvements are required. The proxy categories in the product have certain shortcomings where improvements are needed. The solution's proxy categories are not updated regularly. The tool's categories, like the one involving generative AI, have certain shortcomings since it does not get updated, and it is not able to target many sites that the developers use for code review, which may lead to some security breaches in the future.

In terms of improvement, some of my clients find that certain security details could be enhanced in Forcepoint SWG. Additionally, I would suggest focusing on improving the GUI's stability, especially when implementing new filters or patches. Occasionally, there are issues with crashes during these updates, and smoother transitions would greatly enhance the user experience.

Sometimes, we face reporting issues. The reporting must be improved. We do not have complete visibility. Every organization needs a report on what the users access and how much time they spend on the websites. The reporting features show whether the websites are valid or have malware.

I want improvements in the application control. Also, the solution should have a secure channel because of malware. I want technical support to be improved so that they can be faster and more knowledgeable.

Our experience thus far with Forcepoint Secure Web Gateway has not been good. The availability of clusters is limited, and the product is very unstable. The development team is slow as well. There have been a lot of changes in the network at Forcepoint, and we've had downtimes of almost three hours. This happened six times from August to December. When Forcepoint moves user traffic to another cluster during maintenance, the transaction is not smooth for end users. They lose access to the internet. In the Middle East, the ISPs block the IPs of Forcepoint, and the Forcepoint compliance team has been unable to resolve these issues. Forcepoint should focus on understanding how Zscaler works. In the next release, they should provide an inbuilt, full-fledged DLP CASB feature. Forcepoint should also work on improving their communication regarding maintenance.

What's missing in Forcepoint Secure Web Gateway is a specific level of micro-control on protocols or devices, for example, where you can control a particular user or user device. This is what should be improved in the solution. I want a micro-level management feature added in the next release of Forcepoint Secure Web Gateway.

The Sandbox solution should be integrated with the NIST to handle whatever new vulnerabilities or new sites are identified as potential threats. That could be dynamically integrated and implemented in a production enrollment, just like intelligence threat production. That would help in an intruder use case.

The product could be improved by including a consolidated product that can carry on Forcepoint Secure Web Gateway product email, web, and DLP. It's a single licensing suite that carries all the features instead of having a product. Additionally, a consolidated approach to their products would be excellent, and Forcepoint Secure Web Gateway should be on the same path to work with peers looking at cloud adoption entirely.

A room for improvement in Forcepoint Secure Web Gateway is the support it offers. It's very bad. What I'd like to see in the next release of the product is for it to be less complicated because at the moment Forcepoint Secure Web Gateway is more complicated than other products. Sometimes issues come up that you can't solve without the support team. For example, you should write the root password to fix the issue. In the next release of the product, it would be good if it had an easy-to-use interface. Troubleshooting issues in Forcepoint Secure Web Gateway should be less complicated as well.

Right now, Forcepoint is in very, very good shape. They are developing and evolving very fast. There is not any particular enhancement necessary. We have had latency issues. The cloud portal that they have should be more flexible, and we should have a practice portal. For example, if we want to implement something specific, we can’t practice making sure it will be right before going ahead and doing it live.

The automation lifecycle, integration, and export functionality could all be improved.

They will require a combination of other brands and other products that actually caters to the data leak portion. Forcepoint ONE, for example, covers for the data leak itself, however, it's just data leaks. In order to have comprehensive security protection for your data, you will need other products, like data encryption. You will need privileged access management and endpoint security to make the Forcepoint product more robust. The initial setup can be complex.

The Bitglass part, right now, we are trying to learn it, and then trying to acquire skillsets around it. For cloud web security, there are definitely areas where it requires improvement, Policy changes take 20 to 30 minutes for enforcement. Granular control based on applications can be further enhanced.

One of the most important areas of improvement would be the support because we faced a lot of problems when we were on-prem.

An area for improvement would be the classification of websites - it can take a long time for new websites to be classified.

There should be more hardware models available and the application control could improve.

A feature of Forcepoint Secure Web Gateway that can be improved is the speed of data analysis. Also, there should be enhanced detection when it comes to the loading of encrypted data. A feature we wish to see addressed in the next release of the product involves its administration. I do not consider the product to be excellent and would rate it an eight out of ten.

The functionality of this product in the current version is not up to our expectations. This product does not have an integrated strategy for securing your web gateway with DLP.

The biggest issues within the product were that it had become stagnant. For about four or five years, there was very little real innovation going on. It felt as if they were just sitting back. They were lacking in regards to keeping up with the developments within the cloud. Overall, I think they had a good, solid product. I think they failed to add features. It was not as feature-rich as other products. I would say the biggest problem was the lack of features, they just hadn't kept up. Under Raytheon, they were starting to correct this, but it was a work in progress. Overall, the biggest problem with the product itself was the lack of features. I knew that they needed to handle web sockets in some way, all we could do was effectively bypass it. There were too many times when the connections just didn't work right through the proxy. Our customers would have to bypass and basically go around the product. There were various levels to this and it was a real pain for our customers to diagnose those problems. There needed to be an end-product protocol analyzer output (for lack of a better way to put it), that would help administrators understand why the connection wasn't working. There was so much legwork involved: someone would have to take a laptop and set up in front of the proxy; then they would have to load Wireshark (as I used to call it) and pull their captures; then they would have to give that to Forcepoint, or they would have to try to reason it out themselves. That caused a lot of problems because most administrations weren't confident or competent enough to do it. They didn't have the skill-set needed to make proper use of those tools in the first place for analysis. There were a lot of customers who could've gotten value from the product but who were put in a position where they had to basically bypass the product because of certain connections. Some form of connection-troubleshooting should be included within the product, more than just looking at a log that nobody knows how to read except for support. There was no way to troubleshoot connections in an effective manner that didn't require a lot of legwork by the user. Whenever you ask a user to do that, nine out of 10 times, they're not going to do it. They're just going to take the easy way out, bypass it, and then they'll bitch about the product, but they won't actually fix it. They won't want to make the extra effort. The problem just remains unsolved. They needed something like a connection analyzer tool to explain why, or at least give a better indication of why this was failing. Again, it was the lack of development. The GUI is quite nice. I think it's very natural for people once they get used to it. Ironically, the company I'm working for now is actually POCing the DOV product and one of the things they like is the interface. They had a lot of good synergy with their other products. They failed to capitalize on it, ultimately. They're getting there. They got better, but it might be too little too late. That's the problem.

We are using a V10000 G3 appliance. It is just a proxy. It is just HTTP, FTP, and HTTPS. Now, as our website has developed and we are using rich time-connectivity protocols, the proxy doesn't have the ability to work with these protocols. It would be nice if the UDP feature was there for it to filter UDP traffic. It needs firewall capabilities for UDP filtering. Its upgrades can be quite complex, and they don't always go as per the plan. Its reporting could be a bit more granular.

Forcepoint giving only on-premises solutions and hybrid solutions. They're also providing the Cloud Web Security, but there is limited functionality, limited categorization, and limited protection. Stability needs some improvement, we have on occasion experienced some delay when it is synchronized.

We have a lot of false positives, which is one area that can be improved. At the same time, there is a lot of spam that still gets by the filter. The engine should be enhanced because some malware still gets by the filter. The login for emails should be more advanced.

The issues we have are more around organizational issues between us and Forcepoint. We don't have problems with the solution although sometimes attacks or new ransomware gets through. Sometimes we need to work together with Forcepoint in order to change the setup and to block it. It would be great if Forcepoint was able to do this without our knowledge and, even better before those mails ever reach us. The improvement needs to come on both sides – not only from ForcePoint, but the idea is to work on few points: * The idea is to set up on the ForcePoint side TAM that could help us in the tuning the configuration. * At the same time we need to work on improving the expertise and increase the number of FTE that will work on the platform (internal or external) in order to be able to really have the benefit of TAM. * 3rd point is that some of the attacks come through and after we report it to ForcePoint they manage to improve the environment, while my experience with some other solutons is that the provider is more proactive and does the change/improvement even before we notice it.

In the on-premises version, I don't like the deployment and structuring of the device. It is time-consuming and not as easy to implement as Blue Coat Web Security.

Sometimes we find the solution behaves erratically. It may be related to our configuration, which may be incorrect. We are using desktops, laptops, and workstations and the laptops are set to mobile status. We do make connections outside the office premises as well, and desktops or workstations are predominantly located in the same place. Overall the software is occupying too much memory space. If they could remedy that, it would be a better experience, because today Windows is occupying too much memory space as well (in terms of the RAM), and this software has also started occupying all the memory. Due to this, I have less space for my other office products and data. I can't, for example, operate a huge Excel sheet or other datasets. Product grouping should be made more flexible. We should be in a position to define the product groupings. Also, sometimes the standard product grouping that they are using is not applicable in this part of the world. If they could move it, if they could make it more flexible, it would make our life easier. Otherwise, we are forced to use our own definitions a lot. This sometimes causes problems with performance. The product grouping really should concentrate more on this particular geographic region.

The deployment is a bit complex and it requires expertise to deploy, which is something that should be improved and made easier to do.

If the solution had a lower cost, it would be easier to implement. In the 8.5 version of the solution, I took some issue with the interface. I'd recommend that the company supports more process to matrix files. We've had issues with that. The solution should be better able to support itself and operate faster. Sometimes the technical support team takes too long to respond.

For improvement, we cannot deploy the Forcepoint Web Security firewall directly without ISP. The firewall doesn't have any features because some customers are requesting they will install the firewall without licensing. At this time we cannot go further without licensing. Licensing is a must with Forcepoint Web Security firewalls. I'm not sure that those features are included with Forcepoint Web Security. We checked the other features but we have not checked out their performance.