The platform is a firewall and Unified Threat Management (UTM) solution. We have implemented it in our production environment, particularly with VPN configurations. It proves to be an excellent tool for safeguarding our perimeter network. One of its standout features is its centralized management server, allowing us to manage multiple devices using a single console efficiently.

The platform's most valuable features are perimeter network security and URL filtering. These functionalities are crucial for us, particularly because we operate in a highly restrictive environment regarding internet access.

While they offer a comprehensive bundled solution, some users may prefer on-premise deployments for certain features, such as URL filtering. Currently, Forcepoint offers WebSense for URL filtering in the cloud, but users who prefer on-premise solutions may find this lacking. They could improve these particular areas.

We have been using Forcepoint Next Generation Firewall for 15 years.

In terms of stability, the solution is quite robust. We haven't encountered any major issues, and like any other firewall, it operates reliably 24/7 without significant disruptions. However, there have been occasions when units required replacement, especially if covered under warranty. Additionally, we've implemented high-availability configurations to minimize downtime.

In terms of scalability, it depends on the specific model being utilized. Basic models may have limitations and may need to be more scalable. However, mid to high-range firewall models, such as the Next Generation ones, are stackable and scalable. It means multiple branches can seamlessly run the same solution without encountering any issues.

In our organization, approximately 200 users utilize the solution. It is extensively and regularly used as our users rely heavily on URL filtering.

Although they offer a premium technical support option, which is costly, we have yet to opt for it during our years of using the product. There can sometimes be a delay in receiving support, but typically, they respond within 24 to 48 hours. Despite this, the quality of support provided has been excellent.

The initial setup of Forcepoint is straightforward for trained engineers, but it may appear complex for those without specific training. The deployment process typically involves mounting the firewall and booting it up with an initial setup from a USB boot device. From there, the installation process continues according to the specific requirements and configurations.

In our case, it took more than 15 to 20 days to refine policies and access configurations to meet our specific needs. However, it typically takes less than one to two hours for the firewall to be functional and up and running.

Once you have clarity on what needs to be deployed and what is best for their operations, it typically only requires the support of one or two Forcepoint engineers to assist in deploying the solution.

We took assistance from integrators to implement the product.

The product generates a return on investment.

It is an affordable product. We purchase its yearly license.

Initially, we used Symantec Firewall, which was many years ago. About eight years ago, we transitioned to Stonesoft, the parent company of Forcepoint. We decided to use Forcepoint primarily due to its reputation as a top-notch firewall solution for security.

We utilize Forcepoint to manage secure remote access primarily through VPN terminals and VPN clients.

The SD-WAN capability of Forcepoint did not directly support our network performance, as we did not proceed with its implementation. We were in discussions about enabling SD-WAN but needed help executing the plan. Eventually, due to the end-of-life status of our product, we transitioned to Fortinet as our vendor for SD-WAN solutions.

Deploying and managing the platform was not particularly straightforward. It necessitated experienced engineers trained in Forcepoint Next Generation Firewall. Once set up, there were no significant issues or challenges in day-to-day management.

They offer templates that provide detailed reports categorized by user, device, and internal network access.

The value and impact of using this solution lie in the assurance of protection and security. Ultimately, the greatest return on investment (ROI) comes from safeguarding the business from potential attacks and vulnerabilities.

I rate it a nine out of ten.

We use it internally. We use it as a firewall. We use it just as a gateway.

We have several frontline firewalls. We use a VMware platform to manage traffic between internal and external networks. Products like CheckPoint, Symantec, or Forcepoint aren't highly rated by Gartner. That's why we're planning to migrate our traffic management to a different technology like FortiGate or Palo Alto, which have better ratings.

It provides decent protection for the LAN, especially in run mode. However, from an administrator or engineer's perspective, Forcepoint isn't very clear to use. There are too many menus, and management can be problematic—it's not user-friendly. Also, it's not a cost-effective solution.

We had some licensing issues with its web filtering capabilities. That's why we migrated our web filtering to Cisco Umbrella.

Moreover, the interface is complicated. It's difficult to locate all the necessary menus and functions.

For example, one of the many issues is with SSH. Even now, we haven't successfully opened the port to connect using SSH mode when we want to change the configuration. It's like a black box—not very open to changes and customization. It's simply not easy to configure.

There are other problems, too. For example regarding Forcepoint's Websense component. We had a lot of problems managing the web settings within Websense. That's why we migrated to Cisco Umbrella for cloud-based web filtering.

It's not that Forcepoint is inherently bad. The issue is that it's not user-friendly. It is not easy to use. The developers need to redesign the interface (GUI) for better management. It is very difficult to manage. For example, simple actions require too many clicks compared to FortiGate or Palo Alto. That's the main problem.

I have been using it for two years now.

It's a stable product. We're a large company with more than 500 users, both on-site and remote.

It's not a useful tool if your goal is to expand your architecture or platform.

We didn't have a support contract with Forcepoint because we were planning to move to a different technology.

I work with firewalls like Symantec Data Loss Prevention (DLP), firewalls like Palo Alto, FortiGate, and Check Point, along with routers and switches. I've also worked with Juniper, Cisco Fabric, Cisco Nexus (NX-OS), HPE Aruba.

I switched positions, and my new job doesn't use Check Point. So, the last time I used Check Point was in 2022.

Now, I use FortiGate, Palo Alto, and Forcepoint.

We also use different solutions based on use cases or specific functions. For example, we don't use Forcepoint for VPN. We use Pulse on-premises to connect remote users to the local network.

While deployment itself isn't complex, we migrated from Forcepoint to a different environment, such as FortiGate and Palo Alto, in VM mode.

The initial setup might be straightforward, but when working with traffic metrics, adding rules, or expanding the configuration, it's not user-friendly. Troubleshooting stable routing is also difficult.

Unlike Palo Alto, which has many troubleshooting tools (especially within its security modules), Forcepoint lacks tools that would simplify configuration.

It's not very good, but it's not bad either. My main issue is with the interface, not the heart of the technology itself. Forcepoint's developers need to make it more user-friendly, like FortiGate or Palo Alto. I want it to be easier to manager, use and configure.

Overall, I would rate the solution a six out of ten. We only use a small amount of Forcepoint's functionality now and will soon migrate away from Forcepoint entirely.

The solution offers sandboxing, which can be integrated at any time.

Forcepoint Next Generation Firewall could change its interface, allowing standard or direct connect modes to be configured. While group design and configuration generally function well, there are issues related to OSSL. These issues may necessitate troubleshooting that involves accessing hidden features by adjusting product routes. This level of troubleshooting is currently restricted to technical personnel, not partners or customers.

I have been using Forcepoint Next Generation Firewall for a few years.

Technical support is good outside Egypt.

I have tried FortiGate, Palo Alto, and Symantec. We switched to Forcepoint because it is easy to manage and troubleshoot.

The product is expensive but cheaper than Cisco.

Overall, I rate the solution a six out of ten.

Forcepoint could make the interface more reasonable and easier to navigate. If you are not good at Forcepoint, you cannot easily manage it. Fortinet is easy to navigate and reach.

Forcepoint should focus on upgrades. Sometimes, service is impacted or disrupted after an upgrade. You have to read the release notes carefully before doing anything.

I have been using Forcepoint Next Generation Firewall for three years.

Four years ago, I called support. Their response was very bad, but the antivirus was good.

Fortinet is better because it is very easy to manage. For Forcepoint, you need someone to dive into GUI or make some changes in the configuration, navigate, etc.

The initial setup is complex with the NG firewall compared to Fortinet. You can manage it easily by doing some virtual context and trying to divide the solution. You need experience for that. You have to do some lab to do something to prepare.

The product is not expensive.

I recommend Fortinet. Fortinet is booming now, but it is expensive. Both have pros and cons. You can compare both with Palo Alto. Palo Alto is more stable and more scalable. Forcepoint has many more features than Fortinet.

Overall, I rate the solution a six out of ten.

Our use cases involve deploying the Forcepoint solution, which includes installing the SMC server, management server, log server, as well as physical appliances and designing the clustering of Forcepoint.

Forcepoint is a good solution because it has a central server that serves as a management console. You can manage 100s of firewalls from this single console. Additionally, a key advantage is that Forcepoint provides VPN services as part of its basic subscriptions. It is not necessary to pay extra to use VPN services.

There is certainly room for improvement. In larger companies with extensive infrastructure, retrieving logs for a longer period of time can sometimes take a bit longer than desired.

In bigger companies with a larger volume of logs; it takes more time to retrieve them due to the increased amount of data.

I have been working with Forcepoint for about two years.

It is a very stable solution. If you set everything well, if your policy is well designed, it's stable.

Overall, I would rate the stability a nine out of ten.

It is a very scalable solution. If you don't have enough capacity, you can easily double or even triple it. If you need to add extra Forcepoint devices due to insufficient power, it's just a matter of expanding the cluster. Additionally, the physical boxes can be set up as a hybrid cluster, which means you don't necessarily need the same expensive appliances. You can purchase more affordable ones and integrate them into the Acris cluster. Forcepoint's physical appliances can share and distribute the network traffic between them.

We have enterprise-level as well as small-sized clients.

The customer service and support are quite good. They are very educated. I never had a case that I wasn't able to solve successfully. So, they are reliable.

The initial setup is very easy because all you need to do is create a USB disk, which you can obtain from the management server. You configure it once. After that, you just connect the physical server to Ethernet, insert the USB disk, and turn it on. Everything else will be done. You configure it for the first time on the management server and then install it on the FlashDesk. After that, you simply connect the physical server to Ethernet, insert the USB disk, and turn it on. That's it. And everything else will be taken care of.

If you do a simple installation, just the physical setup, it's a matter of hours. For a single installation, for a small business or company where you have around 150 users on the network edge, one engineer is enough. Therefore, the time to deploy the solution depends on the size of the installation.

Moreover, some maintenance is required for the solution. One person or one administration is enough for maintenance.

I would recommend the solution. Overall, I would rate the solution a nine out of ten because there are disadvantages like only some logs for enterprises. It takes a bit longer for it.