The Forcepoint ONE Secure Web Gateway (SWG) is one of the three foundational gateways of the Forcepoint ONE all-in-one cloud platform. Forcepoint ONE SWG monitors and controlsany interaction with any website, including blocking access to websites based on category and risk score, blocking download of malware, blocking upload of sensitive data to personal filesharing accounts, detecting shadow IT, and optionally providingRemote Browser Isolation (RBI) with Content Disarm andReconstruction (CDR).
N/A
Symantec WebFilter / Intelligence Services
Score 8.0 out of 10
N/A
Symantec WebFilter / Intelligence Services (formerly Blue Coat WebFilter) is a web application protection and web content filtering solution, designed to allow users to control access to web content and block web threats with advanced threat defense and real-time global threat intelligence.
Over the years, [in our experience], the maintenance of the Forcepoint Web Security solution proved to be more cumbersome and troublesome with each version upgrade. In addition, it did not transition well to support the large increase of remote workers. We also experienced weird incompatibilities with the client. We have since replaced this solution with Zscaler Internet Access, a cloud-based secure web gateway solution with a client that behaves as expected, is more flexible, and requires significantly less administration.
Having an end to end solution for web / mobile applications in terms of protecting it from online cyber security threats, Symantec WebFilter / Intelligence Services provides great solution. You also get an ability to configure your security profile so that the contents that may be desired for you but not recommended can be allowed on your network
This package is one of the few that offers a category, quota time, that allows us to limit certain categories and or websites for staff that would normally be blocked for customers and may not be something that is needed in their day to day job duties. We allow staff one hour a day, broken down into six 10 min increments, to visit sites for shopping, travel arrangement and other areas that are more of a personal need than a business need.
Forcepoint has a wide selection of categories that can be enabled, quota timed or restricted at a top-level or you can go more granular and drill down to subcategories to allow for only partial access.
The user access logs contain a lot of useless information. I understand this is very hard to tackle as I've seen this across any product that logs web activity.
I would like to see more customization options of website block pages.
It is very stable, the organisation has "locked in" the product and has no plans to change or try another product. We have already renewed our 2019-2020 licenses. It is user friendly and people catch on easily when they first use it. The only downtime is when we install Microsoft updates! It has excellent reporting which help in determining how the organisation's Internet is used and also during both internal and external IT audits.
Despite the intimidating Linux CLI when you use the appliance for troubleshooting, the web security usability compensates as most of the Administration of the system is done there. It is GUI based and has an easy to use UI where one can navigate around rather easily like getting reports, checking alerts, looking the whole setup under deployment to check if all services are running in one place though there are other parts to the system.
I really like the system, it's easy to use and mostly intuitive. I would have gone 10/10, but the management interface uses Java, and that seems to always make things a bit harder to start. Once everything is loaded and running, it's great - but it does require me to maintain a compatible version of Java on the machine I use to access the system, I'd be much happier with some kind of HTML5 interface. I also deducted 1 point for the functionality of the refer filter - it works as expected, but if the site isn't coded with the correct refer header, like Microsoft's site - then some page elements get stripped and pages only render about 98% correctly. I know that's not in Symantec's list of responsibilities, but having a filter that doesn't fully understand CDNs is worth the 1 point ding.
The is a quick first response to acknowledge your issue and the Engineers never take more than two hours to fix an issue and we hardly get issues looking at the fact that the system is pretty stable. There is also a robust Knowledge Base in the site for known problems.
I've had exactly 1 problem in 8 years, I contacted support via the customer portal, less than an hour later I found myself in a screen share with a support tech who not only fixed my configuration error, but also took the time to ask about my usage and offered some great tips on changes. It was just one support incident, but I was impressed by the speed of response to a non-critical issue as well as the depth of product knowledge the support engineer had.
Research known issues with upgrading from the Support Knowledge base, this will enable you avoid road blocks along the way and reduce your dependence on Forcepoint Support
To be honest, once using Forcepoint for our Web Security, I have not wanted to look anywhere else. The dashboard gives me quick insight of threats, productivity, and bandwidth usage. Again, this is a layer in my security and it fills many holes. I feel safe and I do like I can just let it do its thing
Symantec WebFilter / Intelligence Services solution was a simple 1U appliance that does everything we need, compared to the Forcepoint solution which required a virtual appliance, a database server, a log server, and a management server - the licensing costs alone make the Symantec WebFilter / Intelligence Services solution a clear winner. The Forcepoint solution is really good, it just requires such a big footprint without delivering much beyond what the Symantec WebFilter / Intelligence Services solution does with a single unit.