We just raised a $30M Series A: Read our story

Forcepoint Next Generation Firewall OverviewUNIXBusinessApplication

Forcepoint Next Generation Firewall is #5 ranked solution in SD-WAN tools, #5 ranked solution in top WAN Edge tools, and #20 ranked solution in best firewalls. IT Central Station users give Forcepoint Next Generation Firewall an average rating of 8 out of 10. Forcepoint Next Generation Firewall is most commonly compared to Fortinet FortiGate:Forcepoint Next Generation Firewall vs Fortinet FortiGate. The top industry researching this solution are professionals from a comms service provider, accounting for 27% of all views.
What is Forcepoint Next Generation Firewall?
Forcepoint Stonesoft Next Generation Firewall protects enterprise networks with high-performance "intelligence aware" security supported by real-time updates. This enables Stonesoft to deliver the industry's best defense against advanced evasions, alone with complete next-generation firewall protection when and where you need it - at remote sites, branch offices, data centers, and the network edge.

Forcepoint Next Generation Firewall was previously known as Forcepoint NGFW, Stonesoft Next Generation Firewall, McAfee Network Security Platform, Intel Security Network Security Platform.

Forcepoint Next Generation Firewall Buyer's Guide

Download the Forcepoint Next Generation Firewall Buyer's Guide including reviews and more. Updated: December 2021

Forcepoint Next Generation Firewall Customers
California Department of Corrections and Rehabilitation (CDCR)
Forcepoint Next Generation Firewall Video

Archived Forcepoint Next Generation Firewall Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
AhmadAlshami
Senior IT Operations Manager at a retailer with 1,001-5,000 employees
Real User
Characterization features captures a lot of threats and they have great support

Pros and Cons

  • "The support is great. They also have very good categorization. It's very good. It captures a lot of threats."

    What is our primary use case?

    We just use this firewall for security in terms of network access.

    What is most valuable?

    The support is great. They also have very good categorization. It's very good. It captures a lot of threats.

    What needs improvement?

    The first point to improve is just a matter of updates. We are moving to the cloud, so we want to use virtual licenses on the cloud. We need to move from on-premises to the cloud.

    We would love to take another solution from Forcepoint, but unfortunately, the price is too high. That's why we are not considering using Forcepoing for our proxy and DLB. They have a very good DLB, but the matter, in the end, is the cost.

    For how long have I used the solution?

    We have been using this solution for over five years.

    What do I think about the stability of the solution?

    It is very stable, especially the front end.

    What do I think about the scalability of the solution?

    Yes, this solution is scalable.

    What other advice do I have?

    I recommended Forcepoint to be implemented.

    I would rate this solution as nine out of ten. It would be a full ten if it had integration with endpoints.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    EL
    Sr. Network Engineer at a university with 201-500 employees
    Real User
    Very user friendly, with a straightforward setup and relatively good stability

    What is most valuable?

    The simplicity of the solution is its most valuable asset. It's very user-friendly.

    What needs improvement?

    The solution's support could use improvement.  I'm in the MENA region so most of the time we were getting support from Europe. They should include a license watch solution on their back-end.

    For how long have I used the solution?

    I've been using the solution for two years.

    What do I think about the stability of the solution?

    The solution is stable. We haven't been worried about a lack of stability affecting us in the latest version or in the patches.

    What do I think about the scalability of the solution?

    The solution isn't scalable. We have about 5,000 users, but they are never on it at the same time. Traffic just passes through.

    How are

    What is most valuable?

    The simplicity of the solution is its most valuable asset. It's very user-friendly.

    What needs improvement?

    The solution's support could use improvement. 

    I'm in the MENA region so most of the time we were getting support from Europe.

    They should include a license watch solution on their back-end.

    For how long have I used the solution?

    I've been using the solution for two years.

    What do I think about the stability of the solution?

    The solution is stable. We haven't been worried about a lack of stability affecting us in the latest version or in the patches.

    What do I think about the scalability of the solution?

    The solution isn't scalable. We have about 5,000 users, but they are never on it at the same time. Traffic just passes through.

    How are customer service and technical support?

    I'd rate technical support at eight out of ten, but they're response times are suddenly a bit longer because most of them are in Europe and some are in India. It there was someone in MENA it would be much quicker because the time differences affect reaction times.

    How was the initial setup?

    If you are not familiar with the setup, the initial implementation can be complex. For me, because I'm comfortable with firewalls, it was straightforward.

    What other advice do I have?

    We use the on-premises deployment model.

    I'd recommend the solution, but it depends on the requirements of the user.

    I'd rate it eight out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Learn what your peers think about Forcepoint Next Generation Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: December 2021.
    554,586 professionals have used our research since 2012.
    BH
    Security Pre-Sales Manager at a tech services company with 51-200 employees
    Real User
    Top 10
    Has good performance and security and offers everything in one package

    Pros and Cons

    • "When our customer needs some optimization, along with performance and security. If they want everything in one package, I recommend Forcepoint because they have everything."
    • "The optimization is not really ready. If you want very good optimization, you have to add it to the network."

    What is our primary use case?

    Our customers use Forcepoint like a cluster, which is standby active and passive. They also use it for the perimeter firewall, so it's on-premises.

    The primary use case for this solution is when a customer asks for something that does automatic optimization, as well as security at the same time. It also has high performance capabilities, including enabling the SSL decryption feature. I recommend Forcepoint for these customers. If the customer has another solution for deep packet inspection of SSL encrypted traffic, I recommend Palo Alto, because they already have a solution for deep packet inspection for the kind of traffic in the network. From my point of view, at this point they do not need Forcepoint, so I would recommend Palo Alto.

    What needs improvement?

    They are great in every single area except for the optimization feature. The optimization is not really ready. If you want very good optimization, you have to add it to the network. I think if they make some enhancements in that area, they will replace every other product in no time.

    We also need more IPS detection rules.

    For how long have I used the solution?

    We've been using this solution for about one year.

    What do I think about the stability of the solution?

    I have a very good impression of this stability. 

    What do I think about the scalability of the solution?

    After three or five years, if you want to change the model with a bigger model because of the network expansion, I think they support that. Our clients are huge enterprise businesses.

    How are customer service and technical support?

    I've never actually contact technical support because I'm not the person who is responsible for that. I heard that they are okay.

    How was the initial setup?

    The initial setup is straightforward. The installation is very easy. With full functions, it takes about five days to deploy.

    We have a technical team that does deployment for Forcepoint, Palo Alto, etc. We do the  implementations of every security product that we provide. We use two people to deploy Forecpoint NGF: a senior engineer and junior engineer.

    What's my experience with pricing, setup cost, and licensing?

    I believe the licensing fee is for one year, three years, and five years, or something like that. If you want to increase the support level from a simpler level to platinum, I think that there's a cost. There are differences between every kind of support, but I don't know the numbers.

    What other advice do I have?

    They just need to make sure that their environment is ready for implementing the firewall. They have to prepare for about two hours of downtime because we need some downtime to do the initial configuration. They need to be prepared for the deployment plan. That's all.

    The biggest lesson I learned is that you cannot provide everything in one box. You can provide everything in one box, but you cannot provide everything deeply with the same quality all in one box. You need to give up on something to gain another. I'm always telling the customer, what's your biggest issue? Is it security or performance? Is it task optimization? What is your biggest concern? Based on their answer, I recommend one of the vendors that we work with.

    If he said that he does not have any problems with anything, he just wants to get everything, then I provide them with Forcepoint and tell them that they will have some issues in a certain area. If he is okay with that, we go with the product. If he isn't okay and cannot accept that risk or that point, then we go with another vendor.

    What I learned from them is that you can provide everything in one box, but you cannot provide everything with the same quality in that box.

    They have really good capabilities if you want to use it. So I do recommend them in some cases, when the customer needs some optimization, along with performance and security. If they want everything in one package, I recommend Forcepoint because they have everything. That's why I recommend Forcepoint in that situation.

    I would rate the solution as eight out of ten. If they solve the problem of optimization and added those IPS rules, I believe that they would deserve nine of ten. Nothing is perfect, though.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    PM
    Security Specialist at a energy/utilities company with 51-200 employees
    Real User
    Centralized security management eases configuration to help prevent attacks

    Pros and Cons

    • "The central security management center and the content management center are very good."
    • "This solution would be improved with the inclusion of custom reporting."

    What is our primary use case?

    Our primary use case for this solution is as a perimeter between our internal and external networks. It is a critical security firewall.

    We have an on-premises deployment.

    What is most valuable?

    The Security management console is fantastic.

    The central security management center and the content management center are very good.

    What needs improvement?

    This solution would be improved with the inclusion of custom reporting. The pre-prepared reports are ok, but sometimes, perhaps once a month, I would like to create some custom reports.

    In the next release of this solution, I would like to have an application proxy. In our previous solution, Sidewinder, we had this capability. For example, if you want to allow SSH traffic then you can set or restrict some features of this protocol, and you can look into the traffic using SSH Insight. Some examples of applications that I would like to see are Oracle and RDP.

    For how long have I used the solution?

    We have been using this solution since 2015.

    What do I think about the stability of the solution?

    The stability of this solution is absolutely fantastic. There have been no problems since we implemented this solution in 2015. It acts as the edge between our internal and external networks, and we see many attacks from the outside. They have all been blocked. There is no problem with this solution.

    What do I think about the scalability of the solution?

    Scalability is fantastic. We are using an active-active cluster and there is no problem with adding another node. Currently, we have a two-node cluster, but there is no problem in adding a third node.

    This solution protects approximately three hundred users.

    How are customer service and technical support?

    The technical support for this solution is great. We have a support contract and we can create a ticket when required. They have solved our problems.

    Which solution did I use previously and why did I switch?

    Prior to this solution, we used Sidewinder. That solution was discontinued and we were at the end of support for our hardware.

    How was the initial setup?

    The initial setup of this solution is not easy. It is an enterprise solution that is very complex and not easy to set up.

    When we replaced our previous solution, the process took approximately two days. However, there was a period of analysis after this that took about one month. The analysis involved our current system, our network infrastructure, and our data center.

    We have three administrators who maintain this solution. One of them is on-premises and two of them administer remotely. It is not possible to manage the security system using only one person because it is too complicated. It requires a team to discuss problems when they arise, including how they should be solved, or how attacks should be blocked. Cooperation on these matters is necessary.

    What about the implementation team?

    We involved our security partner for the implementation of this solution because it is very complex. Three people were required for the deployment, including a network specialist, our partner, and myself.

    What's my experience with pricing, setup cost, and licensing?

    This is not a very expensive solution. The big advantage of this solution is that we can select the right model for our requirements, which is not too expensive. There are many hardware models and different appliances.

    We have a license for an unlimited number of users because it is necessary for our solution. If it were not unlimited then we would have a problem. This is probably dependent on the appliance model.

    Which other solutions did I evaluate?

    Before choosing this solution we evaluated Check Point.

    What other advice do I have?

    Forcepoint is my favorite enterprise firewall.

    The security management center is the best part of this solution. It is always very simple to see the state of the firewall and to configure it to look for faults. The quality of this component is very high. Previous solutions were not very good with respect to the management center, but now, in this solution, it is very good. This is the main reason that I recommend this solution to others. This feature is absolutely necessary if you want to configure devices to prevent attacks.

    I would rate this solution a ten out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    MarkEdward
    Technical Support Engineer at MCS
    Real User
    Offers real-time logins for traffic logs and troubleshooting is easy

    Pros and Cons

    • "The most valuable feature is controlling the traffic and the logging. They have real-time logins for traffic logs. Troubleshooting was very easy for me."
    • "They should have a GUI on the product itself, not a separate management tool to be used on the management server or on a server to be used to manage the file. It should be all in one device. The device should be controlled through its own GUI. They also have to improve the learning center and the documents as the documents don't really help."

    What is our primary use case?

    I work for a distribution company. We implement around 2,300 firewalls in Egypt for schools. We use the licenses to manage all these firewalls together and push policies for the firewall. We use it for security to restrict some rules for accessing the internet for students. 

    What is most valuable?

    The most valuable feature is controlling the traffic and the logging. They have real-time logins for traffic logs. Troubleshooting was very easy for me.

    What needs improvement?

    They should have a GUI on the product itself, not a separate management tool to be used on the management server or on a server to be used to manage the file. It should be all in one device. The device should be controlled through its own GUI. They also have to improve the learning center and the documents as the documents don't really help.

    In the next release, they should improve the documentation.

    For how long have I used the solution?

    I have been using Forcepoint for around one year.

    What do I think about the stability of the solution?

    The firewall is stable. We haven't had any stability issues.

    What do I think about the scalability of the solution?

    It is scalable.

    How are customer service and technical support?

    Technical support can be better. The support themselves are skilled but when you call for support you have to wait for a long time to get a response. They should improve their call center.

    How was the initial setup?

    The initial setup was straightforward. It is done on the firewall itself. 

    What other advice do I have?

    I recommended this solution mostly for large enterprises, a project that needs more than 100 firewalls to be managed. They have a very good management tool as security management centers.

    I would rate it an eight out of ten. 

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    IN
    Information Security Consultant at a tech services company with 51-200 employees
    Consultant
    Excellent for clustering but not a user-friendly solution with very bad GUI

    Pros and Cons

    • "One of the most valuable features is having the ability to cluster multiple firewalls even if they are different versions."
    • "It's a complicated firewall. Until you come to know the firewall inducers, most people don't like the firewall because the components for the firewall are a little bit complex. User-friendliness is a little bit tough. It needs to be user-friendly when creating policies, and pushing policies. Committing takes more time compared to Palo Alto."

    What is most valuable?

    One of the most valuable features is having the ability to cluster multiple firewalls even if they are different versions.

    What needs improvement?

    It's a complicated firewall. Until you come to know the firewall inducers, most people don't like the firewall because the components for it are a little bit complex. User-friendliness is a little bit tough. It needs to be more user-friendly when creating policies, and pushing policies. Committing takes more time compared to Palo Alto.

    The solution needs to invest in its GUI. The interface is very bad and not user-friendly.

    For how long have I used the solution?

    I've been using the solution for three years.

    What do I think about the stability of the solution?

    It's a stable firewall. There's no issue on the stability. When it comes to the detection rate of the IP, it is the most powerful solution for detection-ready tests, like evasion techniques etc. Forcepoint is a leader on the market.

    What do I think about the scalability of the solution?

    The solution is very simple to scale. You just need to keep on adding devices. The firewall can cluster with multiple different models. Scalability-wise, this firewall will be the best firewall for an organization who is operating with a low budget. We typically implement for medium-sized to enterprise-level organizations.

    How are customer service and technical support?

    Technical support is okay. It takes too long to get a response because the support comes directly from the Netherlands, and they may have very limited employees. The engineers are quite technical, but the response is very slow.

    How was the initial setup?

    The initial setup is complex.

    What about the implementation team?

    We are an integrator that helps with the installation.

    The initial installation needs a high level of knowledge because it's not like other firewalls where you have one single appliance. You need to have a separate machine to manage the firewall. The firewall is just a dummy device and all the configurations are done on a Windows machine. Sometimes, in the case of the unavailability of a Windows machine, you cannot do much with the firewall.

    What other advice do I have?

    What others need to know is that they need to have a clear idea of why they're going for this particular firewall. They need to know if are they looking for clustering or if are they looking for link load balancing. If they're not going for clustering, I would suggest they go with the most moderate firewalls like Palo Alto or Fortinet.

    A certain type of attack, such as evasion techniques, isn't something that other firewalls really protect against. According to NSS Labs, Forcepoint firewall has been on top for the last consecutive four or so years because of the detection rate of evasion techniques that other firewalls failed to detect.  

    The clustering of our ISP links is a nice feature that other firewalls also should have. It is a helpful feature, but it is not a user-friendly solution as a whole.

    I would rate the solution five out of ten. User-friendliness is the most important reason I've rated it so low. After Cisco firewalls, no next-gen firewalls have come to the market. So if they want to compete with these firewalls, they need to enhance the overall user-friendliness of the solution.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    ITCS user
    Pre-Sales Engineer at a tech services company with 51-200 employees
    Consultant
    Top feature is the integrated multi-layer filtering​​. The GUI could use a revamp.

    Valuable Features:

    Integrated multi-layer filtering

    Improvements to My Organization:

    McAfee NSP helps the organization by filtering most of the active inbound attacks that would otherwise compromise the users and servers. It's automated and fast response allow the organization to leave it as it is and apply automated updates to its signature.

    Room for Improvement:

    Intel could ditch the Java-based GUI rendering and could use some serious revamp on the way they manage their GUI. A lot of bugs happen on their GUI but their system is working fine.

    Valuable Features:

    Integrated multi-layer filtering

    Improvements to My Organization:

    McAfee NSP helps the organization by filtering most of the active inbound attacks that would otherwise compromise the users and servers. It's automated and fast response allow the organization to leave it as it is and apply automated updates to its signature.

    Room for Improvement:

    Intel could ditch the Java-based GUI rendering and could use some serious revamp on the way they manage their GUI. A lot of bugs happen on their GUI but their system is working fine.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Buyer's Guide
    Download our free Forcepoint Next Generation Firewall Report and get advice and tips from experienced pros sharing their opinions.