The vendor presents AWS Control Tower as the easiest way to set up and govern a new, secure multi-account AWS environment. With AWS Control Tower, builders can provision new AWS accounts in a few clicks, while knowing new accounts conform to company-wide policies.
N/A
Forcepoint CASB
Score 7.5 out of 10
N/A
Forcepoint CASB delivers comprehensive security for SaaS and Generative AI applications by combining API integration with real-time inline controls, ensuring sensitive data stays protected without compromising performance or user experience.
We were wanting to prove the concept of a low touch process for quickly spinning up boilerplate AWS environments. We were able to get started quickly and to ensure that the AWS Well-Architected Framework principles were followed - at least upfront - however, we found that for our use case and expertise level it ultimately wasn't a fit. We have the skills on our team to manage more of this on our own. My recommendation would be contingent on what skills are already available on your team: if you can "do it yourself" you might as well so that you don't pay for resources you don't need and you have finer grain control over what's created.
It is appropriate for medium to large-scale enterprises, especially the ones that have remote employees. The live-monitoring feature is extremely useful in this case. However, the implementation and initial processing are headache-inducing so you definitely need a dedicated IT team. Be warned though, that not only is their interface quite complex, their customer service is also extremely unhelpful so you won't be able to implement this or tackle any issues without a skilled team. But if that isn't an issue, this is definitely worth a try!
There is no way to easily close an AWS account whether it was created manually or via the AWS Control Tower. It takes too many steps to close it vs to provision a new AWS account
Using AWS Systems Manager and other slightly lower level components has been helpful for us to manage parts of our AWS presence at a more granular level than AWS Control Tower was designed for. It's not at all an apples-to-apples comparison as they solve different use cases, but for us, the use case associated with AWS Systems Manager was a better fit for our specific needs and skillsets. We did not need everything that AWS Control Tower was doing for us.
The interface of both the softwares is complex, but Forcepoint is certainly more complicated. But once you get past that, it is quite smooth and offers a lot of amazing features. It is one of the best options for remote security, although I would love to see more features - like encryption. The one place where it truly lacks is customer service, and since it has such an intricate implementation procedure, this one carries a lot of weight and needs to be improved to make this software even more accessible.
We are working on strategies to understand what to do with the information that CASB gave to us, it would be good if Forcepoint gives us a few key points but they haven't.
