Carbon Black App Control is an application control product, used to lock down servers and critical systems, prevent unwanted changes and ensure continuous compliance with regulatory mandates.
N/A
Forcepoint DLP
Score 7.8 out of 10
N/A
Forcepoint Data Loss Prevention (DLP) protects sensitive data everywhere it resides and moves, across endpoints, cloud apps, web, email, and on-premises environments. It delivers unified policy management and centralized control from a single console.
N/A
Pricing
Carbon Black App Control
Forcepoint Data Loss Prevention
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Carbon Black App Control
Forcepoint DLP
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Carbon Black App Control
Forcepoint Data Loss Prevention
Features
Carbon Black App Control
Forcepoint Data Loss Prevention
Data Preparation
Comparison of Data Preparation features of Product A and Product B
Cb Protect is best suited somewhere where you want to maximize the lockdown of workstations. So moving past no local admin rights to blocking specific applications and peripherals. The idea would be to have a list of applications you want to run, and then anything else is not able to be used. As stated prior, if you have a very fluid environment where you are having all sorts of new applications installed frequently (I feel for you!!) this is still do-able, but it misses the general idea. I think especially in environments that are more sensitive to new applications, like banks, healthcare systems etc, this is a good fit. The ability to look at application levels, drift, unapproved software etc is very useful.
-Where companies need to secure their attachment, which goes outside, means from their company to outside -Where companies need to ensure their client's personal information -Where companies need DLP. They need to look for Forcepoint only, as they have the upper hand over the rest of their competitors.
It has predominantly protected us from unauthorized parties and has provided us with better visibility and control over our data.
This software has also successfully prevented us from both malicious and accidental tasks, which are quite flexible actions when it comes to the violation of data loss prevention policies.
This product has been successful in improving compliance and even mitigating compliance violations, which further facilitated IT security.
I think there is room for improvement, as the user interface is slightly rough and difficult to adopt in the beginning. The software also hangs up at a few instances, which leads to some wasting of time and annoyance, but other than that, this software is good. The technical staff should work on the complexities for a better user experience.
Forcepoint technical support--specially for users who go with essential support--is challenging to get support on time. You need the ticket to be raised long beforehand to get support from TAC. However, in the case of enterprise support, its is not like this technical person will come on a priority basis.
However it comes with higher prices, especially for SMB, it is allowed to pay that amount for support only.
We have been fairly happy with the product and how it has worked. We have looked at other vendors for url filter and such and have not found one that meets our needs or does what we have been doing with Websense. The product has been fairly stable and we have only had a few issues in the past. We have all seen that it was one of the highest leaders from the Gartner Group Magic Quadrant for Web Gateways.
For us, Forcepoint Data Loss Prevention was difficult to administer, did not work well when it did work, was incredibly expensive for the feature set you get, and was difficult to uninstall when we moved on from the software. Once it was fully set up, it worked occasionally for us.
Support from Forcepoint has been lacking. When calling in with a high priority issue we rarely are able to work with a technician immediately. The queue waits are very long and when you get through there are no support engineers available and we need to wait for a call back for hours it seems.
The big difference between Protect and Barkly/AMP is how exactly it goes about what it's doing. Protect is application whitelisting and program reputation. So the way it's protecting you is using a proprietary reputation service, and hash values to identify applications, and then hitting a list of whitelisted programs to decide if you are able to run that or not, based on the policy you are in. There is a LOT of value in that. We actually are working on transitioning to Cisco Advanced Malware Protection (AMP). The main reason is cost (about the same cost as Cb Protect, but with (most of) the featureset of all 3 Carbon Black products for less than 1/3 of the total spend. AMP works differently, looking at a reputation service powered by Cisco's Talos cloud. You don't really have application whitelisting, but that also reduces how many "requests" you get for applications. So I'll have to find a different way to do whitelisting and USB blocking and the like, but I'm getting more visibility across my network and also built in antivirus (TETRA engine - ClamAV with some work). Barkly is an add that we are looking to put in as it looks at behavior of programs. So specifically it watches for privilege elevation and the like. Thus far all the big name problem children (WannaCry, other ransomware problems) have been caught natively in Barkly day 0.
User friendly solution that makes it easy to deploy and manage. Forcepoint Data Loss Prevention very effective to protecting our valuable data on endpoints and where data lives like in the Cloud, server and on-premises disk drives and its valuable to just set policies once and start utilizing Forcepoint Data Loss Prevention solution.
The exchange of financial documents with customers creates extreme risk as data loss could result in financial and reputation damage to the customer. The cost of deploying Forcepoint is fractions of pennies compared to the potential financial impact of data loss.
There is some administrative overhead associated as false positives are inevitable, requiring a manual review and a potential loss of productivity.
