ContentWatch in Salt Lake City, Utah offers ContentProtect, a web content filtering solution.
N/A
Forcepoint SWG
Score 8.2 out of 10
N/A
The Forcepoint ONE Secure Web Gateway (SWG) is one of the three foundational gateways of the Forcepoint ONE all-in-one cloud platform. Forcepoint ONE SWG monitors and controlsany interaction with any website, including blocking access to websites based on category and risk score, blocking download of malware, blocking upload of sensitive data to personal filesharing accounts, detecting shadow IT, and optionally providingRemote Browser Isolation (RBI) with Content Disarm andReconstruction (CDR).
N/A
SafeDNS
Score 9.0 out of 10
N/A
SafeDNS offers a cloud-based web filter for internet security and web content filtering powered by artificial intelligence and machine learning. It protects users online by blocking botnets, malicious, and phishing sites. Moreover, it filters out intrusive online ads and web content users consider inappropriate or work unrelated. Segments Web…
If you are looking for something relatively inexpensive to lock down specific computers, it would be a useful tool. If the computers themselves aren't too locked down, implementation and management shouldn't be too difficult.
Over the years, [in our experience], the maintenance of the Forcepoint Web Security solution proved to be more cumbersome and troublesome with each version upgrade. In addition, it did not transition well to support the large increase of remote workers. We also experienced weird incompatibilities with the client. We have since replaced this solution with Zscaler Internet Access, a cloud-based secure web gateway solution with a client that behaves as expected, is more flexible, and requires significantly less administration.
it is well-suited for the following scenarios:Organizations that need to comply with regulatory requirements related to internet usage, such as data privacy and security laws, and that need to monitor and control employee internet activity.Organizations that are concerned about online threats and need to protect their networks and endpoints from malware, phishing, and other types of malicious content.Organizations that need to improve productivity by reducing distractions for employees, and/or need to restrict access to specific websites during work hours.Organizations that need to protect sensitive data such as customer information, financial transactions and other sensitive data, by monitoring and controlling the internet activity on the back-end systems.However, SafeDNS may not be as appropriate for the following scenarios:Organizations that have very limited IT resources and lack the skills and knowledge required to set up and manage SafeDNS Organizations that have specific needs and requirements that are not met by the features and capabilities of SafeDNS, for example organizations that require advanced threat detection and response capabilities.Organizations that may have limited budget, SafeDNS does require a subscription cost, that might not be feasible for smaller businesses with limited resources.Organizations that are using legacy systems that are not compatible with SafeDNS, that may not be able to integrate it to their infrastructure.
Our primary policy is a restricted list, so that does as advertised. We had one location that had blocks based on categories (adult, illegal, etc). We continually had issues with sites getting completely blocked due to unrelated content. For example, Yahoo had a beer ad on the page, alcohol was blocked, so Yahoo became blocked for the period of time that ad was displayed. We had this happen multiple times and eventually switched to a different solution at that location.
I've had issues with their cloud portal not working. I don't have to edit our configuration often, but on numerous occasions, i was unable to get the configuration page to load after login, sometimes for days. The platform just wasn't stable when I needed it to be.
We run many of our remote rooms as frozen (after logoff they reset to the image). This works fine most times, but when content protect needs a configuration change pushed down, someone needs to go 'thaw' the computers, download the updated configuration, and re-'freeze' the computer. It would be nice if that information was just dynamic from the cloud and didn't need to be pulled down.
The categorization used for policies is very limited and not flexible or easily customizable.
The user access logs contain a lot of useless information. I understand this is very hard to tackle as I've seen this across any product that logs web activity.
I would like to see more customization options of website block pages.
Filtering accuracy: While SafeDNS provides filtering of websites, it's possible that it could be improved to more accurately identify and block unwanted content. This could be achieved by implementing more advanced algorithms or incorporating more data sources.
Reporting and analytics: Some users may find that the reporting and analytics capabilities of SafeDNS are lacking and could be improved, for example by providing more detailed information about internet usage, or more sophisticated filtering and reporting tools.
Compatibility: Some organizations may have legacy systems that are not fully compatible with SafeDNS. Improving compatibility could make it easier for these organizations to integrate SafeDNS into their existing infrastructure.
It is very stable, the organisation has "locked in" the product and has no plans to change or try another product. We have already renewed our 2019-2020 licenses. It is user friendly and people catch on easily when they first use it. The only downtime is when we install Microsoft updates! It has excellent reporting which help in determining how the organisation's Internet is used and also during both internal and external IT audits.
Despite the intimidating Linux CLI when you use the appliance for troubleshooting, the web security usability compensates as most of the Administration of the system is done there. It is GUI based and has an easy to use UI where one can navigate around rather easily like getting reports, checking alerts, looking the whole setup under deployment to check if all services are running in one place though there are other parts to the system.
The is a quick first response to acknowledge your issue and the Engineers never take more than two hours to fix an issue and we hardly get issues looking at the fact that the system is pretty stable. There is also a robust Knowledge Base in the site for known problems.
Research known issues with upgrading from the Support Knowledge base, this will enable you avoid road blocks along the way and reduce your dependence on Forcepoint Support
At the time ContentProtect was selected, Forcepoint (Websense at the time) didn't have an inexpensive or cloud type product. The same can be said with Cisco, at that time. Recently, we have reevaluated and are going to be transitioning to Forcepoint's mobile client and removing ContentProtect from our environment. The cost is actually now less and we will be able to get both more dynamic control and also give us more detailed reporting on the traffic from clients.
To be honest, once using Forcepoint for our Web Security, I have not wanted to look anywhere else. The dashboard gives me quick insight of threats, productivity, and bandwidth usage. Again, this is a layer in my security and it fills many holes. I feel safe and I do like I can just let it do its thing
It was a relatively inexpensive and simple solution when we needed one relatively quickly, which is a positive. The inexpensive price has kept it in the environment.
The lack of reliable reporting has lead to the need for an alternate monitoring solution in a few cases. Network level reporting was used, which is a separate expense, configuration.
Time has been lost waiting on the portal and then troubleshooting support tickets when sites that shouldn't have been blocked have been blocked. It has resulted in changes for locations that needed dynamic category filtering as opposed to a finite list.
The blocking of sites based on add traffic or sub-sites (rather than just blocking that content like other solutions) has resulted in downtime during classes when those sites were listed in the lesson plan and had previously worked.
Being a non-profit the cost is a bit higher than some competitors so our ROI takes a bit longer to recoup. I would really like to see better non-profit pricing.
The ease of doing a report on someone cuts down on the IT man-hours to do website tracking for managers as we can do it from a central point whereas in the past (prior to Forcepoint/Websense) we would have to ghost their machine to look for activity as well as their local servers.
