The Forcepoint ONE Secure Web Gateway (SWG) is one of the three foundational gateways of the Forcepoint ONE all-in-one cloud platform. Forcepoint ONE SWG monitors and controlsany interaction with any website, including blocking access to websites based on category and risk score, blocking download of malware, blocking upload of sensitive data to personal filesharing accounts, detecting shadow IT, and optionally providingRemote Browser Isolation (RBI) with Content Disarm andReconstruction (CDR).
N/A
pfSense
Score 9.2 out of 10
N/A
pfSense is a firewall and load management product available through the open source pfSense Community Edition, as well as a the licensed edition, pfSense Plus (formerly known as pfSense Enterprise). The solution provides combined firewall, VPN, and router functionality, and can be deployed through the cloud (AWS or Azure), or on-premises with a Netgate appliance. It as scalable capacities, with functionality for SMBs. As a firewall, pfSense offers Stateful packet inspection, concurrent…
$179
per appliance
Pricing
Forcepoint Secure Web Gateway
pfSense
Editions & Modules
No answers on this topic
SG-1100
$179
per appliance
SG-2100
$229
per appliance
SG-3100
$399
per appliance
SG-5100
$699
per appliance
XG-7100-DT
$899
per appliance
XG-7100-1U
$999
per appliance
XG-1537
$1,949
per appliance
XG-1541
$2,649
per appliance
Offerings
Pricing Offerings
Forcepoint SWG
pfSense
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
Yes
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Forcepoint Secure Web Gateway
pfSense
Features
Forcepoint Secure Web Gateway
pfSense
Firewall
Comparison of Firewall features of Product A and Product B
Forcepoint Secure Web Gateway
-
Ratings
pfSense
8.4
16 Ratings
3% below category average
Identification Technologies
00 Ratings
8.113 Ratings
Visualization Tools
00 Ratings
8.513 Ratings
Content Inspection
00 Ratings
8.115 Ratings
Policy-based Controls
00 Ratings
8.516 Ratings
Active Directory and LDAP
00 Ratings
6.712 Ratings
Firewall Management Console
00 Ratings
9.415 Ratings
Reporting and Logging
00 Ratings
8.316 Ratings
VPN
00 Ratings
9.016 Ratings
High Availability
00 Ratings
9.415 Ratings
Stateful Inspection
00 Ratings
9.314 Ratings
Proxy Server
00 Ratings
7.514 Ratings
Best Alternatives
Forcepoint Secure Web Gateway
pfSense
Small Businesses
No answers on this topic
Sophos UTM
Score 8.8 out of 10
Medium-sized Companies
Quantum Firewalls and Security Gateways
Score 9.3 out of 10
Quantum Firewalls and Security Gateways
Score 9.3 out of 10
Enterprises
Quantum Firewalls and Security Gateways
Score 9.3 out of 10
Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series
Over the years, [in our experience], the maintenance of the Forcepoint Web Security solution proved to be more cumbersome and troublesome with each version upgrade. In addition, it did not transition well to support the large increase of remote workers. We also experienced weird incompatibilities with the client. We have since replaced this solution with Zscaler Internet Access, a cloud-based secure web gateway solution with a client that behaves as expected, is more flexible, and requires significantly less administration.
I believe PFSense is well suited for both home lab environments as well as up to small to mid-size business environments on a tight budget. However, I would implore that anything in production requires the use of the authorized hardware that PFSense sells to receive support. However, in my experience, PFSense is a solid set-and-forget firewall solution.
Easy to use. Good user interface design! Easy to understand and easy to set up.
Lower hardware requirement. 3 years ago, we used an old PC to run it. Now, we have changed to a router device with Celeron CPU and 8GB RAM. It runs smoothly with a 1000G commercial broadband.
The user access logs contain a lot of useless information. I understand this is very hard to tackle as I've seen this across any product that logs web activity.
I would like to see more customization options of website block pages.
I did kind of mention a Con in the Pro section with OpenVPN.
When I create a config for an employee other employees are able to login to that config.
I could be doing something wrong when I am making it - I am not afraid to admit that as I am pretty new to all of this, but it seems like it builds a key and I would think the key would be unique in some way to each employee, but I could be wrong.
I actually do not have a lot of Con's for this software - I did not get to set this up on our work network so I am not sure of any downfalls when installing.
I installed this on my personal machine in a Hyper-V environment to get a feel for it before I started working on it at work and it seemed pretty smooth. I didn't run into any issues.
It is very stable, the organisation has "locked in" the product and has no plans to change or try another product. We have already renewed our 2019-2020 licenses. It is user friendly and people catch on easily when they first use it. The only downtime is when we install Microsoft updates! It has excellent reporting which help in determining how the organisation's Internet is used and also during both internal and external IT audits.
Despite the intimidating Linux CLI when you use the appliance for troubleshooting, the web security usability compensates as most of the Administration of the system is done there. It is GUI based and has an easy to use UI where one can navigate around rather easily like getting reports, checking alerts, looking the whole setup under deployment to check if all services are running in one place though there are other parts to the system.
The pfSense UI is easy to navigate and pretty go look at. It is much better than some high dollar firewalls that just throw menus you you. The pfSense UI is quick and responsive and makes sense 99% of the time. Changes are committed quickly and the hardware rarely requires a reboot. It just runs.
The is a quick first response to acknowledge your issue and the Engineers never take more than two hours to fix an issue and we hardly get issues looking at the fact that the system is pretty stable. There is also a robust Knowledge Base in the site for known problems.
Research known issues with upgrading from the Support Knowledge base, this will enable you avoid road blocks along the way and reduce your dependence on Forcepoint Support
To be honest, once using Forcepoint for our Web Security, I have not wanted to look anywhere else. The dashboard gives me quick insight of threats, productivity, and bandwidth usage. Again, this is a layer in my security and it fills many holes. I feel safe and I do like I can just let it do its thing
Meraki has a unified management login for all devices, which is nice. It also has decent content filtering, both areas where pfSense is weaker. Where pfSense far ouclasses Meraki is in the ease of use and the other width of features. These include features such as better VPN interoperability, non-subscription based pricing, auditability, not relying on the infrastructure of a third party, more transparency of what's actually going on, easier to deploy replacements if hardware fails. Additionally, the NAT management for pfSense seems to be a bit better, as you can NAT between any network segment and not just the LAN segments out the WAN interfaces.
Being a non-profit the cost is a bit higher than some competitors so our ROI takes a bit longer to recoup. I would really like to see better non-profit pricing.
The ease of doing a report on someone cuts down on the IT man-hours to do website tracking for managers as we can do it from a central point whereas in the past (prior to Forcepoint/Websense) we would have to ghost their machine to look for activity as well as their local servers.
pfSense can be installed on commodity hardware with no licensing fees. With a simple less than 10 minute restore time, on most hardware, it's an extremely inexpensive way to achieve the same results that some of the more expensive vendors provide.
The easy to use interface has allowed configuration management to be preformed by lower level technicians with quick and easy training.
