Item: Proofpoint Targeted Attack Protection (TAP)
Rating: 10
Author: Jerry Robinson

Use Cases and Deployment Scope

Targeted Attack Protection (TAP) for Email is used across the entire enterprise. TAP gives us a layer of protection against the numerous attack vectors that exist in the cyberworld.

Pros and Cons

Attachment Defense. This component scans all attachments for malicious content, quarantining anything suspicious. This is a must have for any legitimate email protection product.
URL Defense. With so many phishing attempts out there that try to lure the unsuspecting user into clicking a link to a malicious web site, URL Defense provide an invaluable safety net by encoding the URL and re-routing it to Proofpoint's "sandbox". If legitimate, it seamlessly redirects the user to the original URL. Despite your best efforts at education, a percentage of your end users will click the link. Knowing that TAP is sandboxing those links to test for malicious activity is protection we cannot live without.
TAP Dashboard. This lets me see who's being targeted in my environment as well as provide metrics that tell me how effective the protection has been. We're able to identify our "VIP's" so that we can receive special alerets whey they come under attack.

It's a stretch for me to find something that needs improvement. If I had to put at least one thing it would relate to URL Defense. The process works great but, there are times when you have to decode the encoded URL. Currently, the only place to do that is in the TAP dashboard. To save clicks and logins, it would be nice to have that decode functionality in the Proofpoint management console.
No other issues.

Return on Investment

I believe this has been one of the best protection offerings we have used. It's hard to quantify an ROI on something like this but, at the same time, you cannot put a price on the safety it affords.

Alternatives Considered

Barracuda Email Security Service and Forcepoint Email Security

We started with Barracuda and it served our purposes well but we outgrew it. The same could be said of Forcepoint. Over time, we simply noticed that more and more of the bad stuff was getting through the filter and, no matter how we tweaked the settings, we couldn't stop it. Proofpoint made an immediate impact. We did a POC with Proofpoint in-line behind Forcepoint and could see how it was catching things that Forcepoint missed every day.

Other Software Used

Duo Security

Likelihood to Recommend

I believe TAP is well suited for all scenarios but some organizations may wish to implement part, or all, of TAP for specific departments. That can be done by AD group membership.

Users and Roles

2000 - Administration, Support, Clinical

Support Headcount Required

3 - Primarily, the ones who support the product have a networking background with a degree of familiarity with how email systems work.

Business Processes Supported

Phishing prevention.
Anti-malware.
Anti-spoofing.

Innovative Uses

There were no unexpected uses for this product.

Future Planned Uses

There are no additional ways this product can be used by our organization as it stands today.

Likelihood to Renew

10

Products Replaced

Yes - Forcepoint. We replaced it because it simply wasn't working effectively.

Key Differentiators

Price
Product Features
Product Usability
Product Reputation

Features would have to be the most important factor in our decision to purchase Proofpoint. It had all the features we wanted, and then some.

Evaluation Lessons Learned

I can't begin to imagine how I would change my process.

Implementation Rating

10

Proofpoint managed the installation and made it very simple. We had a dedicated installation engineer who checked in on use periodically after go-live to ensure that there were no issue.

Implementation Details / Implementation Partner

Implemented in-house

Implementation Phases

Yes - We implemented inbound protection first, then added outbound protection.

Change Management Lessons

Change management was minimal - The implementation was fairly seamless to the end user so change management was not an issue.

Implementation Issues

The only issues we encountered revolved around us understanding how the product worked; specifically, how it differed from our previous solutions.

Support Rating

10

It is simply the best we have ever used.

Proofpoint Targeted Attack Protection (TAP) Customer Support Pros and Cons

Pros	Cons
Quick Resolution Good followup Knowledgeable team Problems get solved Kept well informed Immediate help available Support understands my problem Support cares about my success Quick Initial Response	Escalation required

Pros	Cons
Like to use Relatively simple Easy to use Technical support not required Well integrated Consistent Quick to learn Convenient Feel confident using Familiar	None

Easy Tasks

Spam detection
Visus detection
Email Firewall

Difficult Tasks

Email Authentication
Understanding how policy routes and whitelisting works.

Mobile Interface Availability and Impressions

No

Proofpoint - The Proof is There

Overall Satisfaction with Proofpoint Targeted Attack Protection for Email