Listing Thumbnail

    Forcepoint NGFW (PAYG) - Next Generation Firewall

     Info
    Deployed on AWS
    Forcepoint Next Generation Firewall (NGFW) gives you the scalability, protection, and visibility you need to more efficiently manage your network and quickly respond to threats, incidents, and opportunities from transformative technologies.

    Overview

    Forcepoint NGFW (Next-Generation Firewall) delivers unparalleled scalability, robust protection, and comprehensive visibility to efficiently manage and secure traffic flowing into and out of your AWS network, as well as within various components of your cloud environment. By integrating advanced application control, sophisticated evasion prevention, and a leading Intrusion Prevention System (IPS) into a unified solution, Forcepoint NGFW streamlines security management across your data center, office, and branch firewalls from a single console. Independent testing highlights Forcepoint NGFW's superior capability in stopping Advanced Evasion Techniques (AETs) compared to other security devices, its effectiveness in blocking vulnerability exploits, and its sandboxing technology for identifying zero-day attacks and advanced malware. Additionally, Forcepoint NGFW offers robust protection against the exfiltration of sensitive data, ensuring a comprehensive defense for your network.

    Highlights

    • Effortlessly extend your network to AWS cloud via secure virtual private network (VPN) gateway connecting remote sites, branch offices, and more.
    • Safeguard your virtualized network against advanced attacks with dynamic security controls application layer exfiltration security and advanced evasion techniques (AETs) identification.
    • Express your business processes as technical controls quickly and naturally with Forcepoint's unique Smart Policies that can be updated globally in seconds, not minutes or hours.

    Details

    Delivery method

    Delivery option
    64-bit (x86) Amazon Machine Image (AMI)

    Latest version

    Operating system
    OtherLinux 7.1.10

    Deployed on AWS

    Unlock automation with AI agent solutions

    Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
    AI Agents

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Forcepoint NGFW (PAYG) - Next Generation Firewall

     Info
    Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    Usage costs (36)

     Info
    Dimension
    Cost/hour
    c6i.xlarge
    Recommended
    $0.80
    c4.4xlarge
    $3.20
    c5.4xlarge
    $3.20
    c4.2xlarge
    $1.00
    c5.2xlarge
    $1.60
    c7i.4xlarge
    $3.20
    c6i.4xlarge
    $3.20
    c5.xlarge
    $0.80
    c7i.xlarge
    $0.80
    c7i.2xlarge
    $1.60

    Vendor refund policy

    You may terminate the instance at any time to stop incurring charges. There is no refund for charges incurred prior to termination.

    How can we make this page better?

    We'd like to hear your feedback and ideas on how to improve this page.
    We'd like to hear your feedback and ideas on how to improve this page.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    64-bit (x86) Amazon Machine Image (AMI)

    Amazon Machine Image (AMI)

    An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.

    Additional details

    Usage instructions

    To perform the initial configuration, use SSH and the username 'aws', then type 'sudo sg-reconfigure'. You can also give initial contact file engine.cfg via userdata encoded in base64. For additional information and configuration instructions see https://www.websense.com/content/support/library/ngfw/howto/ngfw_ht_deploy-ngfw-in-aws_en-us.pdf 

    Support

    Vendor support

    Your subscription includes Forcepoint Premium Support, with 24x7 support for critical issues, Severity 1 response targets of 45 mins or less, and an online technical support site offering extensive support resources and request tracking.

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Product comparison

     Info
    Updated weekly

    Accolades

     Info
    Top
    10
    In Network Infrastructure
    Top
    10
    In Network Infrastructure

    Customer reviews

     Info
    Sentiment is AI generated from actual customer reviews on AWS and G2
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Network Virtualization
    Secure virtual private network (VPN) gateway for connecting remote sites and branch offices
    Advanced Threat Protection
    Dynamic security controls with application layer exfiltration security and advanced evasion techniques (AETs) identification
    Intrusion Prevention
    Integrated advanced Intrusion Prevention System (IPS) with capability to stop Advanced Evasion Techniques
    Security Policy Management
    Centralized policy configuration with global update capabilities across network infrastructure
    Malware Detection
    Sandboxing technology for identifying zero-day attacks and advanced malware
    Threat Prevention
    Advanced AI and machine learning-powered threat detection leveraging intelligence from global customer network to stop zero-day exploits and unknown command-and-control traffic
    Network Traffic Classification
    Patented Layer 7 classification for granular traffic control based on workloads, users, and applications with precise network traffic visibility
    Cloud Service Integration
    Native integration with AWS services including Firewall Manager, CloudWatch, Kinesis Firehose for comprehensive security management and monitoring
    Infrastructure Automation
    Support for infrastructure-as-code deployment using APIs, CloudFormation, and Terraform for automated firewall provisioning and policy enforcement
    Security Intelligence
    Cloud-delivered security services powered by Precision AI and Unit 42 Threat Research for real-time threat detection and mitigation
    Network Traffic Protection
    Advanced cloud-native firewall service powered by FortiOS and FortiGuard Labs threat intelligence for securing cloud network traffic
    Threat Intelligence
    AI-powered intrusion prevention (IPS), data leak prevention (DLP), and advanced filtering capabilities to block malicious traffic and potential security breaches
    Dynamic Policy Management
    Security policies that dynamically use cloud metadata tags to follow cloud workloads without requiring static IP updates
    Geo-Specific Security Control
    Enforcement of compliance policies through geo-IP blocking and traffic restrictions to/from specified countries
    Multi-Account Security Aggregation
    Capability to consolidate security across multiple VPCs and accounts within an AWS region using a single firewall instance

    Security credentials

     Info
    Validated by AWS Marketplace
    FedRAMP
    GDPR
    HIPAA
    ISO/IEC 27001
    PCI DSS
    SOC 2 Type 2
    No security profile
    -
    -
    -
    -
    -
    No security profile

    Contract

     Info
    Standard contract
    No
    No
    No

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    |
    47 external reviews
    Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
    Aamir Ejaz

    Advanced features secure our network and improvements in licensing could enhance cost-efficiency

    Reviewed on Apr 15, 2025
    Review provided by PeerSpot

    What is our primary use case?

    We use Forcepoint Next Generation Firewall  for security purposes in our financial institution.

    What is most valuable?

    The most valuable features of Forcepoint Next Generation Firewall  are the advanced threat protection, including features like IPS and DDoS prevention, which help avoid internal DDoS attacks. The centralized management and smart policies are effective, providing enhanced network efficiency, connectivity, and improved security, resulting in fewer cyberattacks and data breaches.

    What needs improvement?

    The licensing model should be more flexible. I recommend that additional features be included in a single license to avoid the need for extra licensing costs. Additionally, there are performance limitations when storing logs, as a large number may overwhelm the log server.

    For how long have I used the solution?

    I have been working with Forcepoint Next Generation Firewall for more than five to six years.

    What was my experience with deployment of the solution?

    Initially, deployment involved a few hurdles, requiring a couple of days. We had to customize it according to our organizational policies, which required involving a partner in the process for proper setup.

    What do I think about the stability of the solution?

    From a stability perspective, I would rate the solution between seven and eight out of ten.

    What do I think about the scalability of the solution?

    Scalability is somewhat limited. While I rate it at five to six, I note that there are restrictions in the firewall manager and limitations when deploying for cloud environments. Since we are using it on-premises, it is difficult to utilize for cloud solutions as well.

    How are customer service and support?

    Technical support is sometimes slow to respond, and it takes longer to resolve issues. This has been true across all Forcepoint products. I rate customer service four to five out of ten.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We maintain a multi-environment with solutions like Palo Alto and Cisco.

    How was the initial setup?

    The initial setup was a bit complex, requiring us to customize Forcepoint Next Generation Firewall according to our organization’s standards, necessitating partner involvement.

    What about the implementation team?

    From our side, at least ten people were involved, and a partner was engaged for the deployment.

    What was our ROI?

    The centralized management and automated updates have lowered operational costs.

    What's my experience with pricing, setup cost, and licensing?

    The licensing model is dependent on negotiation skills, but there is room for improvement. The costs can be high since additional features require separate licenses.

    Which other solutions did I evaluate?

    We maintain solutions like Palo Alto and Cisco.

    What other advice do I have?

    My overall rating for Forcepoint Next Generation Firewall is seven out of ten. Recommendations depend on infrastructure and return on investment analysis, as there are other alternatives, such as Palo Alto and Cisco.

    Which deployment model are you using for this solution?

    On-premises
    Pablo-Verdina

    Cross setup simplifies implementation but support challenges persist

    Reviewed on Mar 04, 2025
    Review provided by PeerSpot

    What is our primary use case?

    We mostly work with finance, specifically with banks most of the time. We use Forcepoint Next Generation Firewall  for these applications.

    What is most valuable?

    Today, the Next Generation Firewall from all companies are pretty similar, but the difference lies in the accuracy of setting up the risks. Another valuable aspect is the features and how friendly they are for cross setup. Cross setup refers to using multiple features from the same firewall simultaneously within the same environment. With Forcepoint, this process is simplified compared to others like Fortinet.

    What needs improvement?

    There is a lot of technical stuff that could be improved. We've encountered scenarios that were really hard to set up and required support. It would be beneficial if the support and contact with the development team were enhanced. Fast response and efficient handling of issues, similar to how Fortinet responds, would be great.

    For how long have I used the solution?

    I have been using Next Generation Firewall from Forcepoint for more than seven years and the Data Loss Prevention for just a couple of projects, no more than a year.

    How are customer service and support?

    It is really hard to work with their customer support. For example, unlike Fortinet where you can escalate an issue and quickly get responses from the development team, Forcepoint's process seems slow and challenging.

    How would you rate customer service and support?

    Neutral

    Which solution did I use previously and why did I switch?

    I moved from Oracle to use security vendors like Fortinet, Kaspersky, and Forcepoint.

    How was the initial setup?

    The initial setup can be quite complex. When trying to apply content filters with different network setups in the same machine, even with good planning and reference manuals, issues can arise. Combining different functionalities on the same box often results in problems.

    What was our ROI?

    I don't believe in ROI when talking about cybersecurity because there's no real way to measure it. Cybersecurity ROI could be $1 or $100 million, depending on the risk of data behind it. I've seen ROI analyses from many cybersecurity companies, but I find it hard to trust the numbers.

    What's my experience with pricing, setup cost, and licensing?

    In terms of pricing, I would place Forcepoint in the middle when compared to other firewalls like Fortinet and Palo Alto.

    What other advice do I have?

    Overall, I would rate Forcepoint Next Generation Firewall  a seven. I believe a 6.5 would be more accurate though. Also, my name can be used for the review, but not my company name. I am no longer working with Consulting Services; I'm with a different company now.

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Food Production

    Firewall for advanced threat protection with deep packet scanning capabilities

    Reviewed on Nov 28, 2024
    Review provided by G2
    What do you like best about the product?
    Forecepoint provides Advanced threat protection, intrusion preventation and secure web application scanning. Forecpoint Policies are flexible and rules can be created and modified as per business requirements. It has low latency and does not impact the network performance
    What do you dislike about the product?
    Limited customization
    Advance configuration options are complex and requires subject matter expert to customize the rules.
    What problems is the product solving and how is that benefiting you?
    Forecepoint protects advanced level cyberattacks from external attackers and cyberthreats like ransomware , zero-day exploits and data exfiltration etc and helping business to secure our digital assets.It provides real-time network visibility and attack surface to improve company security posture , ensure compliance and reduce risk of unahuthroized access and data breaches
    Mostafa-Mourad

    An all-in-one solution that works as a firewall but very complicated for use

    Reviewed on Aug 01, 2024
    Review provided by PeerSpot

    What is our primary use case?

    Educational institutions are the main users. We planned to use it as an all-in-one solution, primarily as an edge solution and Internet-facing firewall.

    What is most valuable?

    We're trying to use all the firewall's features. Most of the features were effective, but the usability is a huge concern. 

    What needs improvement?

    My experience with this Forcepoint Next Generation Firewall wasn't very pleasant due to its complexity. For example, the firewall loses some features when working in a cluster, which is a huge challenge. It caused me several weeks to solve an issue to make the VPN work, even after opening several cases with support. Also, the debug, which should provide essential knowledge about everything going on, the flow of traffic, and how the engine works, wasn't very informative in identifying the issue.

    The problem was eventually solved by chance, thanks to an idea from an expert in the market. We had to refer to a freelancer engineer with huge experience with the Forcepoint Next Generation Firewall, and he noticed something that solved the issue by luck. We had no evidence or logs that showed this was the issue.

    It's the most complicated firewall I've ever faced. You have to know what you're doing to achieve the plan and take action. It would be best to be an expert, take a course, or at least read the full documentation carefully. The interface isn't organized in the same way as other competitors.

    You have to be an expert in it. You need to watch training videos or read the full documentation to understand how it works, even to implement a minor firewall change. Working with this firewall requires a lot of knowledge.

    For how long have I used the solution?

    I have been working with the product for three years. 

    What do I think about the stability of the solution?

    The tool's stability, policy enforcement, and management are magnificent. I rate it a nine out of ten. It depends on the resources available. In my experience, I encountered a situation where the switch collapsed before the firewall did due to huge traffic. The switch crashed before the firewall crashed because of the enormous data transfer and network traffic.

    How are customer service and support?

    We contacted support three times, opened three cases for the same issue, and didn't find out what the issue was for two months.

    How would you rate customer service and support?

    Negative

    Which solution did I use previously and why did I switch?

    We need to rethink the usability and the availability of training and resources. These should make administration and operating this solution as easy as other competitors. For example, competitors like Fortinet and Palo Alto have easier management, especially Fortinet.

    How was the initial setup?

    It has some documents if you can reach them. That's one of the other things they need to improve badly - the documentation is inaccessible. But when we reach the right information for what we're trying to do, it is mostly informative and easy. I'd say it's seven out of ten for ease of use if you follow the instructions. It would work. It's deployed on-premises. I wasn't involved in the implementation phase. It was implemented before I joined the company.

    What other advice do I have?

    If you're not an expert and you haven't taken a course or have the correct materials to run the solution, I don't recommend it. You have to be an expert in this specific solution before using it. Overall, I'd rate Forcepoint Next Generation Firewall six out of ten.

    Fadi Shehab

    Reliable product with extensive policy features

    Reviewed on Apr 24, 2024
    Review provided by PeerSpot

    What is most valuable?

    The product's most valuable features are its extensive policy features, especially the S7 Pro features, and its DNS security feature, which provides an additional layer of protection not found in other firewalls.

    What needs improvement?

    A VPN client feature is missing in our region, which we hope Forcepoint will address in future updates.

    For how long have I used the solution?

    We have been using Forcepoint's Next Generation Firewall for the past year.

    What do I think about the stability of the solution?

    We find the product to be stable and reliable in terms of performance.

    What do I think about the scalability of the solution?

    Forcepoint's firewall is highly scalable, which helps our organization handle increased traffic and services. Approximately 35,00 user networks are protected by the product. 

    Which solution did I use previously and why did I switch?

    Our decision to utilize the product was based on competitive analysis, and it emerged as the preferred solution.

    How was the initial setup?

    The setup process is more complex than other solutions but provides satisfactory results. We began the migration process one month before deploying the device and involved two people in it. Maintenance is relatively easy, and we usually contact our partners for assistance when needed.

    What other advice do I have?

    The platform has significantly enhanced the security of our public services. However, with the rise in IoT devices, it is unclear if Forcepoint addresses this challenge.

    I advise ensuring you have experienced personnel to handle the device effectively after installation.

    I recommend Forcepoint's firewall and rate it a nine out of ten.

    Which deployment model are you using for this solution?

    On-premises
    View all reviews