
Overview
Forcepoint NGFW (Next-Generation Firewall) delivers unparalleled scalability, robust protection, and comprehensive visibility to efficiently manage and secure traffic flowing into and out of your AWS network, as well as within various components of your cloud environment. By integrating advanced application control, sophisticated evasion prevention, and a leading Intrusion Prevention System (IPS) into a unified solution, Forcepoint NGFW streamlines security management across your data center, office, and branch firewalls from a single console. Independent testing highlights Forcepoint NGFW's superior capability in stopping Advanced Evasion Techniques (AETs) compared to other security devices, its effectiveness in blocking vulnerability exploits, and its sandboxing technology for identifying zero-day attacks and advanced malware. Additionally, Forcepoint NGFW offers robust protection against the exfiltration of sensitive data, ensuring a comprehensive defense for your network.
Highlights
- Effortlessly extend your network to AWS cloud via secure virtual private network (VPN) gateway connecting remote sites, branch offices, and more.
- Safeguard your virtualized network against advanced attacks with dynamic security controls application layer exfiltration security and advanced evasion techniques (AETs) identification.
- Express your business processes as technical controls quickly and naturally with Forcepoint's unique Smart Policies that can be updated globally in seconds, not minutes or hours.
Details
Unlock automation with AI agent solutions

Features and programs
Financing for AWS Marketplace purchases
Pricing
Dimension | Cost/hour |
---|---|
c6i.xlarge Recommended | $0.80 |
c4.4xlarge | $3.20 |
c5.4xlarge | $3.20 |
c4.2xlarge | $1.00 |
c5.2xlarge | $1.60 |
c7i.4xlarge | $3.20 |
c6i.4xlarge | $3.20 |
c5.xlarge | $0.80 |
c7i.xlarge | $0.80 |
c7i.2xlarge | $1.60 |
Vendor refund policy
You may terminate the instance at any time to stop incurring charges. There is no refund for charges incurred prior to termination.
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Additional details
Usage instructions
To perform the initial configuration, use SSH and the username 'aws', then type 'sudo sg-reconfigure'. You can also give initial contact file engine.cfg via userdata encoded in base64. For additional information and configuration instructions see https://www.websense.com/content/support/library/ngfw/howto/ngfw_ht_deploy-ngfw-in-aws_en-us.pdfÂ
Support
Vendor support
Your subscription includes Forcepoint Premium Support, with 24x7 support for critical issues, Severity 1 response targets of 45 mins or less, and an online technical support site offering extensive support resources and request tracking.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
Standard contract
Customer reviews
Advanced features secure our network and improvements in licensing could enhance cost-efficiency
What is our primary use case?
What is most valuable?
What needs improvement?
For how long have I used the solution?
What was my experience with deployment of the solution?
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
How are customer service and support?
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
How was the initial setup?
What about the implementation team?
What was our ROI?
What's my experience with pricing, setup cost, and licensing?
Which other solutions did I evaluate?
What other advice do I have?
Which deployment model are you using for this solution?
Cross setup simplifies implementation but support challenges persist
What is our primary use case?
We mostly work with finance, specifically with banks most of the time. We use Forcepoint Next Generation Firewall for these applications.
What is most valuable?
Today, the Next Generation Firewall from all companies are pretty similar, but the difference lies in the accuracy of setting up the risks. Another valuable aspect is the features and how friendly they are for cross setup. Cross setup refers to using multiple features from the same firewall simultaneously within the same environment. With Forcepoint, this process is simplified compared to others like Fortinet.
What needs improvement?
There is a lot of technical stuff that could be improved. We've encountered scenarios that were really hard to set up and required support. It would be beneficial if the support and contact with the development team were enhanced. Fast response and efficient handling of issues, similar to how Fortinet responds, would be great.
For how long have I used the solution?
I have been using Next Generation Firewall from Forcepoint for more than seven years and the Data Loss Prevention for just a couple of projects, no more than a year.
How are customer service and support?
It is really hard to work with their customer support. For example, unlike Fortinet where you can escalate an issue and quickly get responses from the development team, Forcepoint's process seems slow and challenging.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
I moved from Oracle to use security vendors like Fortinet, Kaspersky, and Forcepoint.
How was the initial setup?
The initial setup can be quite complex. When trying to apply content filters with different network setups in the same machine, even with good planning and reference manuals, issues can arise. Combining different functionalities on the same box often results in problems.
What was our ROI?
I don't believe in ROI when talking about cybersecurity because there's no real way to measure it. Cybersecurity ROI could be $1 or $100 million, depending on the risk of data behind it. I've seen ROI analyses from many cybersecurity companies, but I find it hard to trust the numbers.
What's my experience with pricing, setup cost, and licensing?
In terms of pricing, I would place Forcepoint in the middle when compared to other firewalls like Fortinet and Palo Alto.
What other advice do I have?
Overall, I would rate Forcepoint Next Generation Firewall a seven. I believe a 6.5 would be more accurate though. Also, my name can be used for the review, but not my company name. I am no longer working with Consulting Services; I'm with a different company now.
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Firewall for advanced threat protection with deep packet scanning capabilities
Advance configuration options are complex and requires subject matter expert to customize the rules.
An all-in-one solution that works as a firewall but very complicated for use
What is our primary use case?
Educational institutions are the main users. We planned to use it as an all-in-one solution, primarily as an edge solution and Internet-facing firewall.
What is most valuable?
We're trying to use all the firewall's features. Most of the features were effective, but the usability is a huge concern.Â
What needs improvement?
My experience with this Forcepoint Next Generation Firewall wasn't very pleasant due to its complexity. For example, the firewall loses some features when working in a cluster, which is a huge challenge. It caused me several weeks to solve an issue to make the VPN work, even after opening several cases with support. Also, the debug, which should provide essential knowledge about everything going on, the flow of traffic, and how the engine works, wasn't very informative in identifying the issue.
The problem was eventually solved by chance, thanks to an idea from an expert in the market. We had to refer to a freelancer engineer with huge experience with the Forcepoint Next Generation Firewall, and he noticed something that solved the issue by luck. We had no evidence or logs that showed this was the issue.
It's the most complicated firewall I've ever faced. You have to know what you're doing to achieve the plan and take action. It would be best to be an expert, take a course, or at least read the full documentation carefully. The interface isn't organized in the same way as other competitors.
You have to be an expert in it. You need to watch training videos or read the full documentation to understand how it works, even to implement a minor firewall change. Working with this firewall requires a lot of knowledge.
For how long have I used the solution?
I have been working with the product for three years.Â
What do I think about the stability of the solution?
The tool's stability, policy enforcement, and management are magnificent. I rate it a nine out of ten. It depends on the resources available. In my experience, I encountered a situation where the switch collapsed before the firewall did due to huge traffic. The switch crashed before the firewall crashed because of the enormous data transfer and network traffic.
How are customer service and support?
We contacted support three times, opened three cases for the same issue, and didn't find out what the issue was for two months.
How would you rate customer service and support?
Negative
Which solution did I use previously and why did I switch?
We need to rethink the usability and the availability of training and resources. These should make administration and operating this solution as easy as other competitors. For example, competitors like Fortinet and Palo Alto have easier management, especially Fortinet.
How was the initial setup?
It has some documents if you can reach them. That's one of the other things they need to improve badly - the documentation is inaccessible. But when we reach the right information for what we're trying to do, it is mostly informative and easy. I'd say it's seven out of ten for ease of use if you follow the instructions. It would work. It's deployed on-premises. I wasn't involved in the implementation phase. It was implemented before I joined the company.
What other advice do I have?
If you're not an expert and you haven't taken a course or have the correct materials to run the solution, I don't recommend it. You have to be an expert in this specific solution before using it. Overall, I'd rate Forcepoint Next Generation Firewall six out of ten.
Reliable product with extensive policy features
What is most valuable?
The product's most valuable features are its extensive policy features, especially the S7 Pro features, and its DNS security feature, which provides an additional layer of protection not found in other firewalls.
What needs improvement?
A VPN client feature is missing in our region, which we hope Forcepoint will address in future updates.
For how long have I used the solution?
We have been using Forcepoint's Next Generation Firewall for the past year.
What do I think about the stability of the solution?
We find the product to be stable and reliable in terms of performance.
What do I think about the scalability of the solution?
Forcepoint's firewall is highly scalable, which helps our organization handle increased traffic and services. Approximately 35,00 user networks are protected by the product.Â
Which solution did I use previously and why did I switch?
Our decision to utilize the product was based on competitive analysis, and it emerged as the preferred solution.
How was the initial setup?
The setup process is more complex than other solutions but provides satisfactory results. We began the migration process one month before deploying the device and involved two people in it. Maintenance is relatively easy, and we usually contact our partners for assistance when needed.
What other advice do I have?
The platform has significantly enhanced the security of our public services. However, with the rise in IoT devices, it is unclear if Forcepoint addresses this challenge.
I advise ensuring you have experienced personnel to handle the device effectively after installation.
I recommend Forcepoint's firewall and rate it a nine out of ten.