Sold by: ForcepointÂ
Deployed on AWS
Forcepoint Next Generation Firewall (NGFW) gives you the scalability, protection, and visibility you need to more efficiently manage your network and quickly respond to threats, incidents, and opportunities from transformative technologies.
Overview
Forcepoint NGFW (Next-Generation Firewall) delivers unparalleled scalability, robust protection, and comprehensive visibility to efficiently manage and secure traffic flowing into and out of your AWS network, as well as within various components of your cloud environment. By integrating advanced application control, sophisticated evasion prevention, and a leading Intrusion Prevention System (IPS) into a unified solution, Forcepoint NGFW streamlines security management across your data center, office, and branch firewalls from a single console. Independent testing highlights Forcepoint NGFW's superior capability in stopping Advanced Evasion Techniques (AETs) compared to other security devices, its effectiveness in blocking vulnerability exploits, and its sandboxing technology for identifying zero-day attacks and advanced malware. Additionally, Forcepoint NGFW offers robust protection against the exfiltration of sensitive data, ensuring a comprehensive defense for your network.
Highlights
- Effortlessly extend your network to AWS cloud via secure virtual private network (VPN) gateway connecting remote sites, branch offices, and more.
- Safeguard your virtualized network against advanced attacks with dynamic security controls application layer exfiltration security and advanced evasion techniques (AETs) identification.
- Express your business processes as technical controls quickly and naturally with Forcepoint's unique Smart Policies that can be updated globally in seconds, not minutes or hours.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux 7.1.10
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c6i.xlarge Recommended | $0.80 |
c4.4xlarge | $3.20 |
c5.4xlarge | $3.20 |
c4.2xlarge | $1.00 |
c5.2xlarge | $1.60 |
c7i.4xlarge | $3.20 |
c6i.4xlarge | $3.20 |
c5.xlarge | $0.80 |
c7i.xlarge | $0.80 |
c7i.2xlarge | $1.60 |
Vendor refund policy
You may terminate the instance at any time to stop incurring charges. There is no refund for charges incurred prior to termination.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Additional details
Usage instructions
To perform the initial configuration, use SSH and the username 'aws', then type 'sudo sg-reconfigure'. You can also give initial contact file engine.cfg via userdata encoded in base64. For additional information and configuration instructions see https://www.websense.com/content/support/library/ngfw/howto/ngfw_ht_deploy-ngfw-in-aws_en-us.pdfÂ
Support
Vendor support
Your subscription includes Forcepoint Premium Support, with 24x7 support for critical issues, Severity 1 response targets of 45 mins or less, and an online technical support site offering extensive support resources and request tracking.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Forcepoint
By Palo Alto Networks
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Network Virtualization
Secure virtual private network (VPN) gateway for connecting remote sites and branch offices
Advanced Threat Protection
Dynamic security controls with application layer exfiltration security and advanced evasion techniques (AETs) identification
Intrusion Prevention
Integrated advanced Intrusion Prevention System (IPS) with capability to stop Advanced Evasion Techniques
Security Policy Management
Centralized policy configuration with global update capabilities across network infrastructure
Malware Detection
Sandboxing technology for identifying zero-day attacks and advanced malware
Threat Prevention
Advanced AI and machine learning-powered threat detection leveraging intelligence from global customer network to stop zero-day exploits and unknown command-and-control traffic
Network Traffic Classification
Patented Layer 7 classification for granular traffic control based on workloads, users, and applications with precise network traffic visibility
Cloud Service Integration
Native integration with AWS services including Firewall Manager, CloudWatch, Kinesis Firehose for comprehensive security management and monitoring
Infrastructure Automation
Support for infrastructure-as-code deployment using APIs, CloudFormation, and Terraform for automated firewall provisioning and policy enforcement
Security Intelligence
Cloud-delivered security services powered by Precision AI and Unit 42 Threat Research for real-time threat detection and mitigation
Network Traffic Protection
Advanced cloud-native firewall service powered by FortiOS and FortiGuard Labs threat intelligence for securing cloud network traffic
Threat Intelligence
AI-powered intrusion prevention (IPS), data leak prevention (DLP), and advanced filtering capabilities to block malicious traffic and potential security breaches
Dynamic Policy Management
Security policies that dynamically use cloud metadata tags to follow cloud workloads without requiring static IP updates
Geo-Specific Security Control
Enforcement of compliance policies through geo-IP blocking and traffic restrictions to/from specified countries
Multi-Account Security Aggregation
Capability to consolidate security across multiple VPCs and accounts within an AWS region using a single firewall instance
Standard contract
No
No
No
Customer reviews
4.5
1 ratings
1 AWS reviews
|
49 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
VikasTiwari
Manages over 1,500 locations from a central console and simplifies policy deployment
Reviewed on Nov 18, 2025
Review provided by PeerSpot
What is our primary use case?
Forcepoint Next Generation Firewall was implemented for SD-WAN solutions across all 1,500 plus locations. The deployment includes routing and BGP routing, L3 switching, L2 switching, and site-to-site VPN and SSL VPNs. IPS enabled antivirus applications, IPS, IDS, application control, and quality of service are also included. All firewalls are managed through the SMC, which is the Security Management server center. Overall, no issues have been encountered, but there are some dependencies on the SMC components. Occasionally, connectivity challenges between Forcepoint Next Generation Firewall and SMC have been observed. It is important to ensure that licenses are renewed before expiring, as no modifications are allowed after the license expires.
Forcepoint Next Generation Firewall policies are created with source IP and applications policy configurations. Some routing and BGP routing have been added, and new locations have been added. All firewalls are synced with the SMC.
Forcepoint Next Generation Firewall provides excellent SD-WAN solutions. It is very easy to connect Wi-Fi solutions and any other interface solutions. Both on-premise solutions and hybrid solutions are available. It can be easily integrated with different solutions.
What is most valuable?
Forcepoint Next Generation Firewall provides excellent SD-WAN solutions that make it very easy to connect Wi-Fi solutions and any other interface solutions. Both on-premise solutions and hybrid solutions are available, and it can be easily integrated with different solutions.
Forcepoint Next Generation Firewall has positively impacted the organization. Previously, it was very difficult to handle all traffic because multiple locations experienced downtime, firewalls went down, and internet connectivity issues occurred. There was a lease line option previously, which was very critical for connectivity. After Forcepoint SD-WAN solutions were deployed across different locations, all traffic goes through Wi-Fi solutions, which are directly connected to Forcepoint Next Generation Firewall. This is very easy, time-saving, and has improved security. Forcepoint Next Generation Firewall has many security solutions available. There is no doubt that it is a good firewall. All types of policies can be created, and all GFW features are available. All those security solutions can be utilized.
What needs improvement?
Forcepoint Next Generation Firewall is overall good, but AI enabled features are not available. Many templates and AI security features are needed and are currently missing.
For how long have I used the solution?
I have been working with Forcepoint Next Generation Firewall for the last four years. I have worked with all types of Forcepoint products, including Forcepoint DLPÂ , Forcepoint endpoint solutions, Forcepoint web security, and Forcepoint Next Generation Firewall. There is a deep understanding of all Forcepoint products.
What do I think about the stability of the solution?
Forcepoint Next Generation Firewall is stable based on this experience.
What do I think about the scalability of the solution?
Forcepoint Next Generation Firewall's scalability is good and can handle growth or increased demand easily.
How are customer service and support?
The experience with Forcepoint Next Generation Firewall customer service has been very good. TAC engineers are very experienced and troubleshoot issues within the expected timeframe with no problems.
How would you rate customer service and support?
Positive
How was the initial setup?
Forcepoint Next Generation Firewall has a boot option and is very easy to deploy, taking very little time. Only one boot is required, or a pen drive can be inserted and booted, then rebooted, and it will automatically connect the firewall with the SMC. Policies can be easily published through SMC. The firewall can be deployed within 20 minutes.
What about the implementation team?
In this organization, five people manage 1,500 plus locations with Forcepoint Next Generation Firewall. This reduces the number of employees, saves time, and reduces costs. This is a good consideration.
What was our ROI?
Forcepoint Next Generation Firewall provides cost savings with minimal costs. It does not have high pricing for on-premise solutions and on-cloud solutions. It is easy and offers different solutions for each solution type with small, mid, and large scale options available. This makes it easy to choose the appropriate firewall and minimize costs and save money.
What other advice do I have?
Forcepoint Next Generation Firewall is an excellent firewall with many next-generation features, including IPS, IDS, application console, UTM, quality of service, DDoS protections, and deep packet inspections. All types of VPN connectivity and routing are available. It is very easy to understand and deploy. The only issue that has been observed is related to licensing. It is important to ensure that licenses are renewed before expiration, as no modifications are allowed after the license expires. This would be helpful for users and clients. Forcepoint Next Generation Firewall has only two components: SMC and Forcepoint Next Generation Firewall. Overall, the rating for Forcepoint Next Generation Firewall is 10 out of 10.
Marcelo-Araujo
Improves user access control through visual rule creation but frequently struggles with unexplained performance issues
Reviewed on Nov 17, 2025
Review provided by PeerSpot
What is our primary use case?
Forcepoint Next Generation Firewall protects my internal network and customer VPN usage with various rules. I use Forcepoint Next Generation Firewall to protect my internal network and manage customer VPNs by creating filters and rules to protect the network and user access.
We create a VPN with details such as which application, which port, and what users can access when they are connected to Forcepoint Next Generation Firewall.
What is most valuable?
Forcepoint Next Generation Firewall offers an amazing graphical interface that is very easy to use, although sometimes slowness appears and it does not respond in real time. Overall, the graphical interface is amazing.
The interface helps me in my daily tasks because it is easy to understand, although its response is slow. Sometimes Forcepoint Next Generation Firewall cannot process the traffic, and the graphical interface and CPU often show very high usage.
I appreciate the user access details and graphics that the interface can report for me, and the feature that allows us to create rules through dragging and dropping.
Forcepoint Next Generation Firewall has impacted my organization positively by making it very easy to work and offering a more competitive price compared to other vendors. The only issue I perceive is that sometimes it gets a very slow response for no reason, which we have been facing frequently when using Forcepoint Next Generation Firewall.
It is saving money, it is easy to use, and it has a very nice graphical interface.
What needs improvement?
Forcepoint Next Generation Firewall can be improved by addressing the slowness that occurs for no reason. It has high availability and two cores that can work together, and it offers many features like other vendors, but the graphical interface sometimes freezes when we are troubleshooting.
For how long have I used the solution?
I have been working in my current field for about three years.
What do I think about the stability of the solution?
Sometimes Forcepoint Next Generation Firewall is not really stable at all. It has many freezes for no reason, and local support needs to reboot it physically by unplugging the power cable and plugging it back in.
What do I think about the scalability of the solution?
Forcepoint Next Generation Firewall is scalable and can grow with my organization's needs, although it is not the principal firewall but works for specific scenarios.
How are customer service and support?
My experience with customer support has been good, and I find it to be good overall.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have previously used different solutions, specifically Palo Alto, Forcepoint, and Cisco ASAÂ and Firepower.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing is limited because I do not work with pricing, but I have experience with support, setup, and some licensing.
Which other solutions did I evaluate?
Before choosing Forcepoint Next Generation Firewall, we evaluated other options, including Fortinet.
What other advice do I have?
I would advise others looking into using Forcepoint Next Generation Firewall that it has a competitive price compared to other vendors, and it is easy to use with a good graphical interface and attentive technical support. My review rating for this product is 6.
reviewer2220669
Clients have benefited from responsive support and consistent performance
Reviewed on Sep 12, 2025
Review from a verified AWS customer
What is our primary use case?
I might not be the right person to discuss the main use cases for Forcepoint Next Generation Firewall for these clients. I can send an email and reply with what we can in broad strokes without identifying any specific customers. I would have to ask my teams that handle these solutions.
What is most valuable?
I can share what we appreciate about Forcepoint Next Generation Firewall and what clients generally choose it for. We have had good experience with their responsiveness, which exceeds other products sometimes. Their customer service and price point are competitive for the US market primarily.
The centralized management console of Forcepoint Next Generation Firewall is something we have been struggling with because everybody has their own approach, but most customers have mixed solutions. We end up having customers that are either running two consoles or requiring a third-party solution to monitor everything. From a configuration standpoint, it has been easy to manage.
Regarding security, these are security solutions, and when referring to performance, it works effectively. Features are very similar across products. Each vendor has their own distinctive elements, but in general, for the most concerning and most sought-after features, it is very complete.
What needs improvement?
At this moment, nothing specific comes to mind regarding improvements for Forcepoint Next Generation Firewall.
The main feedback we receive concerns pricing. If I only have a chance to give one suggestion, it would be to keep pricing competitive. AI improvements could be beneficial, as having AI capabilities has become an important checkmark feature.
What do I think about the stability of the solution?
It has been stable.
How are customer service and support?
On a scale of 1 to 10 for customer service for Forcepoint Next Generation Firewall, I would rate it at least 9, 9.5.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup of Forcepoint Next Generation Firewall is usually straightforward from a professional use and expert perspective - it is normal and not difficult. However, these are products that require expert knowledge to some degree in my experience.
What about the implementation team?
For deploying Forcepoint Next Generation Firewall into client environments, the approach depends on the implementation. For deployment of individual components, we would typically deploy an engineer or technician for individual boxes. If it is going into an existing system, an engineer must be involved. For a full deployment, we need a solutions architect to examine it, and we involve different vendors for their guidance as they are the true experts in each of their components.
Which other solutions did I evaluate?
In terms of comparing Forcepoint Next Generation Firewall on a general level, they are very similar regarding features and quality of performance compared to Palo Alto or Cisco or some of the other major players for next generation.
What other advice do I have?
Our team has experience with multiple solutions including Palo Alto and Forcepoint Next Generation Firewall.
We have a mix of clients, primarily focusing on finance and telecom. As the CEO of the company, I lead the teams, negotiate the brands, and secure them. I am sometimes involved in purchasing products or quoting for bigger projects.
Regarding integration with third parties, we work as an MSSPÂ and support MSPs with their solutions. The integration has been very successful for monitoring and ongoing use of the solutions, particularly from an operational perspective for monitoring faults and issues.
Comparing pricing to other solutions on a scale of 1 to 10, with 10 being the highest price, Forcepoint Next Generation Firewall ranks around seven within the US market. There are other products that are less expensive, but they are frequently ranked among the industry leaders.
We generally work with SMBs and medium to smaller companies given our addressable market, and the experience has been good.
I rate Forcepoint Next Generation Firewall 9 out of 10.
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Aamir Ejaz
Advanced features secure our network and improvements in licensing could enhance cost-efficiency
Reviewed on Apr 15, 2025
Review provided by PeerSpot
What is our primary use case?
We use Forcepoint Next Generation Firewall for security purposes in our financial institution.
What is most valuable?
The most valuable features of Forcepoint Next Generation Firewall are the advanced threat protection, including features like IPS and DDoS prevention, which help avoid internal DDoS attacks. The centralized management and smart policies are effective, providing enhanced network efficiency, connectivity, and improved security, resulting in fewer cyberattacks and data breaches.
What needs improvement?
The licensing model should be more flexible. I recommend that additional features be included in a single license to avoid the need for extra licensing costs. Additionally, there are performance limitations when storing logs, as a large number may overwhelm the log server.
For how long have I used the solution?
I have been working with Forcepoint Next Generation Firewall for more than five to six years.
What was my experience with deployment of the solution?
Initially, deployment involved a few hurdles, requiring a couple of days. We had to customize it according to our organizational policies, which required involving a partner in the process for proper setup.
What do I think about the stability of the solution?
From a stability perspective, I would rate the solution between seven and eight out of ten.
What do I think about the scalability of the solution?
Scalability is somewhat limited. While I rate it at five to six, I note that there are restrictions in the firewall manager and limitations when deploying for cloud environments. Since we are using it on-premises, it is difficult to utilize for cloud solutions as well.
How are customer service and support?
Technical support is sometimes slow to respond, and it takes longer to resolve issues. This has been true across all Forcepoint products. I rate customer service four to five out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We maintain a multi-environment with solutions like Palo Alto and Cisco.
How was the initial setup?
The initial setup was a bit complex, requiring us to customize Forcepoint Next Generation Firewall according to our organization’s standards, necessitating partner involvement.
What about the implementation team?
From our side, at least ten people were involved, and a partner was engaged for the deployment.
What was our ROI?
The centralized management and automated updates have lowered operational costs.
What's my experience with pricing, setup cost, and licensing?
The licensing model is dependent on negotiation skills, but there is room for improvement. The costs can be high since additional features require separate licenses.
Which other solutions did I evaluate?
We maintain solutions like Palo Alto and Cisco.
What other advice do I have?
My overall rating for Forcepoint Next Generation Firewall is seven out of ten. Recommendations depend on infrastructure and return on investment analysis, as there are other alternatives, such as Palo Alto and Cisco.
Pablo-Verdina
Cross setup simplifies implementation but support challenges persist
Reviewed on Mar 04, 2025
Review provided by PeerSpot
What is our primary use case?
We mostly work with finance, specifically with banks most of the time. We use Forcepoint Next Generation Firewall for these applications.
What is most valuable?
Today, the Next Generation Firewall from all companies are pretty similar, but the difference lies in the accuracy of setting up the risks. Another valuable aspect is the features and how friendly they are for cross setup. Cross setup refers to using multiple features from the same firewall simultaneously within the same environment. With Forcepoint, this process is simplified compared to others like Fortinet.
What needs improvement?
There is a lot of technical stuff that could be improved. We've encountered scenarios that were really hard to set up and required support. It would be beneficial if the support and contact with the development team were enhanced. Fast response and efficient handling of issues, similar to how Fortinet responds, would be great.
For how long have I used the solution?
I have been using Next Generation Firewall from Forcepoint for more than seven years and the Data Loss Prevention for just a couple of projects, no more than a year.
How are customer service and support?
It is really hard to work with their customer support. For example, unlike Fortinet where you can escalate an issue and quickly get responses from the development team, Forcepoint's process seems slow and challenging.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
I moved from Oracle to use security vendors like Fortinet, Kaspersky, and Forcepoint.
How was the initial setup?
The initial setup can be quite complex. When trying to apply content filters with different network setups in the same machine, even with good planning and reference manuals, issues can arise. Combining different functionalities on the same box often results in problems.
What was our ROI?
I don't believe in ROI when talking about cybersecurity because there's no real way to measure it. Cybersecurity ROI could be $1 or $100 million, depending on the risk of data behind it. I've seen ROI analyses from many cybersecurity companies, but I find it hard to trust the numbers.
What's my experience with pricing, setup cost, and licensing?
In terms of pricing, I would place Forcepoint in the middle when compared to other firewalls like Fortinet and Palo Alto.
What other advice do I have?
Overall, I would rate Forcepoint Next Generation Firewall a seven. I believe a 6.5 would be more accurate though. Also, my name can be used for the review, but not my company name. I am no longer working with Consulting Services; I'm with a different company now.