Forcepoint Next Generation Firewall

Enterprise SD-WAN meets the most secure next gen firewall

Replace MPLS and go direct to cloud

Use SD-WAN to replace costly MPLS at retail stores and branch offices with broadband links to the cloud. Accelerate Office 365 performance and boost resilience without sacrificing security with Forcepoint NGFW.

Stop evasions that bypass your IPS

Defend your networks against emerging exploits and malware—even ones camouflaged by advanced evasion techniques that sneak through most next generation firewalls.

Respond to incidents in minutes, not hours

Immediately see and understand what’s happening in your network with an interactive, visual interface. Update policies for hundreds of physical and virtual locations worldwide with a single click.

.

Decrypt traffic while safeguarding privacy

Inspect attacks and stolen data hidden inside encrypted SSL/TLS traffic while still protecting users’ privacy.

Extend your network into the cloud

Deploy applications safely in Amazon Web Services, Azure, and VMware. Segment different service layers and manage virtual NGFWs and IPSs the same way as physical appliances.

Control access to web content

Limit users’ access to entire categories of websites containing inappropriate or unsafe content with URL intelligence that’s depended upon around the globe.

Protect high-assurance systems

Safeguard your most sensitive, mission-critical networks and applications with Forcepoint’s renowned Sidewinder proxy technology.

.

Regain control of shadow IT

Understand the risk associated with unsanctioned cloud apps so you can redirect users to more appropriate apps or block them altogether.

Offer SD-WAN and NGFW security as an MSSP

Manage enterprise-grade connectivity and protection from your own multi-tenant systems, with a business model tailored to the needs of MSSPs.

Enterprise SD-WAN connectivity and NGFW security for distributed enterprises

Modular appliances for every environment

Our broad range of appliances provide the right price-performance and form factor for each location; pluggable interface cards let you change networks with ease

High availability, mixed clustering

Active-active clustering lets you mix up to 16 different models of appliances for unrivaled scalability, longer lifecycles, and seamless updates without dropping packets.

.

Multi-link connectivity for SD-WAN

Broadband, wireless, and dedicated lines at each location can be centrally deployed and managed, providing full control over what traffic goes over each link with automated failover.

Automated, zero-downtime updates

Policy changes and software updates can be deployed to hundreds of firewalls and IPS devices around the world in minutes, not hours, without the need for service windows.

Policy-driven centralized management

Smart Policies describe your business processes in familiar terms and are automatically implemented throughout the network, managed in-house or via MSSP

Actionable, interactive 360° visibility

Graphical dashboards and visualizations of network activity go beyond simple reporting, enabling admins to drill into events and respond to incidents faster.

Built-in NGFW, VPN, proxies, and more

Unparalleled security comes standard, from top-ranked Next Generation Firewall and IPS to rapid-setup VPNs and granular decryption, as well as our unique Sidewinder proxy technology.

Top-ranked anti-evasion defense

Multi-layer stream inspection defeats advanced attacks that traditional packet inspection can’t detect—see for yourself in our Evader video series.

Human-centric endpoint context

Access policies can whitelist or blacklist specific endpoint apps, patch levels or AV status. Users’ behaviors are consolidated into actionable dashboards.

Unified virtual and physical security

Native support for AWS, Azure, and VMware has the same capabilities, management, and high performance of our physical appliances.

CASB and web security

Our renowned URL filtering and industry-leading cloud services work together to protect your data and people as they use apps and web content.

Anti-malware sandboxing

Forcepoint Advanced Malware Detection blocks previously undetected ransomware, zero-days, and other attacks before they steal sensitive data or damage your systems

APIs

Rich application programming interfaces enable SD-WAN and NGFWs to be integrated with orchestration, management, and third-party analysis infrastructure.

Certifications

Forcepoint Next Gen Firewalls are rigourously tested to comply with major industry and government certification requirements.

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Contact us for additional information

Physical Appliances

Forcepoint NGFW appliances support a wide range of customizable network interfaces and can be clustered together in mixed groups for even greater capacity and high availability – hardware and software in clusters can even be upgraded without downtime. All models run unified Forcepoint NGFW software, which provides consistent capabilities, high performance and centralized management. Forcepoint NGFW appliances are designed for use in the most rigorous networks 

All appliances (except the 100 series) can be deployed as either a Layer 2 or Layer 3 firewall or a next generation intrusion prevention system (IPS). Most models have extensible networking interfaces (including bypass modules), which allow for configuration changes throughout the device’s life span.

 

6200 Series

  • Ideal for data centers
  • Up to 66 interfaces
  • Firewall throughput 240 Gbps
  • IPS & NGFW throughput 22 Gbps
  • (specifications)

3400 Series

  • Ideal for campus networks and data centers
  • Up to 67 interfaces
  • Firewall throughput 200-300 Gbps
  • IPS & NGFW throughput 15-35 Gbps
  • (specifications)

3300 Series

  • Ideal for campus environments
  • Up to 35 interfaces
  • Firewall throughput 80-160 Gbps
  • IPS & NGFW throughput 9-15 Gbps
  • (specifications)

2100 Series

  • Ideal for network edge
  • Up to 28 interfaces
  • Firewall throughput 60-80 Gbps
  • IPS & NGFW throughput 5-7.5 Gbps
  • (specifications)

1100 Series

  • Ideal for network edge
  • Up to 16 interfaces
  • Firewall throughput 50-60 Gbps
  • IPS & NGFW throughput 1.5-3 Gbps
  • (specifications)

300 Series

  • Ideal for remote sites and branch offices (desktop design) 
  • 8 interfaces (2 optional modules on model 335) 
  • WLAN 802.11 ac/a/b/g/n optional on model 335W 
  • Firewall throughput 4-7 GbpsIPS & NGFW throughput 350-1000 Mbps
  • (specifications)
 

50 Series

  • Ideal for small offices or home offices (desktop design)
  • 4 interfaces
  • LTE on model N51LTE
  • Firewall throughput 1.9 Gbps
  • IPS & NGFW throughput 200 Mbps
  • (specifications)

Modular Network Interfaces

Forcepoint rack-mounted NGFWs as well as the desktop NGFW 325 and NGFW 115 accept a range of extensible network interfaces (including bypass modules that are often used with IPS), providing flexibility and adaptability to new network infrastructure. See Module Specifications for details.

Firewall throughput based on UDP 1518 bytes; NGFW throughput based on HTTP 21k bytes

Cloud Appliances

  • Unified Forcepoint NGFW software
  • Amazon Web Services (AWS)
  • Azure Cloud
  • Secures both north-south communication in/out of cloud and SDN east-west traffic

Virtual Appliances

  • Unified Forcepoint NGFW software
  • Available for KVM and VMware ESXi and NSX
  • Scales to 64 CPUs
  • Automates network microsegmentation
  • Can be clustered with physical firewalls