Over the span of my career, I have seen toolsets come and go in our industry which promise astonishing things. Very rarely, can they deliver on some increasingly bold claims. When Forcepoint unveiled their Dynamic User Protection (DUP) as a SAAS offering, I wasn’t convinced it would be as simple as they claimed. Anyone following the world of Forcepoint can tell you that the UEBA on which DUP is based, is not a simple toolset to deploy. It requires comical levels of hardware and extremely qualified Professional Services (PS) to deploy. It’s in fact so complex, it could not be sold to clients without mandatory Forcepoint PS.
So when we at Gradian were lucky enough to get our hands on it towards the start of this year, I cleared out an afternoon, grabbed a coffee, logged into my portal and got cracking on deploying it within my lab. I knew it would be simple, but grossly over-estimated the time I would need. Here’s what happened in my lab environment:
And that was it. My coffee was still hot and my afternoon was suddenly free. The NEO Agent communicates with my ONE Agent locally. The ONE Agent feeds all relevant information back to my Forcepoint Security Manager and the NEO agent autonomously updates in the background.
Obviously there are more considerations for an enterprise deployment, such as testing, change requests and pushing the agent to all users, but the takeaway here is that the deployment process really is that simple.