Probably Good for Enterprise, Not for SME
What do you like best?
Technology is, on the face of it, impressive. The ability to have users click a button and that email automatically removed from all affected inboxes (TRAP) is a really good feature.
What do you dislike?
Where to start...
1. The proactive protection does not reliably block spam or phishing. We'll go a week or so without any user reports, then suddenly users will receive a barrage of phishing / spam in a few days. This week alone, we had 7 phishing attacks getting into people's inboxes in < 3 days and we're only a 400 user company.
2. When explaining these issues to customer service, they promise a lot of action to investigate and resolve issues, but these are empty. We are consistently ignored despite our pleas for help and despite us having multiple P2s and P1s open.
3. On customer service, we have been promised a feature called URL isolation for Very Attacked Persons for the last two months which is included in our P0 bundle. So far we've had a demo and promise to have it setup, but no further word. I even had one of their account managers state they were offering URL isolation for VAP to us as an apology for our issues despite us already having the feature included.
4. Unless you expressly ask, every single phishing email you report goes into a black hole of automated threat intel team response. We reported a phishing attack with a malicious html attachment received to 1 user at 11am, received an automated response telling us "indicators were blocked" etc. At 2pm, that same email and html attachment was used to attack another 20+ users, bypassing Proofpoint again.
5. Their recent update to 8.17 on Proofpoint Protection Server caused all custom spam modifier rules to fail. They still haven't fixed this after two months and provide no timelines on when it will be resolved.
6. TRAP will fail for no reason and stop acting on user reports. Like literally, all indicators will show green but it will stop pulling user reports and not tell you it's fallen over. You will have to constantly monitor the assigned abuse mailbox to ensure no user reports are staying in the inbox.
7. Slightly less of a serious issue, but every single console for Proofpoint has a different login.
Bottom line, I can't trust them or their product, which is shocking considering their standing in the industry and cost. I can only imagine as we're a tiny fish in a huge pond, they don't care about resolving our issues as much as the "big guys". Based on our experience, they might be OK for an enterprise who has the manpower to baby them, but SMEs should consider alternatives.
Recommendations to others considering the product:
If you're a big company, they might take you seriously so it might be worth taking a chance. SMEs: Look elsewhere. Mimecast, Ironscales, Avanan, Spamtitan, it might even be worth sticking with O365 over the headaches and pain we've endured.
What problems are you solving with the product? What benefits have you realized?
We hoped reduced spam / phishing, but see dislikes. Pretty much the only tangible benefit so far has been glossy graphs and interfaces w/ TAP and TRAP dashboards.
