No it is not, at least in most cases.
Universal forwarders are by default designed to have a low level of resources usage on clients, and will limit network bandwidth usage. (256KBps by default)
On the opposite, heavy forwarders are full Splunk instances and will use be very useful in specific cases such as:
- acting as intermediate collectors to address your network and improve your Splunk architecture (isolating indexers from the rest of your network, dedicating indexing parsing tasks to heavy forwarders instead of having these tasks done by indexers, improving scalability and so on)
- Managing central points of data such as NFS shares, Syslog severs, indexing data from databases and so on
This is why for "normal clients" you will use Universal forwarders, for specific usage you have a real and great interest of udon heavy forwarders.
Heavy forwarders is a very powerful piece of Splunk architecture scenarios, but not for any usage.
Note that one of most important difference between UF and HF to remember is the fact that UF won't be do any indexing parsing tasks, while HF will do full indexing time parsing.
Hope this helps.
Some related schemas:
http://nmonsplunk.wikidot.com/documentation:installation:bydeployment:distributed
Finally, what you should consider to control and optimize network bandwidth is having HF forwarding data from your UF clients in the same vlan,
You will that way optimize and control the data flow. (Controlling data flow from a few endpoints will be much easier than from 400 clients).
Note that UF and HF can compress data flow using zlib or ssl, which also participate to optimize network usage
