Forcepoint Web Security Cloud Help

1 2021 Forcepoint Web Security CloudForcepoint Cloud Security GatewayPortal Help 2022, ForcepointForcepoint and the Forcepoint logo are trademarks of Forcepoint . All other trademarks used in this document are the property of their respective owners. Every effort has been made to ensure the accuracy of this document. However, Forcepoint makes no warranties with respect to this documentation and disclaims any implied warranties of merchantability and fitness for a particular purpose. Forcepoint shall not be liable for any error or for incidental or consequential damages in connection with the furnishing, performance, or use of this manual or the examples herein. The information in this documentation is subject to change without modified: July 18, 2022 Forcepoint Cloud Security Gateway Portal Help iContents Chapter 1 Getting Started ..1 Initial steps ..2 Logging on and portal Security ..2 Cloud Web setup.

2 3 Configuring your firewall to connect to the Cloud service ..4 Sending end user information to the Cloud service..5 Configuring SCIM ..5 Configuring the Directory Synchronization Client ..5 Adding users manually ..6 Setting up your first policy ..6 Configuring policy connections..6 Adding end users ..7 Directing user traffic to the Cloud service ..7 Finishing the setup (next steps)..8 Using the Resource Center..8 Navigating the Cloud portal ..9 Cloud portal dashboards..11 Creating custom dashboards in the Cloud portal ..15 Alerts ..17 Chapter 2 Account Settings ..19My Account ..20 Configuring SIEM storage ..20 Contacts ..22 Adding a contact ..22 Password settings ..26 Password policy ..27 Password expiration limit ..28 User lockout..28 Changing passwords ..29 Forgotten passwords ..30 Two-factor authentication ..31 Terms of use..32 Identity Management ..33 End Users ..33 Groups ..34 Downloading and uploading groups.

3 35ii Forcepoint Web Security CloudContentsLicenses ..36 Licenses page ..37 License information..37 Accepting licenses..37 Privacy protection..38 Data Protection Settings..39 Important rules for configuring accounts ..41 Chapter 3 Working with External Directories..43 What is SCIM? ..44 How the service works with SCIM ..44 What is LDAP?..45 How the service works with LDAP ..45 Planning for your first synchronization ..47 Deciding what to synchronize..48 Synchronizing with SCIM ..49 Synchronizing with the Directory Synchronization Client ..49 Basic steps ..50 Cloud portal tasks..51 Configure identity management ..51 Set up authentication (Directory Synchronization only)..53 Client tasks (Directory Synchronization only) ..54 Maintenance ..54 View and manage user data..55 Assign a group to a different policy..55 View and print reports..56 View recent synchronizations ..56 Restore directories.

4 57 Troubleshoot synchronization failures ..58 Turn off identity management..59 Chapter 4 Configuring Web Settings..61 Configure General settings..62 Proxy auto- configuration (PAC)..62 Proxy query page..65 Web performance monitor ..66 Roaming home page ..67 Configure Remote Browser Isolation..68 Configure File Sandboxing settings ..70 Supported file types..71 What does a file sandboxing transaction look like? ..71 Configure Single Sign-On settings..72 Configure Bypass Settings ..74 Forcepoint Cloud Security Gateway Portal Help iiiContentsBypassing authentication settings ..74 Adding and importing sites that bypass the proxy ..78 Bypassing certificate verification ..80 Bypassing authentication decryption ..81 Configure Domain settings..82 Editing a domain ..84 Configure Endpoint settings..84 Endpoint overview ..85 Configure General endpoint settings..90 Configure endpoint End User Control settings.

5 92 Windows operating system users ..93 Installing and uninstalling Neo ..94 Distributing the endpoint via GPO (Classic Proxy Connect and Direct Con-nect) ..94 Installing the endpoint on a single machine (Classic Proxy Connect and Di-rect Connect) ..95 Uninstalling the endpoint from Windows (Classic Proxy Connect and Direct Connect)..96 Mac operating system users ..97 Installing and uninstalling Neo ..97 Installing the endpoint (Classic Proxy Connect and Direct Connect) ..97 Identifying Mac endpoint end users..99 Changing the policy of a Mac end user ..99 Uninstalling the endpoint from the Mac (Classic Proxy Connect and Direct Connect)..100 Updating the endpoint..101 Endpoint bypass ..101 Configure protected Cloud apps ..102 Configure Full Traffic Logging settings..105 Configure custom categories ..105 Adding sites to custom categories..107 Time periods..108 Configure custom protocols ..110 Adding or editing a custom protocol.

6 110 Configure block and notification pages ..111 Editing notification pages ..113 Notification page variables ..115 Language support ..117 Configure Content Classifiers for Data Security (DLP Lite)..118 Regular expression content classifiers ..119 Key phrase content classifiers..120 Dictionary content classifiers ..121 Chapter 5 Managing Network Devices..123iv Forcepoint Web Security CloudContentsManaging edge devices ..125 Adding or editing edge device information..128 Import multiple edge devices via a CSV file ..131 Generating device certificates ..133 Managing EasyConnect services ..134 Adding or editing an EasyConnect service..135 Managing I Series appliances..136 Optimizing appliance performance..138 Adding or editing appliance information ..139 Configure general settings ..140 Configure a certificate authority ..141 Generating an appliance certificate ..142 Define internal network settings.

7 143 Configure advanced settings (if needed) ..145 Chapter 6 Defining Web Policies..147 General tab ..150 User and group exceptions for time-based access control ..154 Connections tab ..155 Access Control tab ..157 Pre-logon welcome page..159 Session timeout ..160 NTLM identification..160 NTLM registration page ..161 Setting authentication options for specific users..163 Endpoint tab ..164 End Users tab ..167 Registering by invitation ..168 Bulk registering end users..168 End user self-registration ..170 Identity management..171 NTLM transparent identification ..171 Editing end-user registration pages..172 Managing registered users..172 Rules for policy association during end-user registration..173 Cloud Apps tab..173 Custom Categories tab ..176 Adding sites to custom categories..177 Web Categories tab..179 Enabling SSL decryption ..179 Managing categories, actions, and SSL decryption ..180 Policy enforcement actions.

8 182 Using quota time to limit Internet access ..183 Forcepoint Cloud Security Gateway Portal Help vContentsYouTube Restricted mode..184 Bypassing SSL decryption for specific sites..184 Exceptions..185 Filtering action order..187 Category list ..189 Protocols tab..190 Protocol exceptions..190 Application Control tab ..191 Application control exceptions ..192 File Blocking tab ..194 Blocking by file type..195 Blocking by file extension ..196 Advanced options ..198 Data Protection tab ..199 Data Security tab (DLP Lite) ..200 Web Content & Security tab..204 Configuring file analysis..207 Analysis exceptions..208 Chapter 7 Report Center .. 211 Using the Report Catalog ..212 Managing reports..213 Managing folders..216 Using the Report Builder ..218 Creating a report ..220 Viewing report results..221 Viewing detailed reports ..222 Exporting a report ..223 Scheduling reports ..223 Adding and editing scheduled jobs.

9 224 Exporting data to a third-party SIEM tool ..227 Running the SIEM log file download script for Forcepoint storage..230 Chapter 8 Web Reporting Tools ..233 Using the Transaction Viewer ..234 Using the Incident Manager ..236 Report attributes: Web and Data Security ..237 Report metrics: Web and Data Security ..248 Web predefined reports ..250 Chapter 9 Account Reports ..259 Endpoint Auditing Report (Classic Proxy Connect and Direct Connect) ..260 Service reports ..261vi Forcepoint Web Security CloudContentsDownloading report results ..262 Saving reports..262 Scheduling reports ..263 Chapter 10 Audit Trails ..265 configuration audit trail ..265 SCIM audit trail ..266 Chapter 11 Standard Web configuration ..267 Appendix AUse Cases for Setting up User Provisioning..273 New Web and/or email customers (LDAP) ..273 New Web customers (SCIM) ..275 Existing Web and/or email customers (LDAP) ..276 Considerations for existing customers (LDAP).

10 278 Existing Web customers (SCIM) ..279 Considerations for existing customers (SCIM)..280 Appendix BData Security Content Classifiers (DLP Lite only) ..281 Personally Identifiable Information (PII)..281 Protected Health Information (PHI)..294 Payment Card Industry (PCI)..297 Data Theft..2971 Cloud Security Gateway Portal 1 Getting StartedForcepoint Cloud Security Gateway | Forcepoint Web Security Cloud HelpCloud web protection products protect your organization against the threats of malware, spam, and other unwanted content in web following web products are available in the Cloud : Forcepoint URL Filtering offers malware protection and customizable web content categories, enabling you to create highly granular acceptable use policies. Forcepoint Web Security Cloud includes the above features, plus real-time Security analysis, real-time content classification, detection of inappropriate content in dynamic websites, granular configuration for social web controls, and SSL decryption by Cloud service offers the following add-ons for web products: The I Series appliance is an add-on to Forcepoint Web Security Cloud , and provides on-premises URL analysis and application/protocol detection for web traffic, along with centralized policy management and reporting capabilities in the Cloud .