Table of Web security components

Following is a brief description of Forcepoint web protections components.

For component limits and rations, see Deploying core web protection components in the Forcepoint Technical Library.

The individual components required for these modes are automatically enabled when firstboot completes. You do not need to choose components individually.
Component Description
Policy Database

Stores Forcepoint software settings and policy information. Installed automatically with Policy Broker. Runs on the policy source machine only. Typically installed on a Windows server.
Policy Broker

Manages requests from Forcepoint components for policy and general configuration information. Runs on the policy source machine only. Typically installed on Windows server.
Policy Server
Can run on any web appliance. The primary copy runs on the policy source machine.
  • Identifies and tracks the location and status of other Forcepoint components.
  • Stores configuration information specific to a single Policy Server instance.
  • Communicates configuration data to Filtering Service, for use in handling Internet requests.

Policy Server settings are configured in the Web Security module of the Security Manager.

Policy and most configuration settings are shared among all Policy Servers that share a Policy Database.
Filtering Service

Can run on any web appliance.

Provides Internet traffic management in conjunction with Network Agent or a third-party integration product. When a user requests a site, Filtering Service receives the request and determines which policy applies.
  • Filtering Service must be running for Internet requests to be handled and logged.
  • Each Filtering Service instance downloads its own copy of the Forcepoint Master Database.

Configure enforcement policies and Filtering Service behavior in the Web Security module of the Security Manager.
Network Agent
Can be deployed on V Series appliances and Windows and Linux servers.
  • Enhances security and logging functions
  • Enables non-HTTP and non-HTTPS protocol management
Master Database
  • Includes more than 36 million websites, sorted into more than 95 categories and subcategories.
  • Contains more than 100 non-HTTP protocol definitions for use in managing protocols.

After all modules are set up, download the Forcepoint Master Database to activate Internet management, and schedule automatic updates. If the Master Database is more than 2 weeks old, no traffic management occurs.

Forcepoint Web Security module of the Forcepoint Security Manager

Runs on a Windows server.

Serves as the configuration, management, and reporting interface for Forcepoint software.

Use the Web Security module of the Security Manager to define and customize Internet access policies, configure Forcepoint software components, report on Internet activity, and more.

The Web Security module of the Security Manager is made up of the following services:
  • Web Security
  • Web Reporting Tools
  • Explorer Report Scheduler
  • Information Service for Explorer
  • Reporter Scheduler
  • Real-Time Monitor
Usage Monitor
Can run on any appliance.
  • Enables alerting based on Internet usage.
  • Provides Internet usage information to Real-Time Monitor.

Usage Monitor tracks URL category access (shown in Real-Time Monitor) and protocol access, and generates alert messages according to the alerting behavior you have configured.
Content Gateway
Runs on every Forcepoint Web Security appliance.
  • Provides a robust proxy and cache platform.
  • Can analyze the content of websites and files in real time to categorize previously uncategorized sites.
  • Analyzes HTML code to find security threats.
  • Inspects file content to assign a threat category (for example, viruses, Trojan horses, or worms).