SEA Managed App traffic only

The Managed App traffic only mode is also known as CASB mode. In this mode, only managed applications’ traffic is proxied by SmartEdge Agent and all other traffic is proxied by F1A.

Installation and Configuration

  1. Install the SmartEdge Agent and F1A in any sequence as you desire.
    To know in detail, refer to:
  2. Configure the SmartEdge Agent and F1A as per the following:
    SmartEdge Agent Configurations F1A Configurations
    On the Forcepoint ONE SSE, navigate to Protect > Forward Proxy > SmartEdge Proxy:
    1. Select Managed App traffic only as Mode.

      To know in detail, refer to Mode Option.

    2. Make sure that the Set PAC is set to enabled.
    3. Uncheck the Enable ZTNA Driver option to disable the ZTNA driver at the tenant level.
    4. To save the changes, click Save.
    		 On the Forcepoint ONE Data Security portal, navigate to Settings > Endpoint > Traffic Monitoring:
    1. Under the Intercept web traffic sub-section:
      • Set Set system proxy to Disabled
      • Set Use Driver to capture Web Traffic to Enabled
    2. Make sure that the Perform SSL decryption is set to Enabled.

      To know in detail, refer to Endpoint

    3. To save the changes, click Save.
  3. Set the use_f1e to false if use_f1e already exists. To know in detail, refer to Enabling Interoperability.

    OR

    If the use_f1e registry or plist entry is missing, then the SmartEdge agent assumes it as false.

Behavior

Following is the behavior of SmartEdge agent and F1A when the SmartEdge Agent is set to Managed App traffic only mode:

  • SmartEdge Agent receives managed app traffic and forwards traffic to Forcepoint ONE SSE cloud where the SSE's upload and download DLP/AM are applied. F1A does not see managed app traffic.
  • F1A picks up all other traffic using its driver and applies upload DLP policy to all other network channel traffic before sending to destination.