Getting Started

This section provides a high-level overview of the Forcepoint Cloud Security Gateway access and integration process. Purchase the Forcepoint Cloud Security Gateway license.

Steps

Purchase the Forcepoint Cloud Security Gateway license.

This license contains the license information for all of the Forcepoint Cloud Security Gateway products: Forcepoint Web Security Cloud, Forcepoint CASB, and Forcepoint DLP Cloud Applications.

If you purchased the products outside of the Cloud Security Gateway bundle, a separate license is provided for each product. When Forcepoint CASB is purchased, a separate fulfillment email is sent to each customer.

See License Information(mentioned below) for more information about the Forcepoint Cloud Security Gateway license and licensing information if you purchase the products separately.
Review your fulfillment email.
The fulfillment email contains:
- License information, including the subscription keys for the products
- Credentials to sign in to the products
- A JSON file with unique configuration information. This JSON file is used for the Data Protection Service integrations in the Forcepoint Security Manager.
Check your Forcepoint Cloud Security Gateway access.
Verify that you can sign in to the products using the credentials in the fulfillment email:
1. Sign in to the Forcepoint Cloud Security Gateway Portal to access Forcepoint Web Security Cloud.
2. Sign in to Forcepoint CASB.
3. Sign in to the Forcepoint Security Manager to access Forcepoint DLP.
Generate your API access keys and secrets in Forcepoint CASB.
If the API access keys and secrets are not shown in your fulfillment email, or if you need additional API access keys, you can create new keys in Forcepoint CASB. For more information, see Generate a Forcepoint CASB integration API key (mentioned below).
To integrate Forcepoint CASB with Forcepoint Web Security Cloud and Forcepoint DLP Cloud Applications, you need to generate an API access key and API secret for each integration. This key and secret allow Forcepoint CASB to connect to Forcepoint Web Security Cloud and Forcepoint DLP through an API connection.
Start the integration process.
When you start to integrate the products, Forcepoint recommends that you integrate in the following order:
1. Forcepoint Web Security Cloud and Forcepoint CASB
  With this integration, user requests to selected Protected Cloud Apps are forwarded by the Web Security Cloud proxy to Forcepoint CASB for policy enforcement.
  For more information about setting up this integration and configuring the Protected Cloud Apps, see Integrating Forcepoint CASB and Forcepoint Web Security Cloud(mentioned below).
2. Forcepoint DLP Cloud Applications and Forcepoint CASB
  With this integration, user requests are analyzed depending on the configured cloud app:
  - DLP Cloud Proxy provides immediate, inline activity analysis for cloud applications that connect to Forcepoint CASB through a proxy connection.
  - DLP Cloud API provides near real-time analysis soon after the user operation occurs by connecting to the cloud application through an API connection.
  - Cloud data discovery, or data at rest, provides data discovery and remediation of sensitive data at rest and data shared within sanctioned cloud applications
  For more information about setting up this integration, creating and configuring cloud apps (assets), and configuring Forcepoint CASB policies for DLP, see Integrating Forcepoint DLP and Forcepoint CASB(mentioned below).
3. Forcepoint DLP and Forcepoint Web Security Cloud
  With this integration, user requests that are considered to represent a potential data security risk are forwarded to Data Protection Service by the cloud proxy. Data Protection Service then determines the risk and returns a response telling the proxy to block or allow the request.
  For more information about setting up this integration, see Integrating Forcepoint DLP and Forcepoint Web Security Cloud(mentioned below).