Telemetry settings

Note: This feature is available in Forcepoint DLP v10.4.1.

Telemetry and Usage Data

Forcepoint Data Loss Prevention (DLP) collects limited, non-personal operational telemetry data to support product diagnostics, service reliability, and continuous improvement. No end-user content, personally identifiable information (PII), or customer data subject to DLP policy enforcement is collected through this mechanism.

Purpose of Telemetry Collection

The telemetry data collected by Forcepoint is used solely for the following purposes:

  • Diagnosing and resolving product issues more efficiently
  • Improving product stability, performance, and usability
  • Identifying underutilized features to guide product enhancements
  • Supporting capacity planning and scalability improvements
  • Proactively detecting systemic health issues across deployments

Forcepoint does not sell, share with third parties, or use telemetry data for any advertising or commercial profiling purposes.

Types of Telemetry Data Collected

Forcepoint DLP telemetry includes the following high-level categories:
  • Identity & Version: Forcepoint collects DLP product version information, the account/tenant name, and masked or anonymized system identifiers. This information enables precise issue diagnostics and version-specific support.
    Note: Host names and MAC addresses, where collected, are cryptographically masked prior to transmission and are not accessible in their original form.
  • Deployment & Configuration: Aggregated counts of successful and failed deployments, and feature flag states (for example, whether specific capabilities are enabled), to assess product health and configuration patterns.
  • Policy & Rules: The number of enabled DLP and Discovery rules and exceptions — used to understand deployment scale and prioritize product improvements. No policy content, rule definitions, or customer-authored logic is collected.
  • Usage Patterns: Usage frequency of predefined and deprecated classifiers and policies, to guide feature lifecycle decisions. No user-generated content or matched data is collected.
  • Activity Metrics: Aggregate counts of audit log entries, DLP incidents, and Discovery incidents — used solely to assess product activity levels and identify inactive deployments for proactive support outreach.
  • Fingerprinting & Discovery: Aggregate counts of fingerprinted file records and Discovery job sizes, used for capacity and scalability planning.
  • Agents & Endpoints: Counts of connected agent types (Protectors, Email Security Gateway, Web Content Gateway), supplementary servers, Analytic Engines, and active DLP endpoints — used for infrastructure scale analysis.
  • Directory Sync: Aggregate counts of synced users, groups, and computers, used to understand Active Directory scale. No individual identity records are transmitted.

During installation or upgrade, users are notified that telemetry data will be collected and can choose to disable it anytime in Forcepoint Security Manager (FSM).

The notification appears during new installations, upgrades, and maintenance release installations. After acknowledging the notification, the Telemetry toggle is enabled by default. To disable it, users can go to Data > General > Telemetry in FSM and turn off the toggle.

Consider disabling telemetry if:

  • The environment is air-gapped and has no external network access.
  • The organization's policy does not permit sharing usage data with third parties.

Disabling telemetry has no effect on DLP policy enforcement, reporting, or logging.