Web protection basic distributed enterprise topology
| Applies to: | In this topic |
|---|---|
|
|
Forcepoint Web Security
On-premises deployments of Forcepoint Web Security may be hosted on Forcepoint appliances, Windows and Linux servers, or a combination. With the addition of the Web Security Hybrid Module, the cloud-based hybrid service can be added to provide policy enforcement for remote locations or off-site users.
.jpg)
- One or more appliances running core policy components, plus additional servers running reporting, management, and interoperability components.
- One or more Windows or Linux servers running core policy and interoperability components, plus Windows servers running reporting and management components.
The hybrid service can be used to manage Internet activity for remote sites or off-site machines.
Forcepoint URL Filtering
To reduce network infrastructure costs, each remote-site firewall in a decentralized network is connected directly to the Internet, rather than to a corporate WAN.
A small office/home office (SOHO) firewall is connected to an ISDN, DSL/cable, or T1 connection. Except for corporate application data that may use a virtual private network (VPN) connection, each outbound Internet request from a remote site is sent through a local Internet service provider (ISP) to the Internet.
.jpg)
Optionally, off-site users (remote users outside the corporate or remote-site network) can have requests managed by adding the Remote Filter module. This requires that Remote Filtering Server (not depicted) be deployed in the main site network and Remote Filtering Client be installed on each off-site machine. For more details, refer the section Deploying Remote Filtering Server and Client.