General flow

To fully integrate Forcepoint DLP and Forcepoint CASB, complete the following steps:

Steps

  1. Ensure the Forcepoint Security Manager has the DLP Cloud Applications license activated. If you purchased the Forcepoint Cloud Security Gateway license, the DLP Cloud Applications license is included. For more information, see License Information (mentioned below).
  2. Generate your API access key and secret in Forcepoint CASB. For more information, see Generate a Forcepoint CASB integration API key (mentioned below).
  3. Ensure your network is configured to enable connectivity between the Forcepoint Security Manager and the Forcepoint CASB service. For more information, see Firewall and network access prerequisites (mentioned below).
  4. Configure the connection between Forcepoint DLP and Forcepoint CASB in the Forcepoint Security Manager using the API access key and secret. For more information, see Activate the connection with Forcepoint CASB in the Forcepoint Security Manager (mentioned below).
  5. Connect to Data Protection Service. To connect between the DLP Manager and Data Protection Service, upload the JSON file received in your fulfillment email to the Data Protection Service tab. For more information, see Connect Data Protection Service in the Forcepoint Security Manager (mentioned below).
  6. Create user accounts for single sign-on with Forcepoint CASB. For more information, see Configure single sign-on with Forcepoint CASB (mentioned below).
  7. Configure DLP Cloud Proxy:
    1. For each new or existing Forcepoint CASB asset you want to apply DLP policies to, you need to configure a Forcepoint CASB quick policy to ensure that the CASB Gateway sends transactions to Forcepoint DLP for analysis. For more information, see Configure Forcepoint CASB cloud application assets for Forcepoint DLP policy usage (mentioned below).
    2. Check that the assets are shown in the Forcepoint Security Manager with an OK status. For more information, see View the list of cloud applications (mentioned below).
    3. Configure one or more DLP rules for DLP Cloud Applications (DATA Policy Management > Manage DLP Policies > Policy rule > Destination > DLP Cloud Applications).For more information, see Configure DLP policies for cloud applications in the Forcepoint Security Manager, page (mentioned below).
    4. Configure one or more DLP action plans using cloud application resources. For more information, see Configure an action plan with cloud application resources (mentioned below).
  8. Configure DLP Cloud API:
    1. For DLP Cloud API setup, Forcepoint recommends that you configure existing cloud applications or add new cloud applications through the Forcepoint Security Manager as this automatically creates and configures Forcepoint CASB cloud application assets. For more information, see Add a cloud application in the Forcepoint Security Manager (mentioned below).
      Alternatively, you can create and configure a new Forcepoint CASB asset in Forcepoint CASB, which will then sync with the Forcepoint Security Manager. For more information, see Add an asset in Forcepoint CASB and Configure Forcepoint CASB cloud application assets for Forcepoint DLP policy usage (mentioned below).
    2. Check that the Forcepoint CASB assets are shown as cloud applications in the Forcepoint Security Manager with an OK status. For more information, see View the list of cloud applications (mentioned below).
    3. Configure DLP Cloud API policies for cloud applications in the Forcepoint Security Manager (DATA > Policy Management > Manage DLP Policies > Policy rule > Destination > DLP Cloud Applications). For more information, see Configure DLP policies for cloud applications in the Forcepoint Security Manager (mentioned below).
    4. Configure one or more DLP action plans using DLP Cloud API operations. For more information, see Configure an action plan with cloud application resources (mentioned below).
      Important: If you upgraded to Forcepoint DLP 8.8.1 and already have a DLP Cloud Applications license supporting DLP Cloud API and Cloud Data Discovery, make sure to connect to Data Protection Service as described in Activate DLP Cloud Applications channels after a Forcepoint DLP upgrade (mentioned below).
  9. Configure Cloud Data Discovery:
    1. For Cloud Data Discovery setup, Forcepoint recommends that you configure existing cloud applications or add new cloud applications through the Forcepoint Security Manager as this automatically creates and configures Forcepoint CASB cloud application assets. For more information, see Add a cloud application in the Forcepoint Security Manager (mentioned below).
      Alternatively, you can create and configure a new Forcepoint CASB asset in Forcepoint CASB, which will then sync with the Forcepoint Security Manager. For more information, see Add an asset in Forcepoint CASB and Configure Forcepoint CASB cloud application assets for Forcepoint DLP policy usage (mentioned below).
    2. Check that the Forcepoint CASB assets are shown as cloud applications in the Forcepoint Security Manager with an OK status. For more information, see View the list of cloud applications (mentioned below).
    3. Enable Cloud Data Discovery. Forcepoint recommends that you enable Cloud Data Discovery in the Forcepoint Security Manager. Alternatively, you can configure data at rest discovery in Forcepoint CASB. For more information, see Enable Cloud Data Discovery in the Forcepoint Security Manager and Configure data at rest discovery in Forcepoint CASB (mentioned below).
    4. Add a Cloud Data Discovery policy. Before you create a Cloud Data Discovery scan, make sure that you have created at least one Discovery Policy in the Forcepoint Security Manager (Policy Management > Discovery Policies > Manage Policies). For more information, see CreatingDiscovery Policies in the Forcepoint DLP Administrator Help
    5. Add a Cloud Data Discovery scan. Forcepoint recommends that you add and configure a Cloud Data Discovery scan in the Forcepoint Security Manager. Alternatively, you can configure a data classification scan policy in Forcepoint CASB. For more information, see Add a Cloud Data Discovery scan in the Forcepoint Security Manager (mentioned below).
      Important: If you upgraded to Forcepoint DLP 8.8.1 and already have a DLP Cloud Applications license supporting DLP Cloud API and Cloud Data Discovery, make sure to connect to Data Protection Service as described in Activate DLP Cloud Applications channels after a Forcepoint DLP upgrade (mentioned below).
  10. View Forcepoint DLP incident details in the Forcepoint Security Manager and Forcepoint CASB:
    1. View Forcepoint DLP incident information in the Forcepoint Security Manager. For more information, see View Forcepoint DLP incidents in the Forcepoint Security Manager (mentioned below).
    2. View additional incident information in Forcepoint CASB. For more information, see View incident information in Forcepoint CASB (mentioned below).