Configuring the protector
Forcepoint DLP provides several options for email DLP:
- The protector can act as an MTA to prevent data loss over email.
- The protector MTA can be combined with Forcepoint DLP Email Gateway to offer a combination of on-premises and cloud-based data protection.
- Forcepoint Email Security can act as an MTA, instead of the protector. Enforcement over the web channel (Web DLP) also has several options:
- The protector can monitor and report on web traffic.
- Use the Web Content Gateway appliance included with Forcepoint DLP Network.
- Use Forcepoint Web Security, instead of the protector
- Provide web DLP via a third-party proxy via ICAP.
In deployments that use the protector for email DLP, web DLP, or both, configure the protector via the page in the Data Security module of the Security Manager.
Select a protector node in the list to open the Edit Protector page, which includes 4 tabs:
- Edit Protector: General tab
- Edit Protector: Networking tab
- Edit Protector: Local Networks tab
- Edit Protector: Services tab
Tip: The protector can also be configured via its command-line interface (CLI). See the Deployment & Installation Center for details.
Protectors include an ICAP server, policy engine, and secondary fingerprint repository. To configure these components on the protector, expand the protector node on the System Modules page and click the component. See:
- Configuring the fingerprint repository
- Configuring the policy engine
- Configuring ICAP