Endpoint profile: Properties tab

Use the Properties tab to enable user notifications, define message templates, and configure policy override settings.

Under Interactive Mode Options:

  • Enable Remote bypass to allow end users that belong to this profile to disable the Forcepoint DLP Endpoint software on their machines.

    This action requires a bypass code from the administrator. (See Bypassing endpoint clients section for additional information.)

  • Enable Content scan alerts to inform endpoint users when a violation is found during scanning. When this option is enabled, a popup message appears on the bottom of users’ screens.
    Note: Content scan alerts are not displayed when data is copied to removable media using a non-desktop environment, such as an SSH terminal connection.
  • Enable File operation notifications to notify endpoint users when a violation is found during file operations. Depending on the application, file operations can include cut/copy, paste, file access, printing, LAN, encryption, and copying to removable media.
  • Enable Show incident details in the confirm dialog and the Log Viewer to provide additional incident details to the endpoint user in the confirmation dialog message and the Log Viewer, allowing better investigation of sensitive data stored in a file. Details include policy name and number of matches.

Under Endpoint Message Template:

  • Enable Set message template to change the default endpoint message template. Then select the template from the drop-down list.
    • Message templates are used for messages sent to the endpoint client, such as status details and alert messages. The templates are XML files, and are available in the endpoint profile in multiple languages.
    • Templates are stored in the \custom\endpoint\msgFiles subdirectory of the Forcepoint DLP installation directory. Modify them as required. Each message can include up to 256 characters. Any additional characters are truncated.

      Template files can be cloned, renamed, and modified. When a new file is added to the \msgFiles folder, it appears as a template option in the Security Manager. See Customizing Forcepoint DLP Endpoint client messages.

  • Set Regional location support:
    • If regional location support is not enabled (check box is unselected), all endpoints in the profile receive the message template set as the default template.
    • If regional location support is enabled (check box is selected) all endpoints in the selected profile display message template content in the operating system’s language.

      This is applicable only to the supported languages, which are: Dutch, English, French, German, Italian, Japanese, Korean, Portuguese, Russian, Spanish, Simplified Chinese, and Traditional Chinese.

      This also applies to custom templates stored in the \custom\endpoint\msgFiles subdirectory. Note that custom templates must follow a strict naming convention of <language>-custom.xml.

      Note: The regional location support applies to Forcepoint F1E versions 21.07 and above. For previous endpoint versions, only the default language is displayed to the endpoint use, regardless of the endpoint operating system language setting.

Under Forcepoint Browser Extension:

  • Set the mode of the endpoint extension of the supported browser. This applies to all endpoints that belong to the profile.
    • Select one of the following options from the Chrome extension mode drop- down list:
      • Enabled: Endpoint blocking alert will be shown and incidents will be created in the Security Manager.
      • Monitoring only: Endpoint blocking alert will not be shown. Transactions will be permitted, but incidents will be created in the Security Manager.
      • Disabled: The extension is inactive. Endpoint blocking alert will not be shown and incidents will not be created in the Security Manager.

Under Data Loss Prevention (DLP) Policy Settings:

  • Enable Disable blocking and encryption capabilities when policy violations are detected to disable blocking and encryption of endpoint traffic. If a policy is specifically set up to block or encrypt content, the endpoint client overrides this setting and allows traffic.

    Use this option, for example, if a policy is preventing a user from doing his job; the block can be overridden for a specific endpoint client.

Continue with Endpoint profile: Encryption tab section.