Step3: Connect to DPS on the FSM
To benefit from the integration of the cloud channels with Forcepoint ONE SSE CASB, you should first connect the DLP Manager to DPS.
Data Protection Service enables enforcement of DLP rules that protect cloud applications, with Forcepoint ONE SSE CASB integration for all cloud channels (DLP Cloud Proxy and DLP Cloud API).
In the DATA module of the FSM, use the Data Protection Service tab of the page to connect to DPS. Upload the JSON file provided with your Forcepoint order confirmation mail as part of the on-boarding process or requested from Forcepoint Technical Support.
- Click Select File, and in the dialog box that appears, click Choose File.
- Browse to the JSON file you received from Forcepoint, and then click OK.
The file is uploaded to the server, and the information begins to appear in the Connection area of the Data Protection Service tab.
- Verify that the correct Customer Name is shown in the Forcepoint Security Manager.
If the Customer Name is incorrect, contact Forcepoint Technical Support.
- Click Connect to establish the connection with Data Protection Service.
- Click OK at the bottom of the screen to complete the process.
When the connection is active, the Connect button turns into a Disconnect button, enabling disconnection of DPS from Forcepoint DLP.
In the Data Protection Service Status area, upon successful connection, the status is marked as Connected successfully, the time and date of the connection is displayed, and the Recheck connection link is enabled. This link is used to check the connection status in the event of problems. If an error is returned upon checking the connection, the status is listed as Failed to connect.
Error handling
- If Data Protection Service shows the status Failed to connect, the module is temporarily unavailable. Click Connect or Recheck Connection to try to connect again. If the problem continues, contact Forcepoint Technical Support.
- If the JSON file is uploaded for the first time, and when you click Connect the connection fails, the status shown is Never connected. This is because the Forcepoint Security Manager has never successfully connected to the DPS. In this case, it is probable that a DPS was not created. Contact Forcepoint Technical Support for assistance.
- If you receive the following message in the Data Protection Service Status area:
This service is not connected to Forcepoint ONE CASB. Incident reporting and policy enforcement will be affected for cloud channels.
This means that there is a connection issue, and DLP Cloud API channel will not enforce DLP policies, and the DLP Cloud Proxy channel might not report incidents to the FSM. See Viewing Deployment Status in the Forcepoint DLP Administrator Guide for more information on error handling.
- When you contact Forcepoint Technical Support, you can share the following files to help troubleshoot the issue:
- %DSS_HOME%tomcat\logs\dlp\dlp-all.log
- %DSS_HOME%mediator\logs\mediator.out
The default location for %DSS_HOME% is C:\Program Files (x86)\Websense\Data Security\. If you cannot find these files at the default location, check with your FSM administrator.