Introduction

This document describes the procedure to integrate the Forcepoint ONE SSE and Forcepoint Security Manager (FSM) solutions so that Forcepoint ONE SSE can enforce DLP policy and associated actions setup in the FSM for SWG channel in Forcepoint ONE SSE.

The integration between Forcepoint ONE SSE and Forcepoint DLP is achieved via multi-directional communication between the customer-deployed FSM server, the cloud-hosted Data Protection Service (DPS), and the Forcepoint ONE SSE SWG cloud infrastructure.

  1. Policies are uploaded from the FSM to the cloud hosted DPS.
  2. End-user transfers sensitive data from/to a web application that is under monitoring.
  3. This triggers the Forcepoint ONE SSE SWG to send event details to the DPS for analysis.
  4. DPS returns the policy mitigation (for example: block or permit) post analysis.
  5. FSM downloads the incident and forensic information which can be viewed in the reporting section.