IntroductionThis document describes the procedure to integrate the Forcepoint ONE SSE and Forcepoint Security Manager (FSM) solutions so that Forcepoint ONE SSE can enforce DLP policy and associated actions setup in the FSM for SWG channel in Forcepoint ONE SSE.
Solution OverviewDescribes Forcepoint ONE SSE and Forcepoint FSM solutions.
TerminologyForcepoint ONE SSE SWG and Forcepoint DLP share common features, but sometimes use different terms.
AudienceDefines the audience of this document.
Additional documentationLists the documents referred across the document.
License InformationDescribes various license SKUs needed to extend FSM unified DLP policy to the SWG channel.
Licensing SKUsDescribes various license SKUs needed to achieve multi-directional communication among the customer-deployed FSM server, the cloud hosted Data Protection Service, and the Forcepoint ONE SSE SWG cloud infrastructure.
Update license in FSMDescribes the steps to update license in FSM.
Integrating Forcepoint DLP and Forcepoint ONE SSE SWGThis chapter provides an overview of how to configure the integration between Forcepoint DLP and Forcepoint ONE SSE SWG, and also configure DLP policies for web filtering.
Step1: Check licenses on the FSMYou should first check the required combinations of license SKUs on the FSM.
Step2: Firewall and network access prerequisitesDescribes firewall and network access prerequisites.
Step3: Connect to DPS on the FSMTo benefit from the integration of the cloud channels with Forcepoint ONE SSE, you should first connect the DLP Manager to DPS.
Step4: Upload DPS license JSON in Forcepoint ONE SSEAfter the Forcepoint DLP and Forcepoint ONE SSE integration is configured and the DLP Cloud Application license is active, you need to upload the same DPS license JSON file provided with your Forcepoint order confirmation mail as part of the on-boarding process or requested from Forcepoint Technical Support in Forcepoint ONE SSE.
Step5: Update the Forcepoint ONE SSE URLs on the FSM SQL databaseYou should update the Forcepoint ONE SSE URL on the FSM SQL database if you are not connecting to Forcepoint ONE SSE Commercial Cloud URL from FSM.
Step6: Upload URL categories on the FSMYou should download the (predefined and custom) URL categories from Forcepoint ONE SSE and upload them on FSM. These URL categories can be used while configuring DLP policies for SWG channel.
Step7: Configure DLP policies for Web traffic on the FSMWhen configuring DLP Cloud policy rules, you must select Web as the destination.
Step9: View Forcepoint DLP incidents on the FSMViewing and managing reports for the web traffic is the same as for the on-premises DLP.
Step10: View event information on Forcepoint ONE SSEYou can review the events by viewing and managing logs for the web Applications in Forcepoint ONE SSE.
Activate DLP Cloud Applications channels after a Forcepoint DLP upgradeAfter you upgrade Forcepoint DLP, you must recheck the license and components to make sure that everything is working properly, and then redeploy the configuration to Data Protection Service. For more information, 260916F4-9FE4-4BEF-B06E-CCF53BB8B52B.html#Check_your_licenses_on_the_Forcepoint_Se.