Create Profile

The Create Profile editor can be used to create custom profiles. If the administrator wants, then they can select the Inherit default profile option provided with each widget to apply the values from the default profile.

Profile Details

Profile name: Each profile is stored using the provided name.

Description: Brief description of the profile.

Applies to:

Use this section to define the scope to exclude or include in the profile. The scope defines the endpoints or organizational units which should be subjected to this profile.

The selection list is limited to 100 entries. Use search to find additional endpoints or OUs.

In the Search option, enter the resource name, then click to add to the list for either inclusion or exclusion. You can also use the Add all or Remove all options to remove or add multiple entries. Similarly, you can use the to remove entries that were added earlier for either exclusion or inclusion.

Also, from the Select OS: option select the operating system running on the endpoint machine.

When including an OU or endpoint in the "Include" list all other OUs and endpoints are excluded. The "Exclude" list overrides the "Include" list. It is used, for example, to select an OU but exclude specific endpoints that belong to this OU.

Note: it is not possible to select the same OU or endpoint to both lists. If you include endpoints and exclude an OU they belong to, these endpoints will not be included since the exclusion of them as part of the excluded OU, overrides the inclusion.

General

Administrators can control all of the following from the General widget:
  • Displayed customer name: Set the customer name that is displayed on the Forcepoint agent console.
  • Endpoint Connectivity to Forcepoint Data Security Cloud: Allows manual configuration of proxy settings for proxies that require authentication.

Over the air updates

Displays which agent software versions are pushed to the endpoints. Values are inherited from default profile settings. Over the air updates can be enabled or disabled from the Default profile. Also, administrators can either opt for automatic updates or select specific agent versions to update from the Default profile. If Update to a specific version is selected, then the drop-down can be used to select the exact agent version of the agent to update to.

Administrators can choose to enable the option Inherit default profile if they want to inherit the settings from the default profile.

Application Bypass

Administrators can exclude specific applications from DLP monitoring on Windows and macOS endpoints.

In the Search option, enter the application name, then click Add <app> to list to add applications to the list.

  • For Windows, enter an executable name such as chrome.exe.
  • Do not use wildcards.

Select the application name from the list and click Remove from list to remove the application.

Administrators can choose to enable the option Inherit default profile if they want to inherit the settings from the default profile.