Before you begin
Pre-requisites for installing the agent.
Note: Before installing and setting up the agent, verify that the antivirus software allows doing so and that the agent can communicate with Amazon Web Services. Also open the required
ports.
Anti-Virus Software
Some anti virus software may flag the agent. If installing alongside other 3rd party security tools, then you will need to consider adding the following executables and exclusions to the allow list of your antivirus software to ensure there are no cross conflicts.
Note in all cases ensure that:
- The specified file or folder is bypassed from all scans.
- Include any child processes when specifying
.exe
For Windows
Filename | Folder |
---|---|
setwebconnectivitymode.exe | %programfiles%\Forcepoint\Neo\EP |
fpneoxengine.exe | %programfiles%\Forcepoint\Neo\EP \Forcepoint\Neo\EP |
fpneotextextractor.exe | %programfiles%\Forcepoint\Neo\EP \Forcepoint\Neo\EP |
fpneostophdrv.exe | %programfiles%\Forcepoint\Neo\EP |
fpneoprotectionsvc.exe | %programfiles%\Forcepoint\Neo\EP |
fpneologscollector.exe | %programfiles%\Forcepoint\Neo\EP |
fpneodiagnostic.exe | %programfiles%\Forcepoint\Neo\EP |
fpneocommonsvc.exe | %programfiles%\Forcepoint\Neo\EP |
fpneoclient.exe | %programfiles%\Forcepoint\Neo\ep |
fpneonetworksvc.exe | %programfiles%\Forcepoint\Neo\NC |
PaisOOP.exe | %programfiles%\Forcepoint\DLP |
EndPointClassifier.exe | %programfiles%\Forcepoint\DLP |
tstxtract.exe | %programfiles%\Forcepoint\DLP\FilterSDK |
tstxtractOrig.exe | %programfiles%\Forcepoint\DLP\FilterSDK |
filter.exe | %programfiles%\Forcepoint\DLP\FilterSDK |
filterOrig.exe | %programfiles%\Forcepoint\DLP\FilterSDK |
filtertest.exe | %programfiles%\Forcepoint\DLP\FilterSDK |
FilterTestDotNet.exe | %programfiles%\Forcepoint\DLP\FilterSDK |
kvoop.exe | %programfiles%\Forcepoint\DLP\FilterSDK |
wsdecrypt.exe | %programfiles%\Forcepoint\DLP |
WDEUtil.exe | %programfiles%\Forcepoint\DLP |
wepsvc.exe | %programfiles%\Forcepoint\DLP |
PAEXT.exe | %programfiles%\Forcepoint\DLP |
openssl.exe | %programfiles%\Forcepoint\Neo\NC\bin |
7za.exe | %programfiles%\Forcepoint\DLP |
python.exe | %programfiles%\Forcepoint\DLP |
wininst-6.exe | %programfiles%\Forcepoint\DLP\Scripts\Lib\distutils\command |
wininst-7.1.exe | %programfiles%\Forcepoint\DLP\Scripts\Lib\distutils\command |
installer.exe | %programfiles(x86)%\Forcepoint |
fpepdc.sys | %systemroot%\system32\drivers\ |
fpepdci.sys | %systemroot%\system32\drivers\ |
fpepflt.sys | %systemroot%\system32\drivers\ |
fpeph.sys | %systemroot%\system32\drivers\ |
In addition to the above Files, Forcepoint recommends that the following file folders are also bypassed:
Folder |
%programfiles%\Forcepoint\ |
%programfiles(x86)%\Forcepoint\ |
%programdata%\Forcepoint\ |
For macOS:
- com.forcepoint.neo.es
- com.forcepoint.neo.ne
- fpneoprotectiond
- fpneonetworkd
- fpneocommond
- com.forcepoint.neo.privilege-helper
- fpneotextextractor
- fpneoxengine
The log locations should be added into scanning exclusions for any anti virus or third-party monitoring software. The following is the list of log locations:
- Main Installation Folder: /Library/Application Support/Forcepoint/
- NC Logs: /var/log/Forcepoint/NEO/NC/
- Crash Reports: /Library/Logs/DiagnosticReports/
- Installation Log: /var/log/install.log
- Uninstall Log: /Library/Logs/Forcepoint/Neo/uninstall/uninstall.log
- Classifier Install: /var/log/WebsenseEndpoint
Bypasses for Security Filtering and/or Firewalls
- The agent communicates with the Amazon Web Services (AWS) Cloud Services. If you have a proxy or a special network, ensure that the agent can connect to the following URLs based on the tenant region. You can find the tenant region using the .
Note: If the endpoint must communicate through a Proxy then add the Proxy settings via . The Proxy setting must be added before downloading the agent installation package to ensure it will contain the updated configuration.
If the endpoint is accessing the internet via a Security Filtering appliance or Internet proxy then the following URLS must be added to the allow list: