Endpoint overview

Forcepoint Endpoint agents are lightweight software clients that run in the background on user devices, providing a seamless browsing experience for your end users. Endpoint agents automatically authenticate users with the service, and provide policy enforcement and data security features. The endpoint clients have been designed to consume minimal CPU, memory, and disk resources, and have tamper controls to prevent users disabling the software.

Available endpoint agents are:

F1A: this endpoint agent can be used in either proxy connect mode or direct connect mode, and can automatically switch from one to the other when necessary. For customers who have also purchased Forcepoint Dynamic User Protection, F1A sends user activities there for analysis to compute the risk score.
Proxy Connect: this F1E endpoint agent redirects all traffic to the cloud proxy for analysis. Proxy Connect is recommended for most scenarios, and supports the widest set of security features.
Direct Connect: this F1E endpoint agent contacts the cloud service for each request to determine whether to block or permit a website, but routes the web traffic itself directly to the Internet. Direct Connect also routes traffic to the cloud service to perform content analysis, if configured in your policy. Direct Connect is recommended for scenarios in which proxy connections may be problematic.

The differences between endpoint agents are further outlined below.