On the DLP page, configure only the ICAPS protocol settings to allow DLP integration for the Forcepoint RBI.
Steps
-
Sign in to Forcepoint ONE Platform.
-
On the upper-right corner of the page, click the Settings
icon.
-
Navigate to .
-
Under Data Loss Prevention Configuration, click the On-Prem DLP toggle switch.
-
Under , click the Enable ICAPS for Data Protection toggle switch to enable the data protection.
By default Enable ICAPS for Data Protection is disabled.
-
In the FQDN Name field, enter the FQDN name.
-
In the Port field, enter the port number of the ICAPS server.
-
In the Path field, enter the path value of the ICAPS server.
-
Click the Browse Certificate to attach CA client certificate for the ICAPS server.
To see the procedure to generate the certificate, refer this
Knowledge Base article 36918
.
-
Under the Data Protection Preferences section:
-
Click the Permit Traffic for Communication Errors toggle to allow traffic when there is a communication error.
By default, this option is disabled.
Note:
-
The communication error can occur due to one of the following reasons:
- DLP is not able to analyze files. For example, due to timeout.
- ICAPS communication error.
- It is recommended not to enable Permit Traffic for Communication Errors, as this can lead to unexpected handling of DLP policies.
-
Click the Permit Traffic for DLP Error toggle to allow traffic when DLP fails to analyze a file that exceeds maximum size limit.
By default, this option is disabled.
Files are not uploaded when the toggle is disabled and shows an appropriate message to the user. However, once you enable the toggle, files are uploaded without showing
any error to the user. The user can view the analyzed information in the upload summary under tab.
-
To save the changes, click Save.
Note: For end-users, RBI performance with On-premises DLP could be influenced by local network conditions and network latency. It is recommended to validate this setup before
deploying it widely for your users.
