Sections in Forcepoint ONE SSEForcepoint ONE SSE's navigation UI allows admins to quickly maneuver through the portal to make configuring Forcepoint ONE SSE simpler and more efficient.
AlertsAlerts provide quick access to important events and information. The main navigation provides an updated counter of new events as they occur based on user activities by categories.
CSPMThe CSPM Page will provide visibility into the audit scans of your IaaS systems to surface potentially misconfigured security settings to help you mitigate data loss and ensure you are maintaining compliance with frameworks such as the CIS Benchmark.
DevicesUnder Analyze > Devices, you can find information about devices utilizing SmartEdge Agents and Device Profiling Agents that are registered with Forcepoint ONE SSE.
Configure applicationsForcepoint ONE SSE supports various cloud applications so that Admins can monitor data which is in transit, in motion and at rest.
Configuring notificationsAdmins can create custom notification objects that can be applied to policies and reports. This will determine which admins or users are notified when a policy is violated and what the custom message says.
Setup traffic steeringForcepoint ONE SSE supports SmartEdge Agent and Cloud SWG traffic steering methods. This chapter describes steps to deploy each of those so that traffic can be forwarded to Forcepoint ONE SSE.
Configuring SWG policiesYou can configure SWG Connection Policy, Cloud SWG Authentication Policy and SWG Content Policy to manage traffic through Cloud SWG and SmartEdge agent.
Device Profiling ProxyThe Device Profiling Proxy page will allow you to both configure the means to distinguish between a managed and an unmanaged device as well as implement a forward proxy deployment for applying inline policy actions.
Configure Zero Trust Network AccessForcepoint ONE SSE's Agentless and Agent-based Zero Trust Network Access (ZTNA) provides an alternative to VPNs allowing admins to provide inline protection to internal apps without the need for VPN service to be running on the user's local machine.
Configuring Advanced Threat ProtectionForcepoint ONE SSE provides Advanced Threat Protection (ATP) via partnerships with Crowdstrike and Bitdefender.
Encrypting dataForcepoint ONE SSE enterprise edition allows users to encrypt data at rest in cloud applications for both file and field level data. Keys can be managed in the Forcepoint ONE SSE Keystore or customers can add their own KMIP Key Store to utilize existing key management appliance/servers (KMS or HSM).
Understanding User and GroupsYou can configure user identity settings and synchronize user information from your directory in order to assign policies to users or groups.
Adding external IdPs in Forcepoint ONE SSEYou can configure various applications to support Forcepoint ONE SSE as a SAML Service Provider.
Understanding Admin RolesThe Admin Roles page is where Forcepoint ONE SSE admins can create different and unique admin roles to assign to users or groups. The role permissions can allow users to Edit, View, or Disabled (hidden) to each individual tab and the sub-component within the tab.
Configuring Multi-Factor AuthWhen configuring the global login policies, Admins can enforce two-factor authentication (MFA) for admins and users when logging into any application or as part of a policy action when suspicious login behavior is detected.
AppearanceIf Forcepoint ONE SSE is being used as the IdP (as in users will land on a Forcepoint ONE SSE log in page to authenticate to their apps) you have the option to customize the UI of the login page.
REST APIsRest APIs enable you to programmatically access data and configuration from your Forcepoint ONE SSE instance.
CertificatesThe Certificates page allows you to generate a Certificate Signing Request (CSR), upload a Certificate Authority (CA), or a server certificate and private key.
SupportThe Support section contains links to Admin guide, URL Lookup page, and Forcepoint Customer Hub.
Understanding URL Lookup pageUse the inbuilt tool to review the category of a URL or IP entered. This is helpful in finding equivalent ThreatSeeker URL Categories, Enterprise App Categories, Web Browsing Categories along with their respective reputation scores for the entered URL or IP.
Admin GuideThe admin guide is your resource for learning how to setup and deploy Forcepoint ONE SSE.
Building Complex PoliciesCustomers sometime require the ability to control access to application with granularity. For example, a customer may want to allow usage of the standard mobile email client, but block usage of the Outlook mobile application.
M365 DeploymentThis article will cover the steps that administrators must take to complete a successful M365 setup.
Download LinksConsolidates download links for all available agents such as the SmartEdge agent or AD sync agent.
Supported Apps and BrowsersList of supported cloud apps, thick client apps, and browsers.
Forcepoint ONE Bypass Lists for Firewalls and Security SoftwareEnsure the following domains/URLs are permitted through your firewall to guarantee seamless service and functionality while using Forcepoint ONE SSE services. Unless explicitly specified, most requests are made to Forcepoint ONE Cloud Services via HTTPS on port 443.
Forcepoint ONE SSE datacenters and IPsThis article will provide details on the AWS servers from which Forcepoint ONE SSE will send the traffic to your internal applications and servers.
Data Retention PolicyProtecting sensitive customer data is a core aspect of the Forcepoint ONE SSE solution. Forcepoint ONE SSE only sits in front of applications that house or assist in the transfer of corporate data. Forcepoint ONE SSE provides IT with visibility and control over these applications.
Release NotesReleases include new features as well as bug fixes.
Known LimitationsLists the known limitations.
App Supported FeaturesThis page will walk you through which features are support by Application.