Forcepoint ONE SSE's navigation UI allows admins to quickly maneuver through the portal to make configuring Forcepoint ONE SSE simpler and more efficient.

Alerts provide quick access to important events and information. The main navigation provides an updated counter of new events as they occur based on user activities by categories.

The CSPM Page will provide visibility into the audit scans of your IaaS systems to surface potentially misconfigured security settings to help you mitigate data loss and ensure you are maintaining compliance with frameworks such as the CIS Benchmark.

Under Analyze > Devices, you can find information about devices utilizing SmartEdge Agents and Device Profiling Agents that are registered with Forcepoint ONE SSE.

Forcepoint ONE SSE supports various cloud applications so that Admins can monitor data which is in transit, in motion and at rest.

Admins can create custom notification objects that can be applied to policies and reports. This will determine which admins or users are notified when a policy is violated and what the custom message says.

Forcepoint ONE SSE supports SmartEdge Agent and Cloud SWG traffic steering methods. This chapter describes steps to deploy each of those so that traffic can be forwarded to Forcepoint ONE SSE.

You can configure SWG Connection Policy, Cloud SWG Authentication Policy and SWG Content Policy to manage traffic through Cloud SWG and SmartEdge agent.

The Device Profiling Proxy page will allow you to both configure the means to distinguish between a managed and an unmanaged device as well as implement a forward proxy deployment for applying inline policy actions.

Forcepoint ONE SSE's Agentless and Agent-based Zero Trust Network Access (ZTNA) provides an alternative to VPNs allowing admins to provide inline protection to internal apps without the need for VPN service to be running on the user's local machine.

Forcepoint ONE SSE provides Advanced Threat Protection (ATP) via partnerships with Crowdstrike and Bitdefender.

Forcepoint ONE SSE enterprise edition allows users to encrypt data at rest in cloud applications for both file and field level data. Keys can be managed in the Forcepoint ONE SSE Keystore or customers can add their own KMIP Key Store to utilize existing key management appliance/servers (KMS or HSM).

You can configure user identity settings and synchronize user information from your directory in order to assign policies to users or groups.

You can configure various applications to support Forcepoint ONE SSE as a SAML Service Provider.

The Admin Roles page is where Forcepoint ONE SSE admins can create different and unique admin roles to assign to users or groups. The role permissions can allow users to Edit, View, or Disabled (hidden) to each individual tab and the sub-component within the tab.

When configuring the global login policies, Admins can enforce two-factor authentication (MFA) for admins and users when logging into any application or as part of a policy action when suspicious login behavior is detected.

If Forcepoint ONE SSE is being used as the IdP (as in users will land on a Forcepoint ONE SSE log in page to authenticate to their apps) you have the option to customize the UI of the login page.

Rest APIs enable you to programmatically access data and configuration from your Forcepoint ONE SSE instance.

The Certificates page allows you to generate a Certificate Signing Request (CSR), upload a Certificate Authority (CA), or a server certificate and private key.

Use the inbuilt tool to review the category of a URL or IP entered. This is helpful in finding equivalent ThreatSeeker URL Categories, Enterprise App Categories, Web Browsing Categories along with their respective reputation scores for the entered URL or IP.

The admin guide is your resource for learning how to setup and deploy Forcepoint ONE SSE.

Customers sometime require the ability to control access to application with granularity. For example, a customer may want to allow usage of the standard mobile email client, but block usage of the Outlook mobile application.

This article will cover the steps that administrators must take to complete a successful M365 setup.

Consolidates download links for all available agents such as the SmartEdge agent or AD sync agent.

List of supported cloud apps, thick client apps, and browsers.

Ensure the following domains/URLs are permitted through your firewall to guarantee seamless service and functionality while using Forcepoint ONE SSE services. Unless explicitly specified, most requests are made to Forcepoint ONE Cloud Services via HTTPS on port 443.

This article will provide details on the AWS servers from which Forcepoint ONE SSE will send the traffic to your internal applications and servers.

Protecting sensitive customer data is a core aspect of the Forcepoint ONE SSE solution. Forcepoint ONE SSE only sits in front of applications that house or assist in the transfer of corporate data. Forcepoint ONE SSE provides IT with visibility and control over these applications.

Releases include new features as well as bug fixes.

Lists the known limitations.

This page will walk you through which features are support by Application.