If your users do not need to see the block page, create a user response to send the HTTP and HTTPS web requests to browser isolation automatically.
For more information about user responses in Forcepoint NGFW, see the Forcepoint NGFW Product Guide
on the Forcepoint Customer Hub for your version of
Forcepoint NGFW.
Steps
-
Sign in to Forcepoint NGFW Security Management Center (SMC).
-
Select Configuration.
-
Expand the Other Elements branch, then select Engine Properties.
-
Right-click User Responses, then select New User Response.
-
In the Name field, enter Forcepoint Remote Browser Isolation.
-
Expand Connection Discarded by Access Rule.
-
For Type of Response, select Custom HTML.
-
Paste the following HTML content:
<!DOCTYPE html>
<script>
let tenantId = "<replace with actual tenant ID>"
let company = "<replace with company part of RBI url>"
let rbiBaseUrl = ".rbi.forcepoint.net/loader"
let tenantIdParam = "TenantID=" + tenantId
let url = "url={{Url}}"
let user = "X-Authenticated-User={{User}}"
let urlParamsB64 = "SD=" + btoa(tenantIdParam + "&" + url + "&" + user)
let rbiRedirUrl = "https://" + company + rbiBaseUrl + "?" + urlParamsB64
location.replace(rbiRedirUrl)
</script>
</html>
-
Update the company, tenant ID, and username in the URL:
<replace with company part of RBI url>
: Required: This information can be found in your fulfillment email and in the Forcepoint RBI Admin Portal.
<replace with actual tenant ID>
: Required. This information can be found in your fulfillment email and in the Forcepoint RBI Admin Portal.
X-Authenticated-User={{User}}
: Optional. If the username information is removed from the URL, then the username is not recorded in Forcepoint RBI metrics and reports.
Note: If the user response HTML includes X-Authenticated-User={{User}}
, but the username is not known by Forcepoint NGFW, then
the redirected browser connection will show as user N/A in the Forcepoint RBI Admin Portal.
-
Expand URL Not Allowed.
-
For Type of Response, select Custom HTML.
-
Copy and paste the same HTML content as mentioned in Step 8.
-
Click OK.
Next steps
After you edit the user response, you need to assign it to the web categories in the policy.