Triggering the redirection to Forcepoint RBI requires two rules: one rule with a Continue action to trigger the user response and one rule blocking
client access to specific URL categories.
This topic covers the procedure to create the rule with a Continue action and assign the user response to that rule, and the rule with a Discard action. For information about creating
a rule (or rules) to block access to specific URL categories, see the Forcepoint NGFW Product Guide on the Forcepoint Customer Hub for your version of Forcepoint NGFW.
Steps
-
Sign in to Forcepoint NGFW Security Management Center (SMC).
-
Select Configuration.
-
Find your NGFW policy under the Policies branch and open it for editing.
-
On the IPv4 Access tab, add a new rule with the following values:
- Source: Select an element matching the clients in your network intending to use Forcepoint RBI, or create a new
element to represent them (such as rbi-clients).
- Destination: ANY
- Service: HTTP and HTTPS (with decryption)
- Action: Continue
-
After the rule is created, right-click the Action cell for the rule, then select Edit Options.
-
On the Select Rule Action Options screen's General tab, turn Deep Inspection to
Off.
-
On the Response tab, enable Override Settings Inherited from Continue Rule(s), then click Select.
-
On the Select User Response screen, select the Forcepoint RBI redirect user response, then click
Select.
-
On the policy's IPv4 Access tab, the new action information is shown in the Action cell for the selected rule.
-
Add a new rule after the Continue rule with the following values:
- Source: Same as the Continue rule above.
- Destination: ANY
- Service: The URL Category where you want to apply the Forcepoint RBI redirect user
response.
- Action: Discard
-
Click Save and Install to install the policy to your Forcepoint NGFW engine.