On the DLP page, configure only the ICAPS protocol settings to allow DLP integration for the Forcepoint Cloud RBI.
Steps
-
Sign in to Forcepoint ONE Platform.
-
Click the settings icon on the top
. Then, navigate to .
-
Under Data Loss Prevention Configuration, click the On-prem DLP toggle switch. Following dialog is displayed:
-
Under , click the Enable ICAPS for Data Protection toggle switch to enable the data protection.
By default Enable ICAPS for Data Protection is disabled.
-
Enter the FQDN server name in the Server FQDN Name field.
-
Enter the port number of the ICAPS server in the Port field.
-
Enter the path value of the ICAPS server in the Path field.
-
Click the Browse Certificate to attach CA client certificate for the ICAPS server.
To see the procedure to generate the certificate, refer this
Knowledge Base article 36918
.
-
Under Data Protection Preferences:
- Click the Permit Traffic for Communication Errors toggle switch to allow traffic when there is a communication error. By default, this option is disabled.
Note:
-
The communication error can occur due to one of the following reasons:
- DLP is not able to analyze files. For example, due to timeout.
- ICAPS communication error.
- It is recommended not to enable Permit Traffic for Communication Errors, as this can lead to unexpected handling of DLP policies.
- Click the Permit Traffic for DLP Error toggle switch to allow traffic when DLP fails to analyze a file that exceeds maximum size limit. By default,
this option is disabled.
Files are not uploaded when the toggle is disabled and shows an appropriate message to the user. However, once you enable the toggle, files are
uploaded without showing any error to the user. The user can view the analyzed information in the upload summary under tab.
-
Click the Save button.
Note: For end-users, RBI performance with On-premises DLP could be influenced by local network conditions and network latency. It is recommended to validate this setup before
deploying it widely for your users.
