Forcepoint F1E integration configuration overview

The integration of Forcepoint F1E consists of several general steps.

1

Create or use a certificate authority from the domain where the endpoint clients are located, then import the CA to the Secure SD-WAN Manager as a Trusted Certificate Authority element. For more information, see Knowledge Base article 14099.

2

In the Management Client, create an ECA Configuration element that uses the created CA.

3

Enable Forcepoint Endpoint Context Agent (ECA) on the engine, and use the ECA Configuration element that you created.

4

Export the configuration XML file, and use the file when installing the Forcepoint F1E client on the endpoints. The file contains the details of all the Engines that use the same ECA Configuration element. If additional Engine Engines are added to the configuration, the updated XML configuration file is automatically sent to the endpoint clients when they connect to an Engine.

5

(Optional) To use endpoint client information for access control, define Endpoint Application and Endpoint Settings elements.

6

(Optional) In the policy of the Engine, configure Access rules using Endpoint Application and Endpoint Settings elements as matching criteria.

Access rules to allow communication between Forcepoint F1E components are automatically generated.

7

(Optional) To view endpoint information in log data and reports, enable endpoint information logging in the Access rules.