Forcepoint F1E and how it works
Integrating Forcepoint F1E enables you to collect per-connection user and application information about Windows endpoint clients that connect through an Engine managed by the Secure SD-WAN Manager.
To use Forcepoint F1E, the Forcepoint F1E client must be installed on the endpoints. For more information about Forcepoint F1E clients, see the Installation and Deployment Guide for Forcepoint F1E .
The endpoints send metadata to the Engine, and you can use the information as criteria for access control in policies. This information about the endpoints can also be viewed in log data and used in Report elements.
On the home page for an Engine, you can see the number of endpoint clients that are connected and sending information. You can also use the drill-down menu to see which users are connected.
Forcepoint F1E is supported on Firewalls, Layer 2 Firewalls, IPS engines, and on Virtual Firewalls. The Engine Engine license includes support for Forcepoint F1E integration.
You cannot use Forcepoint F1E if there is a NAT device between the Engines and the endpoints.
Use cases
An example use case is a point of sale (PoS) terminal. For example, you can:
- Allow a certain browser version to access the corporate intranet, only if the local firewall on the endpoint is enabled and the operating system was updated within the past 30 days.
- Allow the PoS application to access corporate servers
- Allow the Windows Update service
- Block all other applications