Forcepoint One Endpoint and how it works
Integrating Forcepoint One Endpoint enables you to collect per-connection user and application information about Windows endpoint clients that connect through an NGFW Engine managed by the SMC.
To use Forcepoint One Endpoint, the Forcepoint One Endpoint client must be installed on the endpoints. For more information about Forcepoint One Endpoint clients, see the Installation and Deployment Guide for Forcepoint One Endpoint .
The endpoints send metadata to the NGFW Engine, and you can use the information as criteria for access control in policies. This information about the endpoints can also be viewed in log data and used in Report elements.
On the home page for an NGFW Engine, you can see the number of endpoint clients that are connected and sending information. You can also use the drill-down menu to see which users are connected.
Forcepoint One Endpoint is supported on Firewalls, Layer 2 Firewalls, IPS engines, and on Virtual Firewalls. The NGFW Engine license includes support for Forcepoint One Endpoint integration.
You cannot use Forcepoint One Endpoint if there is a NAT device between the NGFW Engines and the endpoints.
Use cases
An example use case is a point of sale (PoS) terminal. For example, you can:
- Allow a certain browser version to access the corporate intranet, only if the local firewall on the endpoint is enabled and the operating system was updated within the past 30 days.
- Allow the PoS application to access corporate servers
- Allow the Windows Update service
- Block all other applications