Lesson 5: Working with clients

Learn about user, computer, and network clients, and then practice adding clients to the Forcepoint Web Security module of the Forcepoint Security Manager.

Internet access policies are applied to clients: users, groups, and OUs in your directory service, or computers and network ranges in your network.

  • A computer is the most basic type of client. A computer is a machine on the network, identified by an IP address.
  • A network is a group of computers, identified by a contiguous IP address range.
  • A directory client can be a user, group, or OU (organizational unit) defined in your directory service. More information about directory services can be found in the “Clients” section of the Administrator Help.

Exercise 1: Add a computer client

  1. Use the left navigation pane to go to the Main > Policy Management > Clients page.
  2. Under the Clients tree, click Add. The Add Clients page appears.
  3. Enter the IP address of a computer that you want to add as a client, and then click the right arrow (>) button to add the client to the Selected list.

    If you are a delegated administrator, you can only add IP addresses that are assigned to your role as a managed client. Go to the Policy Management > Delegated Administration page, and then click your role name to see a list of managed clients for your role.

  4. Click OK to cache your change and return to the Clients page.
  5. Expand the Computers node in the Clients tree. The IP address that you just added appears in the list.

    Information about the settings that apply to the new client appear to the right of the IP address. The Policy column shows that this client is currently governed by the Default policy.

  6. Click Save and Deploy to implement your changes.

Exercise 2: Add a directory client

If your software has been configured to retrieve information from a supported directory service, you can apply policies to users, groups, and OUs.

Information about configuring your web protection software to communicate with a directory service can be found in the “Clients” section of the Administrator Help.

Once configuration is complete, you can add directory clients through the same page used to add computer and network clients:

  1. On the Policy Management > Clients page, under the Clients tree, click Add. The Add Clients page appears.
  2. To locate an entry in your directory service, do either of the following:
    • Browse the Directory tree.
    • Enter all or part of a user, group, or domain name in the search field, if available, and then click Go.
  3. Select a user, group, or domain to add as a client, and then click the right arrow (>) to add the client to the Selected list.

    If you are a delegated administrator, you can only add users that are assigned to your role as a managed client. Go to the Policy Management > Delegated Administration page, and then click your role name to see a list of managed clients for your role.

  4. When you are finished adding users, click OK to cache your changes and return to the Clients page.
  5. Click Save and Deploy to implement your changes.

Expand the Directory node of the client tree to see a list of current user, group, domain, and OU clients.

In the next lesson, you will work with a sample policy to change the way that clients’ Internet activity is managed.