Confirm Content Gateway registration with Forcepoint DLP

If you have purchased the Forcepoint Web Security DLP Module, Content Gateway registers with Forcepoint DLP automatically. To ensure that registration is successful:

  • Synchronize the date and time on the Content Gateway and management server machines to within a few minutes.
  • If Content Gateway is deployed as a transparent proxy on a Forcepoint appliance, ensure that traffic to and from the appliance management interface (C) is not subject to transparent routing. If it is, the registration process will be intercepted by the transparent routing and will not complete properly.
  • Make sure that the IPv4 address of the eth0 NIC on the Content Gateway machine is available (not required if Content Gateway is located on an appliance). This is the NIC used by the management server during the registration process.

    After registration, the IP address can move to another network interface.

If registration fails an alarm displays in the Content Gateway manager.

  1. Verify connectivity between Content Gateway and the management server.
  2. In the Content Gateway manager, navigate to the Configure > My Proxy > Basic > General page.
  3. In the Networking section of the page, confirm that Web DLP > Integrated on- box is enabled.
  4. Restart Content Gateway to initiate another registration attempt.

    Alternatively:

    1. Go to Configure > Security > Web DLP and enter the IP address of the management server.
    2. Enter the user name and password for a Data module administrator with Deploy Settings privileges. (This may be the admin account.)
    3. Click Register.

After Content Gateway has registered with Forcepoint DLP

  1. Log on to the Content Gateway manager.
  2. Navigate to Configure > Security > Web DLP.
  3. Set the following options:
    1. Analyze FTP Uploads: Enable this option to send FTP uploads to Forcepoint Web Security DLP Module components for analysis and policy enforcement.
    2. Analyze HTTPS Content: Enable this option to send decrypted HTTPS posts to Forcepoint Web Security DLP Module components for analysis and policy enforcement. SSL Manager must be enabled on Content Gateway.
  4. Click Apply and restart Content Gateway.

Forcepoint Web Security DLP Module components communicate with the Content Gateway proxy over ports 17000-17014.