Configuring Content Gateway for two-factor authentication

Two-factor (certificate) authentication (not available with Forcepoint DLP Web Content Gateway):

• Is configured for and applies to the Forcepoint Security Manager only.
• Requires administrators to provide 2 forms of identification to log on.
• Can be made to apply to the Content Gateway manager by forcing administrators to log on to the Forcepoint Security Manager before accessing the Content Gateway manager.
• Requires single sign-on to be configured for administrators allowed access to the Content Gateway manager.
• Requires that the password logon capability be disabled on Content Gateway (see below), preventing administrators not configured for single sign-on from accessing the Content Gateway manager. If Content Gateway is deployed on an appliance, password access is disabled using an appliance command. See your Forcepoint appliance documentation.

For more information about configuring two-factor authentication, see “Configuring Certificate Authentication” in Forcepoint Security Manager Help.