Registering Content Gateway with Forcepoint DLP
Content Gateway registers with on-box DLP Module components automatically once an administrator enables Web DLP integration.
To enable Web DLP integration:
Steps
Next steps
Once the integration is enabled, Content Gateway registers with the Forcepoint management server, and Content Gateway queries the Forcepoint Security Manager for the presence of Forcepoint DLP.
Registration is tested and retried, if needed, every time Content Gateway is started. To perform registration, Content Gateway queries the Policy Broker for needed information, including IP address and cluster ID.
- Use the More Detail, then check the list at the bottom of the Subscription Details section. page in the Content Gateway manager to view registration status information. Click
- Registration success and failure information is logged in the /opt/WCG/logs/ dss_registration.log file.
If registration succeeds:
- Configure DLP Module integration on the Configure > Security > Web DLP page in the Content Gateway manager. See Web DLP configuration options for Content Gateway.
- Content Gateway uses the Forcepoint DLP policy engine for malware detection.
- Forensic reporting data for the Threats dashboard is collected automatically.
- DLP Module transaction statistics are displayed on the Monitor > Security > Web DLP page in the Content Gateway manager. For a complete list of statistics, see Web DLP.
If registration fails, an alarm displays. If this occurs, make sure that:
- Forcepoint Web Security and Forcepoint DLP management components reside on the same management server.
- The Content Gateway and management server system times are synchronized to within a few minutes.
- The ports used for communication between Forcepoint DLP components and Content Gateway are open in IPTables. See Forcepoint Ports and Configuring IPTables for Content Gateway.
- The server hosting software-based (non-appliance) instances of Content Gateway has an IPv4 address assigned to the eth0 network interface.
After registration, the IP address may move to another network interface on the system, but the IP address must remain available as long as the two modules are registered. The IP address is used for Web DLP policy configuration and deployment.