Data Protection Service for Hybrid

When integrated with Data Protection Service, part of Forcepoint, enterprise data security, including blocking or monitoring data loss, is handled while roaming by the Data Protection Service, rather than the cloud proxies or relays. The cloud proxies and relays continue to handle all other aspects of processing web and email traffic.

Use the Account > Data Protection Settings page in the Cloud Security Gateway portal to enable and configure the integration with Data Protection Service.

Note: Before enabling Data Protection Service in the Forcepoint Cloud Security Gateway portal, ensure you have one or more Forcepoint Web DLP policies configured in the Forcepoint Security Manager.

To monitor and prevent data loss using the Data Protection Service:

  1. Navigate to the Account > Data Protection Settings page.
  2. Upload the Configuration file provided by Forcepoint in the fulfillment email you received. This file provides the information needed to connect the cloud service to Data Protection Service and is the same file used when configuring Data Protection Services in the Data module of the on-premises Forcepoint Security Manager.
    1. Click Browse, then locate and select the file.

      The filename appears in the configuration file entry.

    2. Click Upload.

      When the upload is successful, the remaining fields are automatically populated.

    The Browse and Upload buttons are not available for users with View Configuration permissions.

  3. In the Defaults section for Data Protection Services Enabled, select True to enable Data Protection Service.
  4. Set a DPS timeout between 0 and 60. The default value is 10.

    This value determines the length of time, in seconds, that the cloud service waits for a response from DPS after sending an inspection request.

  5. For DPS fallback behavior, select Block or Allow to determine the behavior if the Data Protection Service does not respond within the allotted timeout.

Next, you will need to upload the configuration file to the Forcepoint Security Manager.

  1. Sign in to the Forcepoint Security Manager console.
  2. Navigate to DATA > Settings > General > Services > Data Protection Service.
  3. In the Connection section, click Select File, then click Choose File.
  4. Navigate to your configuration file and click OK to import the file.
  5. Click Connect to connect to the Data Protection service and click OK at the bottom of the screen to complete the connection.
  6. Verify the status in the Data Protection Service Status section.

    When the connection to Data Protection Service is complete, the status shows Connected Successfully.