Secure manual authentication

Web protection secure manual authentication uses TLS (Transport Layer Security) encryption to protect authentication data being transmitted between client machines and web protection software. A TLS server built into Filtering Service provides encryption of user names and passwords transmitted between client machines and Filtering Service. By default, secure manual authentication is disabled.

Note:

(Forcepoint URL Filtering only) Secure manual authentication cannot be used with remote filtering. Remote Filtering Server can not serve block pages to clients if it is associated with a Filtering Service instance that has secure manual authentication enabled.

This is also true for secure block pages. See Secure block pages.

To enable this functionality, you must perform the following steps:

Steps

  1. Generate TLS certificates and keys, and place them in a location accessible by your software and readable by Filtering Service (see Generating keys and certificates).
  2. Enable secure manual authentication (see Activating secure manual authentication) and secure communication with the directory service.
  3. Import certificates into the browser (see Accepting the certificate within the client browser).