Documentation | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Defining Resources
Defining Resources
Administrator Help | Forcepoint DLP | Version 8.7.x
In a policy, administrators can define:
*
Data sources and destinations
*
(With some subscriptions) The endpoint device or application that may be used
*
The remediation action to take when a violation is discovered (such as block or notify)
In Forcepoint DLP, these are cumulatively known as resources.
 
* 
Important 
If no resources are defined, the policies and rules apply to all users, computers, networks, devices, and so on in the deployment.
Select a resource type to define on the Main > Policy Management > Resources page in the Data Security module of the Forcepoint Security Manager. Resources are grouped into 4 general areas: General, Cloud, Endpoint, and Remediation.
General resources
There are many possible sources (origins) and destinations of information in an organization. Define the following types of source and destination resources, then specify which to include and exclude in specific policies and rules.
*
User directory entries are users or groups that may be a source or destination of sensitive data. These entries are imported from your user directory.
*
Custom user directory groups are derived from custom LDAP queries, and may also send or receive sensitive data.
*
Custom users are not included in the user directory, but may be a source or destination of sensitive data.
*
Custom computers are not included in the user directory, but may be a source or destination of sensitive data.
*
Networks may be a source or destination of sensitive data.
*
Business Units may be a source or destination of sensitive data.
*
Domains may be a source or destination of sensitive data.
*
URL categories may be a source or destination of sensitive data.
Cloud resources
Cloud applications resources are instances of cloud application types (such as Box and Office365) that can be defined as destinations of sensitive data rules. These resources are available only to customers who have Forcepoint DLP version 8.7.1 or later, and a Forcepoint DLP Cloud Applications license.
Use the Main > Policy Management > Resources > Cloud Applications page in the Data Security module of the Forcepoint Security Manager to view a list of cloud applications.
Administrators can add and edit cloud applications that support DLP Cloud API and Cloud Data Discovery, but not DLP Cloud Proxy. All cloud applications that support DLP Cloud Proxy are defined in the Forcepoint CASB portal, and are automatically displayed on this page. The page also includes links to the CASB portal, where custom policies can be configured, or applications can be completely removed.
The Show/Hide Columns button enables control of the columns to display, including:
*
Application Name
*
Application Type
*
Description
*
DLP Cloud API Status
*
DLP Cloud Proxy Status
*
Cloud Data Discovery Status
To add a cloud application that supports DLP Cloud API and Cloud Data Discovery:
1.
Click the Add button at the top of the page.
The Add DLP Cloud Application window appears, displaying a list of all the available cloud application types defined in the system.
2.
Select an application type, and then click OK.
The application is added to the list of application resources.
To edit a cloud application:
1.
Click the name of the application in the Application Name column.
The Cloud Application Properties window appears in a new browser tab.
For more information on managing these properties, see Forcepoint CASB Administration Guide, "Managing Service Assets".
2.
Add or edit information as needed, and then click OK. The changes are applied.
Error handling
The following are instructions and recommendations for some of the errors you might encounter:
Error message
Details
Handling
No CASB policy is defined, or a CASB policy is configured incorrectly. Enable the CASB policy and select either Download or Upload user action in the CASB portal.
In DLP Cloud Proxy Status column
In the CASB portal do one of the following:
*
Create and enable a Forcepoint Data Security DLP Policy, and select a user action (Upload, Download)
*
Create a custom policy with a Forcepoint DLP predicate, and select a user action (Upload, Download)
Without one of these configurations, no transaction is sent by DLP to data inspection.
For more information, see the Forcepoint CASB documentation.
CASB gateway doesn't exist. Contact Forcepoint support.
One of the following issues might have occurred:
*
No CASB Gateway was installed (needed to support DLP Cloud Proxy)
*
CASB license has expired, and the CASB Gateway was therefore removed.
Contact Forcepoint Technical Support.
Endpoint resources
These resources are only available to accounts with a Forcepoint DLP Endpoint subscription.
*
Endpoint Devices may be the source or destination of sensitive data.
*
Endpoint Applications may be a source or destination of sensitive data on endpoint machines.
*
Endpoint Application Groups may be a source or destination of sensitive data on endpoint machines.
*
Endpoint Printers may be a source or destination of sensitive data.
 
* 
Important 
Note that Networks is not an available source for endpoint channels, even if they are defined in the system as a resource. This is not a bug.
Remediation resources
*
Action Plans define the action to take when a breach is discovered.
*
Remediation scripts define the external script to run when a breach is discovered. (Not available with all subscriptions.)
*
Notifications can be sent to a specific person or email alias when a breach is discovered.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Defining Resources
Copyright 2020 Forcepoint. All rights reserved.