Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Protected cloud apps
Administrator Help | Forcepoint Web Security | v8.5.x
Forcepoint Web Security customers can purchase Forcepoint CASB and then establish a connection to CASB that will allow policy enforcement to forward requests made to selected protected cloud apps (referred to as Assets by Forcepoint CASB) directly to CASB for proper handling.
In the Forcepoint Security Manager, navigate to Web > Settings > CASB Configuration > Protected Cloud Apps.
1.
Switch Enable connection with Forcepoint CASB to ON to enable the feature.
2.
Click Connect to Forcepoint CASB and use the information received in the fulfillment letter you received from Forcepoint CASB to enter your:
a.
b.
c.
The credentials entered are validated against known Forcepoint CASB customers.
d.
Click Connect to generate a secure connection to Forcepoint CASB.
 
Important 
Forcepoint Security Manager requires public Internet access to successfully connect to Forcepoint CASB. Configure the Use proxy server or firewall option on the Settings > General > Database Download page if the Security Manager is behind a proxy or firewall. See Configuring database downloads for instructions.
A list of all available cloud applications is provided in a table and new text indicating that the connection has been made appears in place of the button. The list changes based on changes made in the CASB portal.
3.
Selections are sent to Forcepoint CASB. The number of selections is provided at the top of the selection list.
If the maximum number of cloud apps based on your license have been selected, no additional selection can be made. Deselect a cloud app in order to select a new one.
Requests to the selected applications are forwarded to and monitored by Forcepoint CASB. Forwarding occurs only if the policy being applied has been configured to Forward traffic to Forcepoint CASB. The action code "Protected cloud app request forwarded" is applied to requests to the managed applications when the requests are forwarded to Forcepoint CASB.
4.
a.
For All policies (the default) to forward all user requests to any of the selected apps to Forcepoint CASB for enforcement.
b.
Per policy to select the policies that should use the list of selected apps when the policy is enforced.
5.
When Per policy is selected, the Forward to Forcepoint CASB column provides the complete list of existing policies. Use the arrows to move selected policies for which protected cloud apps should not be applied to the Do Not Forward to Forcepoint CASB column.
Use the arrows to move policies from one list to the other.
 
Important 
6.
*
*
*
These buttons are disabled if there is no valid connection to CASB.
7.
Use the link at the top of the page or navigate to Settings > General > Filtered Locations and add a list of all locations where Internet traffic is managed by an instance of Content Gateway.
Requests for selected cloud apps from in-network users that proxy through one of these instances of Content Gateway are forwarded to Forcepoint CASB.
A CA certificate is provided to each Forcepoint CASB customer and automatically downloaded to the Manager folder (C:\Program Files (x86)\Websense\Web Security\Manager). This certificate (casb_ssl_ca.crt) must be installed on each client and uploaded to each Content Gateway server machine. See Managing certificates in Content Gateway Manager Help for more information.
Use the Download Forcepoint CASB Certificate link to copy the certificate to the local downloads folder. From there, deploy it to client machines as well as each Content Gateway server machines.
 
Important 
Use reports to track requests to the managed apps by finding the log records that are assigned the new action code

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Copyright 2023 Forcepoint. All rights reserved.