Table of Contents You are at the beginning of the document Go to the next page

Table of Contents

Getting Started
Initial steps
Logging on and portal security
Cloud Web setup wizard
Configuring your firewall to connect to the cloud service
Sending end user information to the cloud service
Configuring the Directory Synchronization Client
Download and configure the client software
Verify synchronization results
Adding users manually
Setting up your first policy
Configuring policy connections
Directing user traffic to the cloud service
Testing your policy settings
Reviewing your configuration
Finishing the setup wizard (next steps)
Navigating the cloud portal
Cloud portal dashboards
Creating custom dashboards in the cloud portal
Account Settings
My Account
Configuring SIEM storage
Adding a contact
Password settings
Password policy
Password expiration limit
User lockout
Changing passwords
Forgotten passwords
Two-factor authentication
Terms of use
Identity Management
End Users
Downloading and uploading groups
Licenses page
License information
Accepting licenses
Privacy protection
Data Protection Settings
Important rules for configuring accounts
Working with External Directories
What is LDAP?
How the service works with LDAP
Planning for your first synchronization
Deciding what to synchronize
Synchronizing with the Directory Synchronization Client
Basic steps
Cloud portal tasks
Configure identity management
Set up authentication
Client tasks
View and manage user data
Assign a group to a different policy
View and print reports
View recent synchronizations
Restore directories
Troubleshoot synchronization failures
Turn off directory synchronization
Configuring Web Settings
Configure General settings
Proxy auto-configuration (PAC)
Proxy query page
Web performance monitor
Roaming home page
Configure Remote Browser Isolation
Configure File Sandboxing settings
Supported file types
What does a file sandboxing transaction look like?
Configure Single Sign-On settings
Configure Bypass Settings
Bypassing authentication settings
Adding and importing sites that bypass the proxy
Bypassing certificate verification
Bypassing authentication decryption
Configure Domain settings
Editing a domain
Configure Endpoint settings
Endpoint overview
Configure General endpoint settings
Configure endpoint End User Control settings (Classic Proxy Connect and Direct Connect)
Windows operating system users
Installing and uninstalling Neo
Distributing the endpoint via GPO (Classic Proxy Connect and Direct Connect)
Installing the endpoint on a single machine (Classic Proxy Connect and Direct Connect)
Uninstalling the endpoint from Windows (Classic Proxy Connect and Direct Connect)
Mac operating system users
Installing and uninstalling Neo
Installing the endpoint (Classic Proxy Connect and Direct Connect)
Identifying Mac endpoint end users
Changing the policy of a Mac end user
Uninstalling the endpoint from the Mac (Classic Proxy Connect and Direct Connect)
Updating the endpoint
Endpoint bypass
Configure protected cloud apps
Configure Full Traffic Logging settings
Configure custom categories
Adding sites to custom categories
Time periods
Configure custom protocols
Adding or editing a custom protocol
Configure block and notification pages
Editing notification pages
Notification page variables
Language support
Configure Content Classifiers for Data Security (DLP Lite)
Regular expression content classifiers
Key phrase content classifiers
Dictionary content classifiers
Managing Network Devices
Managing edge devices
Adding or editing edge device information
Import multiple edge devices via a CSV file
Managing certificates for your IPsec devices
Generating device certificates
Managing EasyConnect services
Adding or editing an EasyConnect service
Managing I Series appliances
Optimizing appliance performance
Adding or editing appliance information
Configure general settings
Configure a certificate authority
Generating an appliance certificate
Define internal network settings
Configure advanced settings (if needed)
Defining Web Policies
General tab
User and group exceptions for time-based access control
Connections tab
Access Control tab
Pre-logon welcome page
Session timeout
NTLM identification
NTLM registration page
Setting authentication options for specific users
Endpoint tab
End Users tab
Registering by invitation
Bulk registering end users
End user self-registration
Directory synchronization
NTLM transparent identification
Editing end-user registration pages
Managing registered users
Rules for policy association during end-user registration
Cloud Apps tab
Custom Categories tab
Adding sites to custom categories
Web Categories tab
Enabling SSL decryption
Managing categories, actions, and SSL decryption
Policy enforcement actions
Using quota time to limit Internet access
YouTube Restricted mode
Bypassing SSL decryption for specific sites
Filtering action order
Category list
Protocols tab
Protocol exceptions
Application Control tab
Application control exceptions
File Blocking tab
Blocking by file type
Blocking by file extension
Advanced options
Data Protection tab
Data Security tab (DLP Lite)
Web Content & Security tab
Configuring file analysis
Analysis exceptions
Report Center
Using the Report Catalog
Managing reports
Managing folders
Using the Report Builder
Creating a report
Viewing report results
Viewing detailed reports
Exporting a report
Scheduling reports
Adding and editing scheduled jobs
Exporting data to a third-party SIEM tool
Running the SIEM log file download script for Forcepoint storage
Web Reporting Tools
Using the Transaction Viewer
Using the Incident Manager
Report attributes: Web and Data Security
Report metrics: Web and Data Security
Web predefined reports
Account Reports
Endpoint Auditing Report (Classic Proxy Connect and Direct Connect)
Service reports
Downloading report results
Saving reports
Scheduling reports
Audit Trails
Configuration audit trail
Standard Web Configuration
Checklists for Setting up LDAP in Various Use Cases
New Web and/or email customers
Existing Web and/or email customers
Considerations for existing customers
Data Security Content Classifiers (DLP Lite only)
Personally Identifiable Information (PII)
Protected Health Information (PHI)
Payment Card Industry (PCI)
Data Theft

Table of Contents You are at the beginning of the document Go to the next page
Copyright 2021 Forcepoint. All rights reserved.