The new Neo endpoint agent released on 14-April-2021 (see Neo integration) is now available for macOS 11 (Big Sur). The Cloud Security Gateway Portal has been updated to provide Mac as an option for download when Neo is selected as the Endpoint Type in the Endpoint Client Download section of Web Settings > Endpoint.

For further information about the Neo endpoint release, see What's new in the Forcepoint Dynamic User Protection Help. Additional information can be found in this list of Known Issues.

An enhancement to the Protected Cloud Apps feature has been made that allows policy enforcement for cloud applications by all or a subset of the filtering policies defined in Forcepoint Web Security Cloud.

After selecting the cloud applications on the Web > Settings > Protected Cloud Apps page of Cloud Security Gateway, use the Forward traffic to Forcepoint CASB option to chose the policies that will forward requests to Forcepoint CASB for enforcement:

When Per policy is selected, tables provide a method of indicating which policies should or should not forward requests to CASB.

Along with this new enhancement, a change has been made to the Cloud apps tab for a policy. Enable Always allow access to cloud apps on the Allow Access list to always permit user access to cloud apps that have been added to the Allow Access list. User requests to these applications are allowed regardless of how the corresponding category is configured on the Web Categories tab. See Filtering order action in the Cloud Security Gateway Portal help for details on how the cloud service applies filtering actions.

Use the Web > Settings > Data Protection Settings page to enable and configure the integration with Data Protection Service. See Data Protection Settings for more information.

When Use Data Protection Service has been selected on the new portal page, each new policy is created with a new Data Protection tab. User requests handled by policies configured to use Data Protection Service are then sent to Forcepoint DLP.

As a reminder, this feature allows for policy enforcement for cloud applications. Requests to cloud applications can be blocked or allowed using options on a new tab available when configuring a policy (Web > Policy Management > Policies).

Use the Cloud apps tab to add cloud apps to a Block Access or Allow Access list. Policy enforcement is done based on the selections on each list. Policies are applied to user requests by first considering the category assigned to the site and then by applying the rules defined by the contents of the block and allow lists.

Note: customers with a Protected Cloud Apps license cannot select cloud apps already configured as protected on the Web > Settings > Protected Cloud Apps page. Those apps are automatically selected on the Allow Access list. They appear in search results on both lists, but cannot be selected or removed on either. Attempts by an end user to access these apps are forwarded to Forcepoint CASB for analysis and policy enforcement unless the app is in a blocked category (configured on the Web Categories tab).

For details of new features added, and issues resolved during 2020, please see the Forcepoint Web Security Cloud 2020 Release Notes.