About Forcepoint Web Security
Forcepoint Web Security is a flexible web protection solution that provides fine-tuned control over your users’ web access while providing comprehensive protection against web threats such as viruses, malware, data loss, and phishing attacks.
Using SIRP 's integration with Forcepoint Web Security, security teams can call Forcepoint Web Security actions directly from the SIRP interface. On top of that, SIRP's powerful automation engine allows semi-automatic as well fully automatic execution of these actions.
SIRP’s Forcepoint Web Security integration app allows you to execute the following actions:
Add URL to Category
Add URL to the API managed category
Add IP to Category
Add IP to the API managed category
Add an API managed category
Delete an API managed category
List all API managed categories
Remove IP from Category
Delete an IP from API managed category
Remove URL from Category
Delete an URL from API managed category
Enable and Configure Forcepoint Web Security
In Forcepoint Web Security Appliance, Management API has to be first installed and enabled. The following section provides an overview of the steps. Detailed guidelines are provided here: Management API Deployment & Installation Guide (TRITON AP-WEB).
Preparing to deploy the Management API
The Management API resides with Policy Server on a Linux server or Forcepoint appliance.
There can be multiple Management API instances in the deployment.
There can be only one Management API per Policy Server instance.
Only Policy Server instances that include a Management API instance can use API-managed categories for policy enforcement.
Installing the Management API
When you install TRITON AP-WEB components on a Linux server or Forcepoint appliance, Management API components are automatically copied to the installation directory. They are not, however, automatically registered with the system and run.
To complete the Management API installation process:
Verify that Policy Server is running on the appliance or Linux server that will also host the Management API.
Log in to the system as root.
Navigate to the TRITON AP-WEB installation directory:
On an appliance:
On a Linux server:
Run the following command:
Management API components are installed, a server certificate is generated, and the services are started.
When the installation process is complete, use the following command to verify system status:
The command should return:
WsUrlQuery (pid xxxx) is running... CatEngineMonitor.sh (pid xxxx) is running... Policy API Server is running
Repeat this process for each Linux or appliance-based Policy Server instance.
Please refer to Management API Deployment & Installation Guide | TRITON AP-WEB | v8.3.x for complete steps to install Management API.
Enable Forcepoint Web Security App in SIRP
First, log in to SIRP, then go to Apps from the left navigation bar.
Locate the app named Forcepoint Web Security.
Enable the App by clicking on the toggle button under the Status Column.
Once you enable the App, click the configure option to integrate SIRP with Forcepoint Web Security.
Add the following details and click Save:
Host: <URL of Forcepoint Appliance>
Username: <Userid of Forcepoint Appliance>
URL_Category: <assigned by user>
IP_Category: <assigned by user>
Configuration Name: <assigned by user>