Forcepoint ONE Demo Series – SWG Use Case
Key features demonstrated:
To bring these use cases to life, Shane Moore demonstrates how easy it is to use the Forcepoint ONE SWG for both end users and administrators.
- Powered by the Forcepoint ONE unified agent, the SWG proxies traffic between the user’s browser session and the actual website and can inspect all inbound and outbound traffic including the full directory path of HTTPS requests. This means web filtering can be defined down to the directory level, not just the domain level.
- User experience is optimized by the SWG’s no hairpinning architecture: all traffic goes directly between the user device and the website except for file uploads and downloads subject to DLP enforcement or malware scanning.
- A single SWG content policy for managed connections can contain multiple upload and download DLP policies, used in tandem, to monitor and control movement of sensitive data and malware.
- Building a SWG content policy for managed connections is facilitated by dropdown fields for selecting among dozens of predefined and custom match patterns.
- Administrators can view a report of file movement attempts and use that data to demonstrate compliance with data privacy standards.
If you find this video useful, it’s part of a longer Forcepoint ONE demo. Register to watch the full platform demo.
- User experience: Browsing websites is experienced without noticeable delays. The user can browse the r/technology subreddit.
- User experience: When the user attempts to browse another subreddit that is not work-related, he is blocked and a message explaining why is displayed.
- User experience: An attempt to download a malware file from an antimalware test site is blocked and a block message is displayed.
- User experience: An attempt to attach a confidential document to a Linked message is blocked.
- Administrator experience: SWG content policies let administrators specify the scope of a policy based on user group, device posture, device location, website category, and website risk score.
- Administrator experience: SWG content policy actions include allow direct access, deny access, and provided managed access. Managed access lets the administrator specify multiple upload and download policies within the same SWG content policy using match patterns from a dropdown list of predefined and custom patterns. When a pattern is matched, the upload or download can be blocked, reported, or both. Since malware is a chief concern for file downloads, download match patterns are typically the reserved patterns for invoking malware scanning from CrowdStrike or Bitdefender.
Key takeaways:
This post was first first published on Forcepoint website by Jeff Birnbaum. You can view it by clicking here