Identity Providers and Multifactor Authentication (MFA)

Forcepoint integrates with any SAML based identity provider. We have two patented methods: SAML relay, where Forcepoint is the authentication authority that users are redirected to when attempting to access a managed SaaS app, and ACS proxy, where another system serves as the authentication authority and notifies Forcepoint that the user is authenticated. Validated integrations have been deployed for the following vendors:

Security Information and Event Management (SIEM)

and User and Entity Behavior Analytics (UEBA)

Forcepoint integrates with any system that supports syslog. This allows third party apps to upload logs from Forcepoint for visualization and analysis. Validated integrations have been deployed for the following vendors:

Threat Intelligence 

Forcepoint uses the threat intelligence engines of CrowdStrike, Bitdefender, and Cylance for malware detection of data in transit between websites and users, and data at rest for selected managed SaaS applications and IaaS cloud storage. Forcepoint uses Webroot’s BrightCloud® Web Classification and Reputation Services for classifying and restricting access to unsanctioned websites using our SmartEdge Secure Web Gateway. Solution briefs:

Bitdefender and Bitglass: Joint Solution Brief

Forcepoint Advanced Threat Protection with Cylance

Crowdstrike & Bitglass: Solution Brief

Premise-Based DLP Systems

Forcepoint integrates with any premise-based DLP system that supports the Internet Content Adaptation Protocol (ICAP). This provides customers the ability to send files at rest in managed SaaS or IaaS cloud storage, that are flagged by Forcepoint as having sensitive data, to the premise-based DLP system using TLS encryption. The files are enriched with data such as source and destination IP and the email address of the file owner. Validated integrations have been deployed for Symantec Data Loss Prevention, Digital Guardian, and McAfee Data Loss Prevention.

Network Proxies and Firewalls

Forcepoint is able to detect unsanctioned website usage by ingesting log files from any network proxy or firewall that supports syslog. Our integration with Zscaler lets Zscaler Web Security use Forcepoint's website risk scores in deciding which websites to block. Validated integrations have been deployed for the following vendors:

Data Classification 

Forcepoint can use classification metadata from any data classifier in a DLP match pattern. Validated integrations include:

Managed SaaS API Integrations

Forcepoint can enforce contextual access control, and DLP and malware scanning of data in motion, for any managed SaaS app. In addition, Forcepoint uses API integrations for applying DLP enforcement, encryption, and malware scanning of data at rest for specific SaaS apps. Validated API integrations are described below.

Endpoint Management

Forcepoint can validate a client certificate stored on a Windows, Mac, Android, or IOS device to confirm it is managed by an endpoint management system. This knowledge lets the admin apply different access policies for users logging in via managed vs. unmanaged devices. This feature has been validated with VMware Carbon Black, MobileIron Unified Endpoint Management Platform, and HCL BigFix Endpoint Management Platform.

These endpoint management systems have been validated to support automated installation of the Forcepoint SmartEdge agent: VMware Workspace ONE (formerly Airwatch), MobileIron Unified Endpoint Management Platform, and Microsoft Intune.