Scribd
Upload
45 views63 pages

Administration Guide

The Forcepoint Data Classification Powered by GetVisibility Administration Guide provides detailed instructions on configuring the GetVisibility agent, including options for compliance, classification, and MS Office plugins. Users can choose between Expert Mode for manual configuration and Wizard Mode for guided setup. The guide covers various settings and policies applicable to MS Office applications, ensuring proper data handling and compliance with regulations.

Uploaded by

Mohamad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
45 views63 pages

Administration Guide

The Forcepoint Data Classification Powered by GetVisibility Administration Guide provides detailed instructions on configuring the GetVisibility agent, including options for compliance, classification, and MS Office plugins. Users can choose between Expert Mode for manual configuration and Wizard Mode for guided setup. The guide covers various settings and policies applicable to MS Office applications, ensuring proper data handling and compliance with regulations.

Uploaded by

Mohamad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 63

Doc Title

Forcepoint

Forcepoint Data Classification Powered by


GetVisibility Administration Guide

Report

Forcepoint
December 20, 2022
forcepoint.com Forcepoint Proprietary
GetVisibility: Administration Guide forcepoint.com

Table of Contents

AGENT CONFIGURATION................................................................................................................................................. 2
Login into system and Navigate to the agent configuration ......................................................................................... 2
COMPLIANCE....................................................................................................................................................................... 4
Expert Mode .................................................................................................................................................................. 4
Wizard Mode ................................................................................................................................................................. 6
CLASSIFICATION .................................................................................................................................................................. 8
Expert Mode .................................................................................................................................................................. 8
Wizard Mode ............................................................................................................................................................... 10
MS OFFICE PLUGINS......................................................................................................................................................... 13
Expert Mode ................................................................................................................................................................ 13
Wizard Mode ............................................................................................................................................................... 14
MS OFFICE POLICIES & VISUAL TAGGING .......................................................................................................................... 16
Expert Mode ................................................................................................................................................................ 16
Wizard Mode ............................................................................................................................................................... 20
OUTLOOK PLUGINS ........................................................................................................................................................... 23
Expert Mode ................................................................................................................................................................ 23
Wizard Mode ............................................................................................................................................................... 24
OUTLOOK POLICIES & VISUAL TAGGING ............................................................................................................................ 25
Expert Mode ................................................................................................................................................................ 25
Wizard Mode ............................................................................................................................................................... 32
CONFIGURE EMAILS .......................................................................................................................................................... 45
Expert Mode ................................................................................................................................................................ 45
Wizard Mode ............................................................................................................................................................... 47
GENERIC SETTINGS .......................................................................................................................................................... 49
Write Metadata Tags: .................................................................................................................................................. 49
AUTOLABELLING ............................................................................................................................................................... 50
Expert Mode: ............................................................................................................................................................... 50
CAUTION ........................................................................................................................................................................... 52
REPORTS .......................................................................................................................................................................... 53
Agent Activity Report ................................................................................................................................................... 53
Agent Incident Report.................................................................................................................................................. 53
AGENT MANAGEMENT ....................................................................................................................................................... 53
ADMINISTRATION ............................................................................................................................................................ 54
PATTERN MATCHING ......................................................................................................................................................... 54
USER MANAGEMENT ......................................................................................................................................................... 58
Using the portal ........................................................................................................................................................... 58
Using LDAP method .................................................................................................................................................... 61

© 2022 Forcepoint Forcepoint Proprietary 1


GetVisibility: Administration Guide forcepoint.com

Agent Configuration
Login into system and Navigate to the agent configuration
1. Login to the Forcepoint Data Classification Powered by GetVisibility portal using the credentials given to you.

Figure 1: Login Page

2. The agent configuration page will be opened by default.

Figure 2: Agent Configuration

3. The dashboard UI offers a wizard to set/update an agent configuration. There are three possible ways to setup the
configuration:
→ Configuration Import Mode: Using this mode, the user can upload an existing configuration from local files. Note

© 2022 Forcepoint Forcepoint Proprietary 2


GetVisibility: Administration Guide forcepoint.com

that only json format is accepted. A validity check will be done, and an error message is shown in case the file does
not have a valid json content. This mode usually used by the GetVisibility as a part of their personalized services.
→ Expert Mode: This mode is useful when the user wants to manually edit the agent configuration at their own risk.
Like the previous mode, if the content is not a valid json or not a valid agent configuration structure, a list of errors will
be displayed to the user.
→ Configuration Wizard Mode: This mode is the easiest to use and guides the user through configuring the rules and
uses for the agents. When the user chooses this mode, they will be guided through a few steps to set agent
configuration fields one by one.

Figure 3: Agent Configuration Modes

4. The first option Configuration Import can be used by simply uploading the config file. Select the Configuration Import
option and the dialog box will open using where the user must select the Json file.

Figure 4: Config Mode

5. Once the configuration is uploaded, Click Finish to save the new config.

© 2022 Forcepoint Forcepoint Proprietary


3
GetVisibility: Administration Guide forcepoint.com

Figure 5: Config Mode

In the below section go through the various configurable options that can be applied to the agent using both Expert mode and
Wizard mode.

Compliance

Compliance is the act of conforming to a company directive, rule, policy, or standard or law. Some common compliance regulations
and labels are: GDPR, PII, HIPAA, PHI, PCI. GetVisibility agent gives the user two options to customize and configure compliance
as per their requirements.

Expert Mode

Using the Expert mode, the user can add the compliance tags by making changes in the agent configuration json file. User can add
custom compliance or any of the standard compliance.

1. Select Expert Mode.


2. Scroll down to the compliance section.
3. Add the values.
→ EAR/US and CustomCompliaceExample are added in the example.
4. Click Finish.

© 2022 Forcepoint Forcepoint Proprietary


4
GetVisibility: Administration Guide forcepoint.com

Figure 6: Adding Compliance in Expert Mode

5. Configuration saved successfully message will be displayed on the screen along with the OK button.

Figure 7: Successful message

6. Click on the OK button and the user is returned to the main GetVisibility agent configuration page.
7. To verify the Configuration:
a) Open a word document.

© 2022 Forcepoint Forcepoint Proprietary


5
GetVisibility: Administration Guide forcepoint.com

b) Select the GetVisibility icon on the top-right of ribbon.


c) On the dialog box, user can see the custom tags.

Figure 8: Custom tags

Wizard Mode

Using Wizard Mode, the user can select the compliance tags selecting the check box on screen.

1. Select Configuration Wizard Mode.


2. Below, GDPR/PII is selected as a compliance tag. Click on Next.

Figure 9: Compliance Selection screen

3. Keep selecting Next to only change the compliance tags. The Last step of the wizard is displayed.

© 2022 Forcepoint Forcepoint Proprietary


6
GetVisibility: Administration Guide forcepoint.com

Figure 10: Last step of the wizard

4. Click on Finish and following message will be displayed.

Figure 11: Successfully configured message

© 2022 Forcepoint Forcepoint Proprietary


7
GetVisibility: Administration Guide forcepoint.com

5. To verify the Configuration:


a) Open a word document.
b) Select the GetVisibility icon on the top-right of ribbon.
c) User will be able to see the selected tags.

Figure 12: Selected tags

Classification

Data classification is broadly defined as the process of organizing data by relevant categorizes so that it can be used and protected
more efficiently. On a basic level, the classification process makes data easier to locate and retrieve. By default, the GetVisibility
classification is Public, Internal and Confidential.

Expert Mode

Using the Expert mode, the user can add the compliance tags by making changes in the agent configuration json file. User can add
custom compliance or any of the standard compliance tags.

1. Select the Expert Mode.


2. Scroll down to the classification section.
3. Add the values.
→ CustomClassification is added in example.
4. Click the Finish button.

© 2022 Forcepoint Forcepoint Proprietary


8
GetVisibility: Administration Guide forcepoint.com

Figure 13: Classification section in expert Mode

5. Configuration saved successfully message will be displayed on the screen along with the OK button.

Figure 14: Successful message

© 2022 Forcepoint Forcepoint Proprietary


9
GetVisibility: Administration Guide forcepoint.com

6. Click on the OK button. The user will return to the main GetVisibility agent configuration page.
7. To verify the Configuration:
a) Open a word document.
b) Select the GetVisibility icon on the top-right of the ribbon.
c) User will be able to see the added custom tags.

Figure 15: Word Document Validation

Wizard Mode

The user can select the classification by selecting the radio button on the screen.

1. Select the Configuration Wizard mode.


2. The user has selected Commercial option as classification.
3. Click Next.

© 2022 Forcepoint Forcepoint Proprietary


10
GetVisibility: Administration Guide forcepoint.com

Figure 16: Wizard Mode Classification

4. Keep clicking on Next to only change compliance tags. The last step of the wizard the agent will be displayed.

Figure 17: Wizard Mode

5. Select Finish and following message will be displayed.

© 2022 Forcepoint Forcepoint Proprietary


11
GetVisibility: Administration Guide forcepoint.com

Figure 18: Wizard Mode

6. To verify the Configuration:


a) Open a word document.
b) Click on the GetVisibility icon on the top right of ribbon.
c) User will be able to see the selected tags.

Figure 19: Word Document Validation

© 2022 Forcepoint Forcepoint Proprietary


12
GetVisibility: Administration Guide forcepoint.com

MS Office Plugins

This functionality will allow the user to select which MS Office application the configuration will be applicable to.

Expert Mode

Using the Expert mode, the user can enable/disable the Office Plugins by making changes in the agent configuration json file.

1. Select Expert Mode.


2. Scroll down to the Office Configuration section.
3. Add the values.
→ wordPluginActive is set to FALSE in the example.
4. Click the Finish button.

Figure 20: Expert Mode

5. To verify the Configuration:


a) Open a word document.
b) User can see the GetVisibility icon on the top-right is disabled.
c) User will not be able to select the icon.

© 2022 Forcepoint Forcepoint Proprietary


13
GetVisibility: Administration Guide forcepoint.com

Figure 21: Word Document Validation

Wizard Mode

Using the Wizard mode, the user can select the application for the configuration will be applicable by selecting the check-box on
screen.

1. Select the Configuration Wizard mode.


2. As seen below, the user has selected only Word Plugin as the option. Select Next.

Figure 22: Wizard Mode

3. Keep selecting Next to only change the compliance. The last step of the wizard the agent will display.

© 2022 Forcepoint Forcepoint Proprietary


14
GetVisibility: Administration Guide forcepoint.com

Figure 23: Wizard Mode

4. Click Finish to apply the settings.


5. To verify the Configuration:
a) Open a word document.
b) User will be able to view the GetVisibility icon.
c) Click on the icon the compliance and classifications box should be displayed.

Figure 24: Word Document Validation

d) Now open a excel document.


e) User will see the GetVisibility icon on the top right is disabled.
f) User will not be able to click it.

© 2022 Forcepoint Forcepoint Proprietary


15
GetVisibility: Administration Guide forcepoint.com

Figure 25: Excel Document Validation

MS Office Policies & Visual Tagging

This functionality allows the user to set various to enforce on documents in MS Office applications.

Expert Mode

Using the Expert mode, the user can enable/disable the policies related to MS Office by making changes in agent configuration
json file.

1. Select the Expert Mode.


2. Scroll down to the OfficeConfiguration section.
3. The available polies are:
→ Header: This will add a Header to the document. The user can leave it empty or customize it as needed.
→ Footer: This will add a Footer to the document. The user can leave it empty or customize it as needed.
→ Watermark: This will add a Watermark to the document. The user can leave it empty or customize it as needed.
→ TagBeforePrint: This option will Force, Warn or Log & Ignore (allow) the user to classify any document before
printing.
→ TagDirtyBufferOnSave: This option will Force, Warn or Log & Ignore (allow) the user to classify any document
before saving.
→ AllowDescalation: This option allows the user to lower classification level of a classified document.
→ ExcelTextForwardingActive: This is a scraping feature; it tells the plugin to scrape the text from within the app like
Word or Excel and then forward it to the classifier for a suggestion. This option can be set using True or False.

→ PowerPointSubtitle: This will add a Subtitle to the PowerPoint. This policy is optional.
→ PowerPointTitle: This will add a Subtitle to the PowerPoint. This policy is optional.
Example of Config:

→ OfficeConfiguration:
"header": "<span>Classified as {classification} by Getvisibility&reg;</span>",

"footer": "",

© 2022 Forcepoint Forcepoint Proprietary


16
GetVisibility: Administration Guide forcepoint.com

"watermark": "",

"tagDirtyBuffersOnSave": "force",

"tagBeforePrint": "ignore",

"allowDeEscalation": false,

"excelTextForwardingActive": false,

4. Click the Finish button.


5. Verify the documents based on the config above.
6. As per the config user should be able to see the header and the footer. The watermark should be blank.

Figure 26: Word Document Validation

7. If the user has manually edited the header or footer and then changed the classification of the document the agent will show
a dialog box showing the notification for placing the new location of the classification.

© 2022 Forcepoint Forcepoint Proprietary


17
GetVisibility: Administration Guide forcepoint.com

Figure 27: Word Document Validation

8. Header Corner has been selected and the classification is placed in the corner without overriding the original header.

Figure 28: Word Document Validation

9. As tagDirtyBuffersOnSave = Force is configured, the user cannot save the document without classifying it. The
option to Dismiss the notification is disabled which will be enabled when tagDirtyBuffersOnSave = Warn is used.

© 2022 Forcepoint Forcepoint Proprietary


18
GetVisibility: Administration Guide forcepoint.com

Figure 29: Word Document Validation

10. As tagBeforePrint = Warn is configured, the option to Dismiss the notification is enabled which will be disabled when
the tagBeforePrint = Force is used. There will be no notification tagBeforePrint = Log & Ignore is used.

Figure 30: Word Document Validation

11. As allowDeEscalation = False is configured, the user will not be allowed to lower the level of classification on the
document and all the lower classification options will be disabled.

© 2022 Forcepoint Forcepoint Proprietary


19
GetVisibility: Administration Guide forcepoint.com

Figure 31: Word Document Validation

12. As excelTextForwardingActive = False is configured, text from the MS Office app will not be sent to classifier for
suggestions.
Wizard Mode

Using the Wizard mode, the user can easily enable/disable the policies related to MS office.

1. Select the Configuration Wizard Mode.


2. Navigate to Word, Excel, PowerPoint Policies.

Figure 32: Wizard Mode

© 2022 Forcepoint Forcepoint Proprietary


20
GetVisibility: Administration Guide forcepoint.com

3. Keep clicking on Next to only change the compliance tags. The Last step of the wizard the agent will display.

Figure 33: Wizard Mode

4. Click Finish to apply the settings.


5. Verify the documents based on the selection above.
6. User should be able to see the header and footer, the watermark should be blank.

Figure 34: Word Document Validation

7. If the Force option is selected. The user cannot save the document without classifying it. The option to Dismiss the
notification is disabled which will be enabled when the user selects Warn.

© 2022 Forcepoint Forcepoint Proprietary


21
GetVisibility: Administration Guide forcepoint.com

Figure 35: Word Document Validation

8. If the Warn option is selected, user can Dismiss the notification while printing. This will be disabled when the user selects
Force. There will be no notification for the Log & Ignore.

Figure 36: Word Document Validation

9. The lower classification option has not been selected. So, user is not allowed to lower the level of classification on the
document and all the lower classification options are disabled:

© 2022 Forcepoint Forcepoint Proprietary


22
GetVisibility: Administration Guide forcepoint.com

Figure 37: Word Document Validation

Outlook Plugins

This functionality will allow user to configure Outlook classification plugin.

Expert Mode

Using the Expert mode, user can enable/disable the Outlook Plugins by editing the agent configuration json.

1. Select the Expert Mode.


2. Scroll down to the OutlookConfiguration section.
3. Add the values.
→ OutlookPluginActive is set to True in the example.
4. Click on the Finish button.

© 2022 Forcepoint Forcepoint Proprietary


23
GetVisibility: Administration Guide forcepoint.com

Figure 38: Expert Mode

5. Configuration saved successfully message will be displayed on the screen along with the OK button.
6. To verify the Configuration:
a) Open Outlook.
b) user can see the GetVisibility icon on the top-right is enabled.
c) user can be able to click the icon and classify the email, if the OutlookPluginActive = false is configured the
same icon will be disabled.

Figure 39: Outlook Document Validation

Wizard Mode

Using the Wizard mode, the user can enable/disable the Outlook Plugins by making changes in the Data Visibility UI.

1. Select the Configuration Wizard Mode

© 2022 Forcepoint Forcepoint Proprietary


24
GetVisibility: Administration Guide forcepoint.com

2. Select Outlook from the step 3 of the Wizard.


3. Click on Next.

Figure 40: Wizard Mode

4. Click on Finish to apply configuration.


5. To verify the Configuration:
a) Open a word document.
b) The Getvisibility icon will be enabled.
c) Selecting the icon will show the compliance and classifications box where the user to classify document.

Figure 41: Outlook Validation

Outlook Policies & Visual Tagging

This functionality will allow the user to set various polies that they can enforce on emails when using Outlook.

Expert Mode

© 2022 Forcepoint Forcepoint Proprietary


25
GetVisibility: Administration Guide forcepoint.com

Using the Expert mode, the user can enable/disable the policies related to Outlook by editing the agent configuration json.

1. Select the Expert Mode.


2. Scroll down to the OutlookConfiguration section.
3. The available policies:
→ Header: This will add a header to the email. The user can leave it empty or customize it as needed.
→ Footer: This will add a footer to the email. The user can leave it empty or customize it as needed.
→ TagOnPrint: Using this option will Force, Warn, or Log & Ignore (allow) users to classify any modified email before
printing.
→ TagOnSend: Using this option will Force, Warn, or Log & Ignore (allow) users to classify any modified email before
sending.
→ allowUnclassifiedAttachments: Using this option will Block, Warn, or Log & Allow (allow) users to send unclassified
attachments in emails.
→ minAttachmentsTag: This option will allow users to Inherit the minimal classification from a classified attachment to
the email.
→ allowDescalation: This option allows the user to lower classification level of a classified email.
→ autoClassifyReplyForwardEmails: This option allows the user to inherit the classification when replying or
forwarding an email.
Example config:

"OutlookPluginActive": true,

"header": "<h2 style=\"font-style:italic\"><span style=\"font-


size:14px\">Classified as {classification} by Getvisibility&reg; Custom
Header</span></h2>",

"footer": "",

"tagOnSend": "force",

"tagOnPrint": "force",

"allowUnclassifiedAttachments": "block",

"minAttachmentsTag": "block",

© 2022 Forcepoint Forcepoint Proprietary


26
GetVisibility: Administration Guide forcepoint.com

"allowDeEscalation": true,

"autoClassifyReplyForwardEmails": true,

4. Click the Finish button.


5. As per the config, the header and footer should be blank.

Figure 42: Outlook Validation

6. Adding a footer to an Outlook email using the configuration file:


header": "<span style=\"color:#008004;\"><h2 style=\"font-style:italic\"><span
style=\"font-size:14px\">Classified as {classification} by Getvisibility&reg;
</span></h2></span>",

"footer": "<span style=\"color:#008004;\"><span><strong>Classified as {classification} by


Getvisibility&reg; </strong></span></span>"

© 2022 Forcepoint Forcepoint Proprietary


27
GetVisibility: Administration Guide forcepoint.com

Figure 43: Outlook Validation

7. When tagOnSend = force is configured, users cannot send emails without classifying. Select Dismiss to keep editing or
OK to classify.

Figure 44: Outlook Validation

8. When tagOnSend = Warn is configured users will be able to send email without classifying. Select Dismiss to send the
email or OK to classify.
9. If tagOnSend = Log&Ignore is set no notification will be displayed.

© 2022 Forcepoint Forcepoint Proprietary


28
GetVisibility: Administration Guide forcepoint.com

Figure 45: Outlook Validation

10. When tagOnPrint = force is configured, users cannot print emails without classifying. Select Dismiss to keep editing
the email or OK to classify.

Figure 46: Outlook Validation

11. When tagOnPrint = Warn is configured, the user can send the email without classifying it. Select Dismiss to send the
email and OK to classify.
12. When tagOnPrint = Log&Ignore is configured no notification will be displayed.

13. With allowUnclassifiedAttachments = Block, the user cannot send any attachment in the email without classifying
it.

© 2022 Forcepoint Forcepoint Proprietary


29
GetVisibility: Administration Guide forcepoint.com

Figure 47: Outlook Validation

14. allowUnclassifiedAttachments = Warn: The user can send the attachment in the email without classifying it, but
agent will give a warning.
15. allowUnclassifiedAttachments = Log&Allow: The user can send the attachment in the email without classifying
without any warning.
16. minAttachmentsTag = Block: In this case the attachment is highly confidential, and the email is on lower level of
classification, so the agent will not allow sending the email. The user will have to change the classification of either the
attachment or the email, otherwise they will not be able to send.

Figure 48: Outlook Validation

17. minAttachmentsTag = Warn: In this case the attachment is highly confidential, and the email is on lower level of
classification, so the agent will only warn the user. They will still be able to send the email.

© 2022 Forcepoint Forcepoint Proprietary


30
GetVisibility: Administration Guide forcepoint.com

Figure 49: Outlook Validation

18. minAttachmentsTag = Log&Allow: The user will be able send any attachment in the email without any warning.

19. allowDeEscalation = False: The user will not be allowed to lower the level of classification on the document and all
the lower classification options will be disabled.

Figure 50: Outlook Validation

20. autoClassifyReplyForwardEmails = False: The user has the option to set the classification for forwarding/reply to
an email. As seen below the original email is classified as internal but that is not inherited when forwarding or replying.

© 2022 Forcepoint Forcepoint Proprietary


31
GetVisibility: Administration Guide forcepoint.com

Figure 51: Outlook Validation

21. autoClassifyReplyForwardEmails = True, As seen below while forwarding the email, it has inherited the
classification from the original email.

Figure 52: Outlook Validation

Wizard Mode

Using Wizard mode, user can enable/disable policies related to Outlook.

1. Select the Configuration Wizard Mode.

© 2022 Forcepoint Forcepoint Proprietary


32
GetVisibility: Administration Guide forcepoint.com

2. The header is selected on the wizard and footer is left blank.

Figure 53: Wizard Mode

3. Verify the settings on Outlook: the header can be seen but not the footer.

Figure 54: Outlook Validation

4. If the user changes the setting and footer is added in the config, the wizard and outlook will look as below:

© 2022 Forcepoint Forcepoint Proprietary


33
GetVisibility: Administration Guide forcepoint.com

Figure 55: Wizard Mode

Figure 56: Outlook Validation

5. To set Outlook polices, the user has selected Force to classify and send the email The user cannot send the email without
classifying it. The option to Dismiss is to keep editing the email and OK is to classify.

© 2022 Forcepoint Forcepoint Proprietary


34
GetVisibility: Administration Guide forcepoint.com

Figure 57: Wizard Mode

6. The last option is Log & ignore, where the user can send the email without classification or warning.

Figure 58: Wizard Mode

© 2022 Forcepoint Forcepoint Proprietary


35
GetVisibility: Administration Guide forcepoint.com

Figure 59: Outlook Validation

7. The last option is of Log & ignore where user can send the email without classification and without any warning.

Figure 60: Wizard Mode

8. As the user has selected Force to classify and print the email, they cannot print the email without classifying it. The option to
Dismiss is to keep editing the email and OK is to classify.

© 2022 Forcepoint Forcepoint Proprietary


36
GetVisibility: Administration Guide forcepoint.com

Figure 61: Wizard Mode

Figure 62: Outlook Validation

9. The other two options are Warn and Log&Ignore where the user will be able to print the email without classifying it. The
option to Dismiss is to print the email and OK is to classify. With the Log&Ignore there will be no warning at all.

© 2022 Forcepoint Forcepoint Proprietary


37
GetVisibility: Administration Guide forcepoint.com

Figure 63: Wizard Mode

10. As the user has selected Block, the user cannot send the any attachment in the email without classifying it.

Figure 64: Wizard Mode

© 2022 Forcepoint Forcepoint Proprietary


38
GetVisibility: Administration Guide forcepoint.com

Figure 65: Outlook Validation

11. The other two options are: Warn and Log&Ignore, where the user will be able send the attachment in the email without
classifying but with a warning.

Figure 66: wizard Mode

© 2022 Forcepoint Forcepoint Proprietary


39
GetVisibility: Administration Guide forcepoint.com

Figure 67: Outlook Validation

12. The user has selected Block for the last option, in this case the attachment is highly confidential, and the email is on a lower
level of classification, so the agent will not allow to send the email. The user will have to change the classification of either
the attachment or the email, otherwise they will not be able to send the email.

Figure 68: Wizard Mode

© 2022 Forcepoint Forcepoint Proprietary


40
GetVisibility: Administration Guide forcepoint.com

Figure 69: Outlook Validation

13. If user has selects Warn, in this case the attachment is highly confidential, and the email is on lower level of classification, so
the agent will only warn the user, but the user will still be able to send the email.

Figure 70: : Wizard Mode

© 2022 Forcepoint Forcepoint Proprietary


41
GetVisibility: Administration Guide forcepoint.com

Figure 71: Outlook Validation

14. The final option here also is Log&Allow, where the user will be able send any attachment in the email without any warning.
15. The checkbox User lowers classification level of a classified email in unchecked, the user will not be allowed to lower
the level of classification on the document and all the lower classification options will be disabled.

Figure 72: Wizard Mode

© 2022 Forcepoint Forcepoint Proprietary


42
GetVisibility: Administration Guide forcepoint.com

Figure 73: Outlook Validation

16. The checkbox Inherit classification when Reply and Forward emails in unchecked, the user has the option to set the
classification for the forwarding/reply email and as seen below the original email is classified as internal but that is not
inherited while forward/reply email is applied.

Figure 74: Wizard Mode

© 2022 Forcepoint Forcepoint Proprietary


43
GetVisibility: Administration Guide forcepoint.com

Figure 75: Outlook Validation

17. The checkbox Inherit classification when Reply and Forward emails in checked, As seen below while forwarding the
email, it has inherited the classification from the original email.

Figure 76: Wizard Mode

© 2022 Forcepoint Forcepoint Proprietary


44
GetVisibility: Administration Guide forcepoint.com

Figure 77: Outlook Validation

Configure Emails

Expert Mode

Using Expert Mode, the user can enable/disable default policies related to email by editing the agent configuration json.

1. Select the Expert Mode.


2. Scroll down to the configurationOverrides section.

3. The polies are:


→ Classification: Here the user can select which type of email they want to configure. The options are
Public/Internal/Confidential/Highly Confidential.
→ DefaultEmailPolicy: Here the user can set the policy to Block/Allow/Warn an email.
→ BlockList: The agent gives the option to create a blocklist of specific recipients. Users can add the email id of
recipient in the list.
→ WarnList: The agent gives the option to create a warnlist of specific recipients. Users can add the email id of
recipient in the list.
→ AllowList: The agent gives the option to create an allowlist of specific recipients. Users can add the email id of
recipient in the list.
Sample config:

"configurationOverrides": [

"classification": "Public"

"defaultEmailPolicy": "block",

"blockList": [],

© 2022 Forcepoint Forcepoint Proprietary


45
GetVisibility: Administration Guide forcepoint.com

"warnList": ["[email protected]],

"allowList": []

4. The above configuration says that for public type emails are blocked for sending, except for the recipient
[email protected], whom the email can be sent to but with a warning message.
5. Validating the configuration as below. Since all the public emails are blocked from sending and the recipient lab user is not
on the allow or warn list the email can be sent.

Figure 78: Outlook Validation

6. If we change the recipient to [email protected], the agent will give only a warning as the recipient was in the warn list,
but the email can still be sent.

Figure 79: Outlook Validation

© 2022 Forcepoint Forcepoint Proprietary


46
GetVisibility: Administration Guide forcepoint.com

Wizard Mode

Using the Wizard Mode, the user can enable/disable the policies related to Outlook.

1. Select the Configuration Wizard Mode.


2. There is total 12 steps in Wizard and Outlook polices starts from 8th step.
3. As shown below the public emails are by default set to Block but 1 recipient is allowed to send the email with a warning.

Figure 80: Wizard Mode

4. Validating the configuration as below. Since all the public emails are blocked from sending and the recipient lab user is not
on the allow or warn list the email can be sent.

© 2022 Forcepoint Forcepoint Proprietary


47
GetVisibility: Administration Guide forcepoint.com

Figure 81: Outlook Validation

5. If the recipient is changed to: [email protected], the agent will only give a warning as the recipient was in the warn list,
but the email can still be sent.

Figure 82: Outlook Validation

6. The same settings can be done for Internal/Confidential/Highly Confidential emails as well with one additional option to copy
the configuration from the previous classification.

© 2022 Forcepoint Forcepoint Proprietary


48
GetVisibility: Administration Guide forcepoint.com

Figure 83: Wizard Mode

Generic Settings

Write Metadata Tags:

This property will capture the details about the agent in office applications. The below screenshot is from the config file.

Figure 84: Meta Data Configuration

1. In the MS Word the details can be seen as below:

© 2022 Forcepoint Forcepoint Proprietary


49
GetVisibility: Administration Guide forcepoint.com

Figure 85: Meta Data Validation

SelectableByWhitelist: Based on the distribution list, the email addresses in this list will be the ones Outlook plugin will allow
sending emails to.

AllowInternalToExternal: This property allows the user to change the distribution list from internal to external.

MaxNumberOfRecipients: This property allows setting the maximum number of people the user wants to send the email to.

SuggestionOptions: This tag will allow users to configure the options they want to show while showing the suggestion box on MS
Office or Outlook.

AgentDialogConfiguration: This tag will allow the user to customize the options they want to show while showing labels such as
compliance classification etc.

DistributionTags: Additional feature to classify the documents/emails. Few examples are: Internal/Restricted/ External/Limited.

AutoLabelling
This optional feature allows users to automatically classify with a default label all newly created documents and emails in Word,
Excel, PowerPoint, and Outlook. It is possible to individually set the default label for each plugin. Users will be able to select the
classification label that they want to apply to documents and email and when there is edit or change in the file and the file is saved
the selected classification will be applied. Setting Autolabelling will allow the user to not to classify the documents every time the file
is printed or saved, the classification will happen automatically.

Expert Mode:
The property used in Expert Mode is: defaultClassificationValue. The defaultClassificationValue is set for
Outlook, Word, Excel, and PowerPoint:

© 2022 Forcepoint Forcepoint Proprietary


50
GetVisibility: Administration Guide forcepoint.com

Figure 86: Expert Mode

Wizard Mode for Word, Excel, and PowerPoint:

Figure 87: Wizard Mode

Wizard Mode for Outlook:

© 2022 Forcepoint Forcepoint Proprietary


51
GetVisibility: Administration Guide forcepoint.com

Figure 88: Wizard Mode for Outlook

Caution

While using the expert mode the user must be extra careful about the small details like punctuations and formatting of the file, else
the agent will through and error like below.

Figure 89: Expert Mode Error Message

© 2022 Forcepoint Forcepoint Proprietary


52
GetVisibility: Administration Guide forcepoint.com

Reports
There are two reports related to Data Classification as shown below:

Agent Activity Report


For users of Data Classification that want an overview of the users' events using GVClient agents in MS Office and Outlook.
Extensive tables detailing classification and email events are provided.

Agent Incident Report


For users of Data Classification, this report gives an overview of the security related activity undertaken by users of GVClient
agents. It visualises data such as: de-escalations, mis-classifications, and confidential data in infographic form to give
organisation’s a quick understanding of the data their users are passing through their network.

Figure 90: Reports

Agent Management
Agent Management gives the user a high-level status of all the agents installed. Details like Name of agent, the IP address and
When was the agent last seen is shown on this dashboard. User can also see if the agent is Online or not. The facility to filter the
agent based on Name, Health, and State also is provided.

Figure 91: Agent Management

© 2022 Forcepoint Forcepoint Proprietary


53
GetVisibility: Administration Guide forcepoint.com

Administration
Pattern Matching
Using Pattern Matching UI you can view, save, create, and edit RegEx patterns. These the associated rules for each pattern will be
suggested to users of the agents if the RegExs are found.

Figure 92: Pattern Matching

1. Select the Add New Pattern button to create a new RegEx pattern, a new window will open to enter the RegEx pattern.

Figure 93: New RegEx pattern

2. Add a new RegEx pattern. An example RegEx for Student ID which is made of 7 digits and 2 letters is shown.

© 2022 Forcepoint Forcepoint Proprietary


54
GetVisibility: Administration Guide forcepoint.com

Figure 94: An example RegEx for Student ID

3. The tags can be added for the new RegEx as shown below and Select Create.

Figure 95: New RegEx

4. The new pattern is created but unpublished.

© 2022 Forcepoint Forcepoint Proprietary


55
GetVisibility: Administration Guide forcepoint.com

Figure 96: New pattern

5. Users have the option to Edit/Delete a RegEx pattern.

Figure 97: Edit/Delete a RegEx pattern

6. After selecting Publish, the classification pipeline restarts to pick up the enabled RegEx patterns for matching.

Figure 98: RegEx patterns

7. Users can see the confirmation message for published changes.

© 2022 Forcepoint Forcepoint Proprietary


56
GetVisibility: Administration Guide forcepoint.com

Figure 99: Confirmation message

8. Restarting of the classification pipeline may take a few minutes. Once complete, open a Word document and enter a
configured RegEx pattern. In this example: Student ID (7 digits and 2 letters).
a) The RegEx pattern has been found and the suggestions of GDPR/PII:100% for Compliance and Confidential for
Classification are given.

Figure 100: MS Word

b) Users can then select Use Suggested; GDPR/PII and Confidential will get selected and the document will be
classified.

© 2022 Forcepoint Forcepoint Proprietary


57
GetVisibility: Administration Guide forcepoint.com

Figure 101: MS Word

c) Users also have the option to ignore the suggestion and use any other values to classify.

User Management
In the User Management screen, new users can be created to access the User Interface. There are two ways to create new users:

Using the portal

1. Select the User Management option.

Figure 102: User Management

© 2022 Forcepoint Forcepoint Proprietary


58
GetVisibility: Administration Guide forcepoint.com

2. User will be asked to login into Keycloak portal (Credentials will be shared separately).

Figure 103: Keycloak portal

3. Navigate to the User section and Select the Add User button.

Figure 104: User section

© 2022 Forcepoint Forcepoint Proprietary


59
GetVisibility: Administration Guide forcepoint.com

Figure 105: Add User

4. Select Save.

Figure 106: Details

5. Select Credentials. The user will be able to set the password for the new login, using this method they can create a new
user or view the existing users.

© 2022 Forcepoint Forcepoint Proprietary


60
GetVisibility: Administration Guide forcepoint.com

Figure 107: Credentials

Using LDAP method


Refer the below link for Creating a user using LDAP:
https://www.websense.com/content/support/library/getvisibility/synergy/reseller_keycloak_quick_installation_guide.pdf

© 2022 Forcepoint Forcepoint Proprietary


61
GetVisibility: Administration Guide forcepoint.com

End of Document

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity


forcepoint.com/contact company, entrusted to safeguard organizations while driving
digital transformation and growth. Forcepoint’s humanly-attuned
solutions adapt in real-time to how people interact with data,
providing secure access while enabling employees to create
value. Based in Austin, Texas, Forcepoint creates safe, trusted
environments for thousands of customers worldwide.

© 2022 Forcepoint. Forcepoint and the FORCEPOINT logo are trademarks of Forcepoint.
All other trademarks used in this document are the property of their respective owners.
[Forcepoint Data Classification Powered by GetVisibility Administration Guide] [Status]20
Dec. 22
© 2022 Forcepoint Forcepoint Proprietary
62

You might also like