Deploy and Administer

Forcepoint ONE SSE

E-learning
Datasheet
June 2023

forcepoint.com
Deploy and Administer Forcepoint ONE SSE (E-learning) forcepoint.com

Deploy and Administer Forcepoint ONE SSE

E-learning
The Deploy and Administer Forcepoint ONE SSE E-learning course is for anyone tasked with deploying and administering
the Forcepoint ONE Security Service Edge (SSE) platform.
This self-paced training introduces the SSE architecture and walks the user through a typical SSE deployment. It covers
topics including managing user identification and authentication, configuring DLP objects, deploying the SmartEdge agent,
administering policies for SWG, ZTNA, and CASB, and reviewing logs.

Audience
 System administrators, data security administrators, network security
administrators, IT staff Format:
 Sales engineers, consultants, implementation specialists Computer-based self-paced training
 Forcepoint channel partners and IT staff
Duration:
Course objectives 16 hours of content

 Explain the Forcepoint ONE Security Service Edge (SSE) platform. Course Price:
 Manage access to the Forcepoint ONE portal.
 Provision users and groups in Forcepoint ONE. This E-learning is provided free of
 Configure user authentication. charge.
 Explain Forcepoint ONE policy fundamentals.
 Configure login control policies.
 Create policy objects and notifications.
 Explain what Shadow IT is and use Forcepoint ONE to discover it.
 Configure managed device identification.
 Deploy and configure the SmartEdge agent.
 Configure Forcepoint ONE DLP data patterns.
 Integrate Forcepoint ONE with Forcepoint Enterprise DLP.
 Configure and deploy Cloud SWG in Forcepoint ONE.
 Apply acceptable use policies for web traffic.
 Use Forcepoint Remote Browser Isolation with Forcepoint ONE.
 Install and configure ZTNA with Forcepoint ONE.
 Add managed applications and configure single sign-on.
 Configure inline protection for managed cloud applications.
 Configure data at rest (DAR) scanning of cloud applications.
 Monitor and analyze traffic in Forcepoint ONE.

Prerequisites for attendance

 General understanding of Software as a Service (SaaS) principles
 General knowledge of cloud applications
 Basic knowledge of user management and authentication, such as Active Directory/User Directory, SCIM, and
SAML concepts
 Basic knowledge of IPv4 networking concepts (IP addresses, routing, URLs, proxies, gateways, firewalls)
 User experience with OS platforms on which elements of Forcepoint ONE SSE will be deployed
 Basic familiarity with privacy standard terminology and their acronyms (such as HIPPA, PII, GDPR, and PCI)

© 2023 Forcepoint Public 2

Deploy and Administer Forcepoint ONE SSE (E-learning) forcepoint.com

Course outline

Introducing Forcepoint ONE SSE and Managing Identity

Scenario: Getting Started with Forcepoint ONE
 Explain the Forcepoint ONE solution.
 Prepare for the Forcepoint ONE deployment.
 Verify lab access.
 Access lab documentation and help resources.

Scenario: Managing Access to the Forcepoint ONE Portal

 Explain the difference between user and admin portals.
 Create admin users.
 Review user access permissions.
 Apply a policy to Forcepoint ONE portal access.

Scenario: Provisioning Users and Groups in Forcepoint ONE

 Explain the user provisioning options in Forcepoint ONE.
 Install and configure the Forcepoint ONE AD agent.
 Configure a SCIM application in Okta or Azure.
 Create and import local users and groups.

Scenario: Configuring User Authentication in Forcepoint ONE

 Explain the benefits of enabling user authentication in Forcepoint ONE.
 Describe the user authentication methods available in Forcepoint ONE.
 Configure username domain authentication for local authentication.
 Configure username domain authentication for AD agent authentication.
 Configure username domain authentication for using an external identity provider.

Configuring Common Components in Forcepoint ONE SSE

Scenario: Explaining Forcepoint ONE Policy Fundamentals
 Define how Forcepoint ONE defines policies, rules, and conditions.
 Explain which conditions and actions can be applied to multiple policy types.
 Describe which policies are examined by which behaviors.
 Discover how policies behave when no rules are triggered.

Scenario: Working with Forcepoint ONE Login Policies

 Explain the business advantages of creating login policies.
 Identify applicable use cases for the different types of login policy.
 Review incidents generated by the policies.

Scenario: Preconfiguring Forcepoint ONE Policy Objects

 Configure different types of notifications.
 Configure custom notification files.
 Add custom locations.

Scenario: Discovering Shadow IT Usage with Forcepoint ONE

 Define Shadow IT and the problems it poses.

© 2023 Forcepoint Public 3

Deploy and Administer Forcepoint ONE SSE (E-learning) forcepoint.com

 Review log import and methods for log collection.

 Map forwarded logs to Forcepoint ONE fields.
 Review the reports generated in preparation for policy planning.

Configuring Managed Devices in Forcepoint ONE SSE

Scenario: Configuring Managed Device Identification in Forcepoint ONE
 Explain the benefits of identifying managed devices.
 Identify the available methods of distinguishing managed devices.
 Configure managed client certificates.
 Set up custom device profiles.
 Configure SAML attribute match.

Scenario: Configuring and Deploying the SmartEdge Agent

 Identify the business advantages of deploying the SmartEdge agent.
 Configure and deploy the SmartEdge agent.

Configuring DLP with Forcepoint ONE SSE

Scenario: Configuring DLP with Forcepoint ONE
 List the Forcepoint ONE products for which you can apply DLP policy controls.
 Provide an overview of how DLP applies to CASB, Web, and ZTNA traffic.
 Review the options for applying DLP controls to traffic running through Forcepoint ONE using Forcepoint ONE
DLP, Forcepoint Enterprise DLP, and a combination of the two.
 Configure Forcepoint data patterns.
 Enforce FSM-controlled policies.

Configuring Forcepoint ONE Secure Web Gateway (SWG)

Scenario: Getting Started with Forcepoint ONE SWG
 Describe the features and business advantages of using Secure Web Gateway (SWG).
 Describe at a high level the traffic flow for SWG and Cloud SWG.

Scenario: Configuring and Deploying Cloud SWG in Forcepoint ONE

 Review the supported Cloud SWG tunneling capabilities.
 Set up Cloud SWG in the Forcepoint ONE portal.
 Configure GRE tunneling.
 Configure IPsec tunneling.

Scenario: Applying Acceptable Use Policies for Forcepoint ONE SWG

 Describe the SWG policy types and use cases for each.
 Explain and configure Forcepoint ONE Remote Browser Isolation (RBI).
 Configure SWG policy use cases.
 Configure SWG bypass use cases.

© 2023 Forcepoint Public 4

Deploy and Administer Forcepoint ONE SSE (E-learning) forcepoint.com

Configuring Forcepoint ONE Zero Trust Network Access (ZTNA)

Scenario: Implementing ZTNA with Forcepoint ONE
 Explain the ZTNA capability in Forcepoint ONE.
 Install and configure the ZTNA connector.
 Configure agentless ZTNA.
 Configure agent-based ZTNA.

Configuring Forcepoint ONE Cloud Access Security Broker (CASB)

Scenario: Getting Started with Forcepoint ONE CASB
 Explain the benefits of using the Forcepoint ONE CASB.
 Summarize the basic differences between agent-based and agentless CASB.
 Describe how data at rest is scanned by Forcepoint ONE.
 Add a managed application to the CASB configuration.

Scenario: Configuring SSO for Cloud Applications in Forcepoint ONE

 Select the appropriate SSO integration method for your application and organization.
 Integrate Forcepoint ONE into the SSO process for a managed application.

Scenario: Configuring Inline Protection for Managed Cloud Applications

 Explain the benefits of protecting data in motion.
 Apply access controls to your applications.
 Enforce DLP policies for inline CASB traffic.
 Facilitate secure business to business collaboration.

Scenario: Configuring Data at Rest (DAR) Scanning of Cloud Applications

 Explain the benefits of scanning data at rest.
 Configure data at rest scanning of managed cloud applications.
 Identify use cases for API scanning of managed cloud applications.

Monitoring and Analyzing Forcepoint ONE SSE Traffic

Scenario: Reviewing Logs and Incident Management in Forcepoint ONE
 View dashboards.
 Examine logs.
 Evaluate Shadow IT reports.
 Configure log export using Rest APIs.
 Review SIEM integration.

Scenario: Expanding Forcepoint ONE Deployment

 Review a summary of tasks completed.
 Plan for ongoing tasks.
 Extend your deployment to larger audiences and more advanced configurations.
 Consider expanding your protection by implementing additional Forcepoint products.

© 2023 Forcepoint Public 5

Deploy and Administer Forcepoint ONE SSE (E-learning) forcepoint.com

To attend this e-learning course, you must have a computer with:

 A high-speed internet connection (minimum of 1 MB connection required)
 An up-to-date web browser (Google Chrome recommended)
 PDF viewer
 Speakers and microphone or headset (headset recommended)

Terms and Conditions

 E-learning courses are delivered as self-paced computer-based training, with no onsite delivery element.
 E-learning courses are limited to the topics described in this data sheet and may not address all your unique
requirements.
 Forcepoint e-learning courses are standard and non-negotiable.
 Forcepoint provides the e-learning “AS IS” and makes no warranties of any kind, express or implied.
 E-learning courses must be completed within six months from purchase, or the e-learning course may be
forfeited.
 The training services in this course are provided pursuant to the Subscription Agreement.
 Assent to the Subscription Agreement constitutes acceptance of the above terms and conditions.

For more information about this course or other Forcepoint training offerings, please visit
https://www.forcepoint.com/services/training-and-technical-certification or contact Forcepoint Technical Learning Services
at learn@forcepoint.com.

© 2023 Forcepoint Public 6