Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

Device Configuration: Forcepoint Email Cloud

Owned by Customer Success & Engineering (Unlicensed)

Last updated: Jan 30, 2023

2 min read

1 Overview
2 Prerequisites
- 2.1 Following Changes required on Forcepoint Email Cloud
3 Steps of Configuration
4 Steps
5 Verification On the Seceon UI

Overview

This user guide describes the Forcepoint Email Cloud tool integration with Seceon aiSIEM through the API

Prerequisites

Following Changes required on Forcepoint Email Cloud

The Account should have Log Export permission (Under Account Permissions, check the Log Export box)
Use the Account > SIEM Storage page of the cloud portal to configure the storage
options
Note: Use Forcepoint storage

Steps of Configuration

To add the Seqrite Endpoint API method support follow the steps that are mentioned below:

Login Seceon UI: >provisioning >Add-on device >click on add button

Steps

To add the Forcepoint Email Cloud support, Follow the steps mentioned below.

Enter a unique name for the device.
Enter the CCE IP.
Enter Forcepoint email cloud user name in Access ID/user name and password in password/Secret Key
Now enter the valid JSON Format in the last field, no need to put JSON ( only Add- {} )
Click on the Save button.

Verification On the Seceon UI

Step 1: Log in to UI with Administrative Rights & Navigate to System>> Log/Flow Collection Status Option.

Steps 2: Inside Source Device IP, the IP Address of the Device will reflect including the no. of logs sent to the Seceon Servers.

Seceon Inc. All rights reserved. https://www.seceon.com