KB Article | Forcepoint Support

Problem Description

Forcepoint is aware of a compatibility issue between TRITON AP-ENDPOINT DLP/Forcepoint DLP Endpoint (all versions) and the Microsoft Edge v40, v41, or v42 browser. Microsoft Edge v40 was released on April 11, 2017 as part of the Windows 10 Creators Update, version 1703. Microsoft Edge v41 was released on September 26, 2017 as part of the Windows 10 Fall Creators Update, version 1709. Microsoft Edge v42 was released on April 30, 2018 as part of the Windows 10 Spring Creators Update, version 1803. 
 
When Forcepoint DLP Endpoint is installed on an endpoint running Microsoft Windows 10 Creators Update version 1703 and later, Forcepoint DLP Endpoint does not monitor Edge v40, v41, or v42 by default.
 
NOTE: Forcepoint renamed the TRITON AP-ENDPOINT DLP to Forcepoint DLP in v8.4. This Edge v40/v41/v42 issue affects both older v8.x versions of TRITON AP-ENDPOINT DLP and the new v8.4 Forcepoint DLP. This article will hereafter refer to both endpoint solutions as Forcepoint DLP Endpoint.

In addition, all references to Forcepoint DLP refer to the new v8.4 Forcepoint DLP and the older v8.x versions of TRITON AP-DATA.

Resolution

Forcepoint DLP allows you to define endpoint application groups that may be monitored within specific policies. To monitor Microsoft Edge v40, v41, or v42 in Forcepoint DLP Endpoint:
 
  1. Create a new Endpoint Application Group.
  2. Add the Microsoft Edge endpoint application to this new group. Microsoft Edge is a predefined endpoint application in Forcepoint DLP, so it will not need to be added as an endpoint application.
  3. Ensure that this new group enforces File Access.
  4. Add this new group to the Endpoint Application channel of a new or existing policy rule.
 
To create the new Endpoint Application Group and add it to a policy rule, follow this procedure:
  1. Navigate to Main > Policy Management > Resources > Endpoint Application Groups.
  2. Click New > Application Group.
  3. Complete the fields as needed:
    1. Name: Enter a name for this application group.
    2. Description: Enter a description for this application group.
    3. Members: Click Edit, and then select the Microsoft Edge endpoint application.
    4. Endpoint Operations: Check the File Access operation.
  4. Click OK.
  5. Navigate to Main > Policy Management > DLP Policies > Manage Policies.
  6. From here, you may either add a new predefined or custom policy, or edit an existing policy.
  7. Advance through the Policy screens, adding policy information as you go. When you get to the Destination tab, check Endpoint Applications.
  8. Click the Edit button under Endpoint Applications, and select this new endpoint application group.
  9. Click Next.
  10. Review the information under the Finish tab.
  11. If the information is correct, click the Finish button.
  12. In the Deployment Needed window, click Yes.
  13. On the Deployment Process screen, the policy has been deployed once all rows in the Status column display Success.
  14. Open the Forcepoint DLP Endpoint client and click the Update button. The Last scan ended status will update to reflect the latest date and time.
 
For more information on creating an Endpoint Application Group entry, see Adding custom application groups in the Forcepoint DLP Manager Help.

For more information on modifying or creating policy rules, see Policies Overview in the Forcepoint DLP Manager Help.
 

Article Feedback



Thank you for the feedback and comments.

Want 24/7 Tech Support?

Learn more