KB Article | Forcepoint Support

Problem Description

Forcepoint is aware of a compatibility issue between TRITON AP-ENDPOINT DLP/Forcepoint DLP Endpoint (all versions)/Forcepoint One Endpoint and the Microsoft Edge v40, v41, v42, or v44 browser. Microsoft Edge v40 was released on April 11, 2017 as part of the Windows 10 Creators Update, version 1703. Microsoft Edge v41 was released on September 26, 2017 as part of the Windows 10 Fall Creators Update, version 1709. Microsoft Edge v42 was released on April 30, 2018 as part of the Windows 10 Spring Creators Update, version 1803. Microsoft Edge v44 was released on November 13, 2018 as part of the Windows 10 October Update, version 1809.
When Forcepoint DLP Endpoint/Forcepoint One Endpoint is installed on an endpoint running Microsoft Windows 10 Creators Update version 1703 and later, Forcepoint DLP Endpoint/Forcepoint One Endpoint does not monitor Edge v40, v41, v42, or v44 by default.
NOTE: Forcepoint renamed the TRITON AP-ENDPOINT DLP to Forcepoint DLP in v8.4. This Edge v40/v41/v42/v44 issue affects both older v8.x versions of TRITON AP-ENDPOINT DLP and the new v8.4 Forcepoint DLP. This article will hereafter refer to both endpoint solutions as Forcepoint DLP Endpoint.

In addition, all references to Forcepoint DLP refer to the new v8.4 Forcepoint DLP and the older v8.x versions of TRITON AP-DATA.


Forcepoint DLP/Forcepoint One Endpoint allows you to define endpoint application groups that may be monitored within specific policies.

Use the following steps to monitor file access in Microsoft Edge v40, v41, v42, or v44 with Forcepoint DLP Endpoint/Forcepoint One Endpoint. Note that Forcepoint DLP/Forcepoint One Endpoint will not monitor other Edge operations, such as copy/paste or internet data posting.
  1. Create a new Endpoint Application Group.
  2. Add the Microsoft Edge endpoint application to this new group. Microsoft Edge is a predefined endpoint application in Forcepoint DLP, so it will not need to be added as an endpoint application.
  3. Ensure that this new group enforces File Access.
  4. Add this new group to the Endpoint Application channel of a new or existing policy rule.
To create the new Endpoint Application Group and add it to a policy rule, follow this procedure:
  1. Navigate to Main > Policy Management > Resources > Endpoint Application Groups.
  2. Click New > Application Group.
  3. Complete the fields as needed:
    1. Name: Enter a name for this application group.
    2. Description: Enter a description for this application group.
    3. Members: Click Edit, and then select the Microsoft Edge endpoint application.
    4. Endpoint Operations: Check the File Access check box.
  4. Click OK.
  5. Navigate to Main > Policy Management > DLP Policies > Manage Policies.
  6. From here, you may either add a new predefined or custom policy, or edit an existing policy.
  7. Advance through the policy screens, adding policy information as you go. When you get to the Destination tab, check Endpoint Applications.
  8. Click the Edit button under Endpoint Applications, and select this new endpoint application group.
  9. Click OK.
  10. Review the information under the Destination tab.
  11. If the information is correct, click OK.
  12. In the Deployment Needed window, click Yes.
  13. On the Deployment Process screen, the policy has been deployed once all rows in the Status column display Success.
  14. Open the Forcepoint DLP Endpoint client and click the Update button. The Last scan ended status will update to reflect the latest date and time.
For more information on creating an Endpoint Application Group entry, see Adding custom application groups in the Forcepoint DLP Manager Help.
For more information on modifying or creating policy rules, see Policies Overview in the Forcepoint DLP Manager Help.

Keywords: Forcepoint DLP Endpoint; Forcepoint One Endpoint; Microsoft Edge browser; Windows 10 Creator; Microsoft Edge v40, v41, v42, or v44; Endpoint Application Group; File Access;

Article Feedback

Thank you for the feedback and comments.