KB Article | Forcepoint Support

Problem Description

I have Content Gateway with Forcepoint DLP enabled and integrated in my Forcepoint Security Manager. I have created a Policy in the Data module and set the action to block all and the action plan for the http/https channel is set to block.

The traffic is identified in the traffic log and an incident is created based on the policy, but the content is not blocked. The incident shows permit as well.

Resolution

If the Content Gateway is not configured for blocking mode, then no blocking will occur, even if a DLP policy is configured to block on violation. 
 
To enable Blocking Mode for the Content Gateway:
  1. Open Forcepoint Security Manager.
  2. Navigate to Settings > System Modules.
  3. Click on the Content Gateway present.
  4. Enable Blocking for HTTP/HTTPS and FTP on their respective tabs.
  5. Press OK then Save and Deploy.
 
Blocking on Policy violation should now work properly for the environment.

Article Feedback



Thank you for the feedback and comments.