Adding Forcepoint Firewall Enterprise Devices

TOS Aurora monitors Forcepoint Firewall Enterprise devices for policy revision changes. To help you organize the information for your devices, you can use the device information worksheet. To see which TOS features are supported for your device, review the feature support table.

TOS Aurora and the monitored devices must be synchronized with the correct date and time, either manually or automatically. We recommend that you also configure the devices to resolve DNS queries.

Monitor a Forcepoint Device

  1. In TOS Aurora, go to Monitoring > Manage Devices.

  2. Select the appropriate device type:

    Add Devices

  3. Configure the device settings:

    • Name for Display
    • Domain: Available only if you have configured your system for managing multi-domains and All Domains is currently selected. Select the domain to which to add the device. The Domain can only be entered when adding a device; to change the Domain, you must migrate the device.

    • Get revisions from: One of the following:

      • IP Address: Revisions are retrieved automatically
      • Offline File: (If available) Revisions are manually uploaded to TOS Aurora for Offline Analysis
    • ST server: In a distributed deployment, select which TOS Aurora cluster monitors this device (not shown in image)

    Click Next.

  4. Configure the TOS Aurora connection to the Forcepoint device, according to the parameters required by the device:

    Enter the necessary authentication information to connect to the Forcepoint Firewall Enterprise device.

    Make sure to enter the username of a user with administrator privileges of the firewall device.

    Select the whether you connect to the device with SSH or Telnet. To use default settings (recommended in most cases), leave the Port number clear.

    Click Next.

  5. The Monitoring Settings page appears:

    • To use timing settings from the Timing page, select Default. Otherwise, select Custom, Custom settings, and configure the Polling frequency: How often TOS Aurora fetches the configuration from each device.

    If you select 1 day, you can then select the exact time (hour and minute) for the daily polling.

How Do I Get Here?

In TOS Aurora, go to Monitoring > Manage Devices.