J&M Eastern Group is a Forcepoint supplier in Malaysia that specialises in Forcepoint Products. As one of the top Forcepoint partner and reseller in Malaysia, we carry a wide range of Forcepoint products such as a unified cloud-centric platform, data security and network security products to meet your requirements and quickly respond to the demands of your business. Our team is well experienced with Forcepoint products, solutions and services.
Forcepoint was created to empower organizations to drive their business forward by safely embracing transformation technologies - cloud, mobility, Internet of Things (IoT), and others - through a unified cloud-centric platform that safeguards users, networks and data while eliminating the inefficiencies involved in managing a collection of point security products.
Forcepoint ONE is an all-in-one cloud service that makes security simple for distributed businesses and government agencies that need to adapt quickly to changing remote and hybrid workforces. It gives employees, contractors, and other users safe, controlled access to business information on the web, in the cloud (Saas and IaaS), and in private applications, while keeping attackers out and sensitive data in. As a result, Forcepoint ONE makes users more productive, whether remote or in the office, and businesses more efficient.
- 99% verified uptime since 2015
- Latency minimized and throughput maximized with auto-scaling
- Flexible integration with any SAML-compatible IdP
- Unified administration console reduces repetitive and redundant configuration management
- Unified managed device agent for CASB, SWG, and ZTNA simplifies deployment
- AD sync agent or SCIM provisioning accelerate user on-boarding
- Reverse proxy with AJAX-VM allows protection of any managed web application without an on-device agent
- Data-in-motion scanning blocks malware and data exfiltration between users and any web application
- Data-at-rest scanning quarantines malware and controls risky data sharing for many popular SaaS and IaaS storage offerings
- Encryption of structured and unstructured data in SaaS and IaaS ensures data privacy
- Ability to block specific HTTP/S request methods, resulting in granular control of user interactions with any SaaS, web page, or private web application
Forcepoint ONE combines Zero Trust and SASE security technologies, including three secure access gateways and a variety of shared threat protection and data security services, all built on a cloud-native platform. This approach enables organizations to manage one set of policies, in one console, communicating with one endpoint agent.
- Secure Web Gateway (SWG). Monitors and controls any interaction with any website, including blocking access to websites based on category and risk score, blocking download of malware, blocking upload of sensitive data to personal file sharing accounts, and detecting and controlling shadow IT. Currently available as agent software for Windows and MacOS.
- Cloud Access Security Broker (CASB). Agent-based or agentless solution that enforces granular access to company SaaS based on identity, location, device, and group. Blocks download of sensitive data and blocks upload of malware in real time. Scans data at rest in popular SaaS and IaaS for malware and sensitive data and remediates as needed. Agentless option facilitates BYOD and contractor access.
- Zero Trust Network Access (ZTNA). Agent-based or agentless solution that allows granular access to private applications without the use of a VPN. Agent based solution required for non-HTTP/S applications.
Common features for all three gateways include:
- Contextual access control. Access to web, cloud, or private applications is controlled based on user location, device type, device posture, user behavior, and user group.
- Data loss prevention (DLP). Files and text are scanned upon upload and download for sensitive data and blocked, tracked, encrypted, or redacted as appropriate.
- Malware scanning. Files are scanned upon upload and download for malware and blocked when detected.
- Unified management console for configuration, monitoring, and reporting.
- Unified on-device agent for Windows and macOS.
- 99% service uptime.
Forcepoint ONE also includes these add-on capabilities:
- Cloud Security Posture Management (CSPM). Scans AWS, Azure, and GCP tenant settings for risky configurations and provides manual and automated remediation.
- SaaS Security Posture Management (SSPM). Scans Salesforce, ServiceNow, and Office 365 tenant settings for risky configurations and provides manual and automated remediation.
- Remote Browser Isolation (RBI) with integrated Content Disarm Reconstruction (CDR). With the appropriate SWG content policy, a user is protected from web-borne malware on their local device by running a browser in a cloud-hosted VM. With CDR, document and image downloads can be stripped of embedded malware and reconstructed before being opened by a user. This includes removal of malware embedded in an image file using steganography.
Forcepoint ONE Features and Benefits
|Platform-wide||Auto-scaling, distributed architecture on AWS with over 300 POPs worldwide.|
|Integration with any SAML compatible IdP. SAML relay or ACS proxy mode. Optional built-in IdP using Microsoft ADFS.|
|Active Directory Sync Agent. Synchronizes your current AD users and groups with Forcepoint ONE users and groups.|
|SCIM Integration. Synchronizes your current Azure AD users and groups with Forcepoint ONE users and groups.|
|Contextual access control. Grants user access to Forcepoint ONE based on user group, device type, location, or time of day. Optional escalation to Multi-factor Authentication based on “impossible travel,” unauthorized location, or unknown device. Additional layer of access control for individual websites or applications based on user group, device type, or location.|
|Single unified agent for on-device SWG, CASB forward proxy, and ZTNA for non-web applications.|
|Single administrator console for managing all system capabilities across all applications, users, and devices.|
|CASB, SWG, and ZTNA for web-based apps||DLP and malware scanning for data in motion. Scans file attachments downloaded from or uploaded to any web-based app or website for malware or sensitive data. Logs and takes the appropriate remediation action such as block (sole option for SWG), quarantine, encrypt, apply DRM, or apply watermarking and file tracking.|
|Field Programmable SASE Logic. Monitors, logs, and optionally blocks any HTTP/S request method based on any portion of the request method.|
|CASB and ZTNA for web-based apps||Agentless reverse proxy with AJAX-VM. The reverse proxy is software running in our core and edge POPs, while the AJAX-VM is a Java Script abstraction layer running inside the end user browser. Both work together to ensure that Forcepoint ONE can manage traffic between any device and any managed web application, without the need for agent software running on the device.|
|SWG||Monitors, logs, and controls access to any website from corporate Windows and Mac endpoints located anywhere with DLP and malware scanning using the Forcepoint ONE unified agent.|
|CASB||DLP and malware scanning for data at rest in the cloud. Scans structured and unstructured data in SaaS and IaaS storage for malware or sensitive data, and log and takes the appropriate protective action such as quarantine, encrypt, or remove public sharing.|
|Data Encryption. Encrypts sensitive structured and unstructured data in managed SaaS and IaaS.|
|Shadow IT discovery and control|
|CSPM||Cloud Security Posture Management. Scans configuration of security settings for AWS, GCP, and Azure admin console SaaS in accordance with various industry and regional baselines as well as custom baselines.|
|SSPM||SaaS Security Posture Management. Scans configuration of security settings for popular SaaS tenants in accordance with various industry and regional baselines as well as custom baselines.|
|RBI with CDR||Remote Browser Isolation with Content Disarm and Reconstruction. A licensed option for Forcepoint ONE SWG. Provides a layer of abstraction by running a browser in a cloud-hosted VM, separating the end user device from the risk of web-borne malware. When the user downloads a document or image file, CDR is applied which extracts the valid business information from the file, verifies the extracted information is well-structured, and then builds a brand-new file to carry the information to its destination.|
Get Forcepoint ONE Pricing
To receive Forcepoint ONE price, please send us a message >