Enable ECA on the NGFW Engine

Enable ECA on the NGFW Engines on which you want to receive endpoint client information.

  For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration.
  2. Right-click an NGFW Engine, then select Edit <element type>.
  3. Browse to Add-Ons > Endpoint Integration.
  4. From the Endpoint Service drop-down menu, select Forcepoint Endpoint Context Agent, then configure the settings.
  5. Click Save.
  6. Click Export Configuration for Endpoint Clients, then choose where to save the XML file that contains the configuration.
    The details of all the NGFW Engines that use the same ECA Configuration element are included in the exported XML file. You must have finished configuring all the NGFW Engines before you export the file.

Next steps

Use the exported XML configuration file when installing the clients on the endpoints. For more information, see the Installation and Deployment Guide for Forcepoint Endpoint Context Agent.

Engine Editor > Add-Ons > Endpoint Integration

Use this branch to enable endpoint integration on the engine and change the settings for the endpoint client communication.

Option Definition
When Endpoint Service is Forcepoint Endpoint Context Agent
ECA Listener Certificate The internal certificate for the NGFW Engine that listens for ECA traffic. The certificate is generated automatically when you save the ECA configuration.
Signing CA The internal CA that signed the certificate.
ECA Configuration The selected ECA Configuration element. Click Select to select an element.
Source Networks Add the networks or zones that contain the clients. The clients located in these networks or zones send endpoint information to this Firewall. Click Add to add an element to the table, or Remove to remove the selected element.
Destination Networks Add the networks or zones where outbound connections are going. The clients send endpoint information only if the destination address is located in these networks or zones. If filtering based on both source address and destination address, both conditions must be met.

Click Add to add an element to the table, or Remove to remove the selected element.

Listening Interfaces The interfaces or zones the NGFW Engine uses to listen for ECA traffic. Click Add to add an element to the table, or Remove to remove the selected element.
Listening Port The port on which the NGFW Engine listens for ECA traffic.
Export Configuration for Endpoint Clients Opens the Export ECA Configuration dialog box, where you can export an XML file that contains the ECA configuration and details of all the NGFW Engines that use the same ECA Configuration element. You must first save the NGFW Engine configuration.
Option Definition
When Endpoint Service is McAfee Endpoint Intelligence Agent (McAfee EIA)
Note: McAfee Endpoint Intelligence Agent (McAfee EIA) is no longer supported in NGFW version 6.3.0 and later. We recommend that you use Forcepoint Endpoint Context Agent instead.
ePO Server The McAfee ePO server that you want the NGFW Engine to communicate with. Click Select to select an element.
Endpoint Client Zones or Networks The networks or zones in which the endpoint clients are located. Click Add to add an element to the table, or Remove to remove the selected element.
Listen on Interfaces The interfaces or zones the engine uses to listen for EIA traffic. Click Add to add an element to the table, or Remove to remove the selected element.
Listening Port The port on which the NGFW Engine listens for EIA traffic.

Properties dialog box (ECA Certificate)

Use this dialog box to review the properties of an ECA Certificate.

Option Definition
General tab
Name The name of the element.
Subject Name The identifier of the certified entity.
Public Key Algorithm The algorithm used for the public key.
Key Length The length of the key in bits.
Serial Number The sequence number of the certificate. The number is issued by the CA.
Signature Algorithm The signature algorithm that was used to sign the certificate.
Signed By The CA that signed the certificate.
SubjectAltName The subject alternative name fields of the certificate.
Valid From The start date of certificate validity.
Valid To The end date of certificate validity.
Fingerprint (SHA-1) The certificate fingerprint using the SHA-1 algorithm.
Fingerprint (SHA-256) The certificate fingerprint using the SHA-256 algorithm.
Fingerprint (SHA-512) The certificate fingerprint using the SHA-512 algorithm.
Option Definition
Certificate tab
Certificate text area The contents of the certificate.

ECA Configuration Export dialog box

Use this dialog box to export the ECA configuration in XML format.

Option Definition
ECA Configuration Click Select to select an element. If you opened this dialog box from the Engine Editor, the ECA Configuration is automatically selected.
Export File The path where you want to save the exported XML file.
Export Exports the XML file.