Swedish Certification Body for IT Security
Certification Report - Forcepoint Triton APX 8.2
8 Evaluated Configuration
The server components of the TOE are intended to be deployed in a physically-
secured cabinet room, room, or data center with the appropriate level of physical ac-
cess control and physical protection (e.g. fire control, locks, alarms, etc.). Access to
the physical console or USB ports on the appliance and associated TOE servers should
be restricted via a locked data cabinet within the data center. The TOE is intended to
be managed by administrators operating under a consistent security policy. In addi-
tion, any authentication server used by the TOE (e.g. Active Directory server) should
also be hosted within this secured environment. The TOE environment is responsible
for providing protection of network communication between the TOE server compo-
nents and also between the TOE and the administrative user.
Dependencies to Other Hardware, Firmware and Software
The TRITON Manager, Web Log Server and Email Log are not hosted on the For-
cepoint appliance. These TOE components are installed on Microsoft Windows server
(these components are installed on a single server in the evaluated deployment). The
TRITON solution also requires a Microsoft SQL Server to host the Log Server Data-
base (the Database and Forcepoint TRITON Manager must be hosted on separate ser-
vers). In the evaluated deployment these components are all installed on Windows
Servers.
The ST specifies the minimum requirements regarding the hardware needed in the en-
viroment. The following minimum platform requirements specified in the ST are nec-
essary for the deployment of the Forcepoint DLP Endpoint component, depending on
the type of endpoint device. The platforms may either be physical devices or provided
by Citrix XenDesktop v7.6:
Forcepoint Triton Manager
Microsoft SQL Server
Forcepoint DLP (data security) Servers (primary and secondary)
Forcepoint DLP Appliance (Protector)
Windows Forcepoint DLP Endpoint Client
MacOS Forcepoint DLP Endpoint Client
The Forcepoint TRITON Manager is accessed via a web browser on a management
workstation using a standard web browser (such as Internet Explorer 11, Firefox 40).
Excluded from the TOE Evaluated Configuration
Features/Functionality/Components that are not part of the evaluated configuration of
the TOE are:
Hybrid Services (Web Hybrid Module and the Email Hybrid Module).
Optional Web components, including Remote Filtering Server, Sync Service, and
transparent identification agents (DC Agent, Logon Agent, eDirectory Agent, and
RADIUS Agent).
Forcepoint DLP Endpoint DLP used in Forcepoint DLP hybrid and cloud deploy-
ments.
Forcepoint DLP ENDPOINT Web and Remote Filtering clients.