About the Device
Proofpoint Email Protection is available as an on-premise or cloud based solution. It blocks unwanted malicious, and impostor email with granular search capabilities and visibility into all messages. Outbound controls include encryption and data loss prevention, while continuity capabilities ensure business communications can continue as normal in the event of an email outage.
Device Information
Entity | Particulars |
---|---|
Vendor Name | Proofpoint |
Product Name | Email Protection |
Type of Device | Cloud/Hosted |
Collection Method
Log Type | Ingestion label | Preferred Logging Protocol - Format | Log Collection Method | Data Source |
---|---|---|---|---|
Proofpoint On Demand | PROOFPOINT_ON_DEMAND | Prop Vendor API - JSON | C2C | https://cloud.google.com/chronicle/docs/reference/feed-management-api#proofpoint-on-demand |
Device Configuration
To request a token, contact Proofpoint support, or log in to the Email Protection portal, and navigate to Settings > API Key Management.
Click Create New.
In Create New API Key, type a name and generate the API Key.
Select View Details from the ellipsis menu on the generated API Key and copy the key/token.
The CLUSTER_ID is displayed in the upper-right corner of the management interface next to the release number.
Integration Parameters:
Property | Default Value | Description |
---|---|---|
AUTHENTICATION HTTP HEADERS | N/A | The HTTP header used to authenticate (Use the same value mentioned here for Sec-WebSocket-Key) |
CLUSTER ID | N/A | The cluster ID, which is a user group string. |