With the Workspace ONE UEM integration with Forcepoint, you can use your existing content filtering categories in Forcepoint and apply them to devices you manage within the UEM console.

Allow or block access to websites according to the websites you configure in Forcepoint and then deploy a VPN payload to force devices to comply with those rules. Directory users enrolled in Workspace ONE UEM are validated against Forcepoint to determine which content filtering rules to apply based on the specific end user.

You can enforce content filtering with Forcepoint in one of following two ways. 

  • Use the VPN profile as described in this topic. Enforcing content filtering using VPN profile can be applied to all Web traffic using browsers other than the VMware Browser.
  • Configure the Settings and Policies page, which applies to all Web traffic using browsers other than the VMware Browser. For instructions on configuring Settings and Policies, refer to the VMware Browser Guide.


  1. Navigate to Devices > Profiles & Resources > Profiles > Add. Select Apple iOS.
  2. Configure the profile's General settings.
  3. Select the VPN payload.
  4. Select Websense (Forcepoint) as the Connection Type.
  5. Configure Connection Info including:
    Settings Description
    Connection Name Enter the name of the connection name to be displayed.
    Username Enter the user name to connect to the proxy server.
    Password Enter the password for connection.
  6. (Optional) You can also Test Connection.
  7. Configure Vendor Configurations settings.
    Setting Description
    Vendor Keys

    Create custom keys and add to the vendor config dictionary.

    Key Enter the specific key provided by the vendor.
    Value Enter the VPN value for each key.
  8. Select Save & Publish. Directory-based end users can now access permitted sites based on your Forcepoint categories.