6.4. Configuring OPSWAT | Cloud Security for Salesforce

The procedures in this section show you to configure MetaAccess and Salesforce to communicate with each other and work together.

Configuring Salesforce

The procedures in this section show you how to configure the application on Salesforce.

Configuring the Application

Use the OPSWAT | Settings tab on salesforce.com to enable OPSWAT Cloud Security for Salesforce to communicate with MetaAccess.

To configure the application:

1. Return to the Installed Packages page on Salesforce (from above) and click the App Launcher icon in the upper left corner of the page.


The App Launcher page appears.

2. Click OPSWAT.


The MetaAccess Dashboard page appears.

3. Click OPSWAT - Settings.


The Configure MetaAccess page appears.

4. Go back to the OPSWAT Portal page you used to register the new application, copy the Client Key and paste it into the Client Key text field the MetaAccess Dashboard page in Salesforce.

5. Copy the Client Secret in the OPSWAT Portal page and paste it into the Client Secret text field the MetaAccess Dashboard page in Salesforce.

6. Click in the Cross-domain API Port text field and enter the appropriate port number.

7. Click in the Admin User text field, enter the name of the appropriate admin user, then click the search icon.

8. Select the appropriate user from the list that appears.

9. Click the Mode dropdown and select the appropriate Policy Setting Mode. Your options are: Disable, Monitor and Enforce.

10. Click in the Download Agent URL text field and enter the appropriate URL.

This is the URL from which users will be able to download the OPSWAT Client, if necessary.

Note: You copy the download URL through the MetaAccess Dashboard.

Access MetaAccess and click Dashboard, then click Overview.

Click Add Devices.

The Add Devices popup appears.

Click Click to copy the download link.


This copies the appropriate URL to your clipboard. You can now paste it into the Download Agent URL text field.

11. Click Save.

Note: You can click Test Connection to check if the app can contact OPSWAT MetaAccess for device compliance checks.


Whitelisting MetaAccess URLs

As necessary, add the MetaAccess Server as a Remote Site URL.

To whitelist MetaAccess URLs:

1. Navigate to the Setup page.

Note: Click the Gear icon ( ) in the upper right-hand corner of the Cloud Security for Salesforce interface and select Setup from the menu that appears.

2. Click Security, then click Remote Site Settings in the left-hand column of the page.

The All Remote Sites page appears.

Note: You can also edit an existing site by clicking its Edit link.

3. Click Add Remote Site.


The Remote Site Edit page appears.

4. Click in the Remote Site Name text field and enter the name for the remote site, as you want it to appear in the Salesforce interface.

5. Click in the Remote Site URL text field and enter the URL to the remote site.

6. As necessary, click the Disable Protocol Security checkbox, to remove its check.

7. Click in the Description text field and enter a description of the new remote site.

8. Click Save.


Enabling Device Compliance

Last, create new login flows for relevant profiles.

Note: You must create a login flow for every profile that you that you want the validation to run on.

To enable device compliance:

1. As necessary, navigate to the Setup page.

2. Click Identity, then click Login Flows.

The Login Flows page appears.

3. Click New.


The New Login Flow page appears.

4. Click the Type dropdown and select Visualforce Page.

The New Login Flow page refreshes.

5. Click in the Name text field and enter a name for the new login flow.

6. Click in the VisualForce Page text field and enter the appropriate VisualForce Page label.

7. Click the User License dropdown and select the appropriate license.

8. Click the Profile dropdown and select appropriate profile.

9. Click Save.


10. Repeat the above steps as many times as necessary,

Granting Profile Access Permissions

Before a user can complete the log in process, the profile to which they are assigned must be granted access permission.

To grant profile access permissions:

1. Click in the search text field and enter some or all of VisualForce Pages.

2. Click VisualForce Pages.


The VisualForce Pages page appears.

3. Local the appropriate VIsualForce Page name and click Security beside it.


The page for that VisualForce page appears

4. Click the appropriate profile name(s), then click Add.


The system adds the profiles to that VisualForce page.

5. Click Save.


Salesforce saves your settings.

6. Repeat the above steps for any necessary VisualForce pages.

When you are done, you can test OPSWAT Cloud Security for Salesforce.