Single-appliance TRITON AP-EMAIL deployments

Deployment and Installation Center | Email Protection Solutions | v8.3.x

A simple email protection deployment uses a single appliance or X10G blade server. In this installation, all email analysis occurs in the on-premises appliance component using a robust collection of threat detection tools (Main > Policy Management > Filters).

The Personal Email Manager facility on the appliance allows an organization's end users to manage blocked messages. The Secure Messaging portal lets an organization's customers view and manage email that contains sensitive data.

In this scenario, the Email Log Server is installed on the same machine as the TRITON Manager. It can be installed on a separate machine if desired.

Data loss prevention (DLP) policies analyze email to ensure acceptable use policies are enforced and sensitive company data is not lost. An email DLP policy can also facilitate outbound message encryption. DLP policies are enabled in the TRITON Manager Email module (Main > Policy Management > Policies) but are defined and configured in the Data module.

See the Data Security Manager Help for details about DLP policy settings. See the following Administrator Help topics for information about email filter and policy tools:

Creating and configuring email filters

Creating and configuring email policies

Single email appliance with Email Hybrid Module

This simple deployment uses a single appliance or X10G blade server. TRITON AP-EMAIL with the Email Hybrid Module offers a comprehensive email protection solution that combines the on-premises functions described earlier with hybrid (in-the-cloud) email analysis to manage an organization's email traffic.

The Email Hybrid Module provides an extra layer of analysis, stopping a variety of email-borne threats before they reach the network, potentially reducing email bandwidth and storage requirements. Together with the Email Encryption Module, the Email Hybrid Module facilitates the transfer of outbound email to an encryption server before delivery to its recipient.

The email hybrid service prevents malicious email traffic from entering a company's network by:

Dropping a connection request based on the reputation of the IP address of the request

Comparing the characteristics of inbound email against a Forcepoint database of known malware, and blocking any message that matches a database entry

The hybrid service may also include the results of its analysis as additional header information in email that it allows into the email protection system. This header information includes a threat detection "score," which is then used to determine message disposition by the on-premises email protection system. This function can enhance email system performance.

Your subscription must include the Email Hybrid Module, and the email hybrid service must be enabled and properly registered before hybrid service analysis can begin. Register for the hybrid service in the TRITON Manager Email module interface (Settings > Hybrid Service > Hybrid Configuration).

The Email Hybrid Service Log contains records of the email messages that are blocked by the email hybrid service. After the hybrid service is registered and enabled, users can view the log at Main > Status > Logs by clicking the Email Hybrid Service tab.

See the Administrator Help for TRITON AP-EMAIL for details on all email hybrid service options:

Registering the Email Hybrid Module

Configuring the Email Hybrid Service Log

Viewing the Email Hybrid Service Log