Go to the table of contents Go to the previous page Go to the next page View or print as PDF
v8.5.3 Release Notes for Forcepoint Appliances : New for v8.5.3 Forcepoint appliances
New for v8.5.3 Forcepoint appliances
Release Notes | Forcepoint Appliances | v8.5.3
Forcepoint is pleased to release version 8.5.3 of the Forcepoint appliance infrastructure. For more information on new appliance features, see the Forcepoint Appliances Getting Started Guide.
*
*
*
*
*
*
*
Forcepoint solutions on Forcepoint appliance platforms
 




For detailed information about deploying any of the Forcepoint DLP solutions on Forcepoint appliances, see the Forcepoint DLP section of the Forcepoint documentation page.
For detailed information about deploying Forcepoint Web Security Cloud with an i-Series appliance, see the Forcepoint i-Series Appliance section of the Forcepoint documentation page.
V Series specifications
1 rack-unit form factor
See the V Series Appliance datasheet (PDF on the Forcepoint website) for specifications of the currently shipping model.
V20000
Supported solutions
*
*
Supported models with v8.5.3
*
Network interfaces
All V20000 appliances come with 6 physical Ethernet interfaces
C — Supports Forcepoint appliance management communication
P1, P2 — Support Content Gateway (web proxy) traffic (Email Security and Web Security)
E1, E2 — Used for bonding with P1/P2
N — Supports Network Agent (Web protection solutions)
Interface bonding: With Forcepoint Web Security and Forcepoint Email Security, interfaces P1 and E1 can be bonded, and interfaces P2 and E2 can be bonded.
Fiber NICs: Supports fiber NICs for C and N interfaces (requires 3 dual-port NICs to be installed).
V10000
Supported solutions
*
*
Supported models with v8.5.3
*
*
*
Network interfaces
All V10000 appliances come with 6 physical Ethernet interfaces
C — Supports Forcepoint appliance management communication
 
P1, P2
*
*
E1, E2
*
*
N — Supports Network Agent (Web protection solutions)
Interface bonding: With Forcepoint Web Security and Forcepoint Email Security, interfaces P1 and E1 can be bonded, and interfaces P2 and E2 can be bonded.
V5000
Supported solutions
*
*
*
Supported models with v8.5.3
*
*
Network interfaces
All V5000 appliances come with 4 physical Ethernet interfaces.
C — Supports Forcepoint appliance management communication
P1, P2 — Support Content Gateway (web proxy) traffic (Forcepoint Web Security) or MTA traffic (Forcepoint Email Security)
N — Supports Network Agent (Web protection solutions)
X Series specifications
10 rack-unit form factor; chassis hosts up to 16 X10G blade servers
See the X Series Appliance datasheet (PDF on the Forcepoint website) for specifications of the currently shipping model.
Supported solutions
*
*
Supported models with v8.5.3
*
*
Network interfaces
All X Series appliances come with 2 PowerConnect M6220 switches. Each supports 2 10Gb SFP+ ports.
All X10G security blades support 3 virtual Ethernet interfaces.
C — Supports Forcepoint appliance management communication
P1, P2 — Support Content Gateway (web proxy) traffic (Forcepoint Web Security) or MTA traffic (Forcepoint Email Security)
Forcepoint Virtual Appliance for Web and Email specifications
ESXi VMware
Version 8.5.3 Web and Email Virtual Appliances are certified for VMware ESXi 6.5 / 6.0 / 5.5. A stable release of ESXi, such as 6.5d (build 5310538) or later, is recommended to avoid unexpected issues.
Supported solutions
*
*
*
TRITON AP-EMAIL VM specification
The install OVA creates a virtual machine with the following specifications:
*
*
*
*
*
 
Important 
Network interfaces
All Forcepoint Email Security VMware virtual appliances come with four (4) virtual Ethernet interfaces.
C - Supports Forcepoint appliance management communication
P1, P2 - Support MTA traffic
N - Reserved
Forcepoint Web Security VM specification
 
Note 
The policy mode Filtering only is not supported on VMware virtual appliances with version 8.5.3.
The install OVA creates a virtual machine with the following specifications:
*
*
*
*
 
Important 
Network interfaces
All Forcepoint Web Security VMware virtual appliances come with 4 virtual Ethernet interfaces.
C - Supports Forcepoint appliance management communication
P1, P2 - Support Content Gateway web proxy traffic
N - Reserved; Network Agent and Content Gateway decryption port mirror are not supported on VMware virtual appliances in v8.5.3.
Direct upgrade to v8.5.3
V Series appliances can be upgraded to 8.5.3 from 8.2.x, 8.3.x, 8.4.x, and 8.5.x.
X Series appliances can be upgraded to 8.5.3 from 8.2.x, 8.3.x, 8.4.x, and 8.5.x.
 
Important 
Dual Mode appliances are not supported with version 8.3.0 and higher. Either TRITON AP-EMAIL or the web protection solution must be migrated to a new appliance. For more information, see Command-line interface (CLI).
DLP Analytics Engine (VA) now supports upgrades.
For upgrade instructions, see:
*
*
*
*
*
Upgrades from Appliance version 8.3.x require the ISO file type to upgrade to Appliance version 8.4.0 and later. This ISO file ("v8.4.0 Unified Appliance Installer") is available on the Forcepoint Downloads page.
V Series appliance models supported with version 8.5.3
Version 8.5.3 is supported on these V Series appliances:
Older V10000 G2 and V5000 G2 appliances, known as revision 1 (R1) or revision 2 (R2) appliances, are not supported with this version. See the V Series Appliances Certified Product Matrix for last supported versions. These models stopped shipping:
If you plan to upgrade from any version of 7.x to any version of 8.x, you should verify the full hardware platform model of the appliances you plan to upgrade.
In some cases your hardware platform information is available on the Configuration > System page in the Appliance manager. Refer to the System Information box at the top of the page.
This will tell you if you have a G3 or G4 appliance. However, for V10000 G2 and V5000 G2 machines, the summary does not indicate whether the appliance is an R1 or R2 model. V5000 G2R2 is not supported on v8.5.3.
If you have a G2 appliance, use the following steps to determine if it's R1 or R2 hardware.
1.
2.
Command-line interface (CLI)
Several commands have been added to the CLI for version 8.5.3, including commands to:
*
*
*
*
*
Additionally, the format of the CLI Guide has changed from a tabled-based format to an entry-based format. For more details, see the Forcepoint Appliances CLI Guide.
Forcepoint appliance API
In the new Forcepoint appliance architecture, all configuration, management, and troubleshooting functions are supported by a REST API that is used by all Forcepoint appliance platforms and Forcepoint solutions. The Forcepoint Appliance CLI uses the REST API, as does the Forcepoint Security Appliance Manager. Portions of the API have been published for customer use.
With the release of Forcepoint appliance version 8.5.3, Security content has been added. For more information, see the Forcepoint Appliances section of the Forcepoint documentation page.
Security updates
This release addresses the following Common Vulnerabilities and Exposures.
Meltdown/Spectre Vulnerabilities

CVE-2017-5715 (Spectre Variant 2)
CVE-2017-5753 (Spectre Variant 2)
CVE-2017-5754 (Meltdown/Variant 3)
CVE-2018-3640 (Variant 3a)
CVE-2018-3639 (Variant 4)
CVE-2018-3615 (Foreshadow/SGX)
CVE-2018-3620 (Foreshadow-NG/OS)
CVE-2018-3646 (Foreshadow-NG/VMM)
 
Note 
Forcepoint Appliances documentation
All Forcepoint appliances share common operating and maintenance procedures.
The Forcepoint Appliances documentation set includes:
*
*
*
*
*
*
*
*
*
*
*
*
*
All Forcepoint documentation, including documents specific to Forcepoint Email Security, Forcepoint Web Security, Forcepoint URL Filtering, and Forcepoint Security Manager can be accessed at support.forcepoint.com/documentation.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
v8.5.3 Release Notes for Forcepoint Appliances : New for v8.5.3 Forcepoint appliances
Copyright 2017 Forcepoint. All rights reserved.