Documentation
|
Support
Deploying Email Protection Solutions
> System requirements
System requirements
Deployment and Installation Center | Email Protection Solutions
Applies to:
Forcepoint Email Security, v8.5.x
To view complete hardware, software, and web browser requirements for Forcepoint Email Security, see
System requirements for this version
.
Every Forcepoint Email Security deployment includes the following components at a minimum:
In the DMZ
A Forcepoint appliance (V Series, X Series blade, or Virtual Appliance), which includes the core email protection functions, along with the Personal Email Manager and Secure Messaging end-user facilities
Email traffic volume in your network may determine which type of appliance you use and how many appliances your deployment needs.
In the internal LAN
Forcepoint Security Manager with both Email Security and Data Security modules installed on a Windows Server® 2008 R2 SP1, 2012, 2012 R2, 2016, or 2019 machine
Windows 2008 R2 is not supported for version 8.5.3 or 8.5.4.
Email Log Server
Email Log Database (Microsoft® SQL Server® 2008, 2008 R2, 2012, 2014, 2016, or 2017, including Express)
SQL Server 2008 R2 is not supported for version 8.5.3 or 8.5.4
Mail server
End-user machines: mail clients used by end user
Note
All email protection components must be synchronized by date and time for proper system communication.
The network DMZ contains the devices that have direct contact with the Internet. This zone is a buffer between the Internet and the internal LAN. In our examples, the appliance and any router, switch, or load balancer adjacent to the firewall are located in the DMZ.
Forcepoint appliances
The Forcepoint V Series, X Series, and Virtual Appliances provide the majority of email protection functions. Incoming email flows from the Forcepoint Email Security Hybrid Module (if purchased and enabled) to the Forcepoint appliance and to the mail server. The Forcepoint appliance also provides the Personal Email Manager and Secure Messaging end-user facilities.
Forcepoint Email Security can occupy individual blade servers on an X Series appliance. The X Series chassis may include a combination of Email Security and Web Security blade servers.
See the
Forcepoint Appliances Getting Started Guide
for detailed hardware specifications.
Forcepoint management server
The Forcepoint management server hosts the Forcepoint Security Manager. This machine includes Forcepoint Management Infrastructure and any installed Forcepoint management modules. In a Forcepoint Email Security deployment, the Forcepoint management server includes both the Email Security and Data Security modules.
Email Log Server
The Forcepoint management server often includes the Email Log Server component, although this component can also be installed on a separate machine in an on-premises deployment. If the Forcepoint management server is installed in Microsoft Azure, the Log Server must reside in the same machine. The Log Server passes message data to the SQL Server reporting database (Email Log Database) for use in generating dashboard charts and reports, messages, and Message Log data.
During installation, a user configures certain aspects of Log Server operation, including how Log Server interacts with the Email Security module. These settings can be changed when needed via the Email Log Server Configuration utility. Other details about Log Server operation are configured in this utility as well. The utility is installed on the same machine as Log Server.
Email Log Database (Microsoft SQL Server)
Microsoft SQL Server handles the system and message log database and stores some Email Security module configuration settings. SQL Server may be installed on the Forcepoint management server or on a dedicated server. For optimal performance, Forcepoint recommends that a full SQL Server be installed on a separate machine. (SQL Server Express, which can be installed as part of the Forcepoint Security Manager installation with certain versions, is recommended only for evaluation purposes.) For information about database systems in Forcepoint products, see
Administering Forcepoint Databases
.
Personal Email Manager
The email appliance is the portal for Personal Email Manager end users who are authorized to manage their own blocked mail. Personal Email Manager end-user options are configured in the Security Manager Email Security module interface (
Settings > Personal Email
). A Personal Email Manager administrator can determine:
Which end users can access the Personal Email Manager utility and which actions, if any, those users are allowed to perform on blocked messages
What the blocked email notification message contains
Which end users are allowed to manage personal Always Block and Always Permit lists
Whether a user can manage multiple email accounts
Whether a user can delegate email account management responsibilities to another individual
Secure Messaging portal
The email appliance also provides the Secure Messaging end-user portal to allow an organization to maintain a secure area for its customers to view and manage messages that contain sensitive data. Customers can view received messages and reply to or forward a received message in this portal.
Forcepoint Email Security in Microsoft Azure
Forcepoint Email Security can be deployed in a Microsoft Azure public cloud environment. See
Installing Forcepoint Email Security in Microsoft Azure
. The following is required for Azure deployment:
A Microsoft Azure account (activated)
Microsoft Office 365 with Outlook
A virtual network (minimum supported size: /16) and subnet (minimum supported size: /24) in Azure with connectivity to on-premises resources through a site-to-site VPN
Resources installed on-premises: SQL Server and Forcepoint Security Manager
The preceding two items are only necessary if you are installing Forcepoint Email Security in Azure with Forcepoint Security Manager remaining on-premises. If you are installing both Email Security and Security Manager together in Azure, these two items are not needed.
Deploying Email Protection Solutions
> System requirements
Copyright 2023 Forcepoint. All rights reserved.