Documentation | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Forcepoint Email Security Cloud: 2017 Release Notes : Previous updates
Previous updates
Withdrawal of support for 3DES and RC4 ciphers
Added 17-Oct-2017
In line with industry best practices, Forcepoint continually reviews and updates the security strength of encrypted email connections.
As part of this process, Forcepoint has now disabled the use of 3DES and RC4 ciphers in SMTP email connections that are made to and from the Forcepoint cloud email relays. Forcepoint has previously taken steps to avoid the use of these less-secure protocols and ciphers for SMTP connections.
This change also affects hybrid email customers who use the cloud email relays to accept inbound messages.
Please see the Tech Alert for this update here:
*
Update to Forcepoint Email Security Cloud - 3DES and RC4 ciphers, 01-Sep-2017.
Additional cloud delivery IP addresses
Added 10-Oct-2017
As part of a program of continual service improvement, Forcepoint routinely reviews service usage and upgrades capacity at our cloud data centers. As part of this process, additional message delivery IP addresses have been added for Forcepoint Email Security Cloud. The additional delivery IP addresses will help ensure messages are still delivered in the event a Forcepoint relay IP address is placed on a public Real-time Blacklist (RBL).
If your firewall policies only allow specific IP addresses for SMTP delivery, you should ensure that all Forcepoint Email Security Cloud IP subnets are permitted. Your current SPF record will continue to function, provided it is configured as per the instructions in the following Knowledge Base article: How do I set up an SPF record if my outbound email uses Forcepoint Email Security Cloud?
Email service IP addresses can be found in the Forcepoint Security Portal under Email > Settings > Service IP Addresses. IP addresses for Forcepoint cloud services are also listed in the following Knowledge Base article: Cloud service data center IP addresses and port numbers.
Please see the Tech Alert for this update here:
*
Update to Forcepoint Email Security Cloud delivery IP addresses, 01-Sep 2017.
Terms of use for administrators
Added 29-Jun-2017
The new Terms of use option allows you to display a page that requires administrators to agree to your company's terms of use before logging on to the Forcepoint Security Portal. The setting is configured on the Account > Contacts page under Administrator Account Management.
When enabled, this setting applies to all portal administrators. The next time portal administrators log on, they will be prompted to either accept your terms of use, or log off.
 
* 
Note 
By default, a generic "Agree to Terms of Use" block page is provided. Before enabling this feature, ensure you customize this page to include details of (or a link to) your company's terms of use.
See the Forcepoint Security Portal Help for details of how to customize block pages.
Enhanced email spoofing detection with DMARC
Added 01-Jun-2017
Forcepoint Email Security Cloud now offers Domain-based Message Authentication, Reporting and Conformance (DMARC) validation for incoming email messages from external domains.
The DMARC email validation system detects messages from external sources with forged sender addresses, providing increased protection against phishing and spam. DMARC is built on Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) validation, and allows the genuine owner of a domain to publish a policy that defines how the receiver should deal with spoofed messages.
When this feature is enabled, DMARC validation can be configured on the Antispam tab of your email policy. The Filter messages that spoof external domains option detects spoofed incoming messages that appear to be sent from legitimate external domains, but which fail DMARC validation.
Administrators can select the action to take when spoofed messages are detected, including applying the domain owner's policy, quarantining, discarding, or tagging the message subject line. An alternative action can be applied if the validation check fails to complete.
Messages that fail DMARC validation will appear in reporting with "Spoofed-External" as the Filtering Reason.
For more information on using DMARC validation, see the Forcepoint Email Security Cloud Help.
ISO 27018 certification for Forcepoint Cloud Protection Solutions
Added 01-Jun-2017
Forcepoint recently added ISO 27018 certification to its Cloud Trust Program, to provide a robust system of controls for privacy protection of personal data. This enhances the compliance of the cloud service with the General Data Protection Regulation (GDPR) that comes into effect in May 2018.
Forcepoint runs a dedicated Cloud Trust Program that encompasses ISO 27001, ISO 27018, and CSA STAR certifications with Service Organization Control (SOC) attestations. All Forcepoint cloud service certifications can be viewed in the Security Portal, under Help > Privacy & Security.
Product renaming
Added 20-Apr-2017
As part of a rebranding program for the Forcepoint product set, TRITON AP-EMAIL Cloud is now called Forcepoint Email Security Cloud.
You will see the new product name and logos within the cloud portal, which is now called the Forcepoint Security Portal (formerly the Cloud TRITON Manager).
The following Forcepoint Email Security Cloud product modules have also been changed:
*
Forcepoint Advanced Malware Detection for Email (formerly Threat Protection Cloud - Email, or Email Sandbox Module)
*
Forcepoint Email Security - Encryption Module (formerly Email Encryption Module)
*
Forcepoint Email Security - Image Analysis Module (formerly Email Image Analysis Module)
The new branding for all Forcepoint products can be seen at the Forcepoint website.
Phishing Education feature now generally available
Added 20-Apr-2017
The Phishing Education feature is now available to all subscribers of Forcepoint Email Security Cloud (formerly TRITON AP-EMAIL Cloud).
Raising awareness among an organization's end users about the characteristics of phishing email is an important corporate goal. The Phishing Education feature provides security to the enterprise as well as giving information to users on how to avoid becoming a victim of phishing, delivered in a way that ensures users will take notice.
When Phishing Education is enabled and configured, users who click a phishing link in an email are shown an administrator-customizable page that informs the user that the email was a phishing attack, and provides tips on how to avoid such attacks in future.
Phishing settings are configured on the Antivirus tab of your email policy. You can customize the page shown to users via Email > Policy Management > Block & Notification Pages.
Report Center package now available
Added 20-Apr-2017
The Report Center package, previously a limited availability feature, is now enabled by default for new accounts. If you would like to enable the advanced reporting package for your account, please contact Forcepoint Technical Support.
The Report Center provides a Report Catalog with a number of predefined reports covering common scenarios, and a Report Builder tool that can be used to create flexible, multi-level reports that allow you to analyze information from different perspectives and gain insight into your organization's email message trends. If a high-level summary shows areas of potential concern, you can drill down to find more detail.
For details of the Email Report Center, see the Forcepoint Email Security Cloud Help.
 
* 
Note 
Updated 30-Nov-2017: The Report Center package is now generally available for all Forcepoint Email Security Cloud customers. See Report Center package now generally available
Two-factor authentication for administrators
Added 02-Mar-2017
Two-factor authentication can now be enabled for portal users, providing an additional level of security for access to the cloud portal. When this feature is enabled, all administrators are required to enter both their password and a code generated by an authenticator app to access the portal.
 
* 
Note 
Compatible authenticator apps are available for Android, iOS, Blackberry, and Windows Phone. Desktop and browser-based apps are also available for Microsoft Windows, Mac OS, and Linux. Forcepoint validates this feature with the Microsoft Authenticator app, but alternative apps that use the Time-based One-time Password Algorithm (TOTP) protocol, such as Google Authenticator, are also supported.
Administrators can enable or disable two-factor authentication for portal administrators using the Account > Contacts page.
When users log on with two-factor authentication for the first time, a setup wizard guides them through the configuration process.
For portal users who are unable to use their authenticator app, two-factor authentication can be reset on the User page. This requires portal users to repeat the authenticator app setup process.
The process of enabling and using two-factor authentication is detailed in the Forcepoint Security Portal Help.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Forcepoint Email Security Cloud: 2017 Release Notes : Previous updates
Copyright 2017 Forcepoint. All rights reserved.