Installing the Email Security module of the Security Manager

Applies to:
  • Forcepoint Email Security, v8.5.x

When installing the Email Security module of the Security Manager, the option is provided to also install Email Log Server.

It is assumed you have reached this point by starting a Forcepoint Security Manager installation and selecting the Email Security module. If not, see Creating a Forcepoint management server.
  1. Once the Email Installer is launched, the Introduction screen appears, click Next to begin installation.
  2. On the Select Components screen, choose whether to install Email Log Server on this machine and then click Next.
    The Email Security module of the Security Manager will be installed automatically. You cannot deselect it.
    Note: If you do not see the Email Security module on this screen, the Forcepoint Management Infrastructure was not detected by the installer. The Forcepoint Management Infrastructure must be installed already to be able to install the email management components.

    Email Log Server is selected for installation by default. To install the Email Log Server, SQL Server or SQL Server Express must already be installed and running in your network (see System requirements for this version, for supported versions of SQL Server). If you chose to install SQL Server Express, if available, during Forcepoint Management Infrastructure installation, then it is already installed on this machine.

    Starting in version 8.5.4, more stringent connection string and certificate requirements are needed for establishing an encrypted connection with a SQL Server. Using an IP address is no longer supported for encrypted connections; you must use a hostname or a fully qualified domain name (FQDN) that matches the Common Name (CN) field on the certificate used by SQL Server, if using an encrypted database connection.

    If you choose to install Email Log Server, the Email Log Server Configuration utility is also installed. This utility can be accessed by selecting Start > Forcepoint > Email Log Server Configuration.

    You can install the Email Log Server on another machine; it is not required to be installed on the same machine as the Security Manager. To install Log Server on a different machine, deselect the Email Log Server option here (in the Select Components screen) and complete the installation. Then run Forcepoint Security Installer on the machine on which you want to install the Email Log Server. Perform a custom installation of email protection components to install Email Log Server (see Installing email protection components).
    Note:

    Should you have occasion to uninstall the Email Log Server, be aware that this operation may not remove the Log Database when the Log Server is installed on a different machine from the Security Manager.

    To resolve this issue, delete the following items manually in Microsoft SQL Server after the Email Log Server is uninstalled:

    Tables:

    \\Database\\esglogdb76

    \\Database\\esglogdb76

    Jobs:

    \\SQL Server Agent\\Jobs\\ ESG_ETL_Message_Insert_Job

    \\SQL Server Agent\\Jobs\\ ESG_ETL_Message_Process_Job

    \\SQL Server Agent\\Jobs

    \\ESG_ETL_Message_Summary_Address_Job

    \\SQL Server Agent\\Jobs\\ ESG_ETL_Message_Summary_Job

    \\SQL Server Agent\\Jobs\\ ESG_ETL_Message_Update_Job

    SQL Server Agent\\Jobs\\ ESG_Maintenance_Job

  3. On the Email Log Database screen, specify the IP address or IP address and instance name (format: IP address\instance) for the email Log Database.

    You may specify whether the connection to the database should be encrypted.

    If you are using an encrypted connection, ensure that you use a hostname or FQDN for your Email Log Database that matches the CN field on the certificate that SQL Server is using.

    Please note the following issues associated with using this encryption feature:
    • By default, Email Log Server uses NTLMv2 to encrypt the connection. To use SSL encryption, you must have imported a trusted certificate to the Log Server machine. See your database documentation for information about importing a trusted certificate.
    • The Bulk Copy Program (BCP) option for inserting records into the Log Database in batches cannot be used. Not using the batch method may affect Log Database performance.
    • The connection from the Forcepoint appliance to the Log Database cannot be encrypted. If you enable encryption for Log Database, you must disable the SQL Server force encryption feature.

      Designate the login type for the database, either Windows authentication or SQL authentication.

  4. On the Email Database File Location screen, specify where database files should be located and then click Next.

    This screen appears only if you chose to install the Email Log Server.

    The path entered here is understood to refer to the machine on which the database engine is located. The path entered must specify a directory that already exists.

  5. On the Email System Credentials screen, specify the server name or domain name of the management server, along with the user credentials to be used by Forcepoint Security Manager components when running services. Specify the User name and Passwordof the account to be used by the Security Manager.
  6. On the Email Appliance screen specify the Email appliance to be managed by this installation of the Security Manager and then click Next.

    Enter the IP address of the Email appliance. You must specify an IP address only. Do not use a fully-qualified domain name (FQDN).

    When you click Next, communication with the specified appliance will be verified. Communication may be unsuccessful if:
    • Subscription key has already been applied to the appliance (typically meaning another installation of the Security Manager has been used to manage the appliance). Resolve this issue in one of the following ways:
      • Reset the subscription key on the appliance.
      • If the Appliance network communication popup message appears, click OK and enter your subscription key in the appropriate entry field.
    • Version of software to be installed does not match the version of the appliance. Verify whether the versions match.
    • Specified appliance is a secondary appliance in a cluster. Specify the primary appliance in the cluster or a non-clustered appliance.
    • The appliance cannot connect to the specified database server (specified during product installation).
    • Firewall is blocking communication to the appliance on port 6671. Make sure any local firewall allows outbound communication on port 6671.
    • Appliance P1/E1 interface has not been correctly configured in the Appliance manager.
  7. On the Installation Folder screen, specify the location to which you want to install Email module components and then click Next.

    To select a location different than the default, use the Browse button.

    Each component (Email Security module and/or Email Log Server) will be installed in its own folder under the parent folder you specify here.

  8. On the Pre-Installation Summary screen, review your settings for the components to be installed. If they are correct, click Install.

    Click Back to return to any screen on which you want to modify settings.

  9. The Installing Email Protection Solutions screen appears, as components are being installed.
  10. Wait until the Installation Complete screen appears, and then click Done.
  11. The Forcepoint Security Setup program closes. Installation is complete.