Adding the Forcepoint Email Security manager or Email Log Server

• If installation files were saved after the initial installation, use the Forcepoint Security Setup link (on the Start screen or in the Start > Forcepoint menu) to start the installer without having to re-extract files.
• If the installation files were not saved, double-click the installer executable.

• Log Database IP Address: Enter the IP address of the database engine machine. If you want to use a named database instance, enter in the form <IP address>\<instance name>. Note that the instance must already exist. See your SQL Server documentation for instructions on creating instances.

  If the option to install SQL Server Express is available as part of the Forcepoint Security Installer, and you chose to install it, the Log Database IP address should be that of the Security Manager machine.

  Starting in version 8.5.4, more stringent connection string and certificate requirements are needed for establishing an encrypted connection with a SQL Server. Using an IP address is no longer supported for encrypted connections; you must use a hostname or a fully qualified domain name (FQDN) that matches the Common Name (CN) field on the certificate used by SQL Server, if using an encrypted database connection.

• You may specify whether the connection to the database should be encrypted.

  If you are using an encrypted connection, ensure that you use a hostname or FQDN for your Email Log Database that matches the CN field on the certificate that SQL Server is using.

  Please note the following issues associated with using this encryption feature:

  • By default, Email Log Server uses NTLMv2 to encrypt the connection.

    If you want to use SSL encryption, you must have imported a trusted certificate to the Log Server machine. See your database documentation for information about importing a trusted certificate.

  • The Bulk Copy Program (BCP) option for inserting records into the Log Database in batches cannot be used. Not using the batch method may affect Log Database performance.
  • The connection from the Forcepoint appliance to the Log Database cannot be encrypted. If you enable encryption for Log Database, you must disable the SQL Server force encryption feature.
• Database login type: Select how Email Log Server should connect to the database engine.
  • Windows authentication: connect using a Windows trusted connection.
  • Database account: connect using a SQL Server account.

    Then enter a user name and password.

  • If using a trusted connection, enter the domain\username of the account to be used. This account must be a trusted local administrator on the database engine machine.
  • If using a database account, enter the name of a SQL Server account. This account must have certain roles assigned; see Installing with SQL Server.

When you click Next, connection to the database engine is verified. If the connection test is successful, the next installer screen appears.

The path entered here is understood to refer to the machine on which the database engine is located. The path entered must specify a directory that already exists.

A default location for the Log Database is automatically shown. Information about the location of the database engine and connection credentials were entered when Forcepoint Infrastructure was installed on this machine. The Email Protection Solutions Installer reads this information from configuration files created by Forcepoint Security Setup.

It is a best practice to use the default location. If you want to create the Log Database in a different location (or if you already have a Log Database in a different location), enter the path to the database files.

The path entered here is understood to refer to the machine on which the database engine is located. The path entered must specify a directory that already exists.

Each component (Email Security module and/or Email Log Server) will be installed in its own folder under the parent folder you specify here.