Managing appliances
Before adding an appliance to the Email Security module, it is necessary to install and configure a Forcepoint appliance. Interface information includes IP address, subnet mask, default gateway, and up to three DNS server IP addresses. See the Forcepoint Appliances Getting Started Guide.
Forcepoint Email Security may be deployed as a virtual appliance. See the Forcepoint Appliances Getting Started Guide for complete information about deploying and configuring a virtual appliance.
Beginning with version 8.5, Forcepoint Email Security may be deployed on a virtual appliance in Microsoft Azure. See Installing Forcepoint Email Security in Microsoft Azure for more information.
You can configure a primary, secondary, and tertiary DNS server, with the secondary and tertiary servers being optional entries.
When it starts, the email appliance polls each DNS server to determine which has the lowest latency level. That server is selected as the “primary” server for DNS queries, regardless of its designation. The other servers may be used for subsequent queries based on the network connection status of the primary server.
If you change either the appliance hostname or C interface IP address on the appliance, you must make the same change on the page . The Email Security module does not detect this change automatically.
Email traffic is usually routed through dedicated appliance interfaces (E1/E2). However, to route traffic through the C interface (for example, to transfer log data to a SIEM server), you need to define a route using the appliance CLI. It is necessary to stop and restart email security services on the appliance each time you add or delete a route on the appliance.
If you are running an Azure deployment, it is necessary to use the C interface for all email traffic.