Configuring the appliance in the Forcepoint Security Manager

Forcepoint Email Security steps

Some initial configuration settings are important for Forcepoint Email Security operation. Perform the following activities after you install the Forcepoint Email Security management components.
  1. Log on to the Forcepoint Security Manager and select Email. The Email module displays.
  2. At the prompt, enter your subscription key and click OK. The Configuration Wizard displays for first-time setup.

    If you skip this step, you can enter your subscription key later on the page Settings > General > Subscription.

  3. Use the Configuration Wizard to quickly configure certain settings before opening Forcepoint Email Security. See Using the first-time Configuration Wizard.
  4. Register the Forcepoint Email Security DLP Module.

    During installation in Azure, only one of your email VAs is registered to DLP; following installation, it is necessary to register the rest of your appliances.

  5. Navigate to General > Data Loss Prevention and verify which appliance is already registered. Next, register each additional appliance.

    The DLP Module can be registered at any point, but it is recommended to do this before any other configuration is completed. See Registering the DLP Module.

  6. Configure an appliance cluster.

    An appliance cluster is necessary when using load balancers, which are deployed by default for a deployment of Forcepoint Email Security in Azure with two or more VAs.

    Clustered appliances must all share the same platform; i.e., your Azure appliances cannot be clustered together with on-premises virtual appliances or physical appliances. Appliance clusters are not available for Forcepoint DLP Email Gateway.
    1. Navigate to Settings > General > Cluster Mode.
    2. Select the appliance mode Cluster (Primary).

      A Cluster Properties box opens with the primary appliance IP address displayed in the field Cluster communication IP address. Secondary appliances use this IP address for cluster communication.

    3. Click Add.

      The page Add Secondary Appliance displays, where you can designate the secondary appliances in this cluster.

      (Optional) Add a new appliance that is not already in this list; click Add New Appliance. The Add Appliance page displays.

    4. Click the arrow button to add the appliances to the Secondary Appliances list.
    5. Click OK. The appliance is added to the Secondary Appliances list along with its status.
    6. On the page Cluster Mode, click OK. The appliance is added to the cluster. See Configuring an appliance cluster.
  7. Configure the system to send email through Office 365 to Forcepoint Email Security in Azure.
    1. Navigate to Settings > Inbound/Outbound > Mail Routing.
    2. Select the default route.
    3. From Delivery Method, select SMTP server IP address.
    4. Under SMTP Server List, click Add.

    5. For Server Address, add the FQDN of your organization’s Microsoft Office 365 account. This is the same as the MX record of the Office 365-hosted domain. To find it:
      1. In the Office 365 Admin Center, select Settings > Domains.
      2. Select the domain name you configured for your organization.
      3. Under Exchange Online, you will see a row for MX. The MX record is listed in that row.
    6. For Port, enter 25.
    7. Enter a Preference.
    8. Click OK.
    9. Under Delivery Options, select Use Transport Layer Security (TLS).
    10. Click OK.
    11. Repeat this step for each Forcepoint Email Security VM you have.
  8. Specify an email address to which system notification messages should be sent. This is typically an administrator address. See Setting system notification email addresses.
  9. In the Email module, data loss prevention policies are enabled by default. To manage DLP policies, navigate to Main > Policy Management > DLP Policies > Manage Policies.
  10. In the Data module, you can view all of the VAs in the System Modules list. Select the Data tab and click Deploy.

    Click Help on any Forcepoint Security Manager page for help about the page. See Forcepoint DLP Email Gateway Help for complete information about the DLP Module.

Forcepoint DLP steps

These steps are necessary if you have existing DLP policies, or if Forcepoint Security Manager is deployed on-premises.
  1. From the Forcepoint Security Manager, select Data.
  2. Add the network email destination to any existing policies that should be used for this appliance.
  3. Click Deploy. No other configuration steps are required.

    A Forcepoint DLP Email Gateway module is shown on the System Modules page, as well as System Health and System Logs.

    Use the System Modules page to edit the display name or description for the appliance. If desired, you can balance the load on the gateway by selecting System Modules > Load Balancing and then editing the Forcepoint DLP Email Gateway module.

    Refer to Forcepoint DLP Administrator Help for more information.