Deploying Forcepoint Email Security in Azure with Forcepoint Security Manager on-premises, version 8.5

Create a site-to-site VPN. See Microsoft documentation for more information.

Log into Azure Government, then click Create a resource.

In the Search bar, search for and select Forcepoint Email Security V8.5.

To create a new Forcepoint Email Security solution, click Create.

Alternatively, use this direct link to Forcepoint Email Security v8.5 and click Create.

The Basics tab displays.

In the text field Virtual Machine name, enter a name for the Forcepoint Email Security virtual appliance (VA).

The name must be between 3 and 30 characters long and contain only numbers, letters, and hyphens.

In the text fields Password and Confirm password, enter and confirm the password for connecting to the host.

The username is always “admin” on first login to Forcepoint Email Security. Additional accounts can be added later. The password must be a minimum of 12 characters and contain at least one number, one lowercase letter, one uppercase letter, and one special character.

From the pull-down menu Number of Virtual Appliances, select the number of VAs to use; between 1 and 7.

Forcepoint recommends using at least two VAs to ensure high availability. If only one VA is selected at this time, it is not possible to add additional VAs after deployment is complete. If two or more VAs are selected, additional VAs can be added at any point. See Add virtual machines to a Forcepoint Email Security in Azure deployment.

Load balancers are deployed by default when two or more VAs are used.

From the pull-down menu Subscription, select your subscription.

From Resource group, click Create new and enter a name for the new resource group.

A resource group is a container that holds related resources for an application. It will hold the Forcepoint Email Security VA. You must create a new resource group; using existing resource groups is not currently supported.

From the pull-down menu Location, select the location for the VA.

Click OK.

The settings are saved and the Virtual Machine Sizing tab displays.

From Virtual machine size, select the size of the VA you will need based on anticipated email volume, then click Select.

To locate a different size, click View all.

From Storage Account for Appliance, to use an existing storage account, click Use existing and select the storage account and disk type for the VA.

To create a new storage account,

Click Create new. The Create storage account tab displays.
On the Create storage account tab, configure the Name, Performance, and Replication settings and click OK. The new storage account is added.

From the Virtual Machine Sizing tab, click OK.

The settings are saved and the Network Configuration tab displays.

From Virtual Network, select your existing virtual network with site-to-site connectivity to the on-premises Forcepoint Security Manager and SQL Server. Use of a new virtual network is not supported.

From Subnets, select your existing subnet with site-to-site connectivity to the on-premises resources.

Use of a new subnet is not supported. The minimum supported size is /16 for the virtual network and /24 for the subnet. See Requirements.

From the Network Configuration tab, click OK.

The settings are saved and the Summary tab displays.

From the Summary tab, review a summary of the Forcepoint Email Security solution you are building, then click OK.

To change any configured settings, click one of the completed tabs. You will return to the Summary tab again after completing configuration.

Final validation is performed and the Buy tab displays.

On the Buy tab, review the Forcepoint Terms of Use, EULA, and Privacy Policy.

To create the Forcepoint Email Security solution in the Azure cloud infrastructure, click Create.

Forcepoint Email Security is a bring-your-own license VA, so there is no additional Azure Marketplace charge.

The system reports that it is creating the Forcepoint Email Security solution in the configured network. This process may take a few minutes.