Setting up an encrypted database connection

You can choose to encrypt the database connection during email product installation. If you did not select this option at product installation, you can configure an encrypted connection in the Log Server Configuration utility.
Important: To use SSL encryption, you must have imported a trusted certificate to the Log Server machine. See your database documentation for information about importing a trusted certificate.

The Bulk Copy Program (BCP) option for inserting records into the Log Database in batches cannot be used. Not using the batch method may affect Log Database performance.

The connection from the Email Security module on the Forcepoint Security Manager to an email appliance cannot be encrypted. If you enable encryption for Log Database, you must disable the SQL Server force encryption feature. See your Microsoft SQL Server documentation for details.

Click the Connection button on the Database tab of the Email Log Server Configuration utility to create a new data source. Use the following steps to establish an encrypted database connection:

Steps

  1. In the Select Data Source dialog box, select the tab Machine Data Source.
  2. Click New.

    The Create New Data Source dialog box displays.

  3. Select the System Data Source option and click Next.
  4. Select SQL Server and click Next.
  5. In the Create a New Data Source to SQL Server dialog box, enter a name and description for your new data source in the Name and Description fields.
  6. Select the SQL Server to which you want to connect in the pull-down menu Server and click Next.
  7. Choose SQL Server authentication.
  8. Ensure the check box Connect to SQL Server is marked and enter the appropriate SQL Server login ID and password.
  9. Click Next.
  10. Change the default database to your new data source; mark the check box Change the default database to and select the database in the pull-down menu.
  11. Click Next.
  12. Mark the check box Use strong encryption for data.
  13. Click Finish.
  14. Stop and restart Log Server via the Connection tab after making this and any other changes in the configuration utility.

    See Stopping and starting Log Server.