The Forcepoint Network Security Platform solution consists of Security Engines and the Forcepoint Security Management Center (SMC). The SMC is the management component of the Forcepoint Network Security Platform solution.

Before installing Forcepoint Network Security Platform, identify the components of your installation and how they integrate into your environment.

The SMC is the management component of the Forcepoint Network Security Platform solution. The SMC manages and controls the other components in the system. You must install the SMC before you can install Security Engines.

After initial installation is complete, configure the SMC to allow adding the other components for your system.

Configuring engine elements in the SMC prepares the SMC to manage Security Engine with Layer 3 Interfaces.

Configuring engine elements in the SMC prepares the SMC to manage Security Engine in the IPS role.

Configuring engine elements in the SMC prepares the SMC to manage Security Enginew with the Layer 2 Engine role.

Configuring engine elements in the SMC prepares the SMC to manage Master Security Engines and Virtual Security Engines.

After creating the Security Engine elements and defining the interfaces, you can configure the basic routing.

After configuring the Security Engines in the SMC Client, apply the initial configuration of the Security Engine and contact the Management Server.

After successfully applying the initial configuration and establishing contact between the Security Engines and the Management Server, the Security Engine is in the initial configuration state. Now you can create and install policies for access control or inspecting traffic.

You must upgrade licenses if you upgrade the SMC, the SMC Appliance, or the Security Engines to a new major release.

When there is a new version available, upgrade the SMC before upgrading Security Engines.

The SMC Appliance has a specific patching process that keeps the SMC software, operating system, and appliance firmware up-to-date.

When a new version of Forcepoint Network Security Platform introduces features that you want to use, upgrade the Security Engines.

There are default ports used in connections between SMC components and default ports that SMC components use with external components.

There are command line tools for the SMC and the Security Engines.

You can install the SMC Appliance software as a virtual machine on virtualization platforms such as VMware ESX.

You can install the Security Engine software as a virtual machine on virtualization platforms such as VMware ESX or KVM.

You can install the Security Engine software on third-party hardware that meets the hardware requirements.

When you install the SMC, you can use certificates issued by an external CA for internal TLS communication between system components.

This example gives you a better understanding of how Security Engines with Layer 3 Interfaces fits into a network.

To give you a better understanding of how Security Engine in the IPS role fits into a network, this example outlines a network with IPS engines.

For planning the configuration of network interfaces for the engine nodes, use the worksheet.