Installing supplemental Forcepoint DLP servers

Medium to large enterprises may require more than one Forcepoint DLP server to perform content analysis efficiently. Having multiple Forcepoint DLP servers allows your organization to grow, improves performance, and allows for custom load balancing.

Supplemental Forcepoint DLP server installations include:

  • A policy engine
  • Secondary fingerprint repository (the primary is on the management server)
  • Endpoint server
  • Optical Character Recognition (OCR) server
  • Crawler
Note: In production environments, do not install a Forcepoint DLP server on a Microsoft Exchange, Forefront TMG, or print server. These systems require abundant resources.

To install a supplemental server:

Steps

  1. Go to https://support.forcepoint.com/s/, and log in.
  2. Click Downloads.
  3. In Products, select Data Loss Prevention (DLP).
  4. Select DLP Core.
  5. On the list of installers, click Forcepoint Security Manager for DLP v10.3.
    Note: For older version installers, click Click here, and then select the installer from the desired version.
  6. On the Product Installer page, click Download.
    The Forcepoint Security Installer ForcepointDLP1030Setup.exe downloads.
  7. Launch the installer on a supported Windows server.
  8. Accept the license agreement.
  9. Select Custom.
  10. Click the Install link for Forcepoint DLP.
  11. On the Welcome screen, click Next to begin the installation.
  12. In the Destination Folder screen, specify the installation folder for the software.

    The default destination is C:\Program Files (x86)\Websense\Data Security. If another drive is larger than drive C, it is used instead. Large removable drives may be detected by the system as a local drive and used as the default. Do not install on removable media.

    Important: The full installation path must use only ASCII characters. Do not use extended ASCII or double-byte characters.
    Note: Regardless of what drive you specify, it must have a minimum of 4 GB of free disk space for the Forcepoint Security Installer.
  13. On the Select Components screen, select Forcepoint DLP Server.
  14. On the Fingerprinting Database screen, accept the default database location, or to choose a location other than the default shown, use the Browse button.
  15. On the Server Access screen, select the IP address to identify this machine to other components.
  16. On the Register with the Forcepoint DLP Server screen, enter:
    • The fully-qualified domain name (FQDN) of the management server
    • The credentials for a Forcepoint DLP administrator with System Modules permissions
  17. On the Local Administrator screen, supply a user name and password as instructed on-screen. The server/hostname portion of the user name cannot exceed 15 characters.
  18. If a Lotus Notes client is installed on this machine, the Lotus Domino Connections screen appears.

    To enable fingerprinting or discovery on the Domino server, complete the information on this page.

    Important:

    Before completing the information on this screen:

    • Create at least one user account with administrator privileges for the Domino environment. (Read permissions are not sufficient.)
    • Be sure that the Lotus Notes installation is done for “Anyone who uses this computer.”
    • Connect to the Lotus Domino server from the Lotus Notes client.
    1. On the Lotus Domino Connections page, select Use this machine to scan Lotus Domino servers.
    2. In the User ID file field, browse to one of the authorized administrator users, then navigate to the user’s user.id file.
      Note: Select a user that has permission to access all folders and Notes Storage Format (NSF) files of interest, otherwise certain items may not be scanned.
    3. In the Password field, enter the password for the authorized administrator user.
  19. On the Installation Confirmation screen, if all the information entered is correct, click the Install button to begin installation.

    Installation may seem to take a long time. Unless a specific error or failure message appears, allow the installer to proceed.

    If a message about needing port 80 or port 443 appears, click Yes to continue the installation.

    Clicking No cancels the installation.

  20. Once installation is complete, the Installation Complete screen appears. Click Finish.
  21. Log onto the Data Security module of Forcepoint Security Manager and click Deploy to fully connect the supplemental server with the management server.