Step 4: Install Web management components

The following Forcepoint Web Security components are available for installation on a management server:

• Security Manager (Web module) must be installed. It is selected by default and cannot be deselected. The other components shown are optional for this machine.
• Sync Service typically does not run on the management server. It is a required component if you have the Web Hybrid module, but it typically resides on the Web Log Server machine.
  Note: Although Sync Service and the Web Log Server may be installed on the management server, they consume considerable system resources. For Forcepoint Enterprise deployments, it is recommended to install these components on another machine. See Install Web Log Server.
• Select Linking Service if your subscription includes both a Web and Data solution.
  Important:

  Filtering Service must be installed in your network before you install Linking Service. In an appliance-based deployment, Filtering Service is installed on all Web appliances (full policy source, user directory and filtering, and filtering only). In a software-based deployment, it is recommended that you install Filtering Service with Policy Broker and Policy Server on another separate machine from the management server, as Filtering Service can consume considerable system resources and may have a performance impact on the management server. Large or distributed environments may include multiple Filtering Service instances.

  You can return to the management server at a later time and install Linking Service if required.

• Real-Time Monitor is optional. It is typically installed on the management server, but can be located elsewhere. Install no more than one instance of Real-Time Monitor for a Policy Server instance. In most cases, only one instance of Real-Time Monitor is required per deployment.
• Policy Broker and Policy Server are typically already installed on a separate machine, and should not be selected again.