documentsn.com

Forcepoint AppliancesSupported softwareForcepoint appliances support: Forcepoint Email Security with integrated data loss prevention Forcepoint Web Security with integrated data loss prevention Forcepoint URL Filtering — V5000 and VMware virtual appliances Forcepoint DLP Protector Mobile Agent Forcepoint DLP Cloud Email (Microsoft Azure)Forcepoint Email SecurityForcepoint Email Security provides comprehensive on-premises email security. Eachmessage is processed by a robust set of analytics to prevent infected and otherunwanted email from being delivered. Domain and IP address based message routingensures reliable, accurate delivery of email. The optional Forcepoint Email SecurityHybrid Module adds support for pre-filtering messages in the cloud. For moreinformation, see Deploying Email Protection Solutions in the ForcepointDeployment and Installation Center.Forcepoint Web SecurityForcepoint Web Security provides protection against malware entering the networkvia Web channels, such as HTTP, HTTPS, and FTP.Forcepoint Web Security: Performs real-time content analysis to discover malware and hidden threats. Can monitor traffic that uses any of more than 100 protocols. Provides highly-granular and flexible control of Internet access to enforce theprecise requirements of an organization’s Acceptable Use Policy (AUP) Can be used in combination with Forcepoint Web Security Cloud to providecloud-hosted Web protection to users working both within the organization’snetwork and outside the network—wherever the user is accessing the Internet.For more information, see Deploying Web Protection Solutions in the ForcepointDeployment and Installation Center.Forcepoint URL FilteringForcepoint URL Filtering provides granular and flexible control of Internet access toenforce the precise requirements of an organization’s Acceptable Use Policy (AUP).Features include:2 Forcepoint Appliances: Getting Started

Forcepoint Appliances Granular Web security policy controls More than 120 Web security and content categories Custom allow/deny filters enforced 24/7 or adjusted by time and day Time quotas with multiple authentication options for users and groups Granular user behavior analysis reporting with more than 60 predefinedreports, and support for role-based accessForcepoint DLPImportantInformation about Forcepoint DLP appliances is notincluded in this guide. See the Forcepoint DLP section ofthe Forcepoint Documentation page.Forcepoint DLP protects organizations from information leaks and data loss. It canoperate alone in the network, or can be paired with Forcepoint Web Security,Forcepoint Email Security, or both.Forcepoint DLP Network prevents data loss through email and over Web channels. Itincludes Forcepoint DLP Cloud Email, deployed in Microsoft Azure. It provides DLPpolicy enforcement for Microsoft Exchange Online.The protector appliance intercepts and analyzes traffic on a variety of channels, suchas email, HTTP, and FTP. (HTTP traffic is monitored but not enforced.)The mobile agent appliance can be configured to secure email content that issynchronized to a user’s mobile devices via Exchange ActiveSync. This includescontent in email messages, calendar events, and tasks.Forcepoint DLP includes an analytics engine that identifies and ranks high-riskincidents. It consumes incidents generated by DLP policies and reports on those withthe highest data loss or data theft risk score.Forcepoint Data Discovery is used to learn the location of sensitive data withinon-premises data centers and cloud hosted applications. It can be configured to scandata on file servers, email servers, databases, and content collaboration applications.Forcepoint DLP Endpoint prevents data loss over endpoint channels such asremovable storage devices, mobile devices, browser uploads, email clients, andapplications. It can also discover and remediate sensitive data stored on laptop anddesktop systems.For more information, see the Forcepoint DLP Deployment Guide (PDF).Forcepoint Appliances: Getting Started 3

Forcepoint AppliancesAppliance platformsForcepoint appliance platforms include: V Series hardware X Series hardware VMware ESXi virtual appliance Microsoft Azure cloud-hosted applianceNOTE: If you are running Forcepoint Email Security in Azure, use the Cinterface IP address, as Forcepoint Email Security in Azure only supports asingle interface.V Series1 rack-unit form factorSee the V-Series Appliance datasheet (PDF) for specifications of the current model.Models supported with version 8.5.x: V20000 G1 (Forcepoint Web Security, Forcepoint Email Security) V10000 G4 V10000 G4R2 V10000 G3 (supported in versions 8.5.0 and earlier) V10000 G3R2 (supported for 8.5.3 and earlier)All V20000 and V10000 models support Forcepoint Web Security or ForcepointEmail Security V5000 G4R2 V5000 G3 (supported for 8.5.3 and earlier) V5000 G2R2 (supported in versions 8.5.0 and earlier)All V5000 models support Forcepoint Web Security, Forcepoint URL Filtering, orForcepoint Email SecurityV Series Hardware SetupX Series10 rack-unit form factor; chassis hosts up to 16 X10G blade serversSee the X-Series Appliance datasheet (PDF) for specifications of the current model.Models supported with version 8.5.x: X10G G2 blade server X10G G1 blade server (supported for 8.5.3 and earlier)All X10G models support Forcepoint Web Security or Forcepoint Email SecurityX Series Hardware Setup4 Forcepoint Appliances: Getting Started

Forcepoint AppliancesForcepoint Virtual AppliancesESXi VMware8.5.0 and 8.5.3 VMware virtual appliances are certified with ESXi v6.0, andsupported on v5.5 and other versions of 6.5.8.5.4 VMware virtual appliances are certified and supported with ESXi 6.0/6.5/6.7,and supported with ESXi 7.0.Supported Forcepoint solutions Forcepoint Email Security Forcepoint Web Security Forcepoint URL FilteringForcepoint Email Security VM specificationsThe install OVA creates a virtual machine with the following specifications: 6 CPU cores 12 GB RAM 1 - 235 GB disk 1 - 100 GB disk 4 - E1000 virtual network interfaces (one reserved port)ImportantBeginning in v8.5.0, the CPU cores and RAM allocationcan be increased. Disk size and network interface cannotbe changed.Network interfacesAll VMware virtual appliances come with 4 virtual Ethernet interfaces.C — Supports appliance management communicationP1, P2 — Support MTA trafficN — ReservedForcepoint Web Security and Forcepoint URL Filtering VM specificationThe install OVA creates a virtual machine with the following specifications: 6 CPU cores 12 GB RAM 1 - 128 GB disk 1 - 129 GB diskForcepoint Appliances: Getting Started 5

Forcepoint Appliances 4 - E1000 virtual network interfaces (1 reserved port)ImportantBeginning in v8.5.0, the CPU cores and RAM allocationcan be increased. Disk size and network interface cannotbe changed.Network interfacesAll VMware virtual appliances come with 4 virtual Ethernet interfaces.C — Supports appliance management communicationP1, P2 — Support Content Gateway web proxy trafficN — Reserved; Network Agent and the Content Gateway decryption mirror portfeature are not supported on VMware virtual appliances in v8.5.0.Forcepoint Virtual Appliance SetupDecryption Port Mirror ExpansionIn X Series appliances with the switch configuration port installed, the decryptionmirror port expansion allows you to use the CLI or the API to enable the N interfaceas an SSL mirror port rather than a Network Agent port.FeaturesPlatform hardeningThese measures harden all Forcepoint V Series, X Series, and Virtual Appliances: CentOS operating system -- Base operating system, Forcepoint Email Securitycontainer, and Web protection containers (Web, Proxy, Network Agent) Appliances version 8.5.0: CentOS 7.4 Appliances version 8.5.3: CentOS 7.5 Appliances version 8.5.4: CentOS 7.7 SELinux enabled (not enforcing) Apache Tomcat removedCommand-line interfaceAll Forcepoint appliances share a common command-line interface (CLI) thatsupports all appliance management functions, including monitor, configuration, andtroubleshooting.6 Forcepoint Appliances: Getting Started

Forcepoint AppliancesAfter initial appliance configuration, performed with the firstboot wizard, the CLIcan be accessed via SSH and a terminal emulator such as PuTTY. In addition, V Seriesand X Series appliances can access the CLI through the Virtual Console feature of theintegrated Dell Remote Access Controller (iDRAC), or by attaching a keyboard andmonitor directly to the appliance. On VMware virtual appliances, the CLI can also beaccessed in the vSphere Client.The CLI has 3 modes: view, config, and diagnose.For more information, see the Forcepoint Appliances CLI guide.Forcepoint Security Appliance ManagerThe Forcepoint Security Appliance Manager is a centralized management console forForcepoint V Series, X Series, and Virtual Appliances. FSAM does not support DLPAnalytics Engine Virtual Appliances.For more information, see the Forcepoint Security Appliance Manager guide.Custom appliance user account managementCustom appliance accounts can be created, allowing for more accurate usermanagement and audit logging. Audit users can view configuration information;admin users can view and edit configuration information, and super admin users canalso create, delete, and update user accounts. Multiple account instances can becreated for specific roles.RoleDescriptionWebEmailDatasuper-admin (admin)userAdministrators with this permission can createand delete accounts and set passwords. Seenote below. custom admin userAdministrators with this permission can viewand edit configuration information. audit userAdministrators with this permission can viewconfiguration information. custom audit userAdministrators with this permission can viewconfiguration information. Forcepoint Appliances: Getting Started 7

Forcepoint AppliancesNoteThe super-admin (admin) user and the audit user do notaffect Web, Email, or Data any differently than they did inv8.2.Since the custom admin user and the custom audit userbehave in the same way as the super-admin and auditusers, they do not affect Email, Web, or Data, except thatEmail, Web and Data now have additional accounts.Forcepoint appliance platform APIAll configuration, management, and troubleshooting functions are supported by aREST API that is used by all Forcepoint appliance platforms and tools. The CLI usesthe REST API, as does the Forcepoint Security Appliance Manager.Basic and Certificate Authentication are supported in the appliance API.Stacking module on X10GThe Dell stacking module is supported on the X10G appliance as a hardware add-on.This will allow X10G deployment with the same switch-level High Availability (HA)compliance. For installation instructions, see the X10G Switch Stack ModuleInstallation Guide.10GBe PCI NIC on V10KThe Dell 10GBe PCI NIC is supported on the V10K appliance as a hardware add-on,allowing the V10K to be deployed into a pure fiber network. For installationinstructions, see the V10K 10GBe PCI NIC Installation Guide.DeploymentForcepoint security s vary from small to very-large. In deployments that includeForcepoint appliances, several off-appliance servers are used to host the ForcepointSecurity Manager and related infrastructure, the Log Server, and an Enterpriseinstallation of Microsoft SQL Server.Deployment is discussed in detail in Deploying Forcepoint Appliances, page 11.Configuration and managementForcepoint appliances are configured and managed with the command-line interface(CLI), the Forcepoint Security Appliance Manager, and the appliance API.8 Forcepoint Appliances: Getting Started

Forcepoint AppliancesConfiguration and management activities generally include: Setting, synchronizing, and monitoring the system time and date Configuring network interfaces Defining a filestore location and filestore name alias Configuring the STP bridge, if used (X Series only) Defining static routes, as needed Optionally, enabling and configuring SNMP traps Monitoring system performance Reviewing system log files Installing upgrades and hotfixes Following your upgrade, it is necessary to install the latest hotfix for yourversion. See the Forcepoint Downloads page to download the hotfix. Scheduling and performing backups Enabling and disabling logon accounts, as needed Running system diagnostics, as neededFor detailed information, see the Forcepoint Appliances CLI Guide.DocumentationForcepoint appliance documentation includes: This guide — Forcepoint Appliances Getting Started Forcepoint Appliances Release Notes Forcepoint Appliances CLI Guide Forcepoint V Series, X Series, and Virtual Appliance Upgrade Guide V Series Upgrade Guide V Series: Upgrading DUAL MODE Appliances to Version 8.5 V Series Quick Start Posters X Series Upgrade Guide X Series Quick Start Poster X Series Switch Configuration Guide X Series Fiber Optics KitAll Forcepoint documentation, including documents specific to Forcepoint EmailSecurity, Forcepoint Web Security, Forcepoint URL Filtering, and Forcepoint SecurityManager can be accessed at support.forcepoint.com/documentation.See, also, the Forcepoint knowledge base. Go to www.support.forcepoint.com anduse Search.Forcepoint Appliances: Getting Started 9

Forcepoint Appliances10 Forcepoint Appliances: Getting Started

2Deploying ForcepointAppliancesGetting Started Guide Deploying Forcepoint Appliances Version 8.5.xRelated topics: Deployment planning, page 11 Deployment big picture, page 13 Deployment activity summary, page 21 Forcepoint appliance installation summary, page 21This guide provides general information about Forcepoint appliances, as well asin-depth information about deploying Forcepoint appliances with Forcepoint EmailSecurity, Forcepoint Web Security, and Forcepoint URL Filtering. For detailed information about Forcepoint DLP on Forcepoint appliances,including Forcepoint DLP Cloud Email, see the Forcepoint DLP section of theForcepoint documentation page. For detailed information about Forcepoint Web Security Cloud with I Seriesappliance, see the Forcepoint I Series Appliance section of the Forcepointdocumentation page.ImportantBefore deploying Forcepoint technologies, work with yourForcepoint distributor and Forcepoint Sales Engineer tocreate a deployment plan. A vetted deployment plan is thebest preparation for a trouble-free deployment that deliversthe results you expect.Deployment planningA detailed deployment plan is essential to achieving an efficient, trouble-freedeployment. If the deployment is large or complex, engage your Forcepoint distributorand Forcepoint Sales Engineer for assistance.Forcepoint Appliances: Getting Started 11

Deploying Forcepoint AppliancesA complete deployment plan includes:1. A list of Forcepoint security technologies to be deployed, their components,where the components are installed, and their requirements and dependencies,including version compatibility with other components, host operating system,and third-party software components.2. A careful estimate of the computer and network resources needed to meetyour performance requirements, and that meet the requirements of thetechnologies to be deployed.3. A plan for the location of physical equipment and its placement in the network,including subnetting and reserved IP addresses.4. An understanding of point-to-point network port requirements, firewall rules,routing, and other network configuration provisions.5. A configuration plan for your Forcepoint security solutions (web, email, DLP,and end points) that defines needed policies and rules.6. If using X Series equipment, special arrangements need to be made for takingdelivery of the hardware. Due to its size and weight, X Series has specialrequirements. See Receiving and racking the hardware, page 30, in this guide.Use the following resources in the preparation of your deployment plan. This guide The Forcepoint Deployment and Installation Center, including: Deploying Email Protection Solutions Deploying Web Protection Solutions Planning Forcepoint DLP Deployment Forcepoint system requirements Review the list of Default ports for on-premises Forcepoint solutionsThe Forcepoint appliances documentation set, which can be accessed in theForcepoint Appliances section of the Forcepoint documentation page. Locate theplatform of interest (e.g., Forcepoint V10000 Appliance) and select the versionyou are deploying. Of particular interest are: This guide Hardware setup posters X Series Switch Configuration Guide (X Series deployments only) Release notes12 Forcepoint Appliances: Getting Started

Deploying Forcepoint AppliancesDeployment big pictureIn this section: Required off-appliance components, page 14 Web protection deployments, page 15 Forcepoint Email Security deployments, page 20Forcepoint deployments can include any or all of these Forcepoint solutions: Forcepoint DLP Forcepoint Web Security, with or without hybrid cloud web protection services Forcepoint Email Security, with or without hybrid cloud email protection services Forcepoint EndpointImportantForcepoint appliances are one component of a completeForcepoint security solution.When you are ready to begin deployment, be sure to startwith the installation guides for your Forcepoint securitysolutions. Those guides link to this guide for appliancesetup and initial configuration activities.See these topics in the Forcepoint Deployment and Installation Center to becomefamiliar with the details of Forcepoint deployments. Deployment planning for Forcepoint solutions System requirements Default ports for on-premises Forcepoint solutionsForcepoint Web Security and Forcepoint URL Filtering Deploying Web Protection Solutions Deploying Forcepoint Web Security in a distributed enterpriseForcepoint Email Security Deploying Email Protection SolutionsForcepoint DLP Planning Forcepoint DLP Deployment InstallingForcepoint DLP AgentsForcepoint Appliances: Getting Started 13

Deploying Forcepoint AppliancesRequired off-appliance componentsAll deployments include several off-appliance servers that host additionalcomponents. A Windows Server to host the Forcepoint infrastructure, including the ForcepointSecurity Manager. The Forcepoint Security Manager supports configuration andmanagement of your Forcepoint solutions. This server is sometimes referred to asthe Forcepoint management server. Web protection solutions locate several additional components on the Forcepointmanagement server, or on a separate Windows or Linux server. Web and email deployments require a Windows Server to host the Log Serverservice. Log Server manages the handling of log data with the SQL Serverdatabase and with Forcepoint reporting services. Data, web, and email solutions require a Windows Server to host an instance ofMicrosoft SQL Server. SQL Server supports the Forcepoint Log Database. Forcepoint Email Security deployments require a mail server.For server specifications, see System requirements in the Deployment andInstallation Center.ImportantAll components in the deployment, including thoserunning off-appliance, must run the same version ofForcepoint software.Forcepoint infrastructureForcepoint security infrastructure is made up of many components, including a webbrowser-based graphical user interface and logging and reporting components.Services include: Forcep

Jun 08, 2020 · Forcepoint appliances are purpose-built machines for core components of Forcepoint DLP, Forcepoint Email Security, Forcepoint Web Security, and Forcepoint URL Filtering. Forcepoint appliances are security-hardened (see Platform hardening and optimized for performance, reliability, and ease of use.File Size: 1MBPage Count: 72