EasyManua.ls Logo

Forcepoint V5000 G2 - User Manual

Forcepoint V5000 G2
2 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
Loading...
To rack the V5000 appliance, use a rack tray (not included).
1. Obtain a rack tray and install into desired server rack.
2. Place appliance on tray
and secure to server rack
using mounting screws on
front of appliance.
2
Rack Installation
©2018 Forcepoint LLC. All rights reserved.
Quick Start Guide
Forcepoint V5000 G2/G3
Web or Email Security Appliance
Connect the appliance interfaces required by the security mode for this appliance. Cat 5E cables (or
better) are required. Do not use crossover network cables.
Contact Forcepoint Technical Support if any items are missing.
Optional Sliding Ready Rail Kit available. Contact your Forcepoint
account representative.
Optional DIMM Kit available (Forcepoint V5000 G2R2 Appliance
only). Contact your Forcepoint account representative.
Bezel (faceplate)
Ethernet Cables (4)
Power Cable
Serial Cable
Power on the appliance and check the following indicators:
Contact Forcepoint Technical Support if any indicators are not
illuminated correctly.
6
Power On Appliance
Front
Power button is illuminated.
Rear
LEDs for connected interfaces (NICs) are green.
System status indicator (LED left of power supplies) is solid
blue.
Please refer to the Forcepoint Appliances Getting Started guide
for more details.
Initial Configuration
Firstboot Script
Configure security mode.
Configure the appliance management communication
interface (C).
Configure NTP servers/system time.
Appliance Command Line
Configure applicable network interfaces.
Configure other settings as desired.
Web Mode
Forcepoint Security Manager
Enter subscription key, update Master Database, configure
Network Agent, and configure policies in Forcepoint
Security Manager.
Requires Windows Server 2008 R2 or Windows Server
2012 or 2012 R2, or Windows Server 2016.
Content Gateway Manager (proxy)
If your site uses the Forcepoint proxy, configure user
authentication and select protocols.
Email Mode
Forcepoint Security Manager
Complete configuration wizard, enter subscription key, and
configure policies in the Email Security module. Configure
email DLP policies in the Data Security module.
Requires Windows Server 2008 R2 or Windows Server
2012 or 2012 R2, or Windows Server 2016.
QSG210-100_RevJ
*Not used for Forcepoint URL Filtering.
7
4
1
Connect a computer to serial port using null
modem cable (provided). Or, connect a terminal
server to serial port using a straight-through
cable (not provided). Serial port settings are:
9600 baud, 8 bits, no parity.
Connect a monitor and keyboard to appliance,
either directly or through a KVM (keyboard/
video/mouse) switch.
Serial Port Connection Keyboard/Monitor Connection
OR
5
Connect Input Device & Power On
Configuration Overview
Connect Network Cables
Verify Contents
Plan your deployment before setting up the appliance. See the
back of this guide for a deployment overview and reference sheet.
Before you begin...
The appliance supports the following security modes:
3
Determine Security Mode
Based on your subscription and deployment plan, determine the appropriate security mode for this
appliance.
• Web (Forcepoint Web Security or Forcepoint URL Filtering)
• Email (Forcepoint Email Security)
Question and Answer IconNeed help?

Do you have a question about the Forcepoint V5000 G2 and is the answer not in the manual?

Summary

Verify Contents

Contents Verification

Check included items like Ethernet, Power, Serial cables, and bezel for completeness.

Rack Installation

Appliance Mounting

Secure the appliance to a rack tray using mounting screws on the front.

Determine Security Mode

Supported Security Modes

Choose between Web Security or Email Security mode based on subscription.

Connect Network Cables

Port Configuration for Security Modes

Connect required ports (C, P1, N) based on Web or Email security mode.

Connect Input Device & Power On

Serial Port Connection

Connect a computer or terminal server via null modem or straight-through cable.

Keyboard;Monitor Connection

Connect a monitor and keyboard directly or via KVM switch.

Power On Appliance

Power On Indicators

Verify power button and rear LEDs (NICs, system status) are illuminated.

Configuration Overview

Initial Configuration Steps

Configure security mode, management interface, NTP, and network interfaces.

Web Mode Configuration

Configure Forcepoint Security Manager and Content Gateway Manager.

Email Mode Configuration

Configure Forcepoint Security Manager and email DLP policies.

Overview

  1. Function Description
  2. Usage Features
  3. Initial Setup and Configuration
  4. Management and Policy Enforcement
  5. Deployment Flexibility
  6. Maintenance Features

The Forcepoint V5000 G2/G3 is a security appliance designed to provide either web or email security, depending on the chosen configuration. It supports two primary security modes: Web (Forcepoint Web Security or Forcepoint URL Filtering) and Email (Forcepoint Email Security). The appliance's function is to act as a central point for managing and enforcing security policies for network traffic.

Function Description

In Web mode, the appliance acts as a Content Gateway proxy, receiving and processing Internet requests. It works in conjunction with Forcepoint Security Manager to enforce web security policies, filter URLs, and manage user access to web content. The appliance handles database downloads from the Internet to keep its security definitions up-to-date.

In Email mode, the appliance is designed to receive and send mail, providing Forcepoint Email Security. It manages personal email and cluster communication, and requires access to a mail server for full functionality. Similar to web mode, it integrates with Forcepoint Security Manager to enforce email security policies, including Data Loss Prevention (DLP) policies.

The appliance uses various network interfaces to perform its functions:

  • Interface C (Appliance Management Communication Interface): This interface is crucial for communication with other Forcepoint components, including Forcepoint Security Manager. It also handles database downloads from the Internet, ensuring the appliance has the latest security intelligence.
  • Interfaces P1 and P2 (Content Gateway / Forcepoint Email Security Interfaces):
    • In Web mode, these interfaces enable the Content Gateway proxy to receive Internet requests and communicate with web servers.
    • In Email mode, they enable Forcepoint Email Security to receive and send mail, facilitate personal email management, and support cluster communication. These interfaces require access to a mail server.
  • Interface N (Network Agent Interface): This interface allows the Network Agent to monitor Internet requests. It should be connected to a switch port, and if sending blocking information, it should be connected to a bidirectional span, monitor, or mirror port on the switch.

Usage Features

The V5000 G2/G3 appliance is designed for integration into a network infrastructure, often alongside a separate computer running Windows Server for the Forcepoint Security Manager.

Initial Setup and Configuration:

  1. Physical Installation: The appliance is designed for rack installation using a rack tray (not included). Mounting screws secure it to the server rack.
  2. Content Verification: Upon receipt, users should verify that all components are present, including Ethernet cables, a power cable, a serial cable, and the bezel (faceplate). Missing items should be reported to Forcepoint Technical Support. Optional components like a Sliding Ready Rail Kit and a DIMM Kit (for G2R2 appliances) are available.
  3. Security Mode Determination: Before deployment, the appropriate security mode (Web or Email) must be determined based on the subscription and deployment plan.
  4. Cable Connections:
    • Network cables (Cat 5E or better) are connected to the required interfaces (C, P1, N for Web; C, P1 for Email). Crossover cables should not be used.
    • An input device (computer via serial port or monitor/keyboard via KVM) is connected for initial configuration. Serial port settings are 9600 baud, 8 bits, no parity.
  5. Power On: After connecting cables, the appliance is powered on. Users should check indicators: the power button should be illuminated, connected NIC LEDs should be green, and the system status indicator (left of power supplies) should be solid blue. Any unilluminated indicators require contacting Forcepoint Technical Support.
  6. Firstboot Script: The initial configuration involves running a firstboot script to:
    • Configure the security mode.
    • Configure the appliance management communication interface (C).
    • Configure NTP servers and system time.
  7. Command Line Configuration: Further configuration, such as setting up applicable network interfaces and other desired settings, can be done via the appliance command line.

Management and Policy Enforcement:

  • Forcepoint Security Manager: This is the central management console for the appliance. It requires a separate Windows Server (2008 R2, 2012, 2012 R2, or 2016).
    • Web Mode: Users enter a subscription key, update the Master Database, configure the Network Agent, and define web security policies.
    • Email Mode: Users complete a configuration wizard, enter a subscription key, configure email security policies, and define email DLP policies in the Data Security module.
  • Content Gateway Manager (proxy): If the site uses the Forcepoint proxy, this manager is used to configure user authentication and select protocols.

Deployment Flexibility:

The appliance supports various deployment scenarios, from a single appliance to multiple appliances on a network. The deployment diagram illustrates a basic setup where the appliance interacts with a router, firewall, and clients, all managed by the Forcepoint Security Manager.

Maintenance Features

The manual primarily focuses on initial setup and configuration rather than ongoing maintenance. However, some aspects imply maintenance considerations:

  • System Status Indicators: The LEDs on the front and rear of the appliance serve as immediate visual indicators of the appliance's operational status. Monitoring these during power-on and operation can help in early detection of issues.
  • Technical Support: Forcepoint Technical Support is the primary resource for any issues encountered during initial setup or if indicators are not functioning correctly.
  • Database Updates: In Web mode, the appliance handles database downloads from the Internet, which is a continuous maintenance activity to ensure up-to-date security definitions. This process is managed through the Forcepoint Security Manager.
  • Optional Hardware: The availability of an optional DIMM Kit for the V5000 G2R2 appliance suggests potential for hardware upgrades or replacements, which would be a maintenance activity.
  • Software Updates: While not explicitly detailed as a maintenance feature, the reliance on Forcepoint Security Manager and subscription keys implies ongoing software updates and patches would be part of the regular maintenance cycle to ensure optimal security and performance.
  • Network Configuration: The ability to configure network interfaces via the command line allows for adjustments and troubleshooting of network connectivity, which is a common maintenance task.

Forcepoint V5000 G2 Specifications

General IconGeneral
ModelForcepoint V5000 G2
CategoryFirewall
VPN SupportYes
Form Factor1U Rackmount
Power SupplyDual, Hot Swappable
Network Interfaces8x 1GbE, 4x 10GbE SFP+

Related product manuals