Course Details
During the Forcepoint Email Security System Engineer hands-on instructor-led course, you will gain an understanding of the key core competencies and skills needed to practice as a System Engineer handling Forcepoint Email Security. The core competencies are deploymentplanning, installation, upgrading and troubleshooting. This course prepares engineers or other professionals who are about to manage or lead system engineering development of Forcepoint Email Security from concept creation to production.
Objectives
- Propose an Email Security deployment solution by identifying the most suitable platform, components and configurations for a given set of requirements.
- Successfully plan and execute an Email Security on-premises installation.
- Identify and mitigate common environmental factors within a deployment that can affect filtering efficacy.
- Planand execute an Email Security upgrade using the Migration Tool.
- Perform troubleshooting steps and debugging to resolve common deployment issues.
Outline
SESSION 1 –DEPLOYMENT OVERVIEW AND INSTALLATION
Module1: Email Security Components
- Required components
- Optional components
- Appliance offerings
Module2: Deployment Platforms
- On-premises platform
- Hybrid platform
- Email Security in the Azure platform
Module3: Appliance Management Interfaces
- Command Line Interface (CLI)
- Forcepoint Security Appliance Manager (FSAM)
Module4: Deployment Use Cases
- Small and middle business
- Large and enterprise business
Module5: Installation planning
- Requirements
- Pre-installation considerations
Module6: Email Security on-premises Installation
- Virtual Appliance on-premises deployment
- Installing Forcepoint Security Manager and Log Server
Module7: Email Security in Azure
- Deployment process
SESSION 2 -ARCHITECTURE AND ENVIRONMENT
Module8: Clustering
- Benefits of a configuration cluster
- Clustering with Hybrid and Data Security
- Clustering with PEMModule9: Load Distribution
- Third-Party Load Balancer
- Load balancing with DNS
Module10: Upstream MTA
- Simultaneous Connections
- True Source IP Detection
Module 11: Address rewriting
- Rewrite the envelope sender address
- Rewrite the display sender address
Module12: DKIM Signing
- DKIM process
- Configuring DMARK in Forcepoint Security Manager
SESSION 3 –UPGRADINGEMAIL SECURITY
Module13: Plan the upgrade
- Review the documentation
- Component upgrade order
Module14: Perform the upgrade
- 8.3 Appliance architecture changes
- Migration Tool
- Migration Process
- Virtual Appliance Hotfix
- Forcepoint Security Manager upgrade 8.2 –8.5.0
- Migrate and upgrade Appliance
SESSION 4 –TROUBLESHOOTINGOVERVIEW
Module15: Troubleshooting & debug overview
- Troubleshooting tools Real-time monitor Forcepoint Security Manager logo Counters Command Line Troubleshooting
- Backend files and processes log on with root access to Email Security appliance backed files and processes debugging
- CLI debug command debugging Forcepoint Modules using the CLIoDebugging Postfix modules (requires root access)
Module16: Installation Errors
- Email Log Server installation errors
- Forcepoint Management Server installation errors
- Appliance registration errors
Module17: Mailflow Issues
- Delivery problems handling outbound/internal delivery problems handling inbound delivery problems
- Spam detection error false negative / False possible receiving backscatter / Sending backscatter
- Troubleshooting with “mail log”
SESSION 5 –TROUBLESHOOTINGCONTINUED
Module18: LogDatabase and Log Server Issues
- Cannot see logs form TRION Manager
- Log server failed to start
- Log DB extract, transform, and load process wrong
- Track on-box PostgreSQL
- Debug log daemon
Module19: Quarantine Issues
- Message queues•Cannot see quarantine email in Blocked Messages
- Debug quarantine daemon
Module20: PEM Issues
- End-user login fail
- PEM portal load fail•End user cannot receive notification
- End-user cannot release messages
- PEM always permit/blocklist fails
- Debug PEM
Module21: Email DLPIssues
- Email DLP registration fail
- Email DLP policy deployment fail
- Email DLP policy does not work normally
- Use multiple policy engines
Module22: Cluster Problems
- Configuration and license synchronization
- Heartbeat Request and response
- A secondary node cannot be synchronized
- Debug clusteringModule23: Hybrid Issues
- Hybrid configuration file
- Hybrid logs cannot be synchronized
- Debug Hybrid
Target Audience
- Consultants, system architects, integrators
- Sales Engineers, Implementation Specialists, Deployment Specialists, Network Architects, Technical Support
Prerequisites
- Completion of the Forcepoint Email Security Administrator Course and certification.
- Intermediate knowledge of networking and computer security concepts.
- A computer that meets the requirements noted at the end of this document.