Virtual machine support for Forcepoint products
- Article Number: 000011691
- Products: Email Security Gateway, Email Security Gateway Anywhere, Forcepoint DLP, Forcepoint Email Security, Forcepoint URL Filtering, Forcepoint Virtual Appliance, Forcepoint Virtual Appliance for DLP, Forcepoint Web Security, TRITON AP-DATA, TRITON AP-EMAIL, TRITON AP-WEB, Web Security Gateway, Web Security and Web Filter, Websense Email Security
- Version: 8.5, 8.4, 8.3, 8.2, 8.1, 8.0, 7.8, 7.7, 7.6
- Last Published Date: May 16, 2018
Are Forcepoint Web security solutions supported on virtual machines?
Best effort support
Although it is not a certified configuration, Forcepoint will provide "best effort" support to virtualization technologies deployments of Forcepoint Web Security solutions on the VMware ESX, VMware ESXi, and Microsoft Hyper-V platforms. Under best effort support, Forcepoint Technical Support will make their best effort to troubleshoot cases in standard fashion unless the issue is deemed a virtualization technology-specific issue, at which point you must contact the virtualization vendor directly for assistance. In order to qualify for best effort support, virtualization technology deployments must follow certain guidelines (see Requirements below).
Supported operating systems
Forcepoint has not certified performance characteristics of Forcepoint Web security solutions on virtual environments. In general, you can expect performance impacts of up to 25% when running an application on virtual systems. It is important to note this is only a broad, rough guide. You must determine how virtualization affects performance in your particular deployment and make any necessary adjustments to hardware and configuration.Hardware resources
You must confirm that the hardware resources allocated to the virtualization guest(s) are in line with the hardware requirements for the Forcepoint product as specified in the Forcepoint deployment center for your version.Known VMware Issues
Performance issues related to resource contention, including disk I/O issues, are exhibited as follows:
While it may be possible to mitigate these problems, doing so involves tuning the virtual environment beyond the scope of Forcepoint.See article Does Forcepoint Run On Microsoft Hyper-V for additional details.
SQL Server and MSDE
The Forcepoint Log Database is maintained on SQL Server or MSDE. Microsoft has limited support for running SQL Server or MSDE on virtualization systems other than a Microsoft virtualization system. Please see the appropriate Microsoft support documentation for more information.
See Microsoft's support policy for SQL Server products running in a hardware virtualization environment.
Review Microsoft's Server Virtualization Validation Program for supported configurations of Microsoft server software on non-Microsoft virtualization platforms.
In order to properly apply security policy, Forcepoint Network Agent requires that the network interface card (NIC) it uses for monitoring be set to promiscuous mode to see network traffic. Some virtualization environments do no allow guest VMs to have a NIC in promiscuous mode. Please consult your vendors documentation for your virtualization platform.
Appliance Recovery Images
Forcepoint appliance recovery images are not supported on virtual machines.