Sensor Prerequisites
In on-premises deployments, Sensors can be installed on bare-metal installs or a hosted virtual machine (VM). If you use a virtual machine, you can configure your own by following the instructions in this guide or you can download a pre-packaged, pre-configured virtual machine disk image.
For a bare-metal install or your own virtual machine, the Cloud Email Protection Sensor is distributed by Fortra Cloud Email Protection via an installation script that is uniquely keyed to your organization. The installation script installs the Sensor application, which is distributed via a Docker container. The container wraps the Sensor application in a complete file system containing everything needed to run the application: code, runtime, system tools, and system libraries.
For the pre-packaged, pre-configured virtual machine disk image, you download an OVA file from within Cloud Email Protection, which you can import into any supported virtualization software.
You should obtain the script to install your first Sensor from your Fortra Cloud Email Protection Sales representative. After you gain access to the web application, you can obtain a script to install additional Sensors from the Manage > Sensors page. This script is uniquely keyed for your organization.
Hardware and Software Requirements
If you are installing on bare metal or your own virtual machine, the machine or machine instance must meet the following minimum requirements. If you are using the virtual machine disk image, it is already pre-configured to these requirements, and you should be running the virtualization software on hardware that meets these requirements.
| System | Requirement |
|---|---|
| CPU | Intel or AMD x86_64, 8 cores |
| Memory | 32GB |
| Disk |
The following minimum allocations:
|
| Operating System |
Modern, 64-bit Linux:
|
| Docker | 17.06 or later |
| Network | 1 Gbit/sec recommended |
| Hypervisor | VMWare ESXi |
Firewall requirements
When a Sensor is installed in your infrastructure, it will need to be able to communicate with the CEP cloud. Below is a list of firewall requirements for the Sensor:
| Port Requirement | Definition |
|---|---|
| Inbound: 25 (SMTP) |
For receiving stream of inbound, duplicated messages from your gateway. TIP: This port is required to be opened for any configuration where the Sensors reside on a different network from the Exchange server that is separated by a firewall. |
| Outbound: 443 (HTTP/S) |
HTTP/S requests to the CEP cloud and other cloud services (details below). TIP: The Sensor can be configured to use a proxy for outbound HTTP/S connections |
| Outbound: 53 (DNS) |
DNS for hostname/IP address resolution. NOTE: If the host system is using 127.0.* or localhost for the DNS resolution, Docker will not replicate that in the container's /etc/resolv.conf file. Instead it will set the DNS to 8.8.8.8 and 8.8.4.4, and if you do not have these addresses available through the firewall, DNS will fail. You may need to set the host's DNS servers to the actual address of the internal DNS servers used in your enterprise. |
| Outbound: 123 (NTP) |
NTP for time synchronization services Note: On RedHat systems, you can verify that NTP is working correctly by issuing these commands: ntpstat echo $? You want the output of the last command to be a 0 if the NTP server is being accessed. See the RedHat documentation for more information on checking the status of NTP.
|
Firewall Rules: Required HTTPS Access
The system running the installation script must have access to the following endpoints:
https://sensor-provisioner.ep.prod.agari.com
https://agari-ep-collector-config-prod.s3.amazonaws.com
https://agari-ep-collector-config-prod.s3.us-west-2.amazonaws.com
https://agari-ep-collector-ingest-avro.s3.amazonaws.com
https://agari-ep-collector-ingest-avro.s3.us-west-2.amazonaws.com
https://agari-ep-collector-milter.s3.amazonaws.com
https://agari-ep-collector-milter.s3.us-west-2.amazonaws.com
https://kinesis.us-west-2.amazonaws.com
https://publicsuffix.org
https://registry-cdn.ep.agari.com
https://registry.ep.agari.com
https://s3-r-w.us-west-2.amazonaws.com
https://sns.us-west-2.amazonaws.com
https://us-west-2.queue.amazonaws.com
https://sqs.us-west-2.amazonaws.com/
Docker Installs
The Docker documentation has instructions for installing Docker with the Linux versions Fortra Cloud Email Protection supports to run the sensor:
- Red Hat: http://docs.docker.oeynet.com/engine/installation/linux/docker-ee/rhel/#install-docker-ee(Docker EE)
- CentOS: http://docs.docker.oeynet.com/engine/installation/linux/docker-ee/centos/#install-docker-ee (Docker EE) or https://docs.docker.com/install/linux/docker-ce/centos
- Ubuntu: http://docs.docker.oeynet.com/engine/installation/linux/docker-ee/ubuntu/#install-docker-ee (Docker EE) or https://docs.docker.com/install/linux/docker-ce/ubuntu (Docker CE)
Postfix
Some Linux distributions enable a Postfix server by default. If a default Postfix server is running, it must be disabled before running the Sensor installation script. (The Sensor will install its own customized version of a Postfix server for receiving messages.)
Disable and remove the Postfix server by running this command:
# sudo yum remove postfix