Professional Documents
Culture Documents
Pro Ofpoint Messaging Security Gateway™ and Proofpoint Messaging Security Gateway™ Virtual Edition - Release 8.X
Pro Ofpoint Messaging Security Gateway™ and Proofpoint Messaging Security Gateway™ Virtual Edition - Release 8.X
Pre-Installation Requirements
This document summarizes the pre-installation requirements for Proofpoint appliance-based and virtual appliance-
based products. To easily integrate an appliance into your network, ensure the ports listed in each table are open for
the master and each agent (if you have a cluster of master and agents). IP addresses and other installation
requirements are listed where applicable.
Requirements
A static IP address and hostname for each appliance.
The IP addresses of at least two DNS servers. DNS servers must be accessible by each system in the
cluster: master and every agent.
The hostname, MX record or IP address of the internal system that will receive filtered mail from the
appliance.
The list of domains for which you receive email.
Memory 16 GB 16 GB 32 GB 64 GB
RAID 1 Controller – Battery Backed RAID Battery Backed RAID Battery Backed RAID
RAID
PERC-H330 Controller - RAID 1 Controller - RAID 1 Controller - RAID 0 + 1
2 x 500 GB SATA
Disks 2 x 300 GB SAS Disks 2 x 300 GB SAS Disks 6 x 300GB SAS Disks
Disks
ESXi 5, ESXi 5.1, ESXi 5.1 Update 1, ESXi 5.5, ESXi 5.5 Update 2
See the Proofpoint Messaging Security Gateway Virtual Edition Installation Guide for system requirements and
download information.
Ports
Ensure the following ports are open for the master and each agent (if you have a cluster of master and agents).
Note: Please see https://support.proofpoint.com/article.cgi?article_id=132318 for information about the IP addresses
that need to be accessible from your Proofpoint master and agents.
3306 (DB) Inbound Proofpoint agents to the Proofpoint Required for database synchronization
master, and if applicable, also the from agents to master.
Quarantine master.
10010 Required for message transfer from
(HTTPS) agents to master.
10000 Inbound All Internal IPs to the Proofpoint Required for web-based administrative
(HTTPS) master. access.
Every node in the cluster (filtering
agents, Quarantine node, Log node, Required for log consolidation and
Smart Search node) must have port configuration synchronization.
10000 open for communication to
the master.
10001 Inbound Proofpoint config master. Required for web-based administrative
(TCP) access when using SAML 2.0 for
federated authentication.
161 Inbound SNMP management station to (Optional) Required to use Simple Network Management
UDP/TCP Proofpoint servers. Protocol (SNMP) to monitor and manage the appliance
(SNMPd) on your network. Inbound is required to have the
Proofpoint appliance listen for polling requests from your
162 Outbound Proofpoint servers to SNMP SNMP installation. Outbound is required to have the
UDP/TCP management station. Proofpoint appliance send traps to the SNMP monitoring
(SNMP) host.
389 Outbound Proofpoint master server to LDAP (Optional) Required for user import from LDAP or Active
(LDAP) server. Directory server.
636
(LDAPS)
123 (NTP) Outbound All Proofpoint servers to an internal Required for synchronization of system clocks.
NTP server or to
ntp.proofpoint.com.
10946 Inbound From the Config Master to the Required for searches, search results, and Smart
(TCP) Smart Search node. Search settings. Required only if Smart Search is
licensed.
10947 Inbound From the Log node to the Smart Required to transfer sendmail logs and filterd logs to
(TCP) Search node. If you do not have a Smart Search for indexing. Required only if Smart
Log node, it is from the Config Search is licensed.
Master to the Smart Search node.
If you do not have a dedicated
Smart Search node, but you do
have a Log node, this port is for
communication from the Config
Master to the Log node.
80 Inbound From RSS feed to Config Master. Required for RSS feed from Proofpoint.
(HTTP)