3.3.1. Scalable deployment

Overview

In a scalable deployment Email Gateway Security instances work on a shared email history database. The database runs on the primary instance, and the secondary instances connect to the primary instance’s email history database.

For details about scalable deployment see 5.15. Scalable deployment operation.

images/inline/59b1bcb9943771b5aa2658696fc2b3cf25e76db5.png

General starting steps

To install Email Gateway Security in standalone or scalable mode, start with the following steps:

  1. Start the Email Gateway Security installer
    images/download/attachments/8465015/image-20210427-131800.png

  2. Accept the license agreement
    images/download/attachments/8465015/image-20210427-131954.png

  3. Select setup type (Simple was selected in this guide, the Custom lets the user to choose the installation directory)
    images/download/attachments/8465015/image-20210427-132202.png

  4. From here the setup depends on whether a primary or a secondary instance is to be installed.

Primary instance

To install Email Gateway Security as a primary instance perform the following steps:

  1. After choosing the setup type, choose Shared database (Primary instance)
    images/download/attachments/8465015/image-20210427-132356.png

  2. Specify the Database Address and Database Port. For details see the address and port entries respectively under the section HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metadefender Email Database\global in 4.1.1. Scalable deployment related registry configuration.
    images/download/attachments/8465015/image-20210427-132743.png

  3. Complete installing the primary instance with the steps described in section General closing steps.

Port will be used later

Remember the port number cause later it will be used when installing the secondary instance.

Secondary instance

To install Email Gateway Security as a secondary instance perform the following steps:

  1. After choosing the setup type, choose Shared database (Secondary instance)
    images/download/attachments/8465015/image-20210427-073600.png

  2. Specify the following:

    1. Database Server: the host name or IP address of the primary instance (where the database is running).
      If a TLS enabled connection is to be set up, then this value must be set properly in sync with the subject of the certificate to which the encryption certificate was issued. See the Root Certificate entry below.

    2. Database Port: the port number on which the database service is listening on the primary instance. For details see step 2 in section Primary instance.

    3. Root Certificate: Email Gateway Security uses subsequent keys and certificates for primary-secondary instance communication. These subsequent keys and certificates are signed by a root certificate installed (and/or) generated on the primary node.
      By default a key and certificate pair is generated for this purpose on the primary instance and can be found under <installation directory>\data directory (default C:\Program Files\OPSWAT\MetaDefender Email Security\data) on the primary instance.

    4. Private Key: the private key pair of the Root Certificate. By default it is generated by the primary instance and can be found in the same location as the root certificate.
      images/download/attachments/8465015/image-20210427-073716.png

  3. Complete installing the secondary instance with the steps described in section General closing steps.

General closing steps

To finish the installation of an Email Gateway Security standalone or scalable deployment, perform the following closing steps:

  1. Specify the REST Address and REST Port. For details see the restaddress and restport entries respectively under the section HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metadefender Email Security\global in 4.1. Registry configuration.
    images/download/attachments/8465015/image-20210427-132959.png

  2. Commit all the changes and perform the actual installation.
    images/download/attachments/8465015/image-20210427-133011.png