Panda Cloud Email Protection
The Panda Cloud Email Protection platform will enter End of Life (EOL) by the end of this year (December 31st, 2021) and will be replaced by a new platform called WatchGuard Email Protection.

This will not entail any great changes for you ? quite the opposite. On migrating to the new malware and spam filtering service, you will benefit from numerous new and improved features.

Your account, or if you a Partner, your customer’s accounts, will be automatically migrated to the new platform. However, you will still need to make some simple changes to finish setting up the new service. Please, read the FAQs and Documentation available in this article before you begin.

The migration will start on October 27th, and you must do the final service set-up before November 25th.
After this date, the Panda Cloud Email Protection platform will be automatically redirected to the WatchGuard Email Protection platform.


Frequently Asked Questions
Can I use both consoles until the migration is complete?
Customers and Partners will have access from PandaCloud to both platforms – the old PCEP platform and the new WGEP platform – until November 25th. This will give you time to configure your settings on the new platform and to get familiar with the new interface.

What happens after the November 25th?
As from November 25th, traffic will be filtered by the new WatchGuard Email Protection platform. To prevent losing any emails, both the old MX as well as the new one will coexist.

How do I access the new console?
Access to the new WatchGuard Email Protection console is available from this link: https://emailprotection.watchguard.com

What credentials do I need to use?
We will send the credentials to the main contact email address of our customers and Partners. If you don’t receive this email, it could be because your email address is different to the one we have, in which case you need to contact Technical Support, or else, because you are not the account main contact, in which case you could ask the to resend you the email with the credentials.

Once you are in the new WatchGuard Email Protection platform, we highly recommend that you change the password and create your own administrator user.

Steps to Migrate to the WatchGuard EMail Protection Servers

  1. Ensure you can access the WatchGuard Email Protection platform with your new credentials before you configure the settings of the new platform to filter your mail.


  2. Configure the firewall
    The first step is to define the accessibility of your mail server.
    A correctly configured firewall also prevents the direct delivery of spam straight from the Internet.

    The following IP ranges must be allowed for mail traffic:

    • Range: with subnet mask, corresponding to addresses between and
    • Range: with subnet mask, corresponding to addresses between and
    • Range: with subnet mask, corresponding to addresses between and
    • Range: with subnet mask, corresponding to addresses between and

      The standard setting, unless otherwise specified, is port 25. This can of course be modified according to your requirements. Any TLS connections will be unaffected.

  3. After the settings above have been established, you can configure the MX records.
    This determines where the emails for a domain are sent. In technical terms, the sender resolves the destination domain according to the MX record and initiates a connection with the relevant host.

    This is where WatchGuard Email Protection security systems come in. In order for emails to be processed and filtered, they are redirected to a new destination by means of the MX record:

    • MX priority 10 mx01.hornetsecurity.com
    • MX priority 20 mx02.hornetsecurity.com
    • MX priority 30 mx03.hornetsecurity.com
    • MX priority 40 mx04.hornetsecurity.com

      Note: These changes are not made in the WatchGuard Email Protection console. The MX change has to be made either by the client, or by the administrator who manages the configuration of the mail server.

  4. Configure outbound email
    The IP of the external server used for the outbound mail service should be configured. This can be done in the WatchGuard Email Protection management console.

    The next step is to set the name relay-cluster-eu01.hornetsecurity.com as the outbound connector on the outgoing mail (client) server.
    Keep in mind that authentication is not necessary, so this option should be disabled in the new configuration.

  5. Configure SPF record
    Another DNS setting you can configure in addition to the MX record is the SPF record.
    This is saved as a domain TXT record and specifies which systems are allowed to send email on behalf of the domain.

    It is analyzed in certain circumstances by external recipients, but also by the WatchGuard Email Protection spam filter service, for purposes that include detecting fraud attempts such as spoofing. It is therefore very useful to modify or expand the TXT entry. The following setting is recommended:
    v=spf1 include:spf.hornetsecurity.com ~all

Help nº- 20211025 600018 EN

Source : Official Panda Brand
Editor by : BEST Antivirus KBS Team

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.