Technical Support

Need help?


NEW! - Migration to the WatchGuard Email Protection Platform

Information applies to:

Panda Cloud Email Protection

The Panda Cloud Email Protection platform will enter End of Life (EOL) by the end of this year (December 31st, 2021) and will be replaced by a new platform called WatchGuard Email Protection.

This will not entail any great changes for you ? quite the opposite. On migrating to the new malware and spam filtering service, you will benefit from numerous new and improved features.

Your account, or if you a Partner, your customer's accounts, will be automatically migrated to the new platform. However, you will still need to make some simple changes to finish setting up the new service. Please, read the FAQs and Documentation available in this article before you begin.

The migration will start on October 27th, and you must do the final service set-up before November 25th.
After this date, the Panda Cloud Email Protection platform will be automatically redirected to the WatchGuard Email Protection platform.


Frequently Asked Questions
Can I use both consoles until the migration is complete?
Customers and Partners will have access from PandaCloud to both platforms - the old PCEP platform and the new WGEP platform - until November 25th. This will give you time to configure your settings on the new platform and to get familiar with the new interface.

What happens after the November 25th?
As from November 25th, traffic will be filtered by the new WatchGuard Email Protection platform. To prevent losing any emails, both the old MX as well as the new one will coexist.

How do I access the new console?
Access to the new WatchGuard Email Protection console is available from this link:

What credentials do I need to use?
We will send the credentials to the main contact email address of our customers and Partners
. If you don't receive this email, it could be because your email address is different to the one we have, in which case you need to contact Technical Support, or else, because you are not the account main contact, in which case you could ask the to resend you the email with the credentials.

Once you are in the new WatchGuard Email Protection platform, we highly recommend that you change the password and create your own administrator user.

Steps to Migrate to the WatchGuard EMail Protection Servers

  1. Ensure you can access the WatchGuard Email Protection platform with your new credentials before you configure the settings of the new platform to filter your mail.
  2. Configure the firewall
    The first step is to define the accessibility of your mail server.
    A correctly configured firewall also prevents the direct delivery of spam straight from the Internet.

    The following IP ranges must be allowed for mail traffic:
    • Range: with subnet mask, corresponding to addresses between and
    • Range: with subnet mask, corresponding to addresses between and
    • Range: with subnet mask, corresponding to addresses between and
    • Range: with subnet mask, corresponding to addresses between and

      The standard setting, unless otherwise specified, is port 25. This can of course be modified according to your requirements. Any TLS connections will be unaffected.
  3. After the settings above have been established, you can configure the MX records.
    This determines where the emails for a domain are sent. In technical terms, the sender resolves the destination domain according to the MX record and initiates a connection with the relevant host.

    This is where WatchGuard Email Protection security systems come in. In order for emails to be processed and filtered, they are redirected to a new destination by means of the MX record:
    • MX priority 10
    • MX priority 20
    • MX priority 30
    • MX priority 40

      Note: These changes are not made in the WatchGuard Email Protection console. The MX change has to be made either by the client, or by the administrator who manages the configuration of the mail server.
  4. Configure outbound email
    The IP of the external server used for the outbound mail service should be configured. This can be done in the WatchGuard Email Protection management console.

    The next step is to set the name as the outbound connector on the outgoing mail (client) server.
    Keep in mind that authentication is not necessary, so this option should be disabled in the new configuration.
  5. Configure SPF record
    Another DNS setting you can configure in addition to the MX record is the SPF record.
    This is saved as a domain TXT record and specifies which systems are allowed to send email on behalf of the domain.

    It is analyzed in certain circumstances by external recipients, but also by the WatchGuard Email Protection spam filter service, for purposes that include detecting fraud attempts such as spoofing. It is therefore very useful to modify or expand the TXT entry. The following setting is recommended:
    v=spf1 ~all
Help nº- 20211025 600018 EN

Have you resolved your query with this article?

yes no

Thanks for your answer

Why didn't you find it helpful?

The instructions are too complex.
The instructions are too long.
The instructions don't work.
I'd rather have a video.
Other reasons.

Talk to a technician!


Business hours: Mondays-Fridays 9:00 to 18:00 CET

Outside business hours, please use the online form.



You’re about to visit our web page in English
Would you like to continue?

Yes, I want to visit the web page in English No, I want to visit the web page in

If this is not what you’re looking for,

Visit our Welcome Page!