Extended Email Security migration flow
This article describes the end-to-end process for migrating from GravityZone Security for Email to GravityZone Extended Email Security. It presents the workflow in chronological order—from preparation, request submission, and provisioning to cutover and post-migration activities—so customers and partners can complete the transition with minimal disruption.
Overview
The migration enables existing Bitdefender customers to move protection from Security for Email to Extended Email Security. The process includes license validation, provisioning, parallel run, and final cutover. Running both services in parallel (for up to 30 days) reduces risk and ensures continuity while configuration and policy alignment are verified.
Prerequisites
You are an existing Bitdefender yearly licensed customer or an MSP currently using Security for Email.
You are authorized to request changes to your organization’s email security configuration.
You have gathered all required company and contact details (see the Required Information section below).
Note
If unsure about eligibility, contact your Bitdefender sales representative or Bitdefender Enterprise Support.
Required information
To ensure your migration request is processed quickly and smoothly, please provide the details listed below.
Sharing this information upfront ensures a seamless transition and minimizes delays from additional follow-ups.
For yearly licensed customers
Please include the following details in your request email:
- Email Platform
For example, Microsoft 365 or Google Workspace.
- Product Type
MX Based (Mesh Gateway), CAPES - API Based (Mesh 365), or MX and API Based (Mesh Unified).
- Company Name
Legal entity name.
- Industry
Organization’s industry sector.
- Primary Domain
Main email domain.
- Additional Domains
All additional email domains to be protected.
- Mail Server Host/IP
Public hostname or IP address.
- Timezone
Local timezone.
- Licenses
Number of user licenses.
- Admin Name
Primary administrative contact.
- Admin Email Address
Email used for setup communications and access.
- Policy
Existing or desired email policy baseline.
- Account Type
Trial or Purchase.
For MSPs
If you are an MSP requesting migration or onboarding to Extended Email Security, please include the following details:
- Company Name
Partner or MSP organization.
- Address / City / State / ZIP / Country
Full billing or operational address.
- Partner Service Region
EU or US.
- Partner Hub Email
Email used to set up the initial user and receive the welcome message.
- Partner Hub Contact Name
Primary point of contact.
- Partner Timezone
Local timezone.
- Request Type
Trial (30 days) or Paid account.
Submitting a migration request
Migration can be requested by an existing yearly licensed customer or an MSP.
Once you’ve gathered all the required information, please send it to your Bitdefender sales representative or directly to Bitdefender Enterprise Support at [email protected] with the subject line: “Extended Email Security Migration Request – [Your Company Name]”.
As an MSP, you can also apply by filling the feedback form to get into contact with Support.
After submission, Bitdefender processes or requests additional customer information (if necessary), validates the current license and schedules the migration.
Important migration follow-up considerations
A provisional Extended Email Security license key is issued alongside the setup details, and the destination tenant is prepared. The key is only for tracking and provisioning and doesn’t need activation in GravityZone.
Customers receive access credentials and configuration details to start initial setup and align policies.
For up to 30 days, Security for Email and Extended Email Security can run in parallel to prevent disruptions and verify mail flow, quarantines, and policies.
Bitdefender sends a completion notice summarizing retained data and next steps. You’ll receive a password reset link for your new account and a link to the Configuration Guide with MX record update instructions.
Note
To successfully finalize the migration, the customer or MSP performing the migration must ensure that email server configurations are switched from Security for Email to Extended Email Security.
Below you can find the key documentation sections that describe these configurations:
IP ranges, Smarthosts and MX records based on region
Create a Connector for Mesh in Microsoft 365 / Exchange (Inbound) (To ensure only email filtered by Extended Email Security is delivered to your Microsoft 365 / Exchange tenancy)
Create a Mail Flow Rule for Mesh in Microsoft 365 / Exchange (Inbound) (to allow email filtered by Extended Email Security to be delivered safely without any double filtering from Microsoft)
Mailbox Population
For Outbound