Hi rohit.babr,
This would be a situation where you be best to reach out to us either crreating a case in the portal or giving us a call. Without specific details, I can only speak in general terms.
First, I cannot speak to the set-up for the Office 365 -> Network Prevent for Email -> Office 365 section of the configuration, though I do see you have made some posts in the DLP forums as well. I see that some
With regards to your questions:
What are the IP addresses that I have to provide in Network Prevent for Email Server to foward the mails to Symantec Security.cloud?
Based on your described set-up, it would seem that emails would be coming to Email Security.cloud via O365, rather than direct from your Network Prevent for Email Server. Regardless, if you were passing emails directly to Email Security.cloud from the Network Prevent for Email Server, you would configure it to direct mail towards the outbound hostname for the cluster you were provisioned on for Email Security.cloud. For example ClusterXout.YY.messagelabs.com (where X is a number and YY is a region). As I can't identify your account, I cannot provide you your specific cluster. It would have ben provided in your welcome details from the Email Security.cloud set-up. If you are currently using the Symantec Email Security.cloud for your outbound mails from Office 365, then you should have that host configured in Office 365 for the mail to route to. If you are using the Email Security.cloud service on your inbound mail then you would have the cluster set-up in your MX Records, which woudl identify the cluster and region. For example with symantec.com:
[todd@XXXXXX ~]$ dig +short mx symantec.com
20 cluster4a.us.messagelabs.com.
10 cluster4.us.messagelabs.com.
We can see that symantec.com uses cluster4.us so the outbound hostname would be cluster4out.us.messagelabs.com
What are the settings I need to do to accept emails from On-Premise Network Prevent for Email server (this server will be on-prem DMZ with a public IP)
In the cloud portal - https://clients/messagelabs.com you would go to Services -> Email Services -> Outbound Routes and then under Sending Server IP Addresses, then click the Add and Check New button. Enter the IP of the server and then allow the technical check to run (generally about 2-5 minutes). Once you get the confirmation email that the technical check has passed, then it will begin propagation and within about an hour, we will accept outbound mail from that IP. If the technical check returns a fail result, you will need to troubleshoot based on the issue it indicates.
I hope this helps. As noted, it might work best to engage support directly so we can provide sepcific answers as to your cluster.