McAfee Email and Web Security Appliance 5.1 Скачать руководство пользователя страница 15 | Manualshive

Страница: 15 / 50

background image

Use this configuration if:

• The appliance is operating in explicit proxy mode.

• You are using email (SMTP).

For this configuration, you must:

• Configure the external Domain Name System (DNS) servers or Network Address Translation

(NAT) on the firewall so that the external mail server delivers mail to the appliance, not to
the internal mail server.

• Configure the internal mail servers to send email messages to the appliance. That is, the

internal mail servers must use the appliance as a smart host. Ensure that your client devices
can deliver email messages to the mail servers within your organization.

• Ensure that your firewall rules are updated. The firewall must accept traffic from the

appliance, but must not accept traffic that comes directly from the client devices. Set up
rules to prevent unwanted traffic entering your organization.

Deployment Strategies for Using the Appliance in
a DMZ

A demilitarized zone (DMZ) is a network separated by a firewall from all other networks, including
the Internet and other internal networks. The typical goal behind the implementation of a DMZ
is to lock down access to servers that provide services to the Internet, such as email.

Hackers often gain access to networks by identifying the TCP/UDP ports on which applications
are listening for requests, then exploiting known vulnerabilities in applications. Firewalls
dramatically reduce the risk of such exploits by controlling access to specific ports on specific
servers.

The appliance can be added easily to a DMZ configuration. The way you use the appliance in
a DMZ depends on the protocols you intend to scan.

Contents

SMTP configuration in a DMZ

SMTP configuration in a DMZ

The DMZ is a good location for encrypting mail. By the time the mail traffic reaches the firewall
for the second time (on its way from the DMZ to the internal network), it has been encrypted.

Appliances which scan SMTP traffic in a DMZ are usually configured in explicit proxy mode.

Configuration changes need only be made to the MX records for the mail servers.

NOTE:

You can use transparent bridge mode when scanning SMTP within a DMZ. However, if

you do not control the flow of traffic correctly, the appliance scans every message twice, once
in each direction. For this reason, explicit proxy mode is usually used for SMTP scanning.

Pre-installation
Deployment Strategies for Using the Appliance in a DMZ

15

McAfee Email and Web Security Appliance 5.1 Installation Guide

«
...
13
14
15
16
17
...
»

Содержание Email and Web Security Appliance 5.1

Страница 1: ...McAfee Email and Web Security Appliance 5 1 Installation Guide...

Страница 2: ...is distinctive of McAfee brand products All other registered and unregistered trademarks herein are the sole property of their respective owners LICENSE INFORMATION License Agreement NOTICE TO ALL USE...

Страница 3: ...r Using the Appliance in a DMZ 15 SMTP configuration in a DMZ 15 Connecting and Configuring the Appliance 18 Installation quick reference table 18 Ports and Connections 19 3000 3100 panel layout 19 32...

Страница 4: ...37 Further report information 37 Using policies to manage message scanning 38 Creating an anti virus scanning policy 38 Creating an anti spam scanning policy 39 Creating an email compliance policy 40...

Страница 5: ...Anti spam 48 Getting more help the links bar 50 5 McAfee Email and Web Security Appliance 5 1 Installation Guide Contents...

Страница 6: ...d the appliance features and functions Plan and perform the appliance installation and deployment Begin to use the appliance Test the appliance in a laboratory environment optional You can find additi...

Страница 7: ...irewall Switch Network Network zone DMZ or VLAN Perceived data path Actual data path Documentation This Installation Guide is included with your appliance Additional information is available in the on...

Страница 8: ...from any protective packaging and place it on a flat surface Observe all provided safety warnings CAUTION Review and be familiar with all safety information provided Contents What s in the box Plan th...

Страница 9: ...cannot handle all types of traffic If you use explicit proxy mode only protocols that are to be scanned should be sent to the appliance Operating conditions 10 to 35 C 50 to 95 F Temperature 20 to 80...

Страница 10: ...liance That is if the appliance is operating in one of the transparent modes How the appliance physically connects to your network The configuration needed to incorporate the appliance into your netwo...

Страница 11: ...arent bridge mode requires less configuration than transparent router and explicit proxy modes You do not need to reconfigure all your clients default gateway MX records Firewall NAT or mail servers t...

Страница 12: ...e on a different network The appliance acts as a router routing the traffic between networks based on the information held in its routing tables Configuration Using transparent router mode you do not...

Страница 13: ...licitly to send traffic to the appliance The appliance then works as a proxy or relay processing traffic on behalf of the devices Explicit proxy mode is best suited to networks where client devices co...

Страница 14: ...xplicit proxy mode invalidates any firewall rules set up for client access to the Internet The firewall sees only the IP address information for the appliance not the IP addresses of the clients so th...

Страница 15: ...t provide services to the Internet such as email Hackers often gain access to networks by identifying the TCP UDP ports on which applications are listening for requests then exploiting known vulnerabi...

Страница 16: ...the mail messages As a result some companies do not allow such traffic on their internal network To overcome this they often use a proprietary mail gateway such as Lotus Notes or Microsoft Exchange t...

Страница 17: ...sts originating from an internal Notes server and destined for the Notes gateway SMTP requests originating from the appliance and destined for the Internet All other SMTP and TCP port 1352 requests ar...

Страница 18: ...work traffic is being scanned 11 Configure policies and reporting 12 Route production traffic through the appliance CAUTION Connecting the appliance to your network can disrupt Internet access or othe...

Страница 19: ...ppliance 12 Testing the appliance Test that the network traffic is being scanned 13 Using policies to manage message scanning Configure policies and reporting 14 Configuring the appliance using the Se...

Страница 20: ...drive is in use Power and LED Turns the appliance on and off Lights green when the appliance is operational Flashes green whenthe appliance is in standby mode It is receiving power through the power s...

Страница 21: ...ned or 10 Mbps or 100 Mbps Ethernet Each LAN port has built in LEDs Lights green when the port has a good link to the attached Ethernet Flashes amber when the port detects activity on the attached Eth...

Страница 22: ...10 1 1 108 for that port You connected fiber cables to the fiber LAN1 and LAN2 ports and now want to enable these ports Transparent Router and Transparent Bridge modes The LAN2 port is used with LAN1...

Страница 23: ...9 inch rack perform the steps in Mounting the appliance in a rack 3 Connect a monitor and keyboard to the appliance 4 Connect power leads to the monitor and the appliance but do not connect to the pow...

Страница 24: ...rossed RJ 45 network switch In explicit proxy mode the unused switch connection can be used as a dedicated management port To manage the appliance locally use a crossover Cat 5e Ethernet cable to conn...

Страница 25: ...th the appliance switched on insert the CD into the CD ROM drive 5 Re boot the appliance The software is installed on the appliance Using the Configuration Console The Configuration Console enables yo...

Страница 26: ...ou made when you used the Configuration Console Logging on to the Setup Wizard Welcome page Performing a standard installation Performing a custom setup Logging on to the Setup Wizard Use this task to...

Страница 27: ...col Configuration Connection Settings SMTP McAfee Anti Spyware protects your network from many types of potentially unwanted software such as spyware adware remote administration tools dialers and pas...

Страница 28: ...ion User ID Specifies the new password Change the password as soon as possible to keep yourappliance secure You must type the new password twice to confirm it The original default password is scmchang...

Страница 29: ...ver Gateway IP Offers a choice of mode Operating mode In Transparent Route or Transparent Bridge mode other network devices such as mail servers are unaware that the appliance has intercepted and scan...

Страница 30: ...appliance forwards the request to the DNS root name servers on the Internet If your firewall prevents DNS lookup typically on port 53 specify the IP address of a local device that provides name resol...

Страница 31: ...ot noticeably affect the appliances performance Option definitions Definition Option Specifies your local time zone You might need to set this twice each year if your region observes daylight saving t...

Страница 32: ...the user name scmadmin and the password that you gave to this setup wizard Option definitions Definition Option The value is set according to best practice The value is probably not correct Although t...

Страница 33: ...troducing the user interface To start the user interface on the appliance you must log on using the username and password The user interface opens on the Dashboard page NOTE The interface you see migh...

Страница 34: ...esources Help information Similar to clicking Show Quick Help in the navigation pane Help Topics Section icons There are five or six section icons depending on the software that you are using Click an...

Страница 35: ...virus installations Task 1 Copy the following line into a file making sure you do not include any spaces or line breaks X5O P AP 4 PZX54 P 7CC 7 EICAR STANDARD ANTIVIRUS TEST FILE H H 2 Save the file...

Страница 36: ...message to an internal mailbox address The Anti Spam Module scans the message recognizes it as a junk email message and deals with it accordingly The GTUBE overrides blacklists and whitelists For more...

Страница 37: ...lect Anti Virus Engine detections then click Next The log shows the EICAR test file that you detected Task Use this task to update the appliance s DAT files and to then view the the update report NOTE...

Страница 38: ...l email Notify the recipient Alert the sender Task Use this task to demonstrate what happens when a mass mailer virus rule is triggered by the EICAR test file and actions that can be taken 1 On the ap...

Страница 39: ...connections list To the sending server it appears that the server is not online The appliance checks the message as it enters your mail gateway and identifies that it contains a virus It quarantines...

Страница 40: ...lick OK 5 Create an email on the server from example server email address to example client email address Include the line Hi You are scheduled for an X Ray later this week which may give more indicat...

Страница 41: ...have increased 17 Click the Quarantined messages link to display information on these messages 18 Using the recipient s email account open McAfee Quarantine Manager User interface and select Unwanted...

Страница 42: ...iance is switched on and its software is running If the power button LED is orange the appliance is connected but is not turned on If the power LED is green the appliance is connected and turned on Th...

Страница 43: ...ormance The defaults provide guidance about the correct value to use Interface problems This section contains solutions to problems you might encounter when trying to configure the appliance through i...

Страница 44: ...he default is 10 1 2 108 in the URL field of your web browser The appliance has a working connection to your computer indicated by the NIC 2 network activity LED flashing on the control panel If the L...

Страница 45: ...or valid recipients during the SMTP conversation and then send a non delivery report Several email servers do not send User unknown errors as part of the SMTP configuration These include but might not...

Страница 46: ...mail message in Outlook select View Options Internet Headers If the appliance is in the mail path you see a header of the form Received from sender by server_name via ws_smtp with sender and server_na...

Страница 47: ...tion discusses physical configuration issues I connected the appliance to the network but I cannot connect to it with my browser In explicit proxy mode make sure you have connected the LAN1 adapter to...

Страница 48: ...d DAT version number In the navigation pane select Monitor System Status then General Status Alternatively select Monitor Updates The DAT files are downloaded checked and applied The appliance does no...

Страница 49: ...ecting and preventing spam ensure that the appliance is using the latest versions of the anti spam engine anti spam rules and extra rules files as well as using all the features that can block unwante...

Страница 50: ...ssages for spam requires appliance resources and affects SMTP performance Users are complaining that their mailboxes are full If users automatically divert spam to a spam folder in the mailbox their m...

Отзывы:

Нет отзывов

Похожие инструкции для Email and Web Security Appliance 5.1

CloudGen Series

Бренд: Barracuda Страницы: 4

Бренд: Fortinet Страницы: 276

Бренд: Lanner Страницы: 46

Бренд: Netgate Страницы: 83

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды