Configuring multi-burb Sendmail with load sharing High Availability

Size: px
Start display at page:

Download "Configuring multi-burb Sendmail with load sharing High Availability"

Transcription

1 A PPLICATION N O T E Configuring multi-burb Sendmail with load sharing High Availability This document provides the steps that are needed to configure multi-burb Sendmail in a load sharing High Availability environment.

2 Table of Contents Overview... 3 Sample environment... 4 Configuring multi-burb Sendmail A

3 Overview Sendmail was first ported to Sidewinder for version 3.0 nearly 10 years ago. Back then, Sidewinder only provided two burbs --"internal" and "external". Therefore, we allowed the Sendmail daemons to run in these two burbs. This configuration provided a more secure SMTP pipeline through the Sidewinder, compared to the SMTP proxy, and worked well for a majority of the customers for years to come. However, not all LANs are created equal. Times changed, security issues came to the forefront of industry concerns, and the demands put on the Sidewinder quickly increased. Mail service in two burbs was just not enough for more sophisticated enterprises. Customers soon demanded "multiburb" SMTP service, allowing mail to flow to and from any number of burbs. This was accomplished using the two Sendmail daemons that are configured by default, plus adding an SMTP proxy running in the remaining burbs to allow mail to be forwarded to the one of the Sendmail daemons. Multiburb SMTP service worked well until failover and the concept of High Availability was introduced on Sidewinder G2. This document fills that gap by illustrating how to configure multiburb SMTP access on Sidewinder G2 in a load sharing High Availability (HA) environment. The discussion that follows assumes that the reader is familiar with basic Sidewinder G2 concepts and terminology including HA and load sharing. Please refer to the Sidewinder G2 Administration Guide for more information. Figure 1. Mail flowing from the DMZ mailhost to the Internet internal burb common IP address Sidewinder G2 internal burb Sendmail daemon external burb Sendmail process Internet filters SMTP proxy DMZ burb heartbeat burb DMZ mailhost DMZ burb common IP address A 3

4 Figure 2. Mail flowing from the Internet to the DMZ mailhost Sidewinder G2 internal burb external burb Internet Sendmail process Sendmail daemon filters internal burb common IP address SMTP proxy DMZ burb heartbeat burb DMZ mailhost Sample environment This discussion on multiburb SMTP service was developed using two Sidewinder G2 firewalls at version However, any Sidewinder G2 at version or later will also work. Even though this discussion centers around an HA load sharing environment, multiburb SMTP service will also work on a standalone Sidewinder G2. Note: For versions prior to , the configuration process may differ. The Sidewinder G2 in this example will be configured with four network interface cards (NICs). Each NIC is assigned to its own burb, as follows: Note: Multiburb SMTP service can be scaled to accommodate more than four burbs. external burb This is the Internet burb. The Internet burb Sendmail daemon will run in this burb. internal burb This is the burb relative to your organization's "internal" LAN. The internal burb Sendmail daemon will run in this burb. dmz burb This burb will provide access to a LAN for which we require service to and from the Internet A

5 heartbeat burb This burb and its associated NIC will serve as a conduit for HA-related communication between the Sidewinder G2s. One remote mailhost will operate relative to each burb (except for the heartbeat burb). The internal mailhost will process mail for domains in the internal LAN relative to the internal burb. The DMZ mailhost will serve the DMZ LAN relative to the dmz burb. Configuring multiburb Sendmail The following procedure provides the necessary steps for configuring multi-burb Sendmail in a load sharing HA environment. Configuration is accomplished using the Admin Console unless otherwise noted. Note: Refer to the online help for detailed information on any of the steps below. 1. Install a Sidewinder G2 in standalone mode. The Sidewinder G2 must have at least four NICs. 2. Configure four burbs (Firewall Configuration -> Burb Configuration). In this example, the four burbs are named external, internal, dmz, and heartbeat. 3. Configure each NIC, assigning a different burb to each NIC (Firewall Configuration -> Interface Configuration). 4. Configure transparent DNS (Tools -> Reconfigure DNS). Ensure that all DNS servers can perform a reverse lookup on all native firewall IP addresses as well as all cluster common IP addresses. Note: If you prefer to use Sidewinder-hosted DNS, ensure that the A records for the Sidewinder-hosted DNS servers reflect the cluster common IP address for the respective burb (and not the native IP address). 5. Configure secure split SMTP servers (Tools -> Reconfigure Mail). a. In the Internal SMTP Burb drop-down list, specify the internal burb. b. In the Internal SMTP Mail Server drop-down list, specify the internal mailhost. 6. Transition the Sidewinder G2 to HA load sharing using the State Change Wizard. To access the State Change Wizard, click the icon in the toolbar, or click on the appropriate Sidewinder G2 icon in the Admin Console tree, and click State Change Wizard. 7. Edit the M4 config file for the internal burb (Server Configuration -> Servers -> Sendmail -> Configuration. Locate the following line: DAEMON_OPTIONS(`Port=smtp, Name=MTA, M=f')dnl A 5

6 Edit the line as follows: DAEMON_OPTIONS(`Port=smtp, Name=MTA, Addr=clusterIP, M=f')dnl where cluster_ip is the internal burb cluster common IP address. This will force the Sendmail daemon to bind only to the cluster common IP address. This allows the SMTP proxy and a Sendmail daemon to run in the same burb. 8. Create the following network objects (Policy Configuration -> Rule Elements -> Network Objects): a. Create an IP address network object for the localhost or loopback address in the internal burb. Call this object internal_burb_localhost. b. Create an IP address network object for the cluster common IP address for the internal burb. Call this object internal_common_ip. 9. Create the following proxy rules (Policy Configuration -> Rules): a. Create a proxy rule that allows client connections to both the internal burb and external burb Sendmail daemons. b. Create a DNS proxy rule to allow the internal burb to query resolvers on the Internet. Ensure that this rule does not redirect to the Sidewinder G2. Use Host:localhost for the NAT address. c. Add both rules to the active rule group. 10. Configure the internal mailhost to send all outgoing mail from this mailhost to the Sidewinder G2. That is, on the internal mailhost, specify the Sidewinder G2 s cluster common IP address for the internal burb as the mail gateway. To take advantage of load sharing, be sure to specify the cluster common IP address and not the original native NIC IP address. 11. On the external burb, ensure that the cluster common IP address is the mail exchanger for all mail domains behind the Sidewinder G2. That is, relative to the external burb on the Sidewinder G2, set up DNS so that an MX query for any domain behind the Sidewinder G2 will result in the external burb cluster common IP address. 12. Enable the SMTP proxy in the internal burb A

7 At this point, we have configured a mail pipeline between the internal and external burbs. For the scope of this document, we will also add SMTP access to the DMZ burb. In this example, we do NOT want our internal mail hosts to directly connect to remote mail servers on the Internet. Nor do we want to have Internet mail servers directly connect to our mailhosts. So, we'll let the various mailhosts talk to the Sidewinder G2's Sendmail daemons on their respective sides of the Sidewinder G2. The Sendmail daemons will in turn talk to the SMTP proxy to deliver mail from/to the DMZ mailhost. Therefore, all outgoing mail for the DMZ burb must first pass through the internal burb Sendmail daemon, which will in turn forward the mail to the external burb for subsequent delivery to its destination. All incoming mail for the DMZ burb will first pass through the external burb Sendmail daemon. This will allow us to pass the mail through various filters on the Sidewinder G2 that will perform anti-spam checking, anti-relay checking, virus checking, and so on. Configuring SMTP access for additional burbs The following steps cover burb-specific configuration. Complete the following tasks for each burb for which you require SMTP access. In the following procedure, we are configuring SMTP access for the DMZ burb. 1. If you haven t already done so, create the DMZ burb and configure one of the NICs for use in this burb. Be sure to assign the appropriate burb to the NIC. 2. Assign a cluster common IP address to the network address for the NIC (select High Availability in the Admin Console tree). 3. Create the following network objects (Policy Configuration -> Rule Elements -> Network Objects): a. Create an IP address network object for the cluster common IP address for the DMZ burb. Call this object dmz_common_ip. b. Create an IP address object for the DMZ mailhost. Call this object dmz_mailhost A 7

8 4. Create the following SMTP proxy rules (Policy Configuration -> Rules): a. Create a proxy rule for the SMTP proxy that allows SMTP client sessions from dmz_mailhost in the dmz burb to dmz_common_ip in the dmz burb. Do NOT specify a NAT address for this rule. For the Redirect Host, specify internal_common_ip. b. Create a proxy rule for the SMTP proxy that allows SMTP client sessions from internal_burb_localhost in the internal burb to dmz_mailhost in the dmz burb. Specify Host: localhost as a NAT address for this rule. Do NOT specify a redirect host for this rule. c. Add both rules to the active rule group. 5. Update the internal burb Sendmail configuration to reflect any new domains (Server Configuration -> Servers ->Sendmail -> Configuration). d. Edit the internal burb Access Table and add entries for any new mail domains as needed to support your mail policy. e. Edit the external burb Mailer Table and add entries for any new mail domains. In this file, you will most likely add "burbmailer" entries. For example: dmz.net burbmailer-internal:localhost.dmz.net burbmailer-internal:localhost f. Edit the internal burb Mailer Table and add entries for any new mail domains. In this file, you'll most likely add mailhost entries. For example: dmz.net esmtp:mailhost.dmz.net.dmz.net esmtp:mailhost.dmz.net 6. Configure the DMZ mailhost to send all outgoing mail to the Sidewinder G2. That is, on the DMZ mailhost, specify the dmz burb cluster common IP address as the mail gateway. 7. Enable the SMTP proxy in the dmz burb. At this point, Sendmail access between all burbs is configured. Sendmail is greatly dependent upon DNS service. Misconfigured DNS causes a majority of the Sendmail delivery problems experienced with any Sendmail environment. Double-check your DNS proxy rules for correctness and be sure the DNS proxy is enabled in the internal and dmz burbs. (Ensure that mail flows through the primary Sidewinder G2 between all burbs that require mail service before adding a second Sidewinder G2 to your HA configuration.) 8. Update syncd by adding the Sendmail configuration directory to the list of files and directories that are replicated on the HA secondary. At a A

9 Sidewinder G2 command line, enter the following command: cf syncd add clone_entry path=/etc/sidewinder/ sendmail 9. Install the Sidewinder G2 that will serve as the HA secondary. Ensure the Sidewinder G2 includes the same number of NICs as the primary. In our example, the Sidewinder G2 will need four NICs. Configure the NICs and burbs to match the corresponding interface configuration on the HA primary. 10. Join the second Sidewinder G2 to the HA load sharing cluster. Remember to use the Admin Console to make any future Sendmail daemon configuration changes. Changes you make are not immediately replicated to the HA secondary Sidewinder G2. You will need to reboot the secondary Sidewinder G2 so that it will sync with the primary Sidewinder G A 9

10 Product names used within are trademarks of their respective owners. Copyright 2005 Secure Computing Corporation. All rights reserved.

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface How To Configure load sharing and redirect mail server traffic over preferred Gateway

More information

Configuring a VPN between a Sidewinder G2 and a NetScreen

Configuring a VPN between a Sidewinder G2 and a NetScreen A PPLICATION N O T E Configuring a VPN between a Sidewinder G2 and a NetScreen This document explains how to create a basic gateway to gateway VPN between a Sidewinder G 2 Security Appliance and a Juniper

More information

Email Configuration Network Management Card-2

Email Configuration Network Management Card-2 Email Configuration Network Management Card-2 AP9630, AP9631 and 2GrPDUs(AP8XXX) Email Overview The NMC can be configured to send email to up to four recipients when it encounters a problem or event selected

More information

NetSpective Global Proxy Configuration Guide

NetSpective Global Proxy Configuration Guide NetSpective Global Proxy Configuration Guide Table of Contents NetSpective Global Proxy Deployment... 3 Configuring NetSpective for Global Proxy... 5 Restrict Admin Access... 5 Networking... 6 Apply a

More information

This article describes a detailed configuration example that demonstrates how to configure Cyberoam to provide the access of internal resources.

This article describes a detailed configuration example that demonstrates how to configure Cyberoam to provide the access of internal resources. How To Configure Port Forwarding using Virtual Host to access devices on Internal network Applicable to versions 9.5.3 build 14 or above This article describes a detailed configuration example that demonstrates

More information

CipherMail Gateway Quick Setup Guide

CipherMail Gateway Quick Setup Guide CIPHERMAIL EMAIL ENCRYPTION CipherMail Gateway Quick Setup Guide October 10, 2015, Rev: 9537 Copyright 2015, ciphermail.com. CONTENTS CONTENTS Contents 1 Introduction 4 2 Typical setups 4 2.1 Direct delivery............................

More information

How to configure VLAN and route failover

How to configure VLAN and route failover How to configure VLAN and route failover This example requires a DFL-1600 or 2500 to be fully implemented. Most settings can however also be used on a DFL-210 or DFL-800. Two tag based VLANs will be created

More information

Figure 1: SPAM Filtering

Figure 1: SPAM Filtering Owner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de Configuring and using the E-Mail protection feature in Microsoft Forefront Threat Management

More information

Best Practices Revision A. McAfee Email Gateway 7.x Appliances

Best Practices Revision A. McAfee Email Gateway 7.x Appliances Best Practices Revision A McAfee Email Gateway 7.x Appliances COPYRIGHT Copyright 2012 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee, the McAfee logo, McAfee Active Protection,

More information

Quick Start Guide For Ipswitch Failover v9.0

Quick Start Guide For Ipswitch Failover v9.0 For Ipswitch Failover v9.0 Copyright 1991-2015 All rights reserved. This document, as well as the software described in it, is furnished under license and may be used or copied only in accordance with

More information

Network System Management. Creating an Active Directory Domain

Network System Management. Creating an Active Directory Domain Network System Management Creating an Active Directory Domain Objectives Identify the procedures involved in the promotion of a stand-alone Windows Server to an active directory services (ADS) domain controller

More information

Creating a Gateway to Client VPN between Sidewinder G2 and a Mac OS X Client

Creating a Gateway to Client VPN between Sidewinder G2 and a Mac OS X Client A P P L I C A T I O N N O T E Creating a Gateway to Client VPN between Sidewinder G2 and a Mac OS X Client This application note describes how to set up a VPN connection between a Mac client and a Sidewinder

More information

escan SBS 2008 Installation Guide

escan SBS 2008 Installation Guide escan SBS 2008 Installation Guide Following things are required before starting the installation 1. On SBS 2008 server make sure you deinstall One Care before proceeding with installation of escan. 2.

More information

1 You will need the following items to get started:

1 You will need the following items to get started: QUICKSTART GUIDE 1 Getting Started You will need the following items to get started: A desktop or laptop computer Two ethernet cables (one ethernet cable is shipped with the _ Blocker, and you must provide

More information

Configuring PPP And SIP

Configuring PPP And SIP Copyright Copyright 2005. All rights reserved. The content of this manual is subject to change without notice. The information and messages contained herein are proprietary to. No part of this manual may

More information

Mail Server Scenarios and Configurations

Mail Server Scenarios and Configurations Mail Server Scenarios and Configurations Scenario 1: Using Wingate as the main Mail Server on your network. Computers on your LAN (Local Area Network) Internet Computers In the example above you would

More information

Virtual Web Appliance Setup Guide

Virtual Web Appliance Setup Guide Virtual Web Appliance Setup Guide 2 Sophos Installing a Virtual Appliance Installing a Virtual Appliance This guide describes the procedures for installing a Virtual Web Appliance. If you are installing

More information

istorage Server: High Availability iscsi SAN for Windows Server 2012 Cluster

istorage Server: High Availability iscsi SAN for Windows Server 2012 Cluster istorage Server: High Availability iscsi SAN for Windows Server 2012 Cluster Tuesday, December 26, 2013 KernSafe Technologies, Inc www.kernsafe.com Copyright KernSafe Technologies 2006-2013.All right reserved.

More information

Core Protection Suite

Core Protection Suite Core Protection Suite Admin Guide Spam Soap, Inc. 3193 Red Hill Avenue Costa Mesa, CA 92626 United States p.866.spam.out f.949.203.6425 e. info@spamsoap.com www.spamsoap.com Contents EMAIL PROTECTION OVERVIEW...3

More information

Security Provider Integration RADIUS Server

Security Provider Integration RADIUS Server Security Provider Integration RADIUS Server 2015 Bomgar Corporation. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property

More information

Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide

Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide Microsoft Corporation Published: May 2010 Abstract This guide describes the steps for configuring Remote Desktop Connection

More information

How to Guide: StorageCraft Cloud Services VPN

How to Guide: StorageCraft Cloud Services VPN How to Guide: StorageCraft Cloud Services VPN CONTENTS Executive Summary...3 Setting up the VPN...4 Connecting to the VPN from a single computer...5 Providing a LAN site with access to the VPN...6 Conclusion...12

More information

Configuring SSL VPN on the Cisco ISA500 Security Appliance

Configuring SSL VPN on the Cisco ISA500 Security Appliance Application Note Configuring SSL VPN on the Cisco ISA500 Security Appliance This application note describes how to configure SSL VPN on the Cisco ISA500 security appliance. This document includes these

More information

F-Secure Messaging Security Gateway. Deployment Guide

F-Secure Messaging Security Gateway. Deployment Guide F-Secure Messaging Security Gateway Deployment Guide TOC F-Secure Messaging Security Gateway Contents Chapter 1: Deploying F-Secure Messaging Security Gateway...3 1.1 The typical product deployment model...4

More information

Technical Note. vsphere Deployment Worksheet on page 2. Express Configuration on page 3. Single VLAN Configuration on page 5

Technical Note. vsphere Deployment Worksheet on page 2. Express Configuration on page 3. Single VLAN Configuration on page 5 Technical Note The vfabric Data Director worksheets contained in this technical note are intended to help you plan your Data Director deployment. The worksheets include the following: vsphere Deployment

More information

Configuration Example

Configuration Example Configuration Example Set Up a Public Web Server Behind a Firebox Example configuration files created with WSM v11.10.1 Revised 7/21/2015 Use Case In this configuration example, an organization wants to

More information

Unified Threat Management

Unified Threat Management Unified Threat Management QUICK START GUIDE CR35iNG Appliance Document Version: PL QSG 35iNG/96000-10.04.5.0.007/250121014 DEFAULTS Default IP addresses Ethernet Port IP Address Zone A 172.16.16.16/255.255.255.0

More information

Security perimeter white paper. Configuring a security perimeter around JEP(S) with IIS SMTP

Security perimeter white paper. Configuring a security perimeter around JEP(S) with IIS SMTP Security perimeter white paper Configuring a security perimeter around JEP(S) with IIS SMTP Document control Document name: JEP(S) Security perimeter Author: Proxmea, Proxmea Last update: March 23, 2008

More information

Configuration Information

Configuration Information This chapter describes some basic Email Security Gateway configuration settings, some of which can be set in the first-time Configuration Wizard. Other topics covered include Email Security interface navigation,

More information

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN Applicable Version: 10.6.2 onwards Overview Virtual host implementation is based on the Destination NAT concept. Virtual

More information

McAfee Firewall Enterprise System Administration Intel Security Education Services Administration Course

McAfee Firewall Enterprise System Administration Intel Security Education Services Administration Course McAfee Firewall Enterprise System Administration Intel Security Education Services Administration Course The McAfee Firewall Enterprise System Administration course from McAfee University is a fast-paced,

More information

Virtual Managment Appliance Setup Guide

Virtual Managment Appliance Setup Guide Virtual Managment Appliance Setup Guide 2 Sophos Installing a Virtual Appliance Installing a Virtual Appliance As an alternative to the hardware-based version of the Sophos Web Appliance, you can deploy

More information

Installing Policy Patrol on a separate machine

Installing Policy Patrol on a separate machine Policy Patrol 3.0 technical documentation July 23, 2004 Installing Policy Patrol on a separate machine If you have Microsoft Exchange Server 2000 or 2003 it is recommended to install Policy Patrol on the

More information

I N S T A L L A T I O N M A N U A L

I N S T A L L A T I O N M A N U A L I N S T A L L A T I O N M A N U A L 2015 Fastnet SA, St-Sulpice, Switzerland. All rights reserved. Reproduction in whole or in part in any form of this manual without written permission of Fastnet SA is

More information

Network Configuration Settings

Network Configuration Settings Network Configuration Settings Many small businesses already have an existing firewall device for their local network when they purchase Microsoft Windows Small Business Server 2003. Often, these devices

More information

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions Find your network example: 1. Basic network with and 2 WAN lines - click here 2. Add a web server to the LAN - click here 3. Add a web,

More information

Security Provider Integration RADIUS Server

Security Provider Integration RADIUS Server Security Provider Integration RADIUS Server 2015 Bomgar Corporation. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property

More information

Configuration Information

Configuration Information Configuration Information Email Security Gateway Version 7.7 This chapter describes some basic Email Security Gateway configuration settings, some of which can be set in the first-time Configuration Wizard.

More information

Network Interface Upgrade

Network Interface Upgrade Sidewinder G 2 Security Appliance Version 6.1 Network Interface Upgrade About this document Thank you for ordering the quad port UTP (Unshielded Twisted Pair) PCI X Ethernet controller hardware component

More information

Configuring Global Protect SSL VPN with a user-defined port

Configuring Global Protect SSL VPN with a user-defined port Configuring Global Protect SSL VPN with a user-defined port Version 1.0 PAN-OS 5.0.1 Johan Loos johan@accessdenied.be Global Protect SSL VPN Overview This document gives you an overview on how to configure

More information

CONFIGURING MNLB FOR LOAD BALANCING EXCHANGE 2013 CU2 CAS SERVERS FOR HIGH AVAILABILITY

CONFIGURING MNLB FOR LOAD BALANCING EXCHANGE 2013 CU2 CAS SERVERS FOR HIGH AVAILABILITY CONFIGURING MNLB FOR LOAD BALANCING EXCHANGE 2013 CU2 CAS SERVERS FOR HIGH AVAILABILITY INFRASTRUCTURE CONFIGURATION 2 CAS Servers Virtual Machines running on Hyper-V Windows Server 2013 R2 Generation

More information

What is the Barracuda SSL VPN Server Agent?

What is the Barracuda SSL VPN Server Agent? The standard communication model for outgoing calls is for the appliance to simply make a direct connection to the destination host. This paradigm does not suit all business needs. The Barracuda SSL VPN

More information

Sophos UTM Software Appliance

Sophos UTM Software Appliance Sophos UTM Software Appliance Quick Start Guide Product version: 9.300 Document date: Monday, December 01, 2014 Sophos UTM Minimum Hardware Requirements Intel compatible CPU 1.5 GHz+ 1 GB RAM (2 GB recommended)

More information

Configuring Trend Micro Content Security

Configuring Trend Micro Content Security 9 CHAPTER This chapter describes how to configure the CSC SSM using the CSC Setup Wizard in ASDM and the CSC SSM GUI, and includes the following sections: Information About the CSC SSM, page 9-1 Licensing

More information

F-SECURE MESSAGING SECURITY GATEWAY

F-SECURE MESSAGING SECURITY GATEWAY F-SECURE MESSAGING SECURITY GATEWAY DEFAULT SETUP GUIDE This guide describes how to set up and configure the F-Secure Messaging Security Gateway appliance in a basic e-mail server environment. AN EXAMPLE

More information

MailFoundry Users Manual. MailFoundry User Manual Revision: MF2005071100 Copyright 2005, Solinus Inc. All Rights Reserved

MailFoundry Users Manual. MailFoundry User Manual Revision: MF2005071100 Copyright 2005, Solinus Inc. All Rights Reserved MailFoundry User Manual Revision: MF2005071100 Copyright 2005, Solinus Inc. All Rights Reserved Page 1 of 91 Chapter 1: Introduction... 4 What are Spam Profiles?... 4 Models Covered In This Manual... 4

More information

Authenticating SSL VPN users using LDAP

Authenticating SSL VPN users using LDAP Authenticating SSL VPN users using LDAP This example illustrates how to configure a FortiGate to use LDAP authentication to authenticate remote SSL VPN users. With a properly configured LDAP server, user

More information

VMware Identity Manager Connector Installation and Configuration

VMware Identity Manager Connector Installation and Configuration VMware Identity Manager Connector Installation and Configuration VMware Identity Manager This document supports the version of each product listed and supports all subsequent versions until the document

More information

HTG XROADS NETWORKS. Network Appliance How To Guide: EdgeDNS. How To Guide

HTG XROADS NETWORKS. Network Appliance How To Guide: EdgeDNS. How To Guide HTG X XROADS NETWORKS Network Appliance How To Guide: EdgeDNS How To Guide V 3. 2 E D G E N E T W O R K A P P L I A N C E How To Guide EdgeDNS XRoads Networks 17165 Von Karman Suite 112 888-9-XROADS V

More information

Creating a Gateway to Gateway VPN between Sidewinder G2 and Linux

Creating a Gateway to Gateway VPN between Sidewinder G2 and Linux A PPLICATION N O T E Creating a Gateway to Gateway VPN between Sidewinder G2 and Linux This application note describes how to set up an IPsec VPN connection between a Linux host and a Sidewinder G2 Security

More information

How-to: HTTP-Proxy and Radius Authentication and Windows IAS Server settings. Securepoint Security System Version 2007nx

How-to: HTTP-Proxy and Radius Authentication and Windows IAS Server settings. Securepoint Security System Version 2007nx Securepoint Security System Version 2007nx HTTP proxy authentication with radius to a Windows 2003 server The Remote Authentication Dial-In User Service (RADIUS) is a client-server-protocol which is used

More information

Device Interface IP Address Subnet Mask Default Gateway

Device Interface IP Address Subnet Mask Default Gateway Felix Rohrer Topology Diagram Addressing Table Device Interface IP Address Subnet Mask Default Gateway S1 VLAN 99 192.168.99.11 255.255.255.0 192.168.99.1 S2 VLAN 99 192.168.99.12 255.255.255.0 192.168.99.1

More information

Installation Guide Revision B. McAfee Email Gateway 7.x Virtual Appliances

Installation Guide Revision B. McAfee Email Gateway 7.x Virtual Appliances Installation Guide Revision B McAfee Email Gateway 7.x Virtual Appliances COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee, the McAfee logo, McAfee Active

More information

Guideline for setting up a functional VPN

Guideline for setting up a functional VPN Guideline for setting up a functional VPN Why do I want a VPN? VPN by definition creates a private, trusted network across an untrusted medium. It allows you to connect offices and people from around the

More information

Gigabyte Content Management System Console User s Guide. Version: 0.1

Gigabyte Content Management System Console User s Guide. Version: 0.1 Gigabyte Content Management System Console User s Guide Version: 0.1 Table of Contents Using Your Gigabyte Content Management System Console... 2 Gigabyte Content Management System Key Features and Functions...

More information

Installing GFI MailSecurity

Installing GFI MailSecurity Installing GFI MailSecurity Introduction This chapter explains how to install and configure GFI MailSecurity. You can install GFI MailSecurity directly on your mail server or you can choose to install

More information

Configuring a LAN SIParator. Lisa Hallingström Paul Donald Bogdan Musat Adnan Khalid Per Johnsson Rickard Nilsson

Configuring a LAN SIParator. Lisa Hallingström Paul Donald Bogdan Musat Adnan Khalid Per Johnsson Rickard Nilsson Configuring a LAN SIParator Lisa Hallingström Paul Donald Bogdan Musat Adnan Khalid Per Johnsson Rickard Nilsson Table of Contents LAN SIParator...3 Networks and Computers...3 Topology...4 Basic...4 Filtering...5

More information

axsguard Gatekeeper Internet Redundancy How To v1.2

axsguard Gatekeeper Internet Redundancy How To v1.2 axsguard Gatekeeper Internet Redundancy How To v1.2 axsguard Gatekeeper Internet Redundancy How To v1.2 Legal Notice VASCO Products VASCO data Security, Inc. and/or VASCO data Security International GmbH

More information

Cannot send Autosupport e-mail, error message: Unknown User

Cannot send Autosupport e-mail, error message: Unknown User Cannot send Autosupport e-mail, error message: Unknown User Symptoms Unable to send Autosupport e-mails and the following error message is reported: asup.smtp.fail http://now.netapp.com/eservice/ems?emsaction=details&eventid=200573&software=ontap&em

More information

Load-Balanced Merak Mail Server

Load-Balanced Merak Mail Server Load-Balanced Merak Mail Server The most powerful solution for high traffic performance is to deploy Merak Mail Server in a load-balanced environment. This solution is shown in the demonstration below:

More information

Introduction to the EIS Guide

Introduction to the EIS Guide Introduction to the EIS Guide The AirWatch Enterprise Integration Service (EIS) provides organizations the ability to securely integrate with back-end enterprise systems from either the AirWatch SaaS environment

More information

Setting up Microsoft Office 365

Setting up Microsoft Office 365 Setup Guide Revision F Using McAfee SaaS Email Protection to Secure Exchange Online in Microsoft Office 365 Setting up Microsoft Office 365 Use this guide to configure Microsoft Office 365 and Microsoft

More information

Setting up Microsoft Office 365

Setting up Microsoft Office 365 Integration Guide Revision G McAfee SaaS Email Protection Securing Exchange Online in Microsoft Office 365 Setting up Microsoft Office 365 Use this guide to configure Microsoft Office 365 and Microsoft

More information

Serial Deployment Quick Start Guide

Serial Deployment Quick Start Guide PaperClip em 4 11/19/2007 Serial Deployment Quick Start Guide This checklist should be completed before installing the em4 Relay. Your answers with the associated screens will enable you to install and

More information

Email Services Deployment. Administrator Guide

Email Services Deployment. Administrator Guide Email Services Deployment Administrator Guide Email Services Deployment Guide Documentation version: 1.0 Legal Notice Legal Notice Copyright 2013 Symantec Corporation. All rights reserved. Symantec, the

More information

Firewall Defaults, Public Server Rule, and Secondary WAN IP Address

Firewall Defaults, Public Server Rule, and Secondary WAN IP Address Firewall Defaults, Public Server Rule, and Secondary WAN IP Address This quick start guide provides the firewall defaults and explains how to configure some basic firewall rules for the ProSafe Wireless-N

More information

How to use mobilecho with Microsoft Forefront Threat Management Gateway (TMG)

How to use mobilecho with Microsoft Forefront Threat Management Gateway (TMG) How to use mobilecho with Microsoft Forefront Threat Management Gateway (TMG) Introduction Understanding Forefront Threat Management Gateway (TMG) Network Topology Understanding Forefront Threat Management

More information

How to configure your Thomson SpeedTouch 780WL for ADSL2+

How to configure your Thomson SpeedTouch 780WL for ADSL2+ How to configure your Thomson SpeedTouch 780WL for ADSL2+ Connecting up your router This guide assumes that you have successfully: unpacked your router connected it up to your phone socket using the DSL

More information

StarWind Virtual SAN Installation and Configuration of Hyper-Converged 2 Nodes with Hyper-V Cluster

StarWind Virtual SAN Installation and Configuration of Hyper-Converged 2 Nodes with Hyper-V Cluster #1 HyperConverged Appliance for SMB and ROBO StarWind Virtual SAN Installation and Configuration of Hyper-Converged 2 Nodes with MARCH 2015 TECHNICAL PAPER Trademarks StarWind, StarWind Software and the

More information

Application Note. Configuring McAfee Firewall Enterprise for McAfee Web Protection Service

Application Note. Configuring McAfee Firewall Enterprise for McAfee Web Protection Service Application Note Configuring McAfee Firewall Enterprise for McAfee Web Protection Service This document explains how to configure McAfee Firewall Enterprise (Sidewinder ) to redirect all web traffic to

More information

Cyberoam Virtual Security Appliance - Installation Guide for XenServer. Version 10

Cyberoam Virtual Security Appliance - Installation Guide for XenServer. Version 10 Cyberoam Virtual Security Appliance - Installation Guide for XenServer Version 10 Document Version 10.6.1-01/07/2014 Contents Preface... 4 Base Configuration... 4 Installation Procedure... 4 Cyberoam Virtual

More information

Configuring Failover

Configuring Failover Configuring Failover 2015 Bomgar Corporation. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property of their respective

More information

EXPRESSCLUSTER X for Windows Quick Start Guide for Microsoft SQL Server 2014. Version 1

EXPRESSCLUSTER X for Windows Quick Start Guide for Microsoft SQL Server 2014. Version 1 EXPRESSCLUSTER X for Windows Quick Start Guide for Microsoft SQL Server 2014 Version 1 NEC EXPRESSCLUSTER X 3.x for Windows SQL Server 2014 Quick Start Guide Document Number ECX-MSSQL2014-QSG, Version

More information

Load Balancing for esafe Gateway 3.0 when using Alteon s AD2 or AD3

Load Balancing for esafe Gateway 3.0 when using Alteon s AD2 or AD3 Load Balancing for esafe Gateway 3.0 when using Alteon s AD2 or AD3 page 3 Load Balancing for esafe Gateway 3.0 when using Alteon s AD2 or AD3 This document describes how to setup and configure Alteon

More information

Creating an ESS instance on the Amazon Cloud

Creating an ESS instance on the Amazon Cloud Creating an ESS instance on the Amazon Cloud Copyright 2014-2015, R. James Holton, All rights reserved (11/13/2015) Introduction The purpose of this guide is to provide guidance on creating an Expense

More information

Owner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de

Owner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de Owner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de Microsoft Forefront TMG How to use TMG network templates Abstract In this article I will show

More information

Barracuda IM Firewall Administrator s Guide

Barracuda IM Firewall Administrator s Guide Barracuda IM Firewall Administrator s Guide Version 3.0 Barracuda Networks Inc. 3175 S. Winchester Blvd Campbell, CA 95008 http://www.barracuda.com Copyright Notice Copyright 2007, Barracuda Networks www.barracuda.com

More information

Installing and Configuring vcloud Connector

Installing and Configuring vcloud Connector Installing and Configuring vcloud Connector vcloud Connector 2.7.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new

More information

Dell Desktop Workspace 4.1.2. Architecture Planning Guide

Dell Desktop Workspace 4.1.2. Architecture Planning Guide Dell Copyright 2014 Moka5, Inc. All rights reserved. Moka5, MokaFive, LivePC, and the Moka5 logo are trademarks of Moka5, Inc. All other product or company names may be trademarks of their respective owners.

More information

Load Balancing Web Proxies Load Balancing Web Filters Load Balancing Web Gateways. Deployment Guide

Load Balancing Web Proxies Load Balancing Web Filters Load Balancing Web Gateways. Deployment Guide Load Balancing Web Proxies Load Balancing Web Filters Load Balancing Web Gateways Deployment Guide rev. 1.4.9 Copyright 2015 Loadbalancer.org, Inc. 1 Table of Contents About this Guide... 3 Appliances

More information

Application Description

Application Description Application Description Firewall in front of LAN Different Servers located behind Firewall Firewall to be accessible from Internet Load Balancer to be installed in a TRANSPARENT MODE between Firewall and

More information

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1 Smart Tips Enabling WAN Load Balancing Overview Many small businesses today use broadband links such as DSL or Cable, favoring them over the traditional link such as T1/E1 or leased lines because of the

More information

Security Provider Integration LDAP Server

Security Provider Integration LDAP Server Security Provider Integration LDAP Server 2015 Bomgar Corporation. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property

More information

Architecture. The DMZ is a portion of a network that separates a purely internal network from an external network.

Architecture. The DMZ is a portion of a network that separates a purely internal network from an external network. Architecture The policy discussed suggests that the network be partitioned into several parts with guards between the various parts to prevent information from leaking from one part to another. One part

More information

Lesson Plans Managing a Windows 2003 Network Infrastructure

Lesson Plans Managing a Windows 2003 Network Infrastructure Lesson Plans Managing a Windows 2003 Network Infrastructure (Exam 70-291) Table of Contents Course Overview... 2 Section 0.1: Introduction... 3 Section 1.1: Client Configuration... 4 Section 1.2: IP Addressing...

More information

Load Balancing Exchange 2007 SP1 Hub Transport Servers using Windows Network Load Balancing Technology

Load Balancing Exchange 2007 SP1 Hub Transport Servers using Windows Network Load Balancing Technology Load Balancing Exchange 2007 SP1 Hub Transport Servers using Windows Network Load Balancing Technology Introduction Exchange Server 2007 (RTM and SP1) Hub Transport servers are resilient by default. This

More information

Deploying System Center 2012 R2 Configuration Manager

Deploying System Center 2012 R2 Configuration Manager Deploying System Center 2012 R2 Configuration Manager This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.

More information

Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010

Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010 Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010 This document describes the different types of Unisphere management stations and tells how to install

More information

1.6 HOW-TO GUIDELINES

1.6 HOW-TO GUIDELINES Version 1.6 HOW-TO GUIDELINES Setting Up a RADIUS Server Stonesoft Corp. Itälahdenkatu 22A, FIN-00210 Helsinki Finland Tel. +358 (9) 4767 11 Fax. +358 (9) 4767 1234 email: info@stonesoft.com Copyright

More information

1001-001-001. Configure SMTP E-Mail in IIS 7

1001-001-001. Configure SMTP E-Mail in IIS 7 1001-001-001 Configure SMTP E-Mail in IIS 7 Contents Configure SMTP E-Mail in IIS 7 REQUIREMENTS AND RECOMMENDATION DISCLAIMER... 3 INSTALL SMTP... 5 CONFIGURE RELAY FOR SMTP VIRTUAL SERVER... 6 CONFIGURE

More information

MailMarshal SMTP in a Load Balanced Array of Servers Technical White Paper September 29, 2003

MailMarshal SMTP in a Load Balanced Array of Servers Technical White Paper September 29, 2003 Contents Introduction... 1 Network Load Balancing... 2 Example Environment... 5 Microsoft Network Load Balancing (Configuration)... 6 Validating your NLB configuration... 13 MailMarshal Specific Configuration...

More information

Setting Up Sharp MX-Color Imagers To Scan To Email

Setting Up Sharp MX-Color Imagers To Scan To Email Setting Up Sharp MX-Color Imagers To Scan To Email MX-2300, MX-2600, MX-2700, MX-3100, MX-3501, MX-4501, MX-5500, MX-6200, MX-6201, MX-7000, MX-7001, MX-M850, MX-M950, MX-M1100 Step 1. Click Start > Run

More information

QUICK START GUIDE. Cisco C170 Email Security Appliance

QUICK START GUIDE. Cisco C170 Email Security Appliance 1 0 0 1 QUICK START GUIDE Email Security Appliance Cisco C170 303357 Cisco C170 Email Security Appliance 1 Welcome 2 Before You Begin 3 Document Network Settings 4 Plan the Installation 5 Install the Appliance

More information

Darstellung Unterschied ZyNOS Firmware Version 4.02 => 4.03

Darstellung Unterschied ZyNOS Firmware Version 4.02 => 4.03 Darstellung Unterschied ZyNOS Firmware Version 4.02 => 4.03 1 - ZyWALL Firmware v4.03 Enhancement (1) - Content Filter Support for Multiple Policies : : November 14, 2007 2 - ZyWALL Firmware v4.03 Enhancement

More information

www.mvatcybernet.com PRODUCT VERSION: LYNC SERVER 2010, LYNC SERVER 2013, WINDOWS SERVER 2008

www.mvatcybernet.com PRODUCT VERSION: LYNC SERVER 2010, LYNC SERVER 2013, WINDOWS SERVER 2008 PRODUCT VERSION: LYNC SERVER 2010, LYNC SERVER 2013, WINDOWS SERVER 2008 With Forefront Threat Management Gateway 2010 now discontinued, we sought a suitable reverse proxy solution that works with Lync

More information

Barracuda Link Balancer

Barracuda Link Balancer Barracuda Networks Technical Documentation Barracuda Link Balancer Administrator s Guide Version 2.2 RECLAIM YOUR NETWORK Copyright Notice Copyright 2004-2011, Barracuda Networks www.barracuda.com v2.2-110503-01-0503

More information

VMware vcenter Log Insight Getting Started Guide

VMware vcenter Log Insight Getting Started Guide VMware vcenter Log Insight Getting Started Guide vcenter Log Insight 1.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by

More information

Application Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder )

Application Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder ) Application Note Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder ) This document describes how to configure McAfee Firewall Enterprise to provide

More information

Owner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de

Owner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de Owner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de Microsoft Forefront TMG How to use SQL Server 2008 Express Reporting Services Abstract In this

More information

Load Balancing & High Availability

Load Balancing & High Availability Load Balancing & High Availability 0 Optimizing System Resources through Effective Load Balancing An IceWarp White Paper October 2008 www.icewarp.com 1 Background Every server is finite. Regardless of

More information