Frequently Asked Questions



Similar documents
SonicWALL Security Appliance Administrator Guide

Security 7.4 Administrator s Guide

SonicWALL Security Solutions SonicWALL Security

Security 8.0 Administrator s Guide

System Compatibility. Enhancements. Operating Systems. Hardware Requirements. Security

System Compatibility. Enhancements. Security. SonicWALL Security Appliance Release Notes

F-Secure Messaging Security Gateway. Deployment Guide

SonicWALL Security Quick Start Guide. Version 4.6

Installing GFI MailSecurity

Installing GFI MailEssentials

SonicWALL Security Appliance

Installing GFI MailSecurity

eprism Security Appliance 6.0 Release Notes What's New in 6.0

Configuration Information

Installing GFI MailEssentials

Quick Scan Features Setup Guide. Scan to Setup. See also: System Administration Guide: Contains details about setup.

Barracuda Spam Firewall User s Guide

1 Introduction About this manual Terms and conventions used in this manual 12

See the Sample Scenario Section at the end of this document for a description of when these components are applied.

Deployment Guide. For the latest version of this document please go to:

How To Manage Spam On A Webmail Website On A Pc Or Mac Or Mac (For A Webcomic) On A Mac Or Ipa (For An Ipa) On An Ipam (For Free) On Your Pc Or Ipam

Dell SonicWALL Hosted Security. Administration Guide

User Guide Online Backup

Quick Scan Features Setup Guide

Core Protection Suite

Serial Deployment Quick Start Guide

provides several new features and enhancements, and resolves several issues reported by WatchGuard customers.

Sophos Appliance Configuration Guide

Core Filtering Admin Guide

CYAN SECURE WEB APPLIANCE. User interface manual

GFI Product Manual. Getting Started Guide

Sophos Appliance Configuration Guide

Eiteasy s Enterprise Filter

Configuring Security for SMTP Traffic

SonicWALL WAN Acceleration FAQ Document

Implementing MDaemon as an Security Gateway to Exchange Server

Barracuda Spam Firewall Administrator s Guide

This course is intended for IT professionals who are responsible for the Exchange Server messaging environment in an enterprise.

Funkwerk UTM Release Notes (english)

Hosted Security Quick Start Guide

Analyzer 7.1 Administrator s Guide

WhatsUp Gold v16.3 Installation and Configuration Guide

Web. Anti- Spam. Disk. Mail DNS. Server. Backup

Best Practices Revision A. McAfee Gateway 7.x Appliances

Release Notes for Websense Security v7.2

Chapter 6: ScanMail emanager

Configuration Information

IceWarp to IceWarp Server Migration

BUILT FOR YOU. Contents. Cloudmore Exchange

Websense Security Transition Guide

Overview of WebMux Load Balancer and Live Communications Server 2005

Lesson Plans Configuring Exchange Server 2007

המרכז ללימודי חוץ המכללה האקדמית ספיר. ד.נ חוף אשקלון טל' פקס בשיתוף עם מכללת הנגב ע"ש ספיר

Introduction. SonicWALL Security

Configuration Guide. Websense Web Security Solutions Version 7.8.1

Hosted Security Administrator s Guide

Filter. SurfControl Filter 5.0 for SMTP Getting Started Guide. The World s #1 Web & Filtering Company

SonicWALL Security 4.6 Administrator's Guide

SonicWALL Anti-Spam Desktop User Guide

GRAVITYZONE HERE. Deployment Guide VLE Environment

Technical White Paper BlackBerry Enterprise Server

NETASQ MIGRATING FROM V8 TO V9

Setting up Microsoft Office 365

Installing GFI FAXmaker

PureMessage for Microsoft Exchange startup guide

1 Introduction About this manual Terms and conventions used in this manual 12

Barracuda IM Firewall Administrator s Guide

How To Set Up A Barcuda Server On A Pc Or Mac Or Mac (For Free) With A Webmail Server (For A Limited Time) With An Ipad Or Ipad (For An Ipa) With The Ip

How To Get The Most Out Of Your From Your Mail Server (For A Small Business)

Fus - Exchange ControlPanel Admin Guide Feb V1.0. Exchange ControlPanel Administration Guide

Guardian Digital Secure Mail Suite Quick Start Guide

AND SERVER SECURITY

FortiMail Filtering Course 221-v2.2 Course Overview

Novell Open Workgroup Suite

1 You will need the following items to get started:

Setting up Microsoft Office 365

Barracuda Message Archiver Administrator s Guide

Evaluation Guide. eprism Messaging Security Suite V8.200

Feature Comparison Guide

Agency Pre Migration Tasks

The Leading Security Suites

MDaemon Vs. Microsoft Exchange Server 2013 Standard

GlobalSCAPE DMZ Gateway, v1. User Guide

Hosted Security 2.0 Quick Start Guide

Cisco Cloud Security Interoperability with Microsoft Office 365

Secure at all times. Protection systems are continuously updated so you have complete peace of mind.

A Guide to New Features in Propalms OneGate 4.0

Comprehensive Anti-Spam Service

WatchGuard XCSv Setup Guide

AND SERVER SECURITY

1 Introduction About this manual Terms and conventions used in this manual 11

Small Business Server Part 2

Government of Canada Managed Security Service (GCMSS) Annex A-5: Statement of Work - Antispam

Installing GFI MailEssentials

Frequently Asked Questions

Configuration Guide BES12. Version 12.3

Migration Project Plan for Cisco Cloud Security

Transcription:

Questions and Answers Questions About Platform, Requirements, and Capabilities What is the difference between a SonicWALL Appliance and Software SonicWALL Email Security? The hardware version is a Linux appliance and the software version is meant to run on a Windows platform with a minimum of 1GB of additional memory. The appliance platform eliminates server administration yet provides the same features as the software version. The software version allows for customizable drive space (useful for archiving data to the CC or external SMTP server if the appliance SES hard drive capacity will be exceeded) as well as backup options but requires a windows platform as well as hardware. The appliance does not allow for customizable drive space and has more limited backup options but is a self-contained solution. Comparison Title

2

What is SonicWALL Time Zero virus filtering? SonicWALL's Time Zero Virus Technology uses a combination of Predictive and Responsive techniques to identify messages with a possible virus. This technology is most useful when a virus first appears and before a virus signature is available to identify, stop and clean the virus. This is an advanced technique provided by SonicWALL to protect against new virus threats. It protects the systems even when new signatures are not in place to combat the virus threat. Can we run SES as a hosted solution? How can I configure SES in a hosted environment (multi-tenant)? Yes, SES can run as a hosted solution. It should be configured to be a first touch server for all the domains for which SES would accept mails. Someone else hosts my email, will an SES appliance work for me? If your ISP handles your mail for you, you cannot use the Linux-based SonicWALL Appliances or Software. You can run the SonicWALL Anti-Spam Desktop Software to protect your email account from junk mail. The Anti-Spam Desktop works only with Outlook and Outlook Express on Windows computers. This user-level product delivers many of the same features delivered by our server products. What are the product's capabilities for filtering non-english spam, including double-byte encoded languages like Chinese and Japanese? SES allows the creation of rules such as "block all Russian" or "block all Chinese." A total of 17 languages, including English, are supported. It also supports the creation of "allow all" rules such as "allow all French" for each of the 17 languages. The product also uses other techniques specifically targeting non-english spam - special word lists and thumbprints. Target languages include French, German, Spanish, Chinese, Japanese and Russian. How many mails per hour can an ES appliance process? How many emails do you process in a minute per hour per day? How many mails can each ES model handle per hour? How many mails can ES process during peak hours? The real number depends on a number of factors unique to your company. In general, the SonicWALL Email Security system easily processes between 250,000 and 500,000 messages per day (3,000,000 under ideal conditions for the ES8000). How do you stop image spam? How does your solution block the trickier types of spam like image-based spam? How does SES detect and block junk messages in pictures? The message is all in a graphic, not text. SonicWALL has added Image Thumbprinting, which considers image identifiers in the evaluation of messages. These image thumbprints are created by the SonicWALL SMART Network (over 1 million users worldwide) and through autojunking technology on SonicWALL honeypots and spam feeds. SonicWALL Email Security pulls these thumbprints from SonicWALL datacenters to catch these image spams. In addition, images are converted to black and white and then sent to an OCR. What kind of performance hit should I expect when not using DHA on email security? What is the performance hit when I turn on McAfee and/or Kaspersky AV? You should expect a performance impact if you are not already using reject mode, but the effect may vary if you are using the IP Reputation feature. For most customers, 60-90% of junk email is DHA. Baseline first for comparison. 3

Can GMS manage? SonicWALL GMS (Global Management System) can monitor ES by enabling GMS in SNCWLCLI and then add the ES to the SNMP Net Monitor in SGMS. Policies from GMS cannot be pushed to SES. See : How to use SNMP Net Monitoring with in the SonicWALL Knowledge Portal. Does SES support multiple domains? Yes. SES can support multiple domains such as parent and child domains or completely new domains. What kind of mail server does SES support? SES can use any mail server that uses SMTP but does not support POP3/IMAP. Does ES support non-smtp protocols? Only SMTP is used; SonicWALL does not support POP3 (except for ASD). How does ES impact my Blackberry/Windows Mobile/other handheld client? PDAs and SmartPhones are not affected by SES and rely solely on the mail server. If the McAfee AV subscription expires, can I use the old signatures left over on SES? Old signatures could be used but messages will not receive protection from new threats. SES would scan with old signatures for a period of 7 days. Is there a CDP agent to back up SES? No, the CDP agent doesn t run on SES. What happens if I have 1 CC / RA as well as an RA machine in HA and the machine holding the CC fails? SES will still function but there will be no junk box access and configuration changes are not allowed until an RA can be promoted to CC. What happens if someone sends mail to non-existent recipients in my company? The mail is considered DHA (if using LDAP) and can be handled in a variety of ways. Which mail systems are supported? Do you work with Novell e-directory as well? SES will work seamlessly with almost any directory server as long as it strongly supports RFC. How does the SES appliance handle emails with attachments containing viruses? All attachments are scanned for viruses, however SES cannot scan password-encrypted files. 4

Questions About Configuration What is the best practice for setting up ES in a non-ldap environment? SES can be set up without an LDAP server if your organization does not use a directory server, however DHA prevention will be disabled without LDAP. What is the best practice for setting up ES in a load-balanced and/or redundant mode? Set up multiple ES devices in the DMZ utilizing a UTM to load balance inbound SMTP traffic. Another option is to setup ES as the first-touch/last-touch server in the DMZ and use multiple MX records with the same priority or define multiple A records in your DNS zone with the same name and different IP addresses. How do I configure the SES for use with multiple LDAP domains? Can I connect SES to multiple LDAP domains or authentication servers? SES 7.0, recently released, has this capability. Do you need an LDAP Server to use ES? Does SES need a directory server? (like AD, LDAP) No, LDAP is not necessary but is recommended. Users must be added manually and there will be no DHA prevention. How do I import custom black lists? Go to Anti-Spam, Anti-Phishing -> Black List Services. Select Add to import custom black list. How do I install the Asian Pack so I stop getting spammed with e-mails saying I need to install this pack? The language pack is provided by Microsoft Windows Server for installation. How do I setup HA with? MX records, multiple CCs, multiple RAs? Can the SES be installed in hardware failover mode like the firewall? Is there any HA arrangement to protect my mail flow uninterrupted? Can I install multiple ES appliances to share the load? What is the minimum requirement for an HA setup? Can I use this solution in a load balanced or redundant fashion? There is no High Availability setup for the CC (Control Center) appliance; however, an accepted solution is to have a CC and an RA (Remote Analyzer) - see 6.x Administrator's Guide - Adding a Server for Split Architecture. A CC can also be configured as an RA and the SW SES can have two load-balanced CC servers. When configuring inbound and outbound email flows is it better to use Proxy mode or MTA mode? If inbound is configured with no filtering, always use proxy mode; otherwise, there is no need to use MTA. 5

When should you use MTA versus mail proxy? You will want to use the ES in MTA mode when you want to queue the mails temporarily on disk and then retry for delivery later when your downstream server is online. Proxy could be used only for a single downstream server. It is faster than MTA mode. Disadvantage: If the downstream server is down there will be no mail flow from ES. MTA mode gives many options of configuration. It really depends upon network architecture and placement of the downstream server. This is always ON even when downstream server is down. Can I configure some users to have access to their filtering profiles and some not to have access? Yes, this option can be configured by applying filters to only specific users or groups. You must have an LDAP server. How do I access configuration files on the SES appliance like I do with the software version? Configuration files for the appliance cannot be accessed. All configuration settings, junk box, archive, and reports data are snapshot to a file, which is used to restore the appliance. What Ports are used for? SonicWALL uses ports: 25 (SMTP), 53 (DNS), 389 (LDAP), 636 (LDAPS), 80 (HTTP), 443 (HTTPS), 2599 (replication), and port 3050 (Firebird). Does SES require any DNS change during installation? DNS changes are not necessarily required; SES just needs to be defined in the mail flow. If SES is running as a first touch server, then the DNS records may need to be changed as well as appropriate NAT changes to direct port 25 to SES. Questions About Licensing Why do I need to buy the transition SKU? A transition SKU was needed to facilitate license transfers when MailFrontier was first acquired by SonicWALL. Do I need to have the same licenses on the CC as the RA? As of release 6.x, the same license on the CC can be used for any number of RAs if the devices are registered under the same mysonicwall account. Refer to "How to setup / breakdown cluster licensing" at https://www.mysonicwall.com/user/partnerportalredirect.aspx?app=knpan SW licensing: can it be loaded on multiple machines, what do I need if I have a split architecture? In a distributed system, how do I license the individual RAs and CC for X number of total users with AV? A set of licenses can't be used on multiple system unless they are running in a split mode. If you are running in split mode with a version 6.2 or above, you can license the entire cluster (CCs & RAs involved in that setup) with one set of licenses. However, you need to follow a few steps to take advantage of this cluster feature: 1. Register all products you plan to use in the cluster under the same mysonicwall account. 2. Log into your mysonicwall account and identify the machines that you want to cluster. Set up a cluster on mysonicwall assigning a specific unit as a CC (primary) and the others as RAs (secondary). 6

3. Licenses applied to the CC are then automatically copied to RAs in that cluster and will be eventually pulled by units. If you want to move a machine out of the split mode, you need to take it out of the cluster on mysonicwall and buy separate licenses for it. Prior to 6.2, the licensing model required one set of licenses per system. What if I buy an appliance for xxx users and my company keeps growing do I need to buy a new appliance? Consider split mode configuration and adding an RA for scalability. Depending upon the number of users and mail flow, the recommended limitations are: 1-500 for ES300, 1-1000 for ES500, 1-5000 for ES6000, and 1-10,000 for ES8000. What is deemed a node or user in SES? (is it a mailbox, an Exchange account, an SMTP address, etc..), and can I upgrade node count later on? A node is a mailbox (excluding aliases) in SES and the user count can be upgraded provided that the user limitations of the appliance has not been exceeded. Refer to ES product comparison at: http://www.sonicwall.com/us/products/email_security_anti-spam_comparison_197.html for detailed information. How many domains can you add to the email security appliance? The number of domains supported is mainly dependent upon hardware, number of users, and the number of messages to be processed. Questions About Operation Where is the Reports database located? By default, the database is located in <drive>:\program Files\SonicWallES\reportdb\<hostname> What about encryption? How do I turn it on selectively? Do you recommend an encryption product the works with the SES? Do you have procedures to set it up? Mail can be forwarded to an encryption server. SES supports filtering to selectively send mail to an encryption server. For example: HIPAA dictionary is used in filtering email for medical terms; if any are found, the email can be routed to the encryption server (refer to ES Administrators Guide under Policy Management). How do I recover from lost login password and IP? If the software SES is used, rename the accounts.xml file with a.old extension (the accounts.xml file is located in the data directory) and restart the server as this will create a new accounts.xml file with default values. If using the appliance, connect directly to the appliance with a monitor and PS2 keyboard and restart the appliance. Press the tab key several times during bootup to access boot options. Select the option SNWL Authentication Reset and press the return or enter key. When the appliance is online, use the web interface to connect with the default admin/password credentials. How do I rebuild the unit from scratch if the administrator password is lost? If the appliance SES is used, connect the SES to a monitor and keyboard. Reboot SES and interrupt GRUB. Then select reset to original configuration. If using the software SES, uninstall the application and then reinstall with correct parameters. 7

How do I view / empty queue contents? The MTA mail queue can be viewed, however there is no option to empty the MTA queue by deleting the mails in the queue. This can be done under Reports & Monitoring -> MTA Status. Click on Show Details (within MTA Status) and then click on Deliver All Queued Messages to retry connection to the downstream server before the defined MTA retry interval. How do I reset the appliance? Pressing the reset button on the front panel for a few seconds will reboot the appliance to GRUB where SonicWALL SafeMode can be selected to restore system defaults. This can also be accomplished in the UI by going to System -> Advanced -> Reinitialize Appliance to Factory Settings. How do I report spam that makes it through the SES? Missed spam can be reported to SonicWALL for analysis by configuring Spam Submissions under Anti-Spam, Anti- Phishing in the SonicWALL interface (refer to SonicWALL ES Admin Guide for more details). Missed spam can also be reported by using the Junk Button in Outlook. This sends a thumbprint to SonicWALL s data center. Questions about Archiving What archiving facilities are available on ES and how can I get access to my old emails? Archiving can be performed by routing a copy to an external SMTP server or to the internal file system (can affect system performance) via Policy & Compliance > Compliance Module > Archiving. Archiving is an important feature for me. Can SES do it? SES supports Auditing. Messages can also be archived to an external SMTP server. Can I archive to a different location other than the SES Appliance? Yes, copies can be sent to an external SMTP server by routing to the archive email address residing on the external SMTP server. This can be done by going to Policy & Compliance -> Compliance Module -> Archiving then selecting Archive to External SMTP server. Once this is done, create a new policy filter with the Route copy to Archive policy action (Policy & Compliance -> Filters then select Add New Filter). What is the archive retention period for SES? SES archives outbound messages for a maximum period of 7 years. What method should be used to archive the archive for historical needs? If archiving is expected to exceed the amount of hard drive capacity on the SES appliance, we recommend using SES software, at least for the CC. Can searches be performed on the archive? The search criteria for Auditing is by date range, email locations (Delivered, Queued, Deleted, Rejected, Bounced, Junk Box, Approval Box), or by word search in the Subject, From, or To fields. 8

If I archive on the appliance, how can I write the data to tape or other archival media in case the appliance fails? Under the "Manage Backup" section, there is an option to select Archive backup. A snapshot file is created on the workstation accessing SES and can be used to restore the archive. Version 1.8 Last updated: 1/16/2009 Written by: Scott Kai Prepared by: Heidi Waterhouse 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information