Frequently Asked Questions (FAQ)

Similar documents
Clearswift SECURE Gateway V4.2

Clearswift SECURE Gateway V3.*

Clearswift SECURE Exchange Gateway Installation & Setup Guide. Version 1.0

SECURE ICAP Gateway. Blue Coat Implementation Guide. Technical note. Version /12/13. Product Information. Version & Platform SGOS 6.

Setup Cisco Call Manager on VMware

Virtual Appliance Setup Guide

F-Secure Messaging Security Gateway. Deployment Guide

Installation & Configuration Guide Version 1.0. TekSMTP Version Installation & Configuration Guide

Virtual Appliance Setup Guide

Extreme Control Center, NAC, and Purview Virtual Appliance Installation Guide

Product Version 1.0 Document Version 1.0-B

Trend Micro Hosted Security. Best Practice Guide

Virtual Appliance Installation Guide

NetIQ Sentinel Quick Start Guide

Barracuda Message Archiver Vx Deployment. Whitepaper

Frequently Asked Questions

Veeam Backup Enterprise Manager. Version 7.0

PHD Virtual Backup for Hyper-V

Virtual Web Appliance Setup Guide

Virtual Managment Appliance Setup Guide

Deploying Layered Security. What is Layered Security?

Quick Start Guide for VMware and Windows 7

Quick Start Guide. Sendio System Protection Appliance. Sendio 5.0

OnCommand Performance Manager 1.1

RealPresence Platform Director

Tivoli Endpoint Manager for Remote Control Version 8 Release 2. User s Guide

Configuring Trend Micro Content Security

Copyright 2012 Trend Micro Incorporated. All rights reserved.

Installation Guide. Help Desk Manager. Version v12.1.0

HOMEROOM SERVER INSTALLATION & NETWORK CONFIGURATION GUIDE

SolarWinds Log & Event Manager

LifeSize Control Installation Guide

Acano solution. Virtualized Deployment R1.1 Installation Guide. Acano. February B

VMware vcenter Support Assistant 5.1.1

eprism Security Suite

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

Hyper-V Installation Guide for Snare Server

If you re not using Citrix XenCenter 6.0, your screens may vary. Required Virtual Interface Maps to... mgmt0. virtual network = mgmt0 wan0

LabTech Installation Prerequisites

Rally Installation Guide

GX-V. Quick Start Guide. VMware vsphere / vsphere Hypervisor. Before You Begin SUMMARY OF TASKS WORKSHEET

Plexxi Control Installation Guide Release 2.1.0

Reconfiguring VMware vsphere Update Manager

SonicWALL SRA Virtual Appliance Getting Started Guide

IronKey Enterprise Server 6.1 Quick Start Guide

Installation Guide for Citrix XenServer 5.5

WatchGuard Training. Introduction to WatchGuard Dimension

VX 9000E WiNG Express Manager INSTALLATION GUIDE

OnCommand Unified Manager 6.3

SevOne NMS Download Installation and Implementation Guide

Installation Guide to the Snare Server Installation Guide to the Snare Server

NovaBACKUP xsp Version 15.0 Upgrade Guide

VMware/Hyper-V Backup Plug-in User Guide

GWAVA 5. Migration Guide for Netware GWAVA 4 to Linux GWAVA 5

I. Create Windows 2012 R2 VMware Template for Guest Customization

Migrating to ESXi: How To

Steps for Basic Configuration

insync Installation Guide

Required Virtual Interface Maps to... mgmt0. virtual network = mgmt0 wan0. virtual network = wan0 mgmt1. network adapter not connected lan0

ReadyNAS Setup Manual

BaseManager & BACnet Manager VM Server Configuration Guide

vsphere Replication for Disaster Recovery to Cloud

Deployment Guide: Transparent Mode

Testing and Restoring the Nasuni Filer in a Disaster Recovery Scenario

Sophos for Microsoft SharePoint startup guide

Installing and Configuring vcloud Connector

Proof of Concept Guide

OnCommand Unified Manager 6.2

WatchGuard Dimension v1.1 Update 1 Release Notes

AlienVault. Unified Security Management 5.x Configuration Backup and Restore

Avalanche Site Edition

WhatsUp Gold v16.2 Installation and Configuration Guide

Required Virtual Interface Maps to... mgmt0. bridge network interface = mgmt0 wan0. bridge network interface = wan0 mgmt1

Four reasons to upgrade from MIMEsweeper for SMTP to the Clearswift SECURE Gateway


- 1 - SmartStor Cloud Web Admin Manual

Veeam Cloud Connect. Version 8.0. Administrator Guide

SysPatrol - Server Security Monitor

SMART Vantage. Installation guide

Storage Sync for Netgear Version Installation Guide for Netgear ReadyNAS 6.0 Intel Base NAS

Storage Sync for Hyper-V. Installation Guide for Microsoft Hyper-V

Hillstone StoneOS User Manual Hillstone Unified Intelligence Firewall Installation Manual

Sophos Mobile Control Installation guide. Product version: 3

IBM Lotus Protector for Mail Encryption

MANUFACTURER RamSoft Incorporated 243 College St, Suite 100 Toronto, ON M5T 1R5 CANADA

Testing and Restoring the Nasuni Filer in a Disaster Recovery Scenario

OnCommand Performance Manager 1.1

Deploying a Virtual Machine (Instance) using a Template via CloudStack UI in v4.5.x (procedure valid until Oct 2015)

WhatsVirtual for WhatsUp Gold v16.0 User Guide

Installing the Operating System or Hypervisor

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

Oracle Virtual Machine Qualification Note Oracle FLEXCUBE Universal Banking Release [April] [2014]

VMware Horizon FLEX User Guide

Configuring Symantec Protection Engine for Network Attached Storage 7.5 for NetApp Data ONTAP

How to Backup and Restore a VM using Veeam

StarWind iscsi SAN: Global Deduplication with Veeam Backup&Replication

StreamServe Persuasion SP5 Control Center

Foglight Experience Monitor and Foglight Experience Viewer

Quick Start Guide For Ipswitch Failover v9.0

Transcription:

Frequently Asked Questions (FAQ) Clearswift SECURE Email Gateway 4.2 Issue 1.0 July 2015

Copyright Version 1.0, July, 2015 Published by Clearswift Ltd. 1995 2015 Clearswift Ltd. All rights reserved. The materials contained herein are the sole property of Clearswift Ltd unless otherwise stated. The property of Clearswift may not be reproduced or disseminated or transmitted in any form or by any means electronic, mechanical, photocopying, recording, or otherwise stored in any retrievable system or otherwise used in any manner whatsoever, in part or in whole, without the express permission of Clearswift Ltd. Information in this document may contain references to fictional persons, companies, products and events for illustrative purposes. Any similarities to real persons, companies, products and events are coincidental and Clearswift shall not be liable for any loss suffered as a result of such similarities. The Clearswift Logo and Clearswift product names are trademarks of Clearswift Ltd. All other trademarks are the property of their respective owners. Clearswift Ltd. (registered number 3367495) is registered in Britain with registered offices at 1310 Waterside, Arlington Business Park, Theale, Reading, Berkshire RG7 4SA, England. Users should ensure that they comply with all national legislation regarding the export, import, and use of cryptography. Clearswift reserves the right to change any part of this document at any time. Page 2 of 18 2

Contents Whats new in V4.2... 5 Can I upgrade to 4.2 from 3.8.4?... 5 Can I install 4.2 directly?... 5 How do I upgrade from 4.1 to 4.2?... 5 What secure protocols are supported for backup/export?... 6 Which FTP servers support secure connections?... 6 Why are newsletters blocked as suspected spam?... 6 On upgrade what happens with Newsletters?... 7 What if I don t want any Newsletters?... 7 Whats new in 4.1?... 8 What will happen to customers who don t want to or can t move to 4.1?... 8 Do I have to install 4.0 before I can install 4.1?... 8 I have installed 4.0 how do I upgrade to 4.1?... 8 I ve just upgraded to 4.0, should I upgrade to 4.1?... 9 If I ve upgraded to 4.1, is there going to a 4.2 immediately following this release? 9 Does a customer have to build new hardware for 4.1?... 9 Whats the difference between the V4.0 installer and V4.1?... 10 Why do I need to re-insert (reconnect) the DVD after installation?... 10 Why is the NTP configuration in the console?... 10 Is VMware tools installed automatically?... 10 Does the system have to be online in order to install the product?... 10 Can an Edge server be upgraded to 4.1 system?... 10 When will 3.8 be End of Lifed?... 10 Are there any special instructions to install on Clearswift branded hardware?... 11 Can the system support full SNMP not only traps?... 11 With the new flexibility on network cards, can we do SMTP on 1 NIC and Management on another?... 11 How do I change the hostname after install?... 11 Whats new in 4.0... 14 What will happen to customers who don t want to or can t move to 4.0?... 14 Page 3 of 18 3

Does a customer have to build new hardware for 4?... 14 What are the hardware recommendations for 4?... 14 Is there a list of hardware that is supported?... 15 Will it cost customers more to use 4?... 15 How will customers be told about 4?... 15 How should a customer migrate to 4?... 15 Why is there no simple upgrade process?... 16 What versions of V3.x can I easily migrate from?... 16 Are there any improvements in processing PDF s?... 16 Can customers evaluate 4 and still use 3.x in production?... 16 What are the advantages of using RedHat?... 17 As CentOS and RedHat are similar, is the product supported on CentOS?... 17 Is the new product supported on Xen?... 17 What are the new spam features in 4?... 17 How does DKIM work?... 17 Page 4 of 18 4

Whats new in V4.2 This new release brings additional security features to the Clearswift SECURE Email Gateway. The 4.2 release has the following new features: Sophos Live Protection Secure backup support Revised installation and upgrade procedure TLS enhancements Reporting enhancements Network stack hardening Processing failure rule priority Can I upgrade to 4.2 from 3.8.4? There is no in-place upgrade mechanism, but customers are advised to install 4.2 onto a fresh system and then restore the configuration from their 3.8.* system. This will copy their existing policy but not any local networking options such as hosts files or static routes. Can I install 4.2 directly? New customers can install 4.2 directly, there is no need to install 4.0 or 4.1 first. How do I upgrade from 4.1 to 4.2? The instructions are listed in the Installation and Setup Guide, but here they are: 1. Enable online repositories a. Open an SSH session and access the Clearswift Server Console. Log in using your default cs-admin access credentials. b. Use the arrow keys and the OK button to select: Configure System > Select YUM repositories > Enable online Repositories 2. Download software updates a. From the Clearswift Server Console main menu, select: Configure System > View and Apply Software Updates> Download New Updates > OK b. The console displays a progress bar indicating the status of the download. Click OK when the download is complete. 3. Apply software updates a. From the Clearswift Server Console main menu, select: Page 5 of 18 5

Configure System > View and Apply Software Updates > Apply Updates > OK b. Confirm that you want to apply the updates by clicking Yes. The downloaded system updates and product updates are installed. 4. Reboot your system a. From the Clearswift Server Console main menu, select: Reboot or Shutdown Server > Reboot > OK What secure protocols are supported for backup/export? The SEG supports insecure and now secure protocols for allowing the backup and restoration of the system configuration. The backup/restore and export transaction logs can be transferred to an external source over S/FTP FTP over SSH (TCP 22) FTPS (implicit) FTP over SSL (TCP 990) FTPS (explicit) FTP over SSL (TCP 21) Which FTP servers support secure connections? The following table provides a guide to which ftp servers support secure protocols. Product IIS Windows 2012 IIS Windows 2008 FileZilla 0.9 Linux ProFTD WS_FTP Secure protocols supported Ftps Ftps Ftps S/Ftp S/FTP, Ftps Why are newsletters blocked as suspected spam? Newsletters represent a type of message that typically is considered unwanted (spam) for some people but wanted for others. Depending on how companies want to configure their spam detection, if they are happy with this approach they can manage the misclassifications of wanted newsletters using the following instructions: 1. Set Suspected Spam to Hold in area 2. Use PMM to manage spam and let users whitelist the newsletters they want to receive Page 6 of 18 6

Or, if this behaviour is not acceptable it can be disabled. If this is the case you should: 1. Login to the console via SSH 2. From the menu Open Terminal Session 3. Sudo su (enter password) 4. Edit the file /opt/cs-gateway/custom/spamlogic-message-scorebands.properties 5. Change jemd.newsletter.result=junk_suspect to jemd.newsletter.result=junk_ NOT_CHECKED 6. Restart the SMTP Inbound Transport from System > Service Control It is expected that in 4.3 this option will be exposed in the user-interface. On upgrade what happens with Newsletters? Customer systems will be converted so that Newsletters will be treated as Suspected spam by default. What if I don t want any Newsletters? If that s the case customers can modify the behaviour of the system so that the messages are classed as Confirmed Spam rather than Suspected Spam. This is achieved by editing /opt/cs-gateway/custom/spamlogic-message-scorebands.properties and changing jemd.newsletter.result=junk_suspect to jemd.newsletter.result=junk_confirmed Page 7 of 18 7

Whats new in 4.1? The SEG comprises of a number of new and enhanced features Appliance installation o Appliance form factor o NTP setup Spamlogic enhancements o Whitelist import o Exclusion parameters for intermediate servers o Extended diagnostics for spam messages Secure Protocol support o LDAP/S support for address lists and manager relationships What will happen to customers who don t want to or can t move to 4.1? We understand that not all customers will be able to easily move to a V4 platform immediately, so Clearswift will continue to provide bug-fixes to the 3.8 platform for a limited period of time. Do I have to install 4.0 before I can install 4.1? No customers can install a V4.1 and import their existing 3.8 policy into their new V4.1 system I have installed 4.0 how do I upgrade to 4.1? Perform the following steps to download and apply software updates when you upgrade from Clearswift Email Gateway 4.0 to 4.1. 1. Enable online repositories a. Open an SSH session and access the Clearswift Server Console. Log in using your default cs-admin access credentials. b. Use the arrow keys and the OK button to select: Configure System > Select YUM repositories > Enable online repositories 2. Download software updates a. From the Clearswift Server Console main menu, select: Configure System > View and Apply Software Updates> Download New Updates > OK Page 8 of 18 8

b. The console displays a progress bar indicating the status of the download. Click OK when the download is complete. 3. Apply software updates a. From the Clearswift Server Console main menu, select: Configure System > View and Apply Software Updates > Apply Updates > OK b. Confirm that you want to apply the updates by clicking Yes. The downloaded system updates and product updates are installed. 4. Reboot your system a. From the Clearswift Server Console main menu, select: Reboot or Shutdown Server > Reboot > OK I ve just upgraded to 4.0, should I upgrade to 4.1? If you re running in a production environment Clearswift recommends that you should upgrade to 4.1 at the earliest convenience, not only are there functional enhancements, but also a number of bug fixes that have been made to the product. If I ve upgraded to 4.1, is there going to a 4.2 immediately following this release? Of course there will be a 4.2, but that s not scheduled till later in 2015. Does a customer have to build new hardware for 4.1? That depends. If a customer wants to use V4.1 on a hardware platform they have to make the decision what will happen to the hardware they are using today. They may find, as many do, that the hardware they are currently using is old and using that will be a short term option as it may be reaching the end of its serviceable lifetime. Clearswift s recommendation would be to consider new hardware to replace their existing platform as it make the process easier and provides a more energy efficient platform that is less likely to break down. Page 9 of 18 9

Whats the difference between the V4.0 installer and V4.1? In V4 you installed the O/S and then had to manually load the application. There were few steps involved, but the 4.1 system removes some steps to make it simpler and slightly faster. The V4.1 installation process should be used for a closed network deployment. Why do I need to re-insert (reconnect) the DVD after installation? Before running the Installation Wizard, you must reconnect/remount the DVD (or ISO) as the installation wizard will load the necessary Anti-virus tool from the same media that the product was installed from. This is to make sure there are no version issues with between Application version and version of the Anti-virus engine. Why is the NTP configuration in the console? As with V4.0, networking and operating centric elements are configured in the console application. Is VMware tools installed automatically? No, but there is a technote to describe the process. Does the system have to be online in order to install the product? The system needs to be able to validate a license key during the install wizard, so it either needs to be online or the system needs a local license keyfile. Can an Edge server be upgraded to 4.1 system? No. An Edge server is based on 3.x technology and will not be carried forward to 4.x When will 3.8 be End of Lifed? There is no set date at this point, however we expect the start of the end of life process to begin in December 2015, so the 3.x product line would EOL in December 2016. Page 10 of 18 10

Are there any special instructions to install on Clearswift branded hardware? There are no special instruction for the installation. However the installation should use a physical DVD. Can the system support full SNMP not only traps? Full SNMP is on the roadmap, traps are available today. With the new flexibility on network cards, can we do SMTP on 1 NIC and Management on another? We ve not tried yet, but we re confident it will and we will be trying it soon (May/June). How do I change the hostname after install? This is performed in the System Console. Login as cs-admin and then select Configure System Then Configure Network Settings Page 11 of 18 11

Then Configure Network Interface(s) Accept Yes Select DNS configuration Page 12 of 18 12

Enter a new hostname and select ok Select Save & Quit The system will be re-configured when the change is committed. Page 13 of 18 13

Whats new in 4.0 The SEG comprises of a number of new and enhanced features Red Hat x64 platform Revised anti-spam engines Support for Domain Keys Identified Mail (DKIM) Improved anti-spam whitelisting Adaptive Redaction enhancements o Open Office o Excel o Granular Properties Japanese text detection Normalized Property Names What will happen to customers who don t want to or can t move to 4.0? We understand that not all customers will be able to easily move to V4.0 immediately, so Clearswift will continue to provide bug-fixes to the 3.8 platform for a limited period of time. Does a customer have to build new hardware for 4? That depends. If a customer wants to use V4.0 on a hardware platform they have to make the decision what will happen to the hardware they are using today. They may find, as many do, that the hardware they are currently using is old and using that will be a short term option as it may be reaching the end of its serviceable lifetime. Clearswift s recommendation would be to consider new hardware to replace their existing platform as it make the process easier and provides a more energy efficient platform that is less likely to break down. What are the hardware recommendations for 4? The general recommendation is for hardware specifications is as follows Processor Messages per Memory Disks Raid PSU hour Dual Core 15,000 4Gb 500Gb SATA - 1 Quad Core+ 60,000 8Gb 2x300Gb SAS 1 2 Page 14 of 18 14

Overall speed of processing depends on the size and type of messages and the deployed policy. Is there a list of hardware that is supported? Yes, this is available on the Red Hat website https://access.redhat.com/search/browse/certifiedhardware/#?&col=portal_certified_hardware&language=all&portal_certification_vers ion=red+hat+enterprise+linux+6 Will it cost customers more to use 4? There is no additional charge to use the V4.0 product, even the cost of the RedHat license is included. How will customers be told about 4? Customers will be notified via email / RSS / forum posts to attend webinars to introduce the product and explain the changes. How should a customer migrate to 4? There are many factors that dictate the best method including change control procedures, number of peers and system complexity If the customer uses vsphere, then the basic recommendations are 1. Assuming the existing SEG is on the latest version of the product, they should perform a FTP backup 2. Create a new vsphere guest using the new platform of RHEL 6.6 / SEG 4.0 3. Run the install wizard 4. Restore the FTP backup If the customer uses hardware then the basic recommendations are 1. Assuming the existing SEG is on the latest version of the product, they should perform a FTP backup 2. Obtain a new server and deploy RHEL 6.6 / SEG 4.0 onto that 3. Run the install wizard 4. Restore the FTP backup In the case of the customer not having sufficient hardware to complete the task, they are permitted to install enough additional peers on a vsphere platform in order to release the original hardware to put that into production. Customers can contact their resellers / Clearswift PSO teams for advice and assistance. Page 15 of 18 15

Why is there no simple upgrade process? With a new operating system, a new file system and a revised application there are simply too many changes between the two versions that would make an in-place upgrade very dangerous or time consuming. What versions of V3.x can I easily migrate from? Customers should be on the latest version of product anyway to receive to benefit from the latest fixes, but the policy configuration file from 3.8.x can be imported into a V4.0. Are there any improvements in processing PDF s? There have been a number of improvements in PDF processing, so customers should find issues with PDF file formats have been reduced. Can customers evaluate 4 and still use 3.x in production? Yes, they can test the new platform in their labs and use the Relay to feature in their existing product to send email to a V4 platform for processing. They can also choose to run the two products in series, for example Incoming mail (A) could be processed for spam on the V4, before passing the message (B) to the V3 system before onward delivery to the corporate mail gateway (C). This approach allows customers to migrate rules from their existing V3 systems to the newer V4 platforms. Page 16 of 18 16

What are the advantages of using RedHat? There are numerous advantages for using RedHat, these include: 1. Reduces customer need for familiarisation with another Linux 2. Widely used in Government, Military and Finance sectors 3. Long life support 4. Greater support for new hardware 5. 64bit operating system 6. Better support for cloud environments 7. Support for 3 rd party applications and drivers to allow tools to be loaded onto the platform to aid system operations and management. 8. IPv6 ready (not enabled) As CentOS and RedHat are similar, is the product supported on CentOS? Officially it is not supported. Is the new product supported on Xen? RedHat do not support RHEL on the Xen hypervisor (see https://access.redhat.com/certified-hypervisors) - therefore we do not. What are the new spam features in 4? There are number of enhancements to improve the spam detection and reduce the false positives. These include 1. New TRUSTmanager sender IP system, easier to deploy and more accurate 2. New signatures engine a. Detection of Bulk mail b. Message reputation checks c. Content checks d. Spam tricks detection 3. Remove deprecated legacy filters 4. DKIM support. How does DKIM work? DKIM is a method of identifying if an email is authentic and will help to reduce the amount of spoofed messages being sent into an organization. Page 17 of 18 17

It also benefits validity to messages that are sent by an organization so their business partners are more trusted Page 18 of 18 18

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information