H3C SecPath UTM Series Anti-Spam Configuration Example



Similar documents
H3C Firewall and UTM Devices DNS and NAT Configuration Examples (Comware V5)

IPS Anti-Virus Configuration Example

IPS Attack Protection Configuration Example

How To Load Balance On A Libl Card On A S7503E With A Network Switch On A Server On A Network With A Pnet 2.5V2.5 (Vlan) On A Pbnet 2 (Vnet

H3C SSL VPN RADIUS Authentication Configuration Example

H3C SSL VPN Configuration Examples

DDoS Protection Technology White Paper

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

SSL-VPN 200 Getting Started Guide

Darstellung Unterschied ZyNOS Firmware Version 4.02 => 4.03

Configuring PA Firewalls for a Layer 3 Deployment

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

Table of Contents. 1 Overview 1-1 Introduction 1-1 Product Design 1-1 Appearance 1-2

Portal Authentication Technology White Paper

NetStream (Integrated) Technology White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 01. Date

Intro to Firewalls. Summary

Layer 2 Networking. Overview. VLANs. Tech Note

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

Application Description

Sage ERP Accpac Online

SSL VPN Technology White Paper

Sage 300 ERP Online. Mac Resource Guide. (Formerly Sage ERP Accpac Online) Updated June 1, Page 1

Cisco Discovery 3: Introducing Routing and Switching in the Enterprise hours teaching time

Lab Configuring Access Policies and DMZ Settings

Classic IOS Firewall using CBACs Cisco and/or its affiliates. All rights reserved. 1

Funkwerk UTM Release Notes (english)

How to Open HTTP or HTTPS traffic to a webserver behind the NetVanta 2000 Series unit (Enhanced OS)

Quick Note 53. Ethernet to W-WAN failover with logical Ethernet interface.

Hosting more than one FortiOS instance on. VLANs. 1. Network topology

Lab Configure Cisco IOS Firewall CBAC

Configuration Example

Application Notes for Configuring a SonicWALL VPN with an Avaya IP Telephony Infrastructure - Issue 1.0

Configuration Example

CET442L Lab #2. IP Configuration and Network Traffic Analysis Lab

NQA Technology White Paper

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

WildFire Cloud File Analysis

Configuring Static and Dynamic NAT Simultaneously

Configuring Trend Micro Content Security

Vocia MS-1 Network Considerations for VoIP. Vocia MS-1 and Network Port Configuration. VoIP Network Switch. Control Network Switch

Setting up Microsoft Office 365

How to set up Inbound Load Balance under Drop-in Mode

Setting up Microsoft Office 365

Load Balance Mechanism

Sample Configuration Using the ip nat outside source static

White Paper Copyright 2011 Nomadix, Inc. All Rights Reserved. Thursday, January 05, 2012

Routing concepts in Cyberoam

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

Quick Start for Network Agent. 5-Step Quick Start. What is Network Agent?

NETASQ MIGRATING FROM V8 TO V9

How To Set Up A Pploe On A Pc Orca On A Ipad Orca (Networking) On A Macbook Orca 2.5 (Netware) On An Ipad 2.2 (Netrocessor

1 You will need the following items to get started:

Comprehensive Anti-Spam Service

This article describes a detailed configuration example that demonstrates how to configure Cyberoam to provide the access of internal resources.

Log Audit Ensuring Behavior Compliance Secoway elog System

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

Firewall Stateful Inspection of ICMP

Cisco Expressway Basic Configuration

Chapter 15. Firewalls, IDS and IPS

Best Practices Revision A. McAfee Gateway 7.x Appliances

Web-Based Configuration Manual System Report. Table of Contents

FortiGate Multi-Threat Security Systems I Administration, Content Inspection and SSL VPN Course #201

HP Load Balancing Module

How To Configure Virtual Host with Load Balancing and Health Checking

How to Create a Basic VPN Connection in Panda GateDefender eseries

Lab Organizing CCENT Objectives by OSI Layer

Network Agent Quick Start

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

M2M Series Routers. Port Forwarding / DMZ Setup

Lab Diagramming Intranet Traffic Flows

Using IPsec VPN to provide communication between offices

Figure 41-1 IP Filter Rules

How to Add Domains and DNS Records

Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme. Firewall

Check Point Security Administrator R70

Configuring Security for SMTP Traffic

Supporting Multiple Firewalled Subnets on SonicOS Enhanced

Security Technology: Firewalls and VPNs

Steps for Basic Configuration

Configuration Example

SSL VPN Client Installation Guide Version 9

Endian Unified Threat Management

A typical router setup between WebSAMS and ITEd network is shown below for reference. DSU. Router

How to configure DNAT in order to publish internal services via Internet

Unified Threat Management

Configuring the Juniper NetScreen Firewall Security Policies to support Avaya IP Telephony Issue 1.0

Cisco - Configure the 1721 Router for VLANs Using a Switch Module (WIC-4ESW)

Security Technology White Paper

Tunnels and Redirectors

Cisco Secure PIX Firewall with Two Routers Configuration Example

Sample Configuration Using the ip nat outside source list C

GregSowell.com. Mikrotik Basics

Chapter 8 Monitoring and Logging

Configuring MassTransit Server to listen on ports less than 1024 using WaterRoof on Macintosh Workstations

Spam Marshall SpamWall Step-by-Step Installation Guide for Exchange 5.5

Guideline on Firewall

Sophos UTM Software Appliance

Basic ViPNet VPN Deployment Schemes. Supplement to ViPNet Documentation

Transcription:

H3C SecPath UTM Series Anti-Spam Configuration Example Keywords: Anti-spam, SMTP, POP3 Abstract: This document presents an anti-spam configuration example for UTM devices. Acronyms: UTM SMTP Acronym Unified Threat Management Simple Mail Transfer Protocol Full spelling POP3 Post Office Protocol, Version 3 Hangzhou H3C Technologies Co., Ltd. www.h3c.com 1/11

Table of Contents Feature Overview 3 Application Scenarios 3 Configuration Guidelines 3 Anti-Spam Configuration Example 3 Network Requirements 3 Configuration Considerations 4 Hardware/Software Version Used 4 Configuration Procedures 4 Basic Configuration 4 Anti-Spam Configuration 7 Verification 10 Related Documentation 11 Hangzhou H3C Technologies Co., Ltd. www.h3c.com 2/11

Feature Overview By cooperating with a Commtouch mail server (a third-party mail server), the anti-spam feature of an H3C UTM device can inspect all emails sent from external networks to the internal network and process the emails as configured, so as to prevent spam from wasting the resources of the internal network. With the anti-spam feature configured, the device forwards all emails received from external networks to the Commtouch mail server for inspection and, after receiving the inspection results, processes the emails based on the actions specified in the anti-spam policy. The anti-spam feature supports inspecting Simple Mail Transfer Protocol (SMTP) emails and Post Office Protocol, Version 3 (POP3) emails: SMTP: In a scenario where the SMTP clients are on the external network and the SMTP server is on the internal network. POP3: In a scenario where the POP3 clients are on the internal network and the POP3 server is on the external network. Application Scenarios The anti-spam feature can be deployed to check emails entering an internal network to prevent email spam from occupying resources of the internal network. Configuration Guidelines Before configuring the anti-spam feature, ensure that: The device can communicate with the Commtouch mail server normally. The address of the Commtouch mail server is http://resolver%d.h3c.ctmail.com, where %d indicates a number in the range from 1 to 10. The device has a legal, effective license of the anti-spam feature. The device can connect to http://www.h3c.com to verify the validity of the license for the anti-spam feature. When the license of the anti-spam feature expires, all anti-spam configurations will not be effective any more. Anti-Spam Configuration Example Network Requirements As shown in Figure 1, the internal network of a company is 4.1.1.0/24, and the external network is 192.168.100.0/22. Configure the UTM device to inspect emails received from the POP3 server and process those emails as follows: Modify the subjects of emails from known spam sources and log them. Modify the subjects of emails from unknown spam sources and log them. Log suspicious emails. Forward normal emails normally. Hangzhou H3C Technologies Co., Ltd. www.h3c.com 3/11

Figure 1 Network diagram for anti-spam configuration H3C SecPath UTM Series Anti-Spam Configuration Example Configuration Considerations Redirect the traffic of interest for in-depth inspection. Configure the anti-spam policy and rules. Apply the policy to the segment. Hardware/Software Version Used <H3C>dis ver H3C Comware Platform Software Comware Software, Version 5.20, Ess 5115 Copyright (c) 2004-2009 Hangzhou H3C Tech. Co., Ltd. All rights reserved. H3C SecPath U200-CM uptime is 0 week, 3 days, 20 hours, 54 minutes CPU type: RMI XLS404 800MHz CPU 512M bytes DDR2 SDRAM Memory 32M bytes Flash Memory 247M bytes CF0 Card PCB Version:Ver.B Logic Version: 2.0 Basic BootWare Version: 1.23 Extend BootWare Version: 1.23 [FIXED PORT] CON (Hardware)Ver.B, (Driver)1.0, (Cpld)2.0 [FIXED PORT] GE0/0 (Hardware)Ver.B, (Driver)1.0, (Cpld)2.0 [FIXED PORT] GE0/1 (Hardware)Ver.B, (Driver)1.0, (Cpld)2.0 [FIXED PORT] GE0/2 (Hardware)Ver.B, (Driver)1.0, (Cpld)2.0 [FIXED PORT] GE0/3 (Hardware)Ver.B, (Driver)1.0, (Cpld)2.0 [FIXED PORT] GE0/4 (Hardware)Ver.B, (Driver)1.0, (Cpld)2.0 [SUBCARD 1] 2GE (Hardware)Ver.B, (Driver)1.0, (Cpld)1.0 Configuration Procedures Basic Configuration Configuring interface GE 0/1 Select Device Management > Interface from the navigation tree and then click the icon of GE 0/1 to enter the interface configuration page. Perform the configurations shown in the following figure and click Apply. Hangzhou H3C Technologies Co., Ltd. www.h3c.com 4/11

Select Device Management > Zone from the navigation tree and then click the icon of the Untrust zone to enter the page for modifying the security zone configurations. Add interface GE 0/1 to the Untrust zone as shown in the following figure, and click Apply to complete the operation and return to the security zone page. Configuring interface GE 0/4 Similarly, assign IP address 4.1.1.1/24 to interface GE 0/4 and add the interface to security zone Trust. Selecting Device Management > Interface from the navigation tree, you should see the following list: Hangzhou H3C Technologies Co., Ltd. www.h3c.com 5/11

Configuring NAT To enable internal hosts to connect to the external network through the UTM device, you need to configure a NAT policy on interface GE 0/1. In this example, the policy references ACL 3004 and uses the NAT mode of Easy IP. Select Firewall > ACL from the navigation tree and then create ACL 3004 and add a rule to the ACL to identify the flow of interest. In this example, the ACL permits packets sourced from 4.1.1.0/24. The configurations are shown in the following figure: Select Firewall > NAT Policy > Dynamic NAT from the navigation tree and then under Dynamic NAT, click Add and then specify ACL 3004 and Easy IP for interface GigabitEthernet 0/1. The following figure shows the configuration result: Configuring a route Select Network > Routing Management > Static Routing from the navigation tree and configure a default route, setting the next hop to the IP address for the intranet side interface of the router that connects the GE 0/1 interface of the UTM device with the external network (192.168.100.254 in this example). Hangzhou H3C Technologies Co., Ltd. www.h3c.com 6/11

Configuring a redirect policy Configure a redirect policy to redirect the flow of interest to the i-ware platform for in-depth analysis. In this example, traffic between zone Trust and zone Untrust that matches ACL 3000 will be redirected to segment 0. First, select Firewall > ACL from the navigation tree and then create ACL 3000 and add rules to the ACL to identify the traffic of interest. The configurations are shown in the following figure: Then, select IPS AV Application Control > Advanced Configuration from the navigation tree and create a redirect policy to redirect traffic matching ACL 3000 to segment 0. Anti-Spam Configuration Select IPS AV Application Control > Advanced Configuration from the navigation tree and click the Application Security Policy link to enter the in-depth inspection configuration page. Enabling anti-spam inspection Select Anti-Spam > Anti-Spam from the navigation tree and perform the following configurations in the Server Configuration area: Select the Antispam inspection check box. Click Apply. After a while, you will see that the operation status becomes normal. Hangzhou H3C Technologies Co., Ltd. www.h3c.com 7/11

If the UTM device connects to the Commtouch mail server through a proxy server, you need to configure the proxy server according to the networking scheme. The anti-spam signature database stores all email spam signatures that the device can identify. The license of the anti-spam feature has a validity period specified. After the license expires, you need to recharge to obtain a new license before upgrading the anti-spam signature database. Creating and applying the anti-spam policy Under Policy Application List, click Add and perform the following configurations: Type test as the name. Select Modify subject and log as the action for POP3 emails from known spam sources. Select Modify subject and log as the action for POP3 emails from unknown spam sources. Select Log as the action for suspicious POP3 emails. Select Log as the action for normal POP3 emails. Hangzhou H3C Technologies Co., Ltd. www.h3c.com 8/11

Under Apply Policy, click Add and perform the following configurations on the page that appears: Select segment 0. Click Apply. Now, segment 0 should appear on the list under Apply Policy. Click Apply to complete the operation. Hangzhou H3C Technologies Co., Ltd. www.h3c.com 9/11

Activating configurations After the application operation is complete, the anti-spam configuration page appears again, as shown in the following figure. Click Activate and confirm your operation. Verification On internal host 4.1.1.2, configure Outlook Express to receive emails. Then, on the web interface of the device, select Log Management > Anti-Spam Logs from the navigation tree. Logs about inspection and processing of emails destined for the user should appear on the list. Hangzhou H3C Technologies Co., Ltd. www.h3c.com 10/11

Related Documentation Anti-Spam Configuration of the Web configuration manual. Hangzhou H3C Technologies Co., Ltd. www.h3c.com 11/11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information