Installation Guide Revision C. McAfee Gateway 7.x VMtrial Appliances

Similar documents
McAfee Gateway VMtrial Appliances

McAfee(R) Security Virtual Appliance 5.6 Installation Guide

Installation Guide Revision B. McAfee Gateway 7.x Virtual Appliances

McAfee(R) and Web Security Virtual Appliance 5.6 Installation Guide

Data Center Connector for vsphere 3.0.0

Setup Guide. Archiving for Microsoft Exchange Server 2003

Best Practices Revision A. McAfee Gateway 7.x Appliances

Product Guide. McAfee SaaS Endpoint Protection (October, 2012 release)

Administrators Guide Revision A. McAfee Gateway Appliances

Setup Guide. Archiving for Microsoft Exchange Server 2010

McAfee SaaS Archiving

McAfee Content Security Reporter Software

Setup Guide. Archiving for Microsoft Exchange Server 2007

McAfee Cloud Single Sign On

Migration Guide Revision A. McAfee and Web Security McAfee Web Gateway 7.x

Upgrade Guide. McAfee Vulnerability Manager Microsoft Windows Server 2008 R2

Setup Guide Revision B. McAfee SaaS Archiving for Microsoft Exchange Server 2010

McAfee Content Security Reporter 2.0.0

Cyberoam Virtual Security Appliance - Installation Guide for VMware ESX/ESXi. Version 10

McAfee SiteAdvisor Enterprise 3.5 Patch 2

Data Center Connector for OpenStack

McAfee MOVE AntiVirus Multi-Platform 3.5.0

Installation Guide. McAfee VirusScan Enterprise for Linux Software

Setup Guide Revision A. WDS Connector

McAfee Directory Services Connector extension

McAfee Data Loss Prevention 9.3.0

Product Guide. McAfee Security for Microsoft SharePoint 3.0.0

McAfee Endpoint Security Software

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

Product Guide. McAfee Endpoint Security 10

Product Guide Revision A. McAfee Web Reporter 5.2.1

McAfee Client Proxy Software

Installation Guide. McAfee epolicy Orchestrator Software

McAfee Asset Manager Console

F-Secure Messaging Security Gateway. Deployment Guide

McAfee Endpoint Encryption for PC 7.0

Product Guide. McAfee Security for Microsoft Exchange 8.0.0

Product Guide. McAfee Endpoint Protection for Mac 2.1.0

Administration Guide Revision A. SaaS Protection

Steps for Basic Configuration

McAfee Database Activity Monitoring 5.0.0

McAfee MOVE AntiVirus (Agentless) 3.6.0

Product Guide. McAfee epolicy Orchestrator Software

McAfee Public Cloud Server Security Suite

McAfee Client Proxy 2.0

Virtualization Guide. McAfee Vulnerability Manager Virtualization

User Manual. User Manual for Version

Cyberoam Virtual Security Appliance - Installation Guide for XenServer. Version 10

Installation Guide Revision B. McAfee epolicy Orchestrator Software

Product Guide Revision A. McAfee Data Loss Prevention Endpoint 9.3.0

Virtual Appliance Setup Guide

McAfee Enterprise Mobility Management 11.0 Software

Cloud Director User's Guide

Core Protection for Virtual Machines 1

Configuration Information

Product Guide Revision A. McAfee Secure Web Mail Client Software

Administration Guide Revision E. Account Management. For SaaS and Web Security

McAfee MOVE AntiVirus 2.6.0

Configuration Information

Avalanche Site Edition

SevOne NMS Download Installation and Implementation Guide

Installing and Using the vnios Trial

McAfee VirusScan Enterprise for Storage 1.1.0

Product Guide Revision A. McAfee Secure Web Mail Client Software

Virtual Appliance for VMware Server. Getting Started Guide. Revision Warning and Disclaimer

McAfee Network Security Platform 8.2

provides several new features and enhancements, and resolves several issues reported by WatchGuard customers.

Network Security Platform 7.5

Installation Guide. McAfee SaaS Endpoint Protection 6.0

Total Protection Service

How To - Deploy Cyberoam in Gateway Mode

Virtual Appliance Setup Guide

Installation Guide. McAfee Security for Microsoft Exchange Software

Deploying Layered Security. What is Layered Security?

Product Guide. McAfee Endpoint Security for Mac Threat Prevention

Trend Micro Hosted Security. Best Practice Guide

Product Version 1.0 Document Version 1.0-B

F-Secure Internet Gatekeeper Virtual Appliance

VPN-1 VE Evaluation Guide

Deployment and Configuration Guide

Installation Guide. McAfee SaaS Endpoint Protection

McAfee EETech for Mac 6.2 User Guide

Configuring Trend Micro Content Security

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

Installing and Configuring vcenter Support Assistant

Barracuda Spam Firewall User s Guide

VCCC Appliance VMware Server Installation Guide

McAfee Web Gateway 7.4.1

Forcepoint Sidewinder, Virtual Appliance Evaluation for Desktop. Installation Guide 8.x. Revision A

ESET Mobile Security Business Edition for Windows Mobile

VMware vcenter Log Insight Getting Started Guide

PHD Virtual Backup for Hyper-V

GX-V. Quick Start Guide. VMware vsphere / vsphere Hypervisor. Before You Begin SUMMARY OF TASKS WORKSHEET

Administration Guide Revision E. SaaS Protection

Kaseya 2. Quick Start Guide. for Network Monitor 4.1

FortKnox Personal Firewall

Copyright 2012 Trend Micro Incorporated. All rights reserved.

Easy Setup Guide for the Sony Network Camera

About Help Desk. McAfee Help Desk 2.0 Software. Product Guide. Functions of McAfee Help Desk software. Quarantine release.

Web Application Firewall

Transcription:

Installation Guide Revision C McAfee Email Gateway 7.x VMtrial Appliances

COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee, the McAfee logo, McAfee Active Protection, McAfee CleanBoot, McAfee DeepSAFE, epolicy Orchestrator, McAfee epo, McAfee EMM, Foundscore, Foundstone, Policy Lab, McAfee QuickClean, Safe Eyes, McAfee SECURE, SecureOS, McAfee Shredder, SiteAdvisor, McAfee Stinger, McAfee Total Protection, TrustedSource, VirusScan, WaveSecure are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other names and brands may be claimed as the property of others. Product and feature names and descriptions are subject to change without notice. Please visit mcafee.com for the most current products and features. LICENSE INFORMATION License Agreement NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND. 2 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide

Contents 1 Introducing VMtrial 5 Description of McAfee Email Gateway.......................... 5 Supported platforms................................. 5 McAfee Email Gateway features............................ 6 Evaluation period.................................. 8 Performance.................................... 9 About McAfee................................... 9 About VMware................................... 9 What you get................................... 9 2 Installing VMtrial 11 Decide how you want to use the evaluation....................... 11 Considerations before installing VMtrial........................ 11 Network information you need to collect........................ 12 System requirements................................ 12 Install VMtrial on VMware vsphere.......................... 12 Install VMtrial on VMware Player........................... 13 Configure the virtual appliance............................ 14 3 Getting started with VMtrial 17 The Dashboard.................................. 17 Benefits of using the Dashboard........................ 18 Dashboard portlets.............................. 19 Testing the configuration.............................. 19 Test connectivity........................... 20 Update the DAT files.......................... 20 Using the test email generator............................ 20 Benefits of using the test email generator.................... 20 Generate test email.............................. 21 Generate a stream of test email messages................. 21 View a summary of scanned email traffic.................. 22 Find specific test email messages..................... 22 Exploring the appliance features........................... 22 Introduction to policies............................ 23 Encryption................................. 23 Compliance Settings............................. 25 Data Loss Prevention settings......................... 27 Identify quarantined email messages................... 29 Index 31 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide 3

Contents 4 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide

1 1 Introducing VMtrial McAfee Email Gateway Appliance (VMtrial) lets you evaluate the latest McAfee Email Gateway Appliance on VMware vsphere, or VMware Player. Contents Description of McAfee Email Gateway Supported platforms McAfee Email Gateway features Evaluation period Performance About McAfee About VMware What you get Description of McAfee Email Gateway McAfee Email Gateway delivers comprehensive, enterprise class protection against email threats in an integrated and simple to manage appliance for SMTP and POP3. If you purchase the McAfee Email Gateway after this evaluation, McAfee can either supply the relevant hardware and other items that accompany an appliance, or you can access the software using a virtual appliance. Supported platforms McAfee Email Gateway Appliance (VMtrial) works on the following virtual platforms: VMware vsphere (ESX) 4.x VMware vsphere Hypervisor (ESXi) 4.x VMware Player 3.x McAfee Email Gateway 7.x VMtrial Appliances Installation Guide 5

1 Introducing VMtrial McAfee Email Gateway features McAfee Email Gateway features This information describes the features of the product and where to locate them in the product interface. Email scanning features Feature Comprehensive scanning protection Anti virus protection Anti spam protection Encryption Description Offers anti virus and anti spam protection for the following network protocols: SMTP POP3 Email Email Policies Anti Virus Reduce threats to all protocol traffic using: Anti virus settings to identify known and unknown threats in viruses in archives files, and other file types Other threat detection settings to detect viruses, potentially unwanted programs, packers, and other malware McAfee Global Threat Intelligence file reputation to complement the DAT based signatures by providing the appliances access to millions of cloud based signatures; this reduces the delay between McAfee detecting a new malware threat and its inclusion in DAT files, providing broader coverage Email Email Policies Spam Reduce spam in SMTP and POP3 email traffic using: Anti spam engine, the anti spam, and anti phishing rule sets Lists of permitted and denied senders McAfee Global Threat Intelligence message reputation to identify senders of spam email messages Permit and deny lists that administrators and users can create using a Microsoft Outlook plug in (user level only) Detect phishing attacks and take the appropriate action. Email Encryption The McAfee Email Gateway includes several encryption methodologies: Server to server encryption Secure Web Mail Pull delivery Push delivery The encryption features can be set up to provide encryption services to the other scanning features, or can be set up as an encryption only server used just to encrypt email messages. 6 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide

Introducing VMtrial McAfee Email Gateway features 1 Feature McAfee Global Threat Intelligence feedback Compliance Settings Data Loss Prevention Message Search Quarantine features Message Transfer Agent Description Email Email Policies Policy Options McAfee GTI feedback System Setup Wizard McAfee analyzes data about detections and alerts, threat details, and usage statistics from a broad set of customers to combat electronic attacks, protect vulnerable systems from exploit, and thwart cyber crime. By enabling this feedback service in your product, you will help us improve McAfee Global Threat Intelligence, thereby making your McAfee products more effective, as well as help us work with law enforcement to address electronic threats. Email Email Policies Compliance This release of the product includes enhancements to the way the appliance uses compliance rules: In the Compliance policy, use the Rule Creation wizard to specify the inbuilt dictionaries that you want to comply with, or create the a new rule using an existing rule as a template. Use the Mail size filtering and File filtering policies to check SMTP email messages for true file types and take action on email based on size and number of attachments. Email DLP and Compliance Use the Data Loss Prevention policy to upload and analyze your sensitive documents known as training and to create a fingerprint of each document. Reports Message search From a single location within the user interface, Message Search allows you to confirm the status of email messages that have passed through the appliance. It provides you with information about the email, including whether it was delivered or blocked, if the message bounced, if it was quarantined, or held in a queue pending further action. Email Quarantine Configuration Quarantine Options Quarantine digests Allow users to handle quarantined items without involving the email administrator. McAfee Quarantine Manager Consolidate quarantine management for McAfee products. Reroute traffic on the fly based on criteria set by the administrator. For example, encrypted mail can be rerouted for decryption. Allow the administrator to determine the final status of each message. See a quick view summary of inbound email messages by domain with drill down facilities per domain and undeliverable email by domain. Prioritize the redelivery of undeliverable email based on domain. Pipeline multiple email deliveries to each domain. Rewrite an email address on inbound and outbound email based on regular expressions defined by the administrator. Strip email headers on outbound messages to hide internal network infrastructure. Deliver messages using TLS. Manage certificates. McAfee Email Gateway 7.x VMtrial Appliances Installation Guide 7

1 Introducing VMtrial Evaluation period Reporting and System features Feature Scheduled Reports Logging options Dashboard statistics epolicy Orchestrator management of appliances Cluster Management Virtual Hosts Role based Access Control Description Reports Scheduled Reports Schedule reports to run on a regular basis and send them to one or more email recipients. System Logging, Alerting and SNMP You can configure the appliance to send emails containing information about viruses and other detected threats, and to use SNMP to transfer information from your appliance. Dashboard The Dashboard provides a single location for you to view summaries of the activities of the appliance, such as the email flowing through the appliance, and the overall system health of the appliance. You can also go directly to areas of the user interface that you often use. System Setup Wizard Choose the epo Managed Setup option to monitor the status of your appliances and also manage your appliance from epolicy Orchestrator. You can directly manage your appliances from epolicy Orchestrator, without needing to launch the interface for each appliance. In epolicy Orchestrator, the user interface pages that you use to configure and manage your appliance have a familiar look and feel to the pages that you find within the appliances. System System Administration Cluster Management Cluster management enables you to set up groups of appliances that work together to share your scanning workloads, and to provide redundancy in the event of hardware failure. From these pages you can back up and restore your configurations, push configurations from one appliance to others, and set up load balancing between your appliances. System Virtual Hosting Virtual Hosts For the SMTP protocol, you can specify the addresses where the appliance receives or intercepts traffic on the Inbound Address Pool. Using virtual hosts, a single appliance can appear to behave like several appliances. Each appliance can manage traffic within specified pools of IP addresses, enabling the appliance to provide scanning services to traffic from many customers. System Users Users and Roles System Users Login Services In addition to the Kerberos authentication method, RADIUS authentication is also available. Evaluation period During the evaluation period, you get unlimited access to McAfee Email Gateway Appliance (VMtrial) features that can protect your organization from spam, phishing, viruses, undesirable content, data loss, and other threats. 8 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide

Introducing VMtrial Performance 1 The evaluation period lasts for 30 days, after which time the virtual appliance will cease to function. When the evaluation period ends, an Expiry Information dialog box on the VMtrial logon page tells you "The trial has now expired." All functionality stops working. Traffic continues to pass through the VMtrial appliance but is not scanned. If you run out of time to complete your evaluation before it expires, you can save your configuration, begin another evaluation, and apply your original configuration settings. To purchase the product based on your evaluation, contact your preferred reseller. To locate a reseller, go to http://www.mcafee.com to find a Reseller or Distribution Partner or contact a sales representative. Performance Using virtual software to simulate a McAfee appliance impacts appliance performance and traffic throughput. Scanning throughput during the evaluation is not representative of the performance that would be achieved on a McAfee appliance with a similar hardware specification. Performance and traffic throughput are also affected by the host computer specification and the size of your Internet connection. About McAfee McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), is the world s largest dedicated security technology company. McAfee delivers proactive and proven solutions and services that help secure systems, networks, and mobile devices around the world, allowing users to safely connect to the Internet, browse, and shop the web more securely. Backed by its unrivaled global threat intelligence, McAfee creates innovative products that empower home users, businesses, the public sector, and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee is relentlessly focused on constantly finding new ways to keep our customers safe. About VMware VMware (NYSE:VMW), the global leader in virtualization and cloud infrastructure, delivers customer proven solutions that accelerate IT by reducing complexity and enabling more flexible, agile service delivery. VMware enables enterprises to adopt a cloud model that addresses their unique business challenges. VMware s approach accelerates the transition to cloud computing while preserving existing investments and improving security and control. With more than 250,000 customers and 25,000 partners, VMware solutions help organizations of all sizes lower costs, increase business agility and ensure freedom of choice. What you get In the evaluation.zip file, you have the following items: McAfee Email Gateway 7.x VMtrial Appliances Installation Guide 9

1 Introducing VMtrial What you get McAfee Email Gateway Appliance (VMtrial) installation files McAfee Email Gateway Appliance (VMtrial) Installation Guide Sources of information You can find installation and configuration information in the following locations: Online Help The configuration console contains page sensitive Help information to guide you through the installation process. After installation, detailed context sensitive Help with Search and Index features is available from the product interface. It provides an introduction to the product and its features, detailed instructions for configuring the software, information on recurring tasks, and operating procedures. KnowledgeBase Use the McAfee KnowledgeBase for answers to questions about McAfee Email Gateway Appliance. Go to https://mysupport.mcafee.com/ and click Browse the KnowledgeBase. From the Product list, select Email Gateway. Documentation You have access to the latest version of the McAfee Email Gateway Appliance documentation. Go to https://mysupport.mcafee.com/, click Product Documentation, and select Email Gateway. For help with VMware vsphere or VMware Player, go to http://www.vmware.com, type your question to the Search VMware Knowledge Base box, and click Search. 10 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide

2 Installing VMtrial This information helps you prepare your evaluation environment and presents topics to consider before you install McAfee Email Gateway Appliance (VMtrial). Contents Decide how you want to use the evaluation Considerations before installing VMtrial Network information you need to collect System requirements Install VMtrial on VMware vsphere Install VMtrial on VMware Player Configure the virtual appliance Decide how you want to use the evaluation Before you start to install the evaluation, you must decide whether you want to: Use McAfee Email Gateway Appliance (VMtrial) to scan email traffic on your network. Just evaluate the McAfee Email Gateway Appliance features and interface options. Considerations before installing VMtrial If you want McAfee Email Gateway Appliance (VMtrial) to scan email traffic on your network, consider the following before you start the installation process: Which protocols do you want to scan? Choose from SMTP and POP3. Do you want to scan these protocols without changing settings on clients or servers? Does your network have a DMZ? If so, which servers are located in it? Do you have an internal DNS server? The operational mode that you want to use. Choose from explicit proxy mode, transparent bridge mode, or transparent router mode. Information about the features of each operating mode can be found in the McAfee Email Gateway Virtual Appliance Installation Guide available from https:// mysupport.mcafee.com. If VMware vsphere is already installed and running correctly in your operating environment, McAfee recommends that you use it to run McAfee Email Gateway Appliance (VMtrial). McAfee Email Gateway 7.x VMtrial Appliances Installation Guide 11

2 Installing VMtrial Network information you need to collect Network information you need to collect Gather the following information before you start the installation process: Protocols to scan (SMTP, POP3) Host name Domain name Default gateway Choose your operational mode: explicit proxy, transparent router, transparent bridge. Information about the operational modes can be found in the McAfee Email Gateway Virtual Appliance Installation Guide available from http://mysupport.com. LAN1 port IP address and subnet mask LAN2 port IP address and subnet mask DNS server IP address Any onward email server IP address System requirements If you plan to use VMtrial in your production environment, remember that traffic throughput and performance are slower than an appliance with a similar hardware specification. VMtrial does not run on the FAT32 filesystem. Component Processor Available memory Value 2.8 GHz Pentium 4 processor with Physical Address Extension (PAE) support 1 GB Free hard disk space 50 GB Virtual environment Browser If VMware vsphere is already installed and running correctly in your operating environment, McAfee recommends that you use it to run McAfee Email Gateway Appliance (VMtrial). The appliance's interface is optimized for Microsoft Internet Explorer 7.0 or later, and Mozilla Firefox 3.6 or later. Install VMtrial on VMware vsphere Use this task to install McAfee Email Gateway Appliance (VMtrial) onto a host computer running VMware vsphere 4.x or VMware vsphere Hypervisor (ESXi) 4.x. Before you begin Download the McAfee Email Gateway Appliance (VMtrial) package.zip file from the McAfee download site and extract it to a location where the VMware vsphere Client can see it. Install a fully licensed copy of VMware vsphere 4.x or VMware vsphere Hypervisor (ESXi) 4.x. 12 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide

Installing VMtrial Install VMtrial on VMware Player 2 The McAfee Email Gateway Appliance (VMtrial) performs automatic configuration using DHCP for the following parameters: Host name Domain name Default gateway DNS server The console appears when the appliance restarts until you complete the settings. 1 Start the VMware vsphere Client application. 2 Log on to the VMware vsphere server, or the vcenter Server. 3 From the Inventory list, select the host or cluster onto which you want to import the virtual appliance software. 4 Click File Deploy OVF Template Deploy From File, and click Browse to go to where you extracted the.zip file you downloaded from the McAfee download site. 5 Open the VMtrial subfolder from the.zip file, and select the McAfee_MEG_VMtrial.vSphere_ESX.ovf file, and click Open. 6 Click Next twice, and optionally type a new name. 7 Select the resource pool that you want to use if you have any configured. 8 Select the datastore that you want to use, and click Next. 9 Select the virtual networks to which the virtual appliance NICs will be connected. 10 Click Next, read the summary, then click Finish and wait for the import process to finish. You can install the virtual appliance on more than one VMware vsphere server. Install VMtrial on VMware Player Use this task to install McAfee Email Gateway Appliance (VMtrial) onto a host computer running VMware Player. Before you begin Download the McAfee Email Gateway Appliance (VMtrial) package.zip file from the McAfee download site and extract it to the computer on which you plan to run the evaluation. Download VMware Player from http://www.vmware.com/go/get player. The McAfee Email Gateway Appliance (VMtrial) performs automatic configuration using DHCP for the following parameters: Host name Domain name Default gateway DNS server McAfee Email Gateway 7.x VMtrial Appliances Installation Guide 13

2 Installing VMtrial Configure the virtual appliance The console appears when the appliance restarts until you complete the settings. 1 Log on to the computer as an administrator. 2 Install VMware Player: a Double click the VMware Player installation file and click Run to start the installer. b c Click Next and continue through the installer selecting the desired options. On the last page, click Continue to begin the installation. The computer must be restarted before you can run McAfee Email Gateway Appliance (VMtrial). 3 Run the VMtrial installation file: a Browse to the folder where you extracted the McAfee Email Gateway Appliance (VMtrial) package.zip file. b c Open the VMtrial folder. Double click the McAfee_MEG_VMtrial.VMware_Player.vmx file. VMware Player starts, and the installation begins. You can install the virtual appliance on more than one VMware Player server. Configure the virtual appliance Use this task to configure the virtual appliance. Before you begin Ensure your virtual environment is installed and running correctly. 1 Start the virtual appliance. The installation starts automatically. 2 Read the End User License Agreement to continue with the installation, then click y to accept it and start the installation. 3 At the installation menu, select a to perform a full installation and y to continue. 4 When the installation is complete, the virtual appliance restarts. 5 On the Welcome screen, choose the language that you want to use. 6 Accept the terms of the license agreement. 7 Configure the virtual appliance from the graphical configuration wizard. 14 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide

Installing VMtrial Configure the virtual appliance 2 8 Apply the configuration to the virtual appliance. Depending on the settings you entered, it might restart. You can install the virtual appliance on more than one VMware vsphere, VMware vsphere Hypervisor, or VMware Player server. To do so: a Follow the steps in this task on another VMware vsphere, VMware vsphere Hypervisor, or VMware Player server. b c Return to the previously installed virtual appliance user interface. Select System System Administration Configuration Push to send the configuration details to the second virtual appliance. McAfee Email Gateway 7.x VMtrial Appliances Installation Guide 15

2 Installing VMtrial Configure the virtual appliance 16 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide

3 3 Getting started with VMtrial This information introduces you to the interface elements that make up McAfee Email Gateway Appliance (VMtrial). Contents The Dashboard Testing the configuration Using the test email generator Exploring the appliance features The Dashboard The Dashboard provides a summary of the activity of the appliance. Dashboard Use this page to access most of the pages that control the appliance. On a cluster master appliance, use this page also to see a summary of activity on the cluster of appliances. McAfee Email Gateway 7.x VMtrial Appliances Installation Guide 17

3 Getting started with VMtrial The Dashboard Benefits of using the Dashboard The Dashboard provides a single location for you to view summaries of the activities of the appliance through a series of portlets. Figure 3-1 Dashboard portlets Some portlets display graphs that show appliance activity over the following periods of time: 1 hour 2 weeks 1 day (the default) 4 weeks 1 week Within the Dashboard, you can make some changes to the information and graphs displayed: Expand and collapse the portlet data using the and buttons in the portlet's top right hand corner. Drill down to specific data using the and buttons. See a status indicator that shows whether the item needs attention: Healthy the reported items are functioning normally Requires Attention a warning threshold has been exceeded Requires Immediate Attention a critical threshold has been exceeded Disabled a service is not enabled Use and to zoom in and zoom out of a timeline of information. There is a short delay while the view is updated. By default, the Dashboard shows data relating to the previous one day. Move a portlet to another location on the Dashboard, 18 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide

Getting started with VMtrial Testing the configuration 3 Double click the top bar of a portlet to expand it across the top of the Dashboard, Set your own alert and warning thresholds to trigger events. To do so, highlight the item and click it, edit the alert and warning threshold fields, and click Save. When the item exceeds the threshold you set, an event is triggered. Depending on the browser used to view the McAfee Email Gateway user interface, the Dashboard "remembers" the current state of each portlet (whether it is expanded or collapsed, and if you have drilled down to view specific data), and attempts to re create that view if you navigate to another page within the user interface and then return to the Dashboard within the same browsing session. Dashboard portlets Understand the portlets found on the dashboard within the user interface of your McAfee Email Gateway. Option Inbound Mail Summary Outbound Mail Summary SMTP Detections POP3 Detections System Summary Hardware Summary Network Summary Services Clustering s Definition Use the Inbound Mail Summary portlet to get the delivery and status information about messages sent to your organization. Use the Outbound Mail Summary portlet to get the delivery and status information about messages sent from your organization. Use the SMTP Detections portlet to find out the total number of messages that triggered a detection based on the sender or connection, the recipient, or the content, and to view data specific to either inbound or outbound SMTP traffic. Use the POP3 Detections portlet to view how many messages triggered a detection based on threats such as viruses, packers, or potentially inappropriate images. Use the System Summary portlet displays information about load balancing, the disk space used for each partition, total CPU usage, used and available memory, and swap details. Use the Hardware Summary portlet uses status indicators to show the status of network interfaces, UPS servers, bridge mode (if enabled), and RAID status. Use the Network Summary portlet provides information about the status of your connections, network throughput and counters relating to Kernel Mode Blocking Use the Services portlet displays update and service status statistics based on protocol and external servers used by the appliance. Use the Clustering portlet, when you have configured your appliance as part of a cluster or are using the blade server hardware, provides information about the entire cluster. Use the s portlet to link directly to the areas of the user interface that search the message queue, view reports, manage policies, configure mail protocol settings and network and system settings, and access troubleshooting features. Testing the configuration This information describes how to test that the appliance is functioning correctly after installation. Contents Test connectivity Update the DAT files McAfee Email Gateway 7.x VMtrial Appliances Installation Guide 19

3 Getting started with VMtrial Using the test email generator Test connectivity Use this task to confirm basic connectivity. The McAfee Email Gateway checks that it can communicate with the gateway, update servers and DNS servers. It also confirms that the appliance name and domain name are valid. 1 From the navigation bar, select Troubleshoot, or from the dashboard, select Run System Tests from the s area. 2 Click the Tests tab. 3 Click Start Tests. Each test should return positively. Update the DAT files Use this task to ensure that the McAfee Email Gateway has the most up to date detection definition (DAT) files. We recommend updating them before you configure the scanning options. As you progress using the McAfee Email Gateway, you can choose to update individual types of definition file and change the default scheduled updates to suit your requirements. 1 Select System Component Management Update Status. 2 To update the anti virus engine and anti virus database, click Update Now. To check that the update applied correctly, open the Services portlet in the Dashboard, and expand the Updates status. The Anti virus components will have a green status. Using the test email generator McAfee Email Gateway Appliance (VMtrial) includes a test email generator to allow you to fully test your trial of the software, without needing to configure external infrastructure to send and receive email messages. Troubleshoot Tools Generate Test Email Benefits of using the test email generator The test email generator demonstrates the reporting and detection capabilities of the McAfee Email Gateway Appliance (VMtrial) by simulating the continual sending and receiving various types of email traffic. The content of the emails is randomized and consists of a selection of detection types and legitimate data. The detections trigger defined actions for viral content, spam content, compliance or Data Loss Prevention (DLP) actions. These test emails do not contain any viral content, rather, they contain test strings designed specifically to ensure the anti virus detections are working correctly. When you enable the test email generator, policies are automatically created. These policies are used to define the settings that are applied to the test email traffic as it is scanned by the appliance. 20 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide

Getting started with VMtrial Using the test email generator 3 The connection and envelope properties of the generated email messages are also randomized, to ensure that different policies are triggered when the messages are scanned. You can edit the policies created to test the email traffic. Doing so might affect the results of the scanned test email traffic. Generate test email Generate a stream of messages to test the effects of the scanning policies. Table 3-1 Option definitions Diagnostics: Generate continuous test email Option Enable Continuous Generation / Reset Continuous Generation Start Continuous Generation Disable Status Window Reminder Stop Continuous Generation Definition Creates new policies to define the configuration used to scan the test email messages generated using continuous generation. After you have enabled continuous generation and created the policies, you can reset these policies to their initial state by clicking Reset Continuous Generation. Creates test email traffic. When test email traffic is being generated, a reminder message is displayed on the Status Window every minute. Click to disable the reminder messages. Stops the flow of test email traffic. Generate a stream of test email messages Configure the McAfee Email Gateway Appliance (VMtrial) software to generate a continuous stream of test email messages. To fully evaluate and understand some features within McAfee Email Gateway, it is necessary for the appliance to scan email messages. Use Generate Test Email Diagnostics: Generate continuous test email to create a continuous stream of test email messages to be scanned by the appliance. 1 Select Troubleshoot Tools Generate Test Email. 2 Click Enable Continuous Generation. 3 Click OK to accept the notice about your policy customizations being overwritten. The enabling of email generation and the creation of the required scanning policies takes several minutes to complete. New policies are created. These are used to configure the scanning for the test email message stream. 4 Click Start Continuous Generation. Your McAfee Email Gateway Appliance (VMtrial) starts generating a stream of email messages that are scanned by the appliance. McAfee Email Gateway 7.x VMtrial Appliances Installation Guide 21

3 Getting started with VMtrial Exploring the appliance features View a summary of scanned email traffic Use the Dashboard to get an "at a glance" overview of the email traffic scanned by the McAfee Email Gateway Appliance (VMtrial). Before you begin Either arrange for external email to be delivered though the virtual appliance, or generate a stream of test email messages using the Generate Test Email Diagnostics: Generate continuous test email feature. 1 Select Dashboard. 2 View the counters shown within the Mail Summary portlets. The counters increment as the email traffic is scanned. Find specific test email messages Use Message Search to get detailed information about the email traffic scanned by the McAfee Email Gateway Appliance (VMtrial). Before you begin Either arrange for external email to be delivered though the virtual appliance, or generate a stream of test email messages using the Generate Test Email Diagnostics: Generate continuous test email feature. 1 Select Reports Message search. 2 Click Search / Refresh. The appliance reads the current information from its database, and displays it on the page. 3 To view only information about specific actions taken, for example, email messages that have been quarantined or bounced, use the available filtering options before clicking Search / Refresh. Detailed information about the scanned email traffic is displayed. For further information, see the online Help for Message Search. Exploring the appliance features This information contains tasks to demonstrate the McAfee Email Gateway scanning features in action. It provides step by step instructions to create and test some sample policies and tells you how to generate applicable reports. Contents Introduction to policies Encryption Compliance Settings Data Loss Prevention settings Identify quarantined email messages 22 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide

Getting started with VMtrial Exploring the appliance features 3 Introduction to policies The appliance uses policies which describe the actions that the appliance must take against threats such as viruses, spam, unwanted files, and the loss of confidential information. Email Email Policies Policies are collections of rules or settings that can be applied to specific types of traffic or to groups of users. Encryption The Encryption pages enable you to set up McAfee Email Gateway to use the supported encryption methods to securely deliver your email messages. Email Encryption The McAfee Email Gateway includes several encryption methodologies, and can be set up to provide encryption services to the other scanning features, or can be set up as an encryption only server used just to encrypt email messages. Encrypt all email traffic to a specific customer A common use of the encryption features is to configure a policy to use encryption for email messages going to a specific customer. This group of tasks show how to configure your McAfee Email Gateway so that all email messages being sent to s specific customer are sent using encryption. Create a new scanning policy Learn how to create a new scanning policy. Your appliance uses the policies you create to scan the email messages sent through the appliance. You can create multiple policies to control the way different users use email, or to specify different actions based on specific circumstances. 1 Select Email Email Policies Scanning Policies. 2 Select the required protocol using steps in View policies for SMTP, POP3 or McAfee Secure Web Mail. 3 Click Add policy. 4 In the Scanning Policies New Policy page, enter the following information: a b c Name for the policy. Write an optional description for the new policy. Specify where the new policy inherits its settings from. If you have a similar policy already set up, select this to allow its settings to be inherited by the new policy. d Choose if the policy is to apply to inbound or outbound email traffic. (SMTP only) McAfee Email Gateway 7.x VMtrial Appliances Installation Guide 23

3 Getting started with VMtrial Exploring the appliance features e f g Select the required Match logic for the policy. Select the type of rule, how it should match, and the value that the rule tests against. If required, add additional rules, and use the and buttons to correctly order the rules. 5 Click OK. The new policy is added to the top of the list of policies. Configure the encryption settings Configure your McAfee Email Gateway to use encryption. 1 Select Email Encryption Secure Web Mail Basic Settings. 2 Select Enable the Secure Web Mail Client. 3 Select Email Encryption Secure Web Mail User Account Settings. Recipients are automatically enrolled, and receive a digitally signed notification in HTML format. The administrator chooses whether to do push and/or pull encryption. 4 Select Email Encryption Secure Web Mail Password Management. The minimum password length is eight characters. The password expires after 365 days. Enable Encryption for messages matching a compliance rule Enable the required encryption features on your McAfee Email Gateway for messages that match a compliance rule. In this example, email messages that match the HIPAA Compliance rules will be encrypted. 1 Select Email Email Policies Compliance. 2 Click Enable compliance, and select Create new rule from template. 3 Search for the HIPAA Compliance rule and select it. 4 Click Next to progress through the wizard. 5 Select the primary action to Allow Through (Monitor). 6 In And also, select Deliver message using encryption. 7 Click Finish, and click OK to close the dialog box. 8 Select Email Email Policies Policy Options Encryption. 9 In When to Encrypt, select Only when triggered from a scanner action. 10 In On box Encryption Options, select Secure Web Mail, and click OK. 11 Apply the changes. 24 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide

Getting started with VMtrial Exploring the appliance features 3 Compliance Settings Use this page to create and manage compliance rules. Email Email Policies Compliance Compliance Benefits of the compliance settings Use compliance scanning to assist with conformance to regulatory compliance and corporate operating compliance. You can choose from a library of predefined compliance rules, or create your own rules and dictionaries specific to your organization. Compliance rules can vary in complexity from a straightforward trigger when an individual term within a dictionary is detected, to building on and combining score based dictionaries which will only trigger when a certain threshold is reached. Using the advanced features of compliance rules, dictionaries can be combined using logical operations of any of, all of, or except. Restrict the score contribution of a dictionary term Use this task to restrict the score contribution of a dictionary term. Before you begin This task assumes that your rule includes a dictionary which triggers the action based on a threshold score, such as the Compensation and Benefits dictionary. You can restrict how many times a term can contribute to the overall score. For example, if testterm within a dictionary has a score of 10 and is seen five times within an email, it will add 50 to the overall score. Alternatively you can restrict this, for example to contribute only twice by setting Maximum term count to 2. 1 Select Email Email Policies Compliance. 2 Expand the rule that you want to edit, then click the Edit icon next to the dictionary whose score you want to change. 3 In Maximum term count, type the maximum number of times that you want a term to contribute to the score. Edit the threshold associated with an existing rule Use this task to edit the threshold associated with an existing rule. Before you begin This task assumes that your rule includes a dictionary which triggers the action based on a threshold, such as the Compensation and Benefits dictionary. 1 Select Email Email Policies Compliance. 2 Expand the rule that you want to edit, then select the Edit icon next to the dictionary whose score you want to change. 3 In dictionary threshold, type the score on which you want the rule to trigger, and click OK. McAfee Email Gateway 7.x VMtrial Appliances Installation Guide 25

3 Getting started with VMtrial Exploring the appliance features Create a rule to monitor or block at a threshold For score based dictionaries you might want to monitor triggers that reach a low threshold, and only block the email when a high threshold is achieved. 1 Select Email Email Policies Compliance. 2 Click Create new rule, type a name for it such as Discontent Low, and click Next. 3 Select the Discontent dictionary, and in Threshold, type 20. 4 Click Next, and Next again. 5 In If the compliance rule is triggered, accept the default action. 6 Click Finish. 7 Repeat steps 2 through 4 to create another new rule but name it Discontent High and assign it a threshold of 40. 8 In If the compliance rule is triggered, select Deny connection (Block). 9 Click Finish. 10 Click OK and apply the changes. Add a dictionary to a rule Use this task to add a new dictionary to an existing rule. 1 Select Email Email Policies Compliance. 2 Expand the rule that you want to edit. 3 Select Add dictionaries. 4 Select the new dictionary that you want to include, and click OK. Create a complex custom rule Use this task to create a complex rule that triggers when both Dictionary A and Dictionary B are detected, except when Dictionary C is also detected. 1 Select Email Email Policies Scanning Policies and select Compliance. 2 In the Default Compliance Settings dialog box, click Yes to enable the policy. 3 Click Create new rule to open the Rule Creation Wizard. 4 Type a name for the rule, and click Next. 5 Select two dictionaries to include in the rule, and click Next. 6 Select a dictionary that you want to exclude from the rule in the exclusion list. 7 Select the action that you want to take place if the rule triggers. 8 From the And conditionally drop down list, select All, and click Finish. 26 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide

Getting started with VMtrial Exploring the appliance features 3 Create a simple custom rule Use this task to create a simple custom rule that blocks messages that contain social security numbers. 1 Select Email Email Policies Compliance. 2 In the Default Compliance Settings dialog box, click Yes to enable the policy. 3 Click Create new rule to open the Rule Creation Wizard. 4 Type a name for the rule, and click Next. 5 In the Search field, type social. 6 Select the Social Security Number dictionary, and click Next twice. 7 Select the Deny connection (Block) action, and click Finish. Block messages that violate a policy Use this to task to block messages that violate a threatening language policy. 1 Select Email Email Policies Compliance. 2 In the Default Compliance Settings dialog box, click Yes to enable the policy. 3 Click Create new rule from template to open the Rule Creation Wizard. 4 Select the Acceptable Use Threatening Language policy, and click Next. 5 Optionally change the name of the rule, and click Next. 6 Change the primary action to Deny connection (Block), and click Finish. 7 Click OK and apply the changes. Data Loss Prevention settings Use this page to create a policy that assigns data loss prevention actions against the registered document categories. Email Email Policies Compliance Data Loss Prevention Benefits of using Data Loss Prevention (DLP) You can choose to restrict the flow of sensitive information sent in email messages by SMTP through the appliance using the Data Loss Prevention feature. For example, by blocking the transmission of a sensitive document such as a financial report that is to be sent outside of your organization. Detection occurs whether the original document is sent as an email attachment, or even as just a section of text taken from the original document. Configuring DLP takes place in two phases: McAfee Email Gateway 7.x VMtrial Appliances Installation Guide 27

3 Getting started with VMtrial Exploring the appliance features Registering the documents that you want to protect Setting the DLP policy to action, and control the detection (this topic) If an uploaded registered document contains embedded documents, their content is also fingerprinted so the combined content is used when calculating the percentage match at scan time. To have embedded documents treated individually, they must be registered separately. Prevent a sensitive document from being leaked Use this task to block sensitive financial documents from being sent outside your organization. Before you begin This example assumes that you have already created a Finance category. 1 Select Email Email Policies Compliance Data Loss Prevention. 2 In the Default Data Loss Prevention Settings dialog box, click Yes to enable the policy. 3 Click Create new rule, select the Finance category, and click OK to have the category appear in the Rules list. 4 Select the action associated with the category, change the primary action to Deny connection (Block), and click OK. 5 Click OK again, and apply the changes. Block a section of the document Use this task to block just a small section of the document from being sent outside your organization. 1 Select Email Email Policies Compliance Data Loss Prevention. 2 In the Default Data Loss Prevention Settings dialog box, click Yes to enable the policy. 3 Enable the consecutive signatures setting, and type the number of consecutive signatures against which the DLP policy will trigger a detection. The level is set to 10 by default. 4 Click Create new rule, select the Finance category, and click OK to have the category appear in the Rules list. 5 Select the action associated with the category, change the primary action to Deny connection (Block), and click OK. 6 Click OK again, and apply the changes. Exclude a specific document for a policy Use this task to prevent a specific financial document from triggering the DLP policy settings. 1 Select Email Email Policies Compliance Data Loss Prevention. 2 In the Default Data Loss Prevention Settings dialog box, click Yes to enable the policy. 3 Click Create document exclusion, select the document you want to ignore for this policy, and click OK. 4 Click OK again, and apply the changes. 28 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide

Getting started with VMtrial Exploring the appliance features 3 Identify quarantined email messages Use this task to discover which email messages have been quarantined by your McAfee Email Gateway Appliance. To view a list of all messages that have been quarantined: 1 Click Reports Message Search. 2 Select Quarantined from the Message status drop down list. 3 Click Search/Refresh. All messages that have been quarantined are displayed in the lower part of the page. s Refine the search on page 29 View a specific email message on page 29 Release a quarantined email message on page 30 After viewing the email message that has been quarantined, you may want to release the message from Quarantine. This task allows you to do this. Refine the search You can further refine your search for quarantined email messages to show only those that have been quarantined due to specific triggers. In this example, to find those email messages quarantined due to compliance issues: 1 Complete the steps in Find out which email messages are quarantined. 2 Select Compliance from the Category drop down list. 3 Click Search/Refresh. The lower part of the screen is refreshed to show only the messages that have been quarantined due to compliance issues. View a specific email message You can view the content of a quarantined email message. 1 Complete the steps in Refine the search. 2 Select the relevant quarantined message using the checkbox to the left of the page. 3 Click View Message. The selected message is displayed in a new window. From this window, you can view the content of the email message. You can also choose to view the detailed email header information. After you have viewed the message, by clicking the relevant buttons, you can choose further actions to perform on the email message. McAfee Email Gateway 7.x VMtrial Appliances Installation Guide 29

3 Getting started with VMtrial Exploring the appliance features Release a quarantined email message After viewing the email message that has been quarantined, you may want to release the message from Quarantine. This task allows you to do this. To release a selected message from quarantine: 1 Complete the steps in View a specific email message. 2 Click Release Selected. The selected email message is released from quarantine. Email messages that contain viral content cannot be released from quarantine, as to do so would risk causing damage to your systems. 30 McAfee Email Gateway 7.x VMtrial Appliances Installation Guide

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information