Quick Start Guide. Sendio System Protection Appliance. Sendio 6.x and 7.x

Similar documents
Quick Start Guide. Sendio System Protection Appliance. Sendio 5.0

Quick Start Guide Sendio Hosted

F-Secure Messaging Security Gateway. Deployment Guide

Backup & Restore Guide

F-SECURE MESSAGING SECURITY GATEWAY

Open LDAP Tutorial. Sendio Security Platform Appliance. March 08 Services Update

eprism Security Suite

QUICK START GUIDE. Cisco C170 Security Appliance

1 You will need the following items to get started:

Deployment Guide: Transparent Mode

Chapter 10 Troubleshooting

Managed Appliance Installation Guide

Getting Started with Clearlogin A Guide for Administrators V1.01

Barracuda Link Balancer Administrator s Guide

Networking Guide Redwood Manager 3.0 August 2013

PineApp Surf-SeCure Quick

SonicOS Enhanced Release Notes TZ 180 Series and TZ 190 Series SonicWALL, Inc. Firmware Release: August 28, 2007

Virtual Appliance Setup Guide

How to configure Exchange Smart Host

VoIPon Tel: +44 (0) Fax: +44 (0)

Broadband Phone Gateway BPG510 Technical Users Guide

USER GUIDE. Ethernet Configuration Guide (Lantronix) P/N: Rev 6

MailFoundry Users Manual. MailFoundry User Manual Revision: MF Copyright 2005, Solinus Inc. All Rights Reserved

Barracuda Networks Technical Documentation. Barracuda SSL VPN. Administrator s Guide. Version 2.x RECLAIM YOUR NETWORK

SSL-VPN 200 Getting Started Guide

Barracuda Spam Firewall Administrator s Guide

6.0. Getting Started Guide

Multi-Homing Dual WAN Firewall Router

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Barracuda Spam Firewall User s Guide

Barracuda IM Firewall Administrator s Guide

Windows Server 2008 R2 Initial Configuration Tasks

JMC Next Generation Web-based Server Install and Setup

Configuration Information

CYAN SECURE WEB APPLIANCE. User interface manual

Simple Scan to Setup Guide

Cisco Expressway Basic Configuration

FileCruiser. VA2600 SR1 Quick Configuration Guide

SmartFiler Backup Appliance User Guide 2.0

Load Balancing. Outlook Web Access. Web Mail Using Equalizer

BlackBerry Enterprise Service 10. Version: Configuration Guide

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

QUICK START GUIDE. Cisco S170 Web Security Appliance. Web Security Appliance

Kaseya Server Instal ation User Guide June 6, 2008

SSL VPN. Virtual Appliance Installation Guide. Virtual Private Networks

Installing and Configuring vcloud Connector

How To Set Up A Barcuda Server On A Pc Or Mac Or Mac (For Free) With A Webmail Server (For A Limited Time) With An Ipad Or Ipad (For An Ipa) With The Ip

Security Provider Integration Kerberos Authentication

Barracuda SSL VPN Administrator s Guide

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to or Network Folder

UIP1868P User Interface Guide

Important Information

Steps for Basic Configuration

Connecting the DG-102S VoIP Gateway to your network

Copyright 2012 Trend Micro Incorporated. All rights reserved.

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

First Installation Guide

NSi Mobile Installation Guide. Version 6.2

Product Version 1.0 Document Version 1.0-B

NMS300 Network Management System

1 Introduction. Windows Server & Client and Active Directory.

M2M Series Routers. Port Forwarding / DMZ Setup

Thank for choosing the Dominion KX III, the industry's highest performance enterprise-class, secure, digital KVM (Keyboard, Video, Mouse) switch.

V.I.P. Kit. Video Insight Pilot Kit. (Video Insight Pilot Kit).

How To - Deploy Cyberoam in Gateway Mode

Setup Guide for Exchange Server

Step-by-Step Configuration

Barracuda Web Filter Administrator s Guide

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

Network Load Balancing

StarWind iscsi SAN Software: Using StarWind with MS Cluster on Windows Server 2003

Content Filtering Client Policy & Reporting Administrator s Guide

Installing GFI MailEssentials

Smart Card Authentication. Administrator's Guide

Core Protection Suite

Install MS SQL Server 2012 Express Edition

Configuration Information

B a r r a c u d a S S L V P N A d m i n i s t r a t o r s G u i d e

Mondopad v1.6. Quick Start

Symantec Database Security and Audit 3100 Series Appliance. Getting Started Guide

Customer Tips. Basic Configuration and Troubleshooting. for the user. Overview. Basic Configuration. Xerox Multifunction Devices.

Chapter 4 Managing Your Network

WARP. User Manual. Overview Chapter 1: Initial Setup Quick Install Instructions...3. Chapter 2: Interfaces LAN...6 WAN...7

Introduction. Versions Used Windows Server 2003

This chapter describes how to set up and manage VPN service in Mac OS X Server.

Configuring Global Protect SSL VPN with a user-defined port

SuperLumin Nemesis. Administration Guide. February 2011

Configuration Guide BES12. Version 12.3

Installing and Setting up Microsoft DNS Server

Issue 1 April 2, 2009 Using the VT2442 Web User Interface

AlienVault. Unified Security Management (USM) x Initial Setup Guide

7 6.2 Windows Vista / Windows IP Address Syntax Mobile Port Windows Vista / Windows Apply Rules To Your Device

Virtual Appliance for VMware Server. Getting Started Guide. Revision Warning and Disclaimer

Advanced Event Viewer Manual

RADAR NETWORK SETUP WITH WINDOWS XP/VISTA

Quick Scan Features Setup Guide. Scan to Setup. See also: System Administration Guide: Contains details about setup.

Installing GFI MailSecurity

Symantec Messaging Gateway 10.0 Installation Guide. powered by Brightmail

Transcription:

Sendio Email System Protection Appliance Quick Start Guide Sendio 6.x and 7.x Sendio, Inc. 4911 Birch St, Suite 150 Newport Beach, CA 92660 USA +1.949.274.4375 www.sendio.com

QUICK START GUIDE SENDIO This Quick Start Guide will help get Sendio up and running quickly. It assumes you have experience configuring email servers and networking equipment. Read this entire guide to understand this process. Detailed Installation Guide, Administration Manual, User Guide, Backup & Restore Guide, and LDAP Configuration Guide can be downloaded from www.sendio.com/ support/documentation. OVERVIEW This Quick Start Guide covers the following steps. If you are using the Sendio virtual appliance, skip steps 1 and 3. 1. Gathering all of the required hardware (skip if using the Sendio virtual appliance) 2. Determining the IP addresses, user names and passwords of various systems and accounts 3. Physically installing the appliance in a rack (skip if using the Sendio virtual appliance) 4. Modifying your firewall settings 5. Configuring system IP addresses and network settings 6. Verifying communications 7. Checking for software updates 8. Using the console interface to set system configuration parameters 9. Using the web interface to configure directory services 10. Setting the IP address of the system internal mail host 11. Setting the directory auto-synchronization schedule 12. Granting Administrator access to one or more users 13. Setting Contacts 14. Configuring Sendio Backups 15. Routing email traffic through Sendio STEP 1: HARDWARE Verify that you have the following items: Sendio appliance AC power cord (included with appliance) Rack-mounting kit (included with the ESP500 only) Ethernet cable VGA monitor Keyboard STEP 2: ADDRESSES AND ACCOUNTS Gather the following network information: IP address of your internal email server IP address of your directory server User name and password for accessing your directory server for Sendio LDAP synchronization (a user account with read-only access to all users and groups, and a password that does not expire are required) STEP 3: PHYSICAL INSTALLATION 1. Install Sendio in an equipment rack. Refer to the Installation Guide or the Rack Installation Guide shipped with your unit. 2. Connect an Ethernet cable from your network switch to the port labeled NETWORK at the back of the appliance. 3. Connect a VGA monitor, keyboard, and AC power cord to the appliance. 4. The system powers on, as it is designed to restart automatically in the event of a power failure. If the system does not power on automatically, press the power button on the front panel of the appliance. PAGE 2

SENDIO QUICK START GUIDE STEP 4: FIREWALL MODIFICATIONS Deploy Sendio behind your corporate firewall. Certain ports must be open to ensure proper operation, as shown below. Port Direction Origin Destination Usage TCP 22 In Sendio headquarters ESP appliance Remote access by Sendio Support TCP 25 Out ESP appliance All Public IPs SAV Requests and Bounces, outbound email TCP 25 (NOTE 1) In All Public IPs ESP appliance Sending domains - outbound mail servers TCP/UDP 53 (NOTE 2) Out ESP appliance All Public IPs Domain Name Service (DNS) TCP 80 In (NOTE 3) All Public IPs (optional) ESP appliance External access to ESP appliance web interface TCP 80 Out ESP appliance All Public IPs IP Reputation, anti-virus, anti-spam, software updates TCP 443 (NOTE 3) In All Public IPs (optional) ESP Appliance Secure HTTPs External access to ESP Appliance web interface TCP 443 Out ESP appliance All Public IPs Software updates UDP 123 Out ESP appliance All Public IPs Network Time Protocol (NTP) NOTE (1) : Complete all configuration steps in this guide before routing live inbound TCP port 25 traffic to the ESP appliance. NOTE (2) : If you use an internal DNS server, we recommend you allow outbound DNS access as well. That way, if your local DNS server fails, Sendio s access to public DNS servers ensures uninterrupted email flow. NOTE (3) : Inbound TCP 80 and/or TCP 443 is required only if access to the Sendio web interface is to be available from an external connection. Sendio Headquarters IP Addresses Starting IP address: 64.58.146.32 Subnet Mask: 255.255.255.224 [27 bits] Range Notation: 64.58.146.32/27 (255.255.255.224) Address range: 64.58.146.32-64.58.146.63 The following information will help customers who require more detail about Sendio s outbound packet flows on TCP ports 80 and 443. We recommend opening these TCP ports to all public IP addresses because the IP addresses listed below can change. By allowing completely open access, you will not need to update your firewall rules in the future. CYREN anti-spam, Zero Hour Anti-Virus, and IP Reputation Services (Host Name and IP Address) TCP Port 80 outbound from Sendio to these IP addresses/hosts: resolver1.sendio.ctmail.com (216.163.188.45) iprep1.t.ctmail.com (216.163.188.34) resolver2.sendio.ctmail.com (38.113.116.210) iprep2.t.ctmail.com (38.113.116.214) resolver3.sendio.ctmail.com (216.163.176.35) iprep3.t.ctmail.com (216.163.176.36) resolver4.sendio.ctmail.com (84.39.153.31) iprep4.t.ctmail.com (84.39.153.32) resolver5.sendio.ctmail.com (84.39.152.31) iprep5.t.ctmail.com (84.39.152.32) Clam AV AntiVirus TCP Port 80 outbound from Sendio to these IP addresses/hosts: db.us.clamav.net 198.148.78.4 209.198.147.20 66.18.18.59 104.131.196.175 168.143.19.95 200.236.31.1 64.6.100.177 69.12.162.28 128.199.133.36 194.8.197.22 207.57.106.31 64.22.33.90 69.163.100.14 150.214.142.197 194.186.47.19 208.72.56.53 65.19.179.67 78.46.84.244 155.98.64.87 Sendio Software Updates TCP port 80 and TCP port 443 outbound from Sendio to these IP addresses: TCP ports 80 and 443 outbound access to 66.240.197.232. TCP ports 80 and 443 outbound access to 66.240.197.224. File Types The firewall and any other security devices must permit the following file types over port 80/443 for update purposes:.rpm,.xml,.xml.gz,.xml.md5,.tar.gz,.avc,.ini,.dt,.cfg,.mhk,.lst,.set,.vnd,.klb, and.ver. PAGE 3

QUICK START GUIDE SENDIO STEP 5: CONFIGURING IPs & DNS 1. Using the VGA monitor and keyboard, login to the console interface with the default admin login: Login: sysconfig Password: admin You will change this default password in STEP 8. 2. Navigate to the Network Configuration section. 3. If you will be using Sendio to process outbound email (highly recommended for maximum effectiveness), enter the IP address(es) of the internal email server(s) that will send outbound email through Sendio in the Sender Host Addresses field. 4. Configure the IP Address, subnet mask, and Gateway settings of your network port. sysconfig Console Login Network Configuration Configuring Network Port Settings 5. Appliances running Sendio version 6.x: enter your internal DNS servers into the DNS Address List field as a commaseparated list. Using 127.0.0.1 in the DNS Address list tells Sendio to use the internet root DNS servers. You can also type 127.0.0.1 and your internal DNS servers so that root servers will be used if local servers are not available. Appliances running Sendio version 7.x: you have a Use Custom DNS Servers option. If you uncheck this radio button, Sendio uses the internet root DNS servers automatically. If using your internal DNS servers, check Use Custom DNS Servers and enter your server IP addresses as a comma-separated list into DNS Server IP Addresses. By default, if Sendio cannot reach your internal servers, alternative DNS servers on the Internet will be used. 6. Save your settings. NOTE: Create an internal DNS entry for access to the Sendio web interface (e.g., nospam.yourdomain.com). NOTE: Once Network Settings are configured and Sendio is accessible over the network, the console interface can be accessed from another computer via a secure shell (SSH) connection using a telnet/ssh client such as PuTTY (a freeware download). PAGE 4

SENDIO QUICK START GUIDE STEP 6: VERIFYING COMMUNICATIONS 1. Using another computer on your network, ping the Sendio IP address to ensure the eth0 IP Address set in STEP 5 on page 3 is assigned properly. 2. Using the SSH (PuTTY) interface, navigate to the Network Diagnostics section: a. Use the Protocol Diagnostic Tests to verify outbound connectivity on all listed protocols b. Use the SMTP Diagnostic Tests to verify outbound SMTP connectivity to mx1.hotmail. com. (Verify that a definition for reverse DNS (rdns) is in place for the appliance s public IP address. The output shows what rdns is currently in place. Ask your ISP to configure the rdns entry for you.) c. Use the DNS Lookup section to verify successful DNS lookup of example.com STEP 7: SENDIO UPDATE 1. Using the Sendio SSH (PuTTY) interface, navigate to the Sendio Update section 2. Install any available Maintenance Release software updates. STEP 8: SYSTEM CONFIGURATION 1. Using the Sendio SSH (PuTTY) interface, navigate to the System Control section. 2. Confirm services are configured to reflect those shown to the right. 3. Navigate to the System Configuration menu option. 4. Set the correct time zone for Sendio. 5. Save your settings. 6. Set the Machine Name (e.g., mail.mydomain. com) and Fully Qualified Domain Name (domain name only, such as mydomain.com). Machine Name should match the DNS hostname associated with your Sendio appliance s public IP address used for its outbound emails. That is, the reverse DNS of the public IP should the same as your machine name. The Machine name should also have a public DNS A-record that matches the appliance public IP. NOTE: Be sure a reverse DNS lookup (rdns) on the appliance s public IP address results in the hostname you set in STEP 6. To verify the rdns setup, use an online tool such as http://www.mxtoolbox.com. The formal name for rdns is a PTR record. 7. Save your settings. Network Diagnostics Sendio Update System Control Time Zone PAGE 5

QUICK START GUIDE SENDIO 8. Set the sysconfig password. The password must be between 5 and 8 characters and use both letters and numbers. NOTE: The sysconfig password must be changed. Failure to do so will prohibit access to the Sendio appliance web interface. Machine Configuration STEP 9: DIRECTORY SERVICES 1. Open a web browser and navigate to the Sendio web interface using the Sendio IP address. 2. At the dialog box, type either sysconfig@icebox (Sendio versions 6.x) or sysconfig@esp(sendio version 7.x) and the password entered in STEP 8 on page 5. 3. In the Sendio web interface, click the Domains menu. At the Domains page, click the New button to open a pop-up window, enter a domain that will be protected by the Sendio appliance (domain.com), and click the Create button. 4. Repeat for multiple domains. 5. Create a Synchronization User on your directory server. 6. Using the Sendio web interface, click the Directories menu option to show the Directories page, and click the New button to open the pop-up window. 7. Enter the IP address of the directory server. 8. Select the Directory Type. 9. Verify the Port number. Microsoft Active Directory defaults to port 3268, while other LDAP servers default to port 389. 10. Click the Fetch DNs button and select the appropriate Base DN. 11. Select the OU that will be synchronized to the Sendio appliance. Optionally, manually enter a prefix to the Base DN setting (i.e., ou=users or cn=departments) to specify or narrow the scope of synchronization. sysconfig Console Password Web Interface Login Create New Domain EXAMPLE: cn=users, dc=example, dc=com 12. Enter the Synchronization User Login and Password that you gathered in STEP 2. This may require a domain prefix such as mydomain\username. 13. Save your changes. 14. Click the Actions button and select the Synchronize Selected Directories option. NOTE: After your directory is synced, user single sign-on to Sendio will be functional. Any user can then log in to Sendio using the same credentials the user uses to log in to his computer and email account (e.g., email address and network password). Create New Directory PAGE 6

SENDIO QUICK START GUIDE STEP 10: SYSTEM OPTIONS 1. Using the Sendio web interface, click the System > Options tab. 2. Set the Internal Mail Host to the IP address of the internal email server. 3. Set the Organization Name to the company name that will be used in SAV messages. 4. Set the Preferred Time Zone. 5. Set Integrity Services to Enabled. 6. Set SilverListing to Enabled. 7. Save your settings. 8. Restart the Sendio appliance from the SSH (PuTTY) interface > System Control > Reboot Sendio ESP. STEP 11: SET AUTOMATIC DIRECTORY SYNCHRONIZATION 1. Using the Sendio SSH (PuTTY)interface, navigate to the Directory Management section. 2. Arrow over to Select Directory and press Enter. Press Enter again to accept default selection. 3. Arrow over to HHMM and remove all letters. Enter time for synchronization in military time format (i.e. 2200). 4. Arrow over the + sign and press Enter to add new synchronization schedule. 5. Save your settings. STEP 12: SET ADMIN USER 1. Using the console interface, navigate to the Directory Management section. 2. Arrow over to Press enter or Type Entry. Enter users last name and press Enter. 3. Select the appropriate user with the space bar. Tab to highlight Select and press Enter. 4. Move to Grant Full Admin Access, and then press Enter. 5. Save your settings. 6. Repeat for additional Admins. Directory Synchronization Admin Users PAGE 7

QUICK START GUIDE SENDIO STEP 13: SET CONTACTS 1. In the Sendio web interface, click System > Contacts > New to create a System contact entry to accept all email from Sendio Support. Use the email support@ sendio.com. 2. In the Sendio web interface, review the System > Contacts page and confirm there is a System drop contact to counter spoofing (incoming email with sender addresses belonging to your own domain). This was created when you entered the domain name in the Domains section. If you use Cloud-based services such as NETSUITE, Constant Contact, Salesforce, or Blackberry to send email that appears as being internal to your organization, create a corresponding System Accept contact (Pre-User). Common System Accepts for Blackberry, for example, are *@*.blackberry.net and *@srs. bis.na.blackberry.com. In some cases, you may choose to remove the anti-spoofing contact. If desired, you can build the initial list of company contacts. In most organizations, an existing list of email contacts can be imported into Sendio. From accounting applications to CRM to an Exchange Public Folder, the email addresses can be exported to a CSV file that can then be exported into Sendio from Sendio web interface > System > Contacts > Actions > Import Contacts. After creating the CSV of existing email contacts, import the CSV into System Contacts. New System Contact Anti-Spoofing Contact STEP 14: CONFIGURE SENDIO BACKUPS Refer to the Sendio Backup & Restore Guide (http://www. sendio.com/support/documentation) for instructions on configuring the daily Sendio backup. It is critical to have backups configured and scheduled before you proceed to STEP 15. STEP 15: ROUTE EMAIL TRAFFIC 1. On your firewall, direct inbound SMTP traffic (TCP port 25) to the IP address of your ESP appliance. 2. View the LOGS section of the web interface to verify that traffic is flowing. 3. Send a final test email from an external account, reply to the SAV Request, and verify the test message is released from the Pending Queue. 4. Configure your internal email server to route outbound email through Sendio. Refer to the instructions from your internal email server manufacturer for details on PAGE 8

SENDIO QUICK START GUIDE how to smart host your email server. For Microsoft Exchange, refer to the Exchange Smart Hosting Guide on the Sendio web site (http://www.sendio. com/support/documentation). Congratulations! Your Sendio appliance is now configured successfully. For additional information, visit the Documentation Support page (http://www. sendio.com/support/documentation) or submit a support ticket. The process for support tickets is located here: http://www.sendio.com/support/submit-support-ticket/ PAGE 9

Sendio, Inc. 4911 Birch St, Suite 150 Newport Beach, CA 92660 USA +1.949.274.4375 www.sendio.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information