INLINE INGUARD E-MAIL GUARDIAN



Similar documents
Service Launch Guide (US Customer) SEG Filtering

Core Protection Suite

Symantec Hosted Mail Security Getting Started Guide

Core Filtering Admin Guide

Setting up Microsoft Office 365

Setting up Microsoft Office 365

Important Information

Configuration Information

Migration Project Plan for Cisco Cloud Security

Deployment Guide. For the latest version of this document please go to:

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

Migration Manual (For Outlook Express 6)

POP3 Connector for Exchange - Configuration

Services Deployment. Administrator Guide

Quick Start Guide Sendio Hosted

Configuration Information

Frequently Asked Questions for New Electric Mail Administrators 1 Domain Setup/Administration

Migration Quick Reference Guide for Administrators

MailFoundry Users Manual. MailFoundry User Manual Revision: MF Copyright 2005, Solinus Inc. All Rights Reserved

Feature Comparison Guide

Frequently Asked Questions

Deploying Layered Security. What is Layered Security?

SaaS Encryption Enablement for Customers, Domains and Users Quick Start Guide

Filtering Admin Guide. Guide to Administrative Functions of Spam and Virus Filtering Service

Preface Introduction to Proofpoint Essentials... 5

Configuration Guide for Exchange 2003, 2007 and 2010

Trend Micro Hosted Security. Best Practice Guide

Microsoft Exchange 2003

Copyright 2011 Sophos Ltd. Copyright strictly reserved. These materials are not to be reproduced, either in whole or in part, without permissions.

Barracuda Spam Firewall

eprism Security Appliance 6.0 Release Notes What's New in 6.0

Barracuda Security Service User Guide

PureMessage for Microsoft Exchange Help. Product version: 4.0

Serial Deployment Quick Start Guide

Creating a Content Group and assigning the Encrypt action to the Group.

Barracuda Spam Firewall User s Guide

Comprehensive Anti-Spam Service

Account and User Management Training Guide

Enterprise Vault.cloud Deployment Checklist

Spambrella SaaS Encryption Enablement for Customers, Domains and Users Quick Start Guide

Implementing MDaemon as an Security Gateway to Exchange Server

Installing Policy Patrol with Lotus Domino

Overview. Accessing the User Interface. Logging In. Resetting your Password

T E C H N I C A L S A L E S S O L U T I O N

Barracuda Spam&Virus Firewall v5.1 a Web Filter v5.0 Nové funkce, pluginy a uživatelská vylepšení. Jiří Blažek, Product Manager

Using Barracuda Spam Firewall

IBM Express Managed Security Services for Security. Anti-Spam Administrator s Guide. Version 5.32

Migration Manual (For Outlook 2010)

MAIL CENTRAL. Spam & Virus Protection Service for TREB

Hosting Control Panel (CP) Admin Guide

Norman Protection

Admin Quick Start Guide Protection Service Anti-Virus & Anti-Spam

Policy Based Encryption Gateway. Administration Guide

Barracuda Spam Firewall Administrator s Guide

Guardian Digital Secure Mail Suite Quick Start Guide

Barracuda Spam Firewall User s Guide

FortiMail Filtering Course 221-v2.0. Course Overview. Course Objectives

How To Manage Your Spam On Graymail On Pc Or Macodeo.Com

Service Overview & Installation Guide

Cloud Services. Cloud Control Panel. Admin Guide

PureMessage for Microsoft Exchange Help. Product version: 3.1

1 You will need the following items to get started:

Sonian Getting Started Guide October 2008

Barracuda Spam Firewall Users Guide. How to Download, Review and Manage Spam

MailFoundry User Manual. Page 1 of 86. Revision: MF Copyright 2007, Solinus Inc. All Rights Reserved. Page 1 of 86

AntiSpam. Administrator Guide and Spam Manager Deployment Guide

Domains Help Documentation This document was auto-created from web content and is subject to change at any time. Copyright (c) 2016 SmarterTools Inc.

Quick Start Guide for administrators

How To Use Touchtone.Com'S Digital Phone Service Web Portal User Guide (For Ip Phones) On A Pc Or Ip Phone (For A Cell Phone) On Pc Or Mac) On Your Ip Phone On A Mac Or Ip Cell Phone On

Office 365 Exchange Online Protection Administration Guide

GFI Product Manual. Administration and Configuration Manual

Journaling Guide for Archive for Exchange 2007

Sophos Appliance Configuration Guide

Load Balancing Exchange 2007 SP1 Hub Transport Servers using Windows Network Load Balancing Technology

Administrator Quick Start Guide

Forefront Spam Filtering

Anti Spam Best Practices

Policy Based Encryption Gateway. Administration Guide

Sophos Appliance Configuration Guide

Spam Management Service Users Guide

Basic Exchange Setup Guide

Websense Security Transition Guide

Installing GFI MailEssentials

Green House Data Spam Firewall Administrator Guide

Hosted CanIt. Roaring Penguin Software Inc. 26 April 2011

Installing GFI MailEssentials

PORTLANDDIOCESE.ORG - How to Connect Table of Contents

Evaluation Guide. eprism Messaging Security Suite V8.200

How To Set Up A Barcuda Server On A Pc Or Mac Or Mac (For Free) With A Webmail Server (For A Limited Time) With An Ipad Or Ipad (For An Ipa) With The Ip

Mimecast Personal Portal (MPP)

Policy Based Encryption E. Administrator Guide

Policy Based Encryption E. Administrator Guide

Exchange Online Protection In-Depth

PORTLANDDIOCESE.ORG - How to Connect Table of Contents

Transcription:

INLINE INGUARD E-MAIL GUARDIAN Activation Guide December 8, 2008 600 Lakeshore Parkway, AL 35209 888.3InLine support@inline.com 1

InLine InGuard E-Mail Guardian Activation Guide The InLine InGuard E-Mail Guardian Activation Guide is designed to confirm basic account information and to provide you with the information you ll need to begin protecting your organization from spam, viruses and worms, email attacks, and inappropriate or dangerous content and attachments. The Activation Guide also includes configuration information for InLine Directory Integration. The last two pages of the Activation Guide include important information on: InLine Customer Portal our online customer support services portal InGuard Console SM the InLine web-based administrative platform InLine Education Services includes times and dates for Service Administrator training sessions InLine Contact Information Includes contact information for InLine Customer Support Services, technical support and provisioning inquiries. Your InLine Service Customer Name: <customer name> Customer Number: <customer number> Service Package: < Service package> InGuard Console SM Web Address: https://portal.inguard.mxlogic.com InGuard Console Username: <user email> InGuard Console Password: <password> Configure the InGuard Administrators 1. Log into the InGuard Console Log into the InGuard Console at the Web address listed above. 2. Verify Protected Status of Customer Admin User Account If your organization plans to use InGuard Directory Integration it is important that the User Status of your Customer Administrator User Account (the Username listed above) is set at Protected, and not Active or Inactive. To confirm or change the Status, navigate to Account Management Users Accounts. Select specific Account Click Edit Change Status from Active to Protected 3. Provision additional Administrators If more than one individual will have administrative responsibilities for your account, Customer Administrators can create additional Customer Administrators in the InGuard Console. In order for the additional Customer Administrators to be able to submit Customer tickets, you will need to contact InLine Customer Support, which will provision the additional Customer Administrators. 2

Configure the InLine InGuard E-Mail Guardian 4. Verify Inbound Server host addresses and preferences Go to InGuard E-Mail Guardian Setup/Inbound Servers, and verify that the Inbound Server host addresses are accurate and that the appropriate preferences are defined for the host addresses. 5. Verify Domains/Verify Domain Spelling Go to Account Management/Domains to verify that your domains are present and that they are spelled correctly. 6. Verify Outbound Server IP address(es) (if applicable) If your service package includes Outbound Filtering, go to InGuard E-Mail Guardian Setup/Outbound Servers and verify the Outbound Server public IP host address(es) for accuracy. 7. Determine User Creation setting/create Users Go to InGuard E-Mail Guardian Setup, where you can determine whether you want the system to auto-create User Accounts or if you want to control User Account creation. You also can specify how an inbound message should be handled when it is addressed to a recipient that is invalid or does not exist. InLine strongly suggests that the User Creation option be set to Explicit, which can be done at any time. The Explicit setting is recommended if you plan to create users via InLine Directory Integration (detailed later this document). If the User Creation option is changed from SMTP Discovery to Explicit, the Administrator should immediately delete any invalid User Accounts. From this point forward, the Administrator will maintain the creation of User Accounts manually. 8. Verify Policy Settings Go to InGuard E-Mail Guardian Policies to determine how the Service will handle incoming messages that contain threats (spam, viruses, etc.), the distribution of Spam Quarantine Reports, and to set up Allow and Deny Lists and internal email violation notifications. Determine Anti-Virus Actions Determine Anti-Spam Actions Determine Distribution Requirements for Spam Quarantine Reports Determine Content Actions Determine Attachment Actions Configure Allow and Deny Lists Set up email Notifications for Virus, Attachment or Content violations. 9. Redirect your Mail Exchange (MX) Record As noted above, InLine has provisioned domain.com in the InLine systems. In order to begin email filtration, you or your Internet Service Provider need to redirect your mail exchange (MX) record for all protected domains: [fully qualified domain name].inbound10.mxlogic.net at a preference level of 10 [fully qualified domain name].inbound10.mxlogicmx.net at a preference level 10

Additional domains should be redirected in the same manner. Do not redirect your mail exchange (MX) record to anything other than what you see listed above. Use of other MX records may cause mail to bypass the filtering system, increasing threat exposure. Once the MX Record changes are propagated, inbound mail for the specified domain(s) will begin being filtered by InLine. 10. Lock down SMTP to your mail server Customers using Cisco PIX or ASA firewalls: We suggest the SMTP Fix Up or Inspect ESMTP settings be disabled on your firewall prior to setting up your InLine service. Customers subscribing to InLine Outbound Message Filtering: InLine recommends that you test for and disable any open relays on your mail server or network. Open relays are a major security concern, which if not corrected, can result in the immediate shutdown of Outbound Message Filtering by InLine. Follow the steps below to properly lock down SMTP to your mail server. Customers using firewalls with built-in spam filtering (i.e., Barracuda): Some firewalls using built- in spam filtering may block some InLine IP addresses. If you use such an appliance and it is behind another firewall, it is recommended to also add the InLine IP ranges to the appliance so that traffic from InLine is accepted. Not doing so can cause intermittent interruptions to email delivery. Note that some older versions of these appliances do not allow input of IP addresses/ranges. In this case, it is recommended that the appliance be disabled/removed from service as InLine will provide the same type of spam filtering with a more user-friendly configuration. Customers using Sender Policy Framework (SPF): InLine recommends that customers using the InGuard E-Mail Guardian for inbound mail filtering disable any SPF check and/or rejection, based on SPF failures. This will prevent delivery difficulties when the message is seen by a recipient as being sent by InLine, as opposed to the actual sender. Customers who subscribe to InLine Outbound Message Filtering should include the following segment in their SFP record to ensure that recipients understand that mail is being sent by InLine on behalf of your organization: include:mxlogic.net For more information on Sender Policy Framework, see: http://openspf.org http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard Five to seven days after redirecting your MX Record, it is recommended that the Customer Administrator for your organization lock down your mail server(s) or create firewall rules that will ensure that only filtered mail from InLine will be delivered to your server(s). To ensure that no mail is presented to your mail server without being processed by InLine, you will need to restrict all IP access to your mail server with the exception of the following InLine subnets. The InLine preferred setting is to include the Classless Inter-Domain Routing (CIDR) for the entire Class 8 C notation. Alternate settings are also provided below. Preferred Setting If your firewall solution accepts Classless Inter-Domain Routing (CIDR) and can support Class 8 C notation please include the following:

CIDR Starting IP Ending IP 208.65.144.0/21 208.65.144.0 208.65.151.255 208.81.64.0/22 208.81.64.0 208.81.67.255 Alternate Setting (1) If your firewall solution accepts Classless Inter-Domain Routing (CIDR) and only supports Class 1 C notation, you will need to include the following entries to the entire subnet: CIDR Starting IP Ending IP 208.65.144.0/24 208.65.144.0 208.65.144.255 208.65.145.0/24 208.65.145.0 208.65.145.255 208.65.146.0/24 208.65.146.0 208.65.146.255 208.65.147.0/24 208.65.147.0 208.65.147.255 208.65.148.0/24 208.65.148.0 208.65.148.255 208.65.149.0/24 208.65.149.0 208.65.149.255 208.65.150.0/24 208.65.150.0 208.65.150.255 208.65.151.0/24 208.65.151.0 208.65.151.255 208.81.64.0/24 208.81.64.0 208.81.64.255 208.81.65.0/24 208.81.65.0 208.81.65.255 208.81.66.0/24 208.81.66.0 208.81.66.255 208.81.67.0/24 208.81.67.0 208.81.67.255 Alternate Setting (2) If your firewall solution does not accept Classless Inter-Domain Routing (CIDR) notation, you will need to include the starting and ending IP address for either the Class 8 C addresses or the Class 1C addresses which are included above. Least Desirable Setting If your firewall does not accept Classless Inter-Domain Routing or IP starting and ending ranges, you can download a complete listing of affected IPs at http://support.inline.com/portals/0/documents/validiplist.txt Any of the above changes can be done by creating a firewall rule, or restricting access at the server level. We highly recommend that you lock down these subnets at your firewall as the priority preference. Please consult with your network administrator before making any changes. For additional information regarding the restriction of IP addresses please refer to instructions from your firewall setup or from your firewall provider. Testing Your Configuration Once you have completed this process, visit http://www.mxlogic.com/configtest/ and complete the Configuration Test Form, which will confirm whether or not the reconfiguration instructions were properly implemented for each domain. 11. Define smart host or relay for Outbound Filtering (if applicable). If your Service package includes Outbound Message Filtering, the Customer Administrator is responsible for establishing a smart host or relay on their mail server, directing outbound mail flow through InLine. Please note that the following steps will be required during the service configuration process to provision Outbound Message Filtering as part of your service package. Each outbound domain will need to be configured with the appropriate information. Enter the public IP address(es) associated with the outbound service on your mail server on the InGuard Console SM Setup tab, Outbound configuration. If you use a

consecutive block of outbound IP addresses these addresses may be referred using CIDR notation (ex. 4 consecutive addresses = "111.222.111.0/30" or 32 consecutive addresses = 111.222.111.0/27 ). To ensure the strictest security, InLine recommends that only single IPs or CIDR notation for a /32 should be used to configure your outbound smart host or relay. Establish a relay or smart host sending outbound traffic to the following addresses: o o [fully qualified domain name].outbound10.mxlogic.net [fully qualified domain name].outbound10.mxlogicmx.net After these tasks have been completed, InLine can accept all of your outbound email for filtering of virus, worms and inappropriate content and attachments, and based on customer configuration, can include your customized outbound disclaimer to all outbound messages. 12. Introduce the service to End-users You may want to create a plan to roll the Service out to your Users; review Preferences available to Users, explain how to use Spam Quarantine Reports and when to enter sender addresses on the User-level Allow and Deny Lists. To help introduce the Service, you may use the InGuard Management Quick reference guide available from http://support.inline.com. End users that use Outlook 2003 or 2007 can also take advantage of the complimentary InLine Spam Control for Outlook feature, which enables them to click a Delete As Spam button on their Outlook toolbar to: Immediately delete suspect messages from the Inbox. Simultaneously send the messages to the InLine Threat Center for analysis and action. The Delete As Spam button can be downloaded by users by visiting: http://support.inline.com Fine Tune Your Service Monitor mail flow and your Message Quarantine As the Customer Administrator, it will be important to monitor the email messages that appear in the Message Quarantine areas and to review the various Service mail flow statistical reports. Reviews of Message Quarantine areas should be performed to ensure that messages from senders of desired organizations are not being quarantined unnecessarily. Those sender addresses may be added to the Policy-level Allow List. Senders from undesired organizations can also be determined by Message Quarantine monitoring, and those senders can be added to the Policy-level Deny List. Reports and Statistics detail traffic, threats encountered, message released from the Quarantine, inbound server connections, and more. Reviewing the Reports will provide information that can help the Administrator to fine-tune Policy Set definitions.

Modification of User Creation Setting (if applicable) If SMTP Discovery has been selected as the User Creation option, there may be User Accounts in the InGuard Console that do not exist on your mail server. Administrators are encouraged to delete those invalid User Accounts. InLine strongly suggests that the User Creation option be set to Explicit, which can be done at any time. If the User Creation option is changed from SMTP Discovery to Explicit, the Administrator should immediately delete any invalid User Accounts. From this point forward, the Administrator will maintain the creation of User Accounts manually. Configure InLine Directory Integration InLine Directory Integration is a user directory synchronization service that simplifies management of InLine managed security services. Service administrators can use Directory Integration to synchronize changes made in their Active Directory, including primary and alias email addresses and distribution lists, with the InLine system. Please note: InLine strongly recommends that the Explicit user creation mode, and not SMTP Discovery, be used in conjunction with Directory Integration. Administrators can easily set up an automated schedule for the synchronization of account information, ranging from one to four times per day, or they may also initiate a manual synchronization through the InGuard Console. Directory Integration is available for customers that meet the following requirements: Access to the InGuard Console. A valid administrative account on the InGuard Console that will be protected from changes during synchronization with the Active Directory. A supported version of Microsoft Active Directory server (v2007, v2003, v2000, or v5.5) To configure Directory Integration for your organization, visit the InGuard Console at the address listed on the first page of this document and navigate to Account Management > Sync Setup. Key InLine Service Information The InLine Customer Portal The InLine Customer portal is accessible 24x7, and enables you to: View and download InLine reference materials. Review the process for submitting Customer tickets, which can be used to report service questions and issues and billing inquiries. Service Requests are generated and sent directly to InLine Customer Support Services. You can also track the progress of your requests through the Customer portal.

View current status information for InLine systems. InLine regularly updates System Status messages to keep customers informed of issues that may be affecting the performance of the InGuard Console or InLine managed security services. InGuard Console SM The InGuard Console is a centralized, web-based administration and reporting platform that provides you with one interface for managing all InLine managed security services. InLine Education Services InLine provides educational information through it's customer support site at http://support.inline.com and additional assistance is available by contacting our help desk InLine Contact Information InLine General Information Customer Support Services, Technical Support, Provisioning Inquiries 600 Lakeshore Parkway Toll-free: +1.888.3InLine Ext. 119 (+1.888.346.5463), AL 35209 Direct: +1.205.278.8119. Toll-free: +1.888.3InLine Hours: 24 x 7 (+1.888.346.5463) Customer: http://support.inline.com Direct: +1.205.278.8100 Fax: +1.205.941.1934 Website: www.inline.com Email: support@inline.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information