McAfee MFO-3400-SWGA - Web Security Appliance 3400 Fail Installation Manual
  1. Manuals
  2. Brands
  3. McAfee Manuals
  4. Firewall
  5. MFO-3400-SWGA - Web Security Appliance 3400...
  6. Installation manual
McAfee MFO-3400-SWGA - Web Security Appliance 3400 Fail Installation Manual

McAfee MFO-3400-SWGA - Web Security Appliance 3400 Fail Installation Manual

Installation guide
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
McAfee Email and Web Security
Appliance 5.1
Installation Guide

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the MFO-3400-SWGA - Web Security Appliance 3400 Fail and is the answer not in the manual?

Questions and answers

Related Manuals for McAfee MFO-3400-SWGA - Web Security Appliance 3400 Fail

Summary of Contents for McAfee MFO-3400-SWGA - Web Security Appliance 3400 Fail

  • Page 1 McAfee Email and Web Security Appliance 5.1 Installation Guide...
  • Page 2 SITEADVISOR, THREATSCAN, TOTAL PROTECTION, VIREX, VIRUSSCAN, WEBSHIELD are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners.

  • Page 3: Table Of Contents

    Supplying power to the appliance............25 McAfee Email and Web Security Appliance 5.1 Installation Guide...
  • Page 4 Anti-virus automatic updating............48 McAfee Email and Web Security Appliance 5.1 Installation Guide...
  • Page 5 Getting more help — the links bar............50 McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 6: Preface

    • Begin to use the appliance. • Test the appliance in a laboratory environment (optional). You can find additional information about McAfee Email and Web Security Appliance scanning features in the online help. This includes information about: • Basic concepts •...

  • Page 7: Graphical Conventions

    Actual data path Perceived data path Documentation This Installation Guide is included with your appliance. Additional information is available in the online help, and other documentation available from the documentation CD. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 8: Pre-Installation

    • Secure Messaging Gateway v5.0 installation and recovery CD • Linux source code CD • Quarantine Manager v5.0 CD • Documentation CD If an item is missing or damaged, contact your supplier. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 9: Plan The Installation

    Install the appliance so that you can control physical access to the unit and access the ports and connections. A rack-mounting kit is supplied with the appliance, allowing you to install the appliance in a 19-inch rack — see Mounting the appliance in a rack. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 10: Considerations About Network Modes

    If you change to transparent bridge mode from explicit proxy or transparent router mode, only the enabled IP addresses for each port are carried over. TIP: After you select an operational mode, McAfee recommends not changing it unless you move the appliance or restructure your network. Contents...

  • Page 11: Transparent Bridge Mode

    Devices on one side of the bridge (such as a router) that communicate with devices on the other side of the bridge (such as a firewall) are unaware of the bridge. They are unaware that McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 12: Transparent Router Mode

    In transparent router mode, the appliance must join two networks. The appliance must be positioned inside your organization, behind a firewall. NOTE: Transparent router mode does not support Multicast IP traffic or non-IP protocols, such as NETBEUI and IPX. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 13: Explicit Proxy Mode

    The appliance scans the email traffic before forwarding it, on behalf of the sender, to the external mail server. The external mail server then forwards the email message to the recipient. McAfee Email and Web Security Appliance 5.1 Installation Guide...
  • Page 14 Typically, the firewall is configured to block traffic that does not come directly from the appliance. If you are unsure about your network’s topology and how to integrate the appliance, consult your network expert. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 15: Deployment Strategies For Using The Appliance In A Dmz

    For this reason, explicit proxy mode is usually used for SMTP scanning. McAfee Email and Web Security Appliance 5.1 Installation Guide...
  • Page 16 To implement a DMZ configuration using a proprietary mail gateway, add the appliance to the DMZ on the SMTP side of the gateway. Figure 8: Protecting a mail gateway in DMZ In this situation, configure: McAfee Email and Web Security Appliance 5.1 Installation Guide...
  • Page 17 The RPC protocol is widespread on Microsoft networks — opening TCP 135 inbound is a red flag to most security professionals. If you intend to use this workaround, details can be found in the following Knowledge Base articles on the Microsoft website: • Q155831 • Q176466 McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 18: Connecting And Configuring The Appliance

    Unpack the pallet and check the contents against the What’s in the box parts lists in the box. Rack-mount the appliance. Mounting the appliance in a rack Connect the peripherals and power. Monitor and keyboard McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 19: Ports And Connections

    This chapter shows the panel layouts for each model of appliance. 3000, 3100 panel layout 3200 panel layout 3300 and 3400 panel layout Panel components: 3000, 3100, 3200, 3300, 3400 3000, 3100 panel layout 3200 panel layout McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 20: 3300 And 3400 Panel Layout

    Power socket Use the correct power cord for your location. NOTE: 3300 and 3400 appliances only — We recommend you connect both power supplies. McAfee Email and Web Security Appliance 5.1 Installation Guide...
  • Page 21 Setup Wizard. See the Product Guide for more information. NOTE: The fiber ports have covers to protect the optics when not in use. Remove covers before use and replace covers if disconnecting the fiber connections. McAfee Email and Web Security Appliance 5.1 Installation Guide...
  • Page 22 • Operational — the top LED lights green when the drive is in use. CAUTION: Do not remove a drive when it is operational because this can cause data loss or hardware damage. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 23: Physically Installing The Appliance

    When you connect the Appliance to your network, use the following port numbers: • For HTTPS, use Port 443. • For HTTP, use Port 80. • For SMTP, use Port 25. • For POP3, use port 110. • For FTP, use Port 21. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 24: Using Copper Lan Connections

    If your management computer has a compatible Network Interface Card (NIC), connect it to the remaining connector for local management. Monitor and keyboard Connect a monitor and keyboard to the appliance. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 25: Supplying Power To The Appliance

    Use this task to install the Email and Web Security software on the appliance. Tasks From a computer with internet access, download the latest version of the Email and Web Security software from the McAfee download site. (You will need your Grant Number to do this.) Create a CD from this image.

  • Page 26: Configuring The Appliance Using The Setup Wizard

    • the Standard Setup option • the Custom Setup option In the standard pages, McAfee configure some of the most-commonly used settings for you. The custom pages enable you to sellect these settings yourself. Some of the settings in the Setup Wizard reflect choices you made when you used the Configuration Console.
  • Page 27 Use this page to specify the type of traffic that the appliance scans. Web traffic includes HTTP traffic only. After installation: • The appliance protects your network against viruses, and uses McAfee SiteAdvisor when visiting web sites. • If you want to scan more types of traffic, you can enable each protocol from its page. From the menu, select Web | Web Configuration | HTTP, Web | Web Configuration | ICAP or Web | Web Configuration | FTP.
  • Page 28 When you first log onto the interface, type the user name, scmadmin and the password that you gave to this setup wizard. Option definitions Option Definition The value is set according to best practice. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 29: Performing A Custom Setup

    To prevent duplication of IP addresses on your network and to deter hackers, give the appliance new IP addresses, and disable the default IP addresses. The IP addresses must be unique and suitable for your network. Specify only as many IP addresses as you need. McAfee Email and Web Security Appliance 5.1 Installation Guide...
  • Page 30 Use this page to specify the type of traffic that the appliance scans. • Web traffic includes HTTP (for web browsing), ICAP (for use with ICAP clients), and FTP for file transfer. • Email traffic includes SMTP and POP3. McAfee Email and Web Security Appliance 5.1 Installation Guide...
  • Page 31 Use this page to specify a password for the appliance. For a strong password, include letters and numbers. You can type up to 15 characters. Option definitions Option Definition User ID This is scmadmin. You can add more users later. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 32: Using The Appliance

    After installation Updates and HotFixes Before deploying the appliance, download and apply the latest applicable updates and HotFixes from the download site: http://www.mcafee.com/us/downloads/ NOTE: You will need a valid grant number. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 33: After Installation

    Figure 9: Interface components - System Status page Navigation bar Support control buttons User information bar View control Section icons Content area Tab bar Navigation bar McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 34: Testing The Appliance

    About the Appliance gives you appliance and package version information. Resources provides instructions on how to submit a virus sample to McAfee correctly and links to additional McAfee resources such as our Service Portal and the Virus Information Library.
  • Page 35 Use this task to run a General Test mail for Unsolicited Bulk Email (GTUBE) to verify that the Anti-Spam Module is detecting incoming spam. Task From an external email account (SMTP client), create a new email message. McAfee Email and Web Security Appliance 5.1 Installation Guide...
  • Page 36 The Anti-Spam Module scans the message, recognizes it as a junk email message, and deals with it accordingly. The GTUBE overrides blacklists and whitelists. For more information about the GTUBE, visit http://spamassassin.apache.org//. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 37: Exploring The Appliance

    • Double-click an event to see more information about it. • Save or print the report. • Select Options to search for a specific event. • Use the Show Chart feature to see a graphical representation of the information. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 38: Using Policies To Manage Message Scanning

    Before you create policies All quarantine actions are disabled by default. Before you enable them, configure the appliance to use the McAfee Quarantine Manager to manage the quarantine location. To do this: From the user interface, select Email | Quarantine Configuration.

  • Page 39: Creating An Anti-Spam Scanning Policy

    A policy like this protects users from receiving unsolicited email messages that reduce productivity and increase the message traffic through your servers. Task On the appliance, ensure that you are using McAfee Quarantine Manager (Email | Quarantine Configuration). Select Email | Email Policies | Scanning Policies.

  • Page 40: Creating An Email Compliance Policy

    Open McAfee Quarantine Manager and look at the spam queue. Release the spam message. 10 Check the recipient email account to see the message. Detected messages are sent to McAfee Quarantine Manager and can be managed by an administrator. Creating an email compliance policy Use this task to set up a policy to ensure that messages your users send to external mail accounts comply with official content libraries.
  • Page 41 Quarantined messages counts have increased. 17 Click the Quarantined messages link to display information on these messages. 18 Using the recipient’s email account, open McAfee Quarantine Manager User interface and select Unwanted Content. 19 Select the message and click Submit for Release.

  • Page 42: Troubleshooting

    If the appliance is still not receiving network traffic, check the network cables and the network ports on your network equipment. If the cables and ports are working, there is a problem with the appliance. Contact your supplier. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 43: Faq

    • If you are remotely connected to the appliance (across the network) through the LAN1 port, ensure that: • The computer you are using has a working connection to your network, and that it can reach the same subnet to which the appliance is connected. McAfee Email and Web Security Appliance 5.1 Installation Guide...
  • Page 44 • The correct protocols are enabled for the appliance (all protocols are enabled by default). • The clients and other devices are configured to route traffic to and from the appliance. • The network has no problems, and your device is connected correctly. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 45: Mail Issues

    The appliance works through the messages until each one is sent. If there is still a delivery problem caused by the network or an appliance configuration problem, the message is returned to the Deferred Mail folder. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 46: Email Attachments

    Check the configuration of your inside and outside networks. Make sure that the list of outside networks has an asterisk (*) as the last entry. Also, make sure that the list of inside networks does not have an asterisk. POP3 This section discusses POP3 issues. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 47: Physical Configuration

    Make sure that the IP address of the firewall is included in the list of outside networks. Connections from the outside may appear to the appliance as though they were coming from the firewall. System maintenance This section discusses system maintenance issues. McAfee Email and Web Security Appliance 5.1 Installation Guide...

  • Page 48: Anti-Virus Automatic Updating

    These lists are effective in reducing unwanted email messages but are not complete. To block a specific sender of spam: In the navigation pane, select Configure | SMTP. Select Protocol Settings | Permit and Deny Settings. McAfee Email and Web Security Appliance 5.1 Installation Guide...
  • Page 49 For example, rather than permitting whole domains or networks, specify individual email addresses instead. • The mail client software does not automatically move unwanted messages into a spam folder, so users still see spam in their inboxes. McAfee Email and Web Security Appliance 5.1 Installation Guide...
  • Page 50 The links bar in the appliance interface window provides links to more sources of information. You can: • Access the McAfee online virus information library to find out more about a specific virus. • Submit a virus sample to McAfee for analysis.

This manual is also suitable for:

Email and web security appliance 5.1

Table of Contents