• No results found

Frequently Asked Questions

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Frequently Asked Questions"

Copied!
9
0
0

Loading.... (view fulltext now)

Download now ( 9 Page )

Full text

(1)

Email Security

Email Security Questions and Answers

Frequently Asked Questions

Questions About Platform, Requirements, and Capabilities

What is the difference between a SonicWALL Email Security Appliance and Software SonicWALL Email Security?

The hardware version is a Linux appliance and the software version is meant to run on a Windows platform with a minimum of 1GB of additional memory. The appliance platform eliminates server administration yet provides the same features as the software version. The software version allows for customizable drive space (useful for

archiving data to the CC or external SMTP server if the appliance SES hard drive capacity will be exceeded) as well as backup options but requires a windows platform as well as hardware. The appliance does not allow for

(2)
(3)

What is SonicWALL Time Zero virus filtering?

SonicWALL's Time Zero Virus Technology uses a combination of Predictive and Responsive techniques to identify messages with a possible virus. This technology is most useful when a virus first appears and before a virus signature is available to identify, stop and clean the virus.

This is an advanced technique provided by SonicWALL to protect against new virus threats. It protects the systems even when new signatures are not in place to combat the virus threat.

Can we run SES as a hosted solution?

How can I configure SES in a hosted environment (multi-tenant) ?

Yes, SES can run as a hosted solution. It should be configured to be a first touch server for all the domains for which SES would accept mails.

Someone else hosts my email, will an SES appliance work for me?

If your ISP handles your mail for you, you cannot use the Linux-based SonicWALL Email Security Appliances or Email Security Software. You can run the SonicWALL Anti-Spam Desktop Software to protect your email account from junk mail. The Anti-Spam Desktop works only with Outlook and Outlook Express on Windows computers. This user-level product delivers many of the same features delivered by our server products.

What are the product's capabilities for filtering non-English spam, including double-byte encoded languages like Chinese and Japanese?

SES allows the creation of rules such as "block all Russian" or "block all Chinese." A total of 17 languages,

including English, are supported. It also supports the creation of "allow all" rules such as "allow all French" for each of the 17 languages.

The product also uses other techniques specifically targeting non-English spam - special word lists and thumbprints. Target languages include French, German, Spanish, Chinese, Japanese and Russian.

How many mails per hour can an ES appliance process?

How many emails do you process in a minute per hour per day? How many mails can each ES model handle per hour?

How many mails can ES process during peak hours?

The real number depends on a number of factors unique to your company. In general, the SonicWALL Email Security system easily processes between 250,000 and 500,000 messages per day (3,000,000 under ideal conditions for the ES8000).

How do you stop image spam?

How does your solution block the trickier types of spam like image-based spam?

(4)

Can GMS manage Email Security?

SonicWALL GMS (Global Management System) can monitor ES by enabling GMS in SNCWLCLI and then add the ES to the SNMP Net Monitor in SGMS. Policies from GMS cannot be pushed to SES. See Email Security: How to use SNMP Net Monitoring with Email Security in the SonicWALL Knowledge Portal.

Does SES support multiple domains?

Yes. SES can support multiple domains such as parent and child domains or completely new domains. What kind of mail server does SES support?

SES can use any mail server that uses SMTP but does not support POP3/IMAP. Does ES support non-SMTP protocols?

Only SMTP is used; SonicWALL does not support POP3 (except for ASD). How does ES impact my Blackberry/Windows Mobile/other handheld client? PDAs and SmartPhones are not affected by SES and rely solely on the mail server.

If the McAfee AV subscription expires, can I use the old signatures left over on SES?

Old signatures could be used but messages will not receive protection from new threats. SES would scan with old signatures for a period of 7 days.

Is there a CDP agent to back up SES? No, the CDP agent doesn’t run on SES.

What happens if I have 1 CC / RA as well as an RA machine in HA and the machine holding the CC fails? SES will still function but there will be no junk box access and configuration changes are not allowed until an RA can be promoted to CC.

(5)

Questions About Configuration

What is the best practice for setting up ES in a non-LDAP environment?

SES can be set up without an LDAP server if your organization does not use a directory server, however DHA prevention will be disabled without LDAP.

What is the best practice for setting up ES in a load-balanced and/or redundant mode? Set up multiple ES devices in the DMZ utilizing a UTM to load balance inbound SMTP traffic.

Another option is to setup ES as the first-touch/last-touch server in the DMZ and use multiple MX records with the same priority or define multiple A records in your DNS zone with the same name and different IP addresses. How do I configure the SES for use with multiple LDAP domains?

Can I connect SES to multiple LDAP domains or authentication servers? SES 7.0, recently released, has this capability.

Do you need an LDAP Server to use ES?

Does SES need a directory server? (like AD, LDAP)

No, LDAP is not necessary but is recommended. Users must be added manually and there will be no DHA prevention.

How do I import custom black lists?

Go to Anti-Spam, Anti-Phishing -> Black List Services. Select Add to import custom black list.

How do I install the Asian Pack so I stop getting spammed with e-mails saying I need to install this pack? The language pack is provided by Microsoft Windows Server for installation.

How do I setup HA with Email Security? MX records, multiple CCs, multiple RAs? Can the SES be installed in hardware failover mode like the firewall?

Is there any HA arrangement to protect my mail flow uninterrupted? Can I install multiple ES appliances to share the load?

What is the minimum requirement for an HA setup?

Can I use this solution in a load balanced or redundant fashion?

(6)

When should you use MTA versus mail proxy?

You will want to use the ES in MTA mode when you want to queue the mails temporarily on disk and then retry for delivery later when your downstream server is online.

Proxy could be used only for a single downstream server. It is faster than MTA mode. Disadvantage: If the downstream server is down there will be no mail flow from ES.

MTA mode gives many options of configuration. It really depends upon network architecture and placement of the downstream server. This is always ON even when downstream server is down.

Can I configure some users to have access to their filtering profiles and some not to have access? Yes, this option can be configured by applying filters to only specific users or groups. You must have an LDAP server.

How do I access configuration files on the SES appliance like I do with the software version?

Configuration files for the appliance cannot be accessed. All configuration settings, junk box, archive, and reports data are snapshot to a file, which is used to restore the appliance.

What Ports are used for Email Security?

SonicWALL Email Security uses ports: 25 (SMTP), 53 (DNS), 389 (LDAP), 636 (LDAPS), 80 (HTTP), 443 (HTTPS), 2599 (replication), and port 3050 (Firebird).

Does SES require any DNS change during installation?

DNS changes are not necessarily required; SES just needs to be defined in the mail flow. If SES is running as a first touch server, then the DNS records may need to be changed as well as appropriate NAT changes to direct port 25 to SES.

Questions About Licensing

Why do I need to buy the transition SKU?

A transition SKU was needed to facilitate license transfers when MailFrontier was first acquired by SonicWALL. Do I need to have the same licenses on the CC as the RA?

As of release 6.x, the same license on the CC can be used for any number of RAs if the devices are registered under the same mysonicwall account. Refer to "How to setup / breakdown cluster licensing" at

https://www.mysonicwall.com/User/PartnerPortalRedirect.aspx?APP=KNPAN

SW licensing: can it be loaded on multiple machines, what do I need if I have a split architecture?

In a distributed system, how do I license the individual RAs and CC for X number of total users with AV? A set of licenses can't be used on multiple system unless they are running in a split mode. If you are running in split mode with a version 6.2 or above, you can license the entire cluster (CCs & RAs involved in that setup) with one set of licenses. However, you need to follow a few steps to take advantage of this cluster feature:

1. Register all products you plan to use in the cluster under the same mysonicwall account.

(7)

3. Licenses applied to the CC are then automatically copied to RAs in that cluster and will be eventually pulled by Email Security units. If you want to move a machine out of the split mode, you need to take it out of the cluster on mysonicwall and buy separate licenses for it.

Prior to 6.2, the licensing model required one set of licenses per system.

What if I buy an appliance for xxx users and my company keeps growing – do I need to buy a new appliance?

Consider split mode configuration and adding an RA for scalability. Depending upon the number of users and mail flow, the recommended limitations are: 1-500 for ES300, 1-1000 for ES500, 1-5000 for ES6000, and 1-10,000 for ES8000.

What is deemed a “node” or “user” in SES? (is it a mailbox, an Exchange account, an SMTP address, etc..), and can I upgrade node count later on?

A node is a mailbox (excluding aliases) in SES and the user count can be upgraded provided that the user limitations of the appliance has not been exceeded. Refer to ES product comparison at:

http://www.sonicwall.com/us/products/email_security_anti-spam_comparison_197.html for detailed information. How many domains can you add to the email security appliance?

The number of domains supported is mainly dependent upon hardware, number of users, and the number of messages to be processed.

Questions About Operation

Where is the Reports database located?

By default, the database is located in <drive>:\Program Files\SonicWallES\reportdb\<hostname>

What about encryption? How do I turn it on selectively? Do you recommend an encryption product the works with the SES? Do you have procedures to set it up?

Mail can be forwarded to an encryption server. SES supports filtering to selectively send mail to an encryption server. For example: HIPAA dictionary is used in filtering email for medical terms; if any are found, the email can be routed to the encryption server (refer to ES Administrators Guide under Policy Management).

How do I recover from lost login password and IP?

If the software SES is used, rename the accounts.xml file with a .old extension (the accounts.xml file is located in the data directory) and restart the server as this will create a new accounts.xml file with default values. If using the appliance, connect directly to the appliance with a monitor and PS2 keyboard and restart the appliance. Press the tab key several times during bootup to access boot options. Select the option SNWL Authentication Reset and press the return or enter key. When the appliance is online, use the web interface to connect with the default admin/password credentials.

(8)

How do I view / empty queue contents?

The MTA mail queue can be viewed, however there is no option to empty the MTA queue by deleting the mails in the queue. This can be done under Reports & Monitoring -> MTA Status. Click on Show Details (within MTA Status) and then click on Deliver All Queued Messages to retry connection to the downstream server before the defined MTA retry interval.

How do I reset the Email Security appliance?

Pressing the reset button on the front panel for a few seconds will reboot the appliance to GRUB where SonicWALL SafeMode can be selected to restore system defaults. This can also be accomplished in the UI by going to System -> Advanced -> Reinitialize Appliance to Factory Settings.

How do I report spam that makes it through the SES?

Missed spam can be reported to SonicWALL for analysis by configuring Spam Submissions under Spam, Anti-Phishing in the SonicWALL interface (refer to SonicWALL ES Admin Guide for more details). Missed spam can also be reported by using the Junk Button in Outlook. This sends a thumbprint to SonicWALL’s data center.

Questions about Archiving

What archiving facilities are available on ES and how can I get access to my old emails?

Archiving can be performed by routing a copy to an external SMTP server or to the internal file system (can affect system performance) via Policy & Compliance > Compliance Module > Archiving.

Archiving is an important feature for me. Can SES do it?

SES supports Auditing. Messages can also be archived to an external SMTP server. Can I archive to a different location other than the SES Appliance?

Yes, copies can be sent to an external SMTP server by routing to the archive email address residing on the external SMTP server. This can be done by going to Policy & Compliance -> Compliance Module -> Archiving then

selecting Archive to External SMTP server. Once this is done, create a new policy filter with the Route copy to Archive policy action (Policy & Compliance -> Filters then select Add New Filter).

What is the archive retention period for SES?

SES archives outbound messages for a maximum period of 7 years.

What method should be used to archive the archive for historical needs?

If archiving is expected to exceed the amount of hard drive capacity on the SES appliance, we recommend using SES software, at least for the CC.

Can searches be performed on the archive?

(9)

If I archive on the appliance, how can I write the data to tape or other archival media in case the appliance fails?

Under the "Manage Backup" section, there is an option to select Archive backup. A snapshot file is created on the workstation accessing SES and can be used to restore the archive.

______________________

Version 1.8

Last updated: 1/16/2009 Written by: Scott Kai

References

Download now ( PDF - 9 Page - 476.03 KB )

Related documents

USING YOUR GMAIL ACCOUNT FOR SCRUBBING YOUR REGULAR OF SPAM Beginners Kaffee Klatch Presented by Bill Wilkinson

The concept is to funnel the e-mail from your normal account (Outlook Express, Outlook, Windows Mail, or Windows Live Mail) into Gmail and then have it sent back to your

The Constitutionality of California\u27s Parental Consent to Abortion Statute

&#34;85 Because the rights of minors are not distinguished from those of adults in California, the court stated that &#34;the test remains whether the burden on the

1. Open an from us and then click the 'This Is Not Spam' button. 3. Wait for the Address Book window to pop up, then click the 'Add' button

Also, if you find email from [email protected] in your spam or junk folder, please take that opportunity to tell your mail program that it is not spam by hitting the

AOL. Print. Each program has different steps in order to do this. Please click on the link for the software you have and follow the instructions:

You can allow mail from specific email addresses to safely come into your inbox without it being placed in your junk or spam folder by whitelisting email addresses within your email

Filtering for Spam: PC

Filters, called Rules in Outlook and Outlook Express, are tools within e-mail programs that use specific criteria to identify incoming messages as spam.. Filters can then

Additional information >>> HERE

save email as html, microsoft outlook 2010 corrupt pst file, change email account settings outlook express, outlook 2003 archive emails missing, microsoft outlook express for windows

How to import contacts from outlook express to

cleaner and optimizer outlook express archive extension how to import messages from outlook express to windows live mail best way to get cheapest active desktop

How To Restore Outlook Express From A Backup To A Pst On Windows (Windows 7) To A New Outlook Express Archive Restore On Windows 7.1 (Windows 8) (Windows 2007) (Powerbook) ( Windows

outlook express into windows live mail 2012, serial para registry fix and clean pro, outlook 2010 pst file repair, transfer email and contacts from outlook express to outlook