Home » McAfee Manuals » Networking » McAfee MSA-3400-SWGI » Manual Viewer

McAfee MSA-3400-SWGI Installation Guide - Page 20

Workload management, The appliances includes its own internal workload management

View all McAfee MSA-3400-SWGI manuals

Add to My Manuals
Save this manual to your list of manuals

Page 20 highlights

Pre-installation Deployment Strategies for Using the device in a DMZ When Exchange servers communicate with each other, they send their initial packets using the RPC protocol (TCP port 135). However, once the initial communication is established, two ports are chosen dynamically and used to send all subsequent packets for the remainder of the communication. You cannot configure a firewall to recognize these dynamically-chosen ports. Therefore, the firewall does not pass the packets. The workaround is to modify the registry on each of the Exchange servers communicating across the firewall to always use the same two "dynamic" ports, then open TCP 135 and these two ports on the firewall. We mention this workaround to provide a comprehensive explanation, but we do not recommend it. The RPC protocol is widespread on Microsoft networks - opening TCP 135 inbound is a red flag to most security professionals. If you intend to use this workaround, details can be found in the following Knowledge Base articles on the Microsoft website: • Q155831 • Q176466 Workload management The appliances includes its own internal workload management, distributing the scanning load evenly between all appliances configured to work together. The blade server includes its own internal workload management, distributing the scanning load evenly between all scanning blades installed within the enclosure. You do not need to deploy an external load balancer. Pre-installation 20 McAfee Email and Web Security Appliance 5.5 Installation Guide

Section	Page
Contents	3
Introducing McAfee Email and Web Security Appliances	6
How to use this guide	6
Who should read this guide	6
Definition of terms used in this guide	6
Graphical conventions	8
Documentation	8
Available resources	8
Pre-installation	10
What’s in the box	10
Plan the installation	10
Inappropriate use	11
Operating conditions	11
Positioning the appliance	11
Considerations about Network Modes	12
Transparent bridge mode	13
What the device does	13
Configuration	13
Where to place the device	13
Transparent router mode	14
What the device does	14
Configuration	14
Where to place the device	15
Explicit proxy mode	15
Network and device configuration	16
Protocols	16
Firewall rules	16
Where to place the device	16
Deployment Strategies for Using the device in a DMZ	17
SMTP configuration in a DMZ	18
Mail relay	18
Mail gateway	18
Firewall rules specific to Lotus Notes	19
Firewall rules specific to Microsoft Exchange	19
Workload management	20
Connecting and configuring the appliance	21
Installation quick reference table	21
Ports and connections	22
3000, 3100 panel layout	22
3200 panel layout	23
3300 panel layout	23
3400 panel layout	23
Panel components: 3000, 3100, 3200, 3300, 3400	23
Physically installing the appliance	25
Mounting the appliance in a rack	26
Connect to the network	26
Port numbers	26
Using Copper LAN connections	26
Using Fiber LAN connections	27
Monitor and keyboard	27
Supplying power to the appliance	27
Installing the software	28
Using the Configuration Console	28
Welcome page	29
Performing a standard installation	29
Traffic	29
Basic Settings	30
Summary	31
Performing a custom setup	32
Traffic	32
Basic Settings	33
Network Settings	34
Cluster Management	34
DNS and Routing	36
Time Settings	37
Password	37
Summary	38
Restoring from a file	38
Testing the Configuration	39
Introducing the user interface	39
Testing the device	41
Testing connectivity	41
Testing mail traffic	41
Testing virus detection	41
Testing spam detection	42
Using the device	42
Updates and HotFixes	42
After installation	42
Exploring the appliance	43
Generating reports	43
Using policies to manage message scanning	43
Creating an anti-virus scanning policy	44
Creating an anti-spam scanning policy	45
Creating an email compliance policy	46
Creating a content filtering policy	46
About Virtual host management	47
Troubleshooting	49
General problems	49
The appliance is not receiving power	49
The appliance is not receiving traffic from the network	49
FAQ	50
Interface problems	50
Mail issues	51
Delivery	52
Email attachments	52
POP3	53
Physical configuration	53
System configuration	54
System maintenance	54
Anti-virus automatic updating	54
Anti-spam	55

Match case Limit results 1 per page

When Exchange servers communicate with each other, they send their initial packets using the

RPC protocol (TCP port 135). However, once the initial communication is established, two ports

are chosen dynamically and used to send all subsequent packets for the remainder of the

communication. You cannot configure a firewall to recognize these dynamically-chosen ports.

Therefore, the firewall does not pass the packets.

The workaround is to modify the registry on each of the Exchange servers communicating

across the firewall to always use the same two “dynamic” ports, then open TCP 135 and these

two ports on the firewall.

We mention this workaround to provide a comprehensive explanation, but we do not recommend

it. The RPC protocol is widespread on Microsoft networks — opening TCP 135 inbound is a red

flag to most security professionals.

If you intend to use this workaround, details can be found in the following Knowledge Base

articles on the Microsoft website:

•

Q155831

•

Q176466

Workload management

The appliances includes its own internal workload management, distributing the scanning load

evenly between all appliances configured to work together.

The blade server includes its own internal workload management, distributing the scanning

load evenly between all scanning blades installed within the enclosure.

You do not need to deploy an external load balancer.

Pre-installation

Deployment Strategies for Using the device in a DMZ

McAfee Email and Web Security Appliance 5.5 Installation Guide