Product Guide
Page 9
... card Remote Access card Features Appliance Higher throughput for the hardware and software combination that you have purchased. Working with your McAfee® Email and Web Security Appliance. For example, the card can re-image the appliance remotely using a CD in another computer. 3300, 3400 Your appliance has all auxiliary hardware pre-installed for HTTP protocol. 3400 Connection via optical fiber instead of copper wire. 3300, 3400 Remote access and some management of the appliance. McAfee Email and Web Security Appliances 5.6.0 Product Guide...
... card Remote Access card Features Appliance Higher throughput for the hardware and software combination that you have purchased. Working with your McAfee® Email and Web Security Appliance. For example, the card can re-image the appliance remotely using a CD in another computer. 3300, 3400 Your appliance has all auxiliary hardware pre-installed for HTTP protocol. 3400 Connection via optical fiber instead of copper wire. 3300, 3400 Remote access and some management of the appliance. McAfee Email and Web Security Appliances 5.6.0 Product Guide...
Product Guide
Page 72
...Option Enable the SMTP protocol Listening ports Definition When deselected, ignores any changes, ask your network expert. SMTPS uses a secure port. 72 McAfee Email and Web Security Appliances 5.6.0 Product Guide Contents Connection Settings (SMTP) Protocol Settings (SMTP) Address Masquerading (SMTP) Transport Layer Security (SMTP) Connection and Protocol Settings (POP3) Connection Settings (SMTP) The Connection Settings (SMTP) page links to configuration areas that your SMTP protocol. Basic SMTP settings Use this area to specify basic connection settings for SMTP connections on...
...Option Enable the SMTP protocol Listening ports Definition When deselected, ignores any changes, ask your network expert. SMTPS uses a secure port. 72 McAfee Email and Web Security Appliances 5.6.0 Product Guide Contents Connection Settings (SMTP) Protocol Settings (SMTP) Address Masquerading (SMTP) Transport Layer Security (SMTP) Connection and Protocol Settings (POP3) Connection Settings (SMTP) The Connection Settings (SMTP) page links to configuration areas that your SMTP protocol. Basic SMTP settings Use this area to specify basic connection settings for SMTP connections on...
Product Guide
Page 76
... limit. When setting a number here, consider that typical maximum, then add some more to messages that use A (address) records excessively. used Specifies the response to prevent an immediate reconnection. Overview of Email features Email Configuration Table 49 Option definitions (continued) Option Definition Maximum number of recipients Prevents an excessive number of MX records used Default value is 100. 76 McAfee Email and Web Security Appliances 5.6.0 Product Guide
... limit. When setting a number here, consider that typical maximum, then add some more to messages that use A (address) records excessively. used Specifies the response to prevent an immediate reconnection. Overview of Email features Email Configuration Table 49 Option definitions (continued) Option Definition Maximum number of recipients Prevents an excessive number of MX records used Default value is 100. 76 McAfee Email and Web Security Appliances 5.6.0 Product Guide
Product Guide
Page 85
... Basic POP3 settings Use this area to reveal icons for managing the port information: Enable reverse DNS lookups. Indicates the port number. Indicates a period when traffic is Yes. When selected, enables the appliance to change these icons and the port headings to configure the basic setting for using the POP3 protocol. Default values: • Between commands - 600 seconds • Completing data transfer - 60 seconds Maximum wait times when talking...
... Basic POP3 settings Use this area to reveal icons for managing the port information: Enable reverse DNS lookups. Indicates the port number. Indicates a period when traffic is Yes. When selected, enables the appliance to change these icons and the port headings to configure the basic setting for using the POP3 protocol. Default values: • Between commands - 600 seconds • Completing data transfer - 60 seconds Maximum wait times when talking...
Product Guide
Page 163
... features This topic provides an overview of making any changes, ask your network expert. The web configuration pages are arranged by protocol, so that relate to Web traffic. Web | Web Configuration | HTTP | Connection Settings Changing these sections: McAfee Email and Web Security Appliances 5.6.0 Product Guide 163 Contents HTTP Connection Settings HTTP Protocol Settings ICAP Connection Settings ICAP Authentication ICAP Protocol Settings FTP Connection Settings FTP Protocol Settings HTTP Connection Settings Use this page to scan web traffic. If you are all HTTP-related pages...
... features This topic provides an overview of making any changes, ask your network expert. The web configuration pages are arranged by protocol, so that relate to Web traffic. Web | Web Configuration | HTTP | Connection Settings Changing these sections: McAfee Email and Web Security Appliances 5.6.0 Product Guide 163 Contents HTTP Connection Settings HTTP Protocol Settings ICAP Connection Settings ICAP Authentication ICAP Protocol Settings FTP Connection Settings FTP Protocol Settings HTTP Connection Settings Use this page to scan web traffic. If you are all HTTP-related pages...
Product Guide
Page 174
... values greater than the preview size, set this value to *. Overview of Web features Web Configuration Service Settings Use this section to provide information about the impact of making any file type, consider the security risks. See the documentation for the FTP protocol such as port numbers and time-outs. Send a preview copy of files of this type Displays the types of any changes, ask your network expert. 174 McAfee Email and Web Security Appliances 5.6.0 Product Guide
... values greater than the preview size, set this value to *. Overview of Web features Web Configuration Service Settings Use this section to provide information about the impact of making any file type, consider the security risks. See the documentation for the FTP protocol such as port numbers and time-outs. Send a preview copy of files of this type Displays the types of any changes, ask your network expert. 174 McAfee Email and Web Security Appliances 5.6.0 Product Guide
Product Guide
Page 212
...) • Ageing time (seconds) Bypass Device Settings The bypass device inherits settings from two supported devices. • Watchdog timeout (seconds) • Heartbeat interval (seconds) - Change the settings only if you understand the possible effects, or you first log on the Internet. 212 McAfee Email and Web Security Appliances 5.6.0 Product Guide System | Appliance Management | DNS and Routing Benefits of DNS and routing. Domain Name System (DNS) servers translate or "map" the names of System features Appliance Management Table 203 Option...
...) • Ageing time (seconds) Bypass Device Settings The bypass device inherits settings from two supported devices. • Watchdog timeout (seconds) • Heartbeat interval (seconds) - Change the settings only if you understand the possible effects, or you first log on the Internet. 212 McAfee Email and Web Security Appliances 5.6.0 Product Guide System | Appliance Management | DNS and Routing Benefits of DNS and routing. Domain Name System (DNS) servers translate or "map" the names of System features Appliance Management Table 203 Option...
Product Guide
Page 216
... interface from a remote computer. To add a network use Secure Shell (SSH). Secure Shell Configuration Option Enable the secure shell Definition Click to add only the specified devices access. Permitted Displays details of SSH, it allows all hosts in the example.com domain to access the support account on the appliance. We recommend that can not be used. 216 McAfee Email and Web Security Appliances 5.6.0 Product Guide The entries here are using out-of-band management and have blocked port 22, change the SSH configuration...
... interface from a remote computer. To add a network use Secure Shell (SSH). Secure Shell Configuration Option Enable the secure shell Definition Click to add only the specified devices access. Permitted Displays details of SSH, it allows all hosts in the example.com domain to access the support account on the appliance. We recommend that can not be used. 216 McAfee Email and Web Security Appliances 5.6.0 Product Guide The entries here are using out-of-band management and have blocked port 22, change the SSH configuration...
Product Guide
Page 218
... DNS information dynamically using DHCP • IP address/netmask • DRAC Network Options - Expand this option to : • See the version of Firmware • Set the MAC address • Set the size of a cluster configuration. Default value is a built-in -band management Specifies ports to prevent any attempts to obtain an IP address dynamically using DHCP • DRAC Adapter Options - Enable in remote access card installed. This section of the interface will not appear on by default. • Connection speed...
... DNS information dynamically using DHCP • IP address/netmask • DRAC Network Options - Expand this option to : • See the version of Firmware • Set the MAC address • Set the size of a cluster configuration. Default value is a built-in -band management Specifies ports to prevent any attempts to obtain an IP address dynamically using DHCP • DRAC Adapter Options - Enable in remote access card installed. This section of the interface will not appear on by default. • Connection speed...
Product Guide
Page 219
... user name and password are connected to the appliance. Overview of System features Appliance Management UPS Settings Use this page to specify details of Uninterruptible Power Supply (UPS) systems that connect to the master appliance via the network. Displays the status of the monitoring device. Operating normally. - Devices and Driver Type New Device - Displays the type of the UPS device and driver. McAfee Email and Web Security Appliances 5.6.0 Product Guide 219 The appliance can also notify other devices (called "clients") can access...
... user name and password are connected to the appliance. Overview of System features Appliance Management UPS Settings Use this page to specify details of Uninterruptible Power Supply (UPS) systems that connect to the master appliance via the network. Displays the status of the monitoring device. Operating normally. - Devices and Driver Type New Device - Displays the type of the UPS device and driver. McAfee Email and Web Security Appliances 5.6.0 Product Guide 219 The appliance can also notify other devices (called "clients") can access...
Product Guide
Page 232
... default remote backup server that the appliance can set the appliance to use SSH with password authentication, your passwords are used by the appliance as the default server to: • Automatically back up your authorized keys file so that you specify here is to use different servers for each of HTTP and FTP proxy servers, through which you must click the link to generate a key file, which the appliance receives updates, and to set up a remote backup server: 232 McAfee Email and Web Security Appliances 5.6.0 Product Guide...
... default remote backup server that the appliance can set the appliance to use SSH with password authentication, your passwords are used by the appliance as the default server to: • Automatically back up your authorized keys file so that you specify here is to use different servers for each of HTTP and FTP proxy servers, through which you must click the link to generate a key file, which the appliance receives updates, and to set up a remote backup server: 232 McAfee Email and Web Security Appliances 5.6.0 Product Guide...
Product Guide
Page 242
From a Content Security Blade Server, you may be authenticated by either RADIUS or Kerberos, depending on the service configured. 242 McAfee Email and Web Security Appliances 5.6.0 Product Guide You cannot change or remove the features for this administrator. Delete the user. You can create any number of the Role. You cannot specify a local user and an external user with their role. Edit Opens a window where you can change or remove. The Service Type will be given...
From a Content Security Blade Server, you may be authenticated by either RADIUS or Kerberos, depending on the service configured. 242 McAfee Email and Web Security Appliances 5.6.0 Product Guide You cannot change or remove the features for this administrator. Delete the user. You can create any number of the Role. You cannot specify a local user and an external user with their role. Edit Opens a window where you can change or remove. The Service Type will be given...
Product Guide
Page 243
... on your appliance. Session Management Settings To prevent tampering while an administrator is selected. To continue using the appliance, the administrator must type the user name and password again. Add Login Service This topic describes the pages that the user will be used to enable you can only connect to . You can configure the appliance interface to configure authentication services, such as applicable, to connect to IPv4 RADIUS servers. McAfee Email and Web Security Appliances 5.6.0 Product Guide 243 An...
... on your appliance. Session Management Settings To prevent tampering while an administrator is selected. To continue using the appliance, the administrator must type the user name and password again. Add Login Service This topic describes the pages that the user will be used to enable you can only connect to . You can configure the appliance interface to configure authentication services, such as applicable, to connect to IPv4 RADIUS servers. McAfee Email and Web Security Appliances 5.6.0 Product Guide 243 An...
Product Guide
Page 249
... by following command on page 247. McAfee Email and Web Security Appliances 5.6.0 Product Guide 249 d Click Finish. 6 Configure the appliance to identify the duplicate account: ldifde f output.txt. Click Next and import the keytab file. on the Domain Controller and search inside the file, output.txt to use Kerberos Authentication (Add the service) a On the navigation bar, select Web | Web Configuration | HTTP | Connection Settings. Use the following the instructions at http://support.microsoft.com...
... by following command on page 247. McAfee Email and Web Security Appliances 5.6.0 Product Guide 249 d Click Finish. 6 Configure the appliance to identify the duplicate account: ldifde f output.txt. Click Next and import the keytab file. on the Domain Controller and search inside the file, output.txt to use Kerberos Authentication (Add the service) a On the navigation bar, select Web | Web Configuration | HTTP | Connection Settings. Use the following the instructions at http://support.microsoft.com...
Product Guide
Page 272
... 272 Extended Syslog attributes for Splunk Using the extended Syslog functions within the appliance, you can use external, third party software - Packer 'PU' - URL Filtering 'master-scan-type' cs5Label The subject of the email...Example Time and Appliance Name Dec 30 10:58:10 Appliance1 app Protocol Smtp 272 McAfee Email and Web Security Appliances 5.6.0 Product Guide Anti-Phish 'AS' - Data Loss Prevention 'FF' - Overview of System features Logging, Alerting and SNMP Table 271 Email and Web Security Appliance v5.6 Connector Field Mappings (continued) McAfee-Specific...
... 272 Extended Syslog attributes for Splunk Using the extended Syslog functions within the appliance, you can use external, third party software - Packer 'PU' - URL Filtering 'master-scan-type' cs5Label The subject of the email...Example Time and Appliance Name Dec 30 10:58:10 Appliance1 app Protocol Smtp 272 McAfee Email and Web Security Appliances 5.6.0 Product Guide Anti-Phish 'AS' - Data Loss Prevention 'FF' - Overview of System features Logging, Alerting and SNMP Table 271 Email and Web Security Appliance v5.6 Connector Field Mappings (continued) McAfee-Specific...
Product Guide
Page 292
... of IP addresses on behalf of System features Setup Wizard Basic Settings - Table 290 Network Settings Option definitions Option Change Network Settings Operating mode Definition When clicked, starts a wizard with higher-speed appliances. 292 McAfee Email and Web Security Appliances 5.6.0 Product Guide In Transparent Route or Transparent Bridge mode, other appliances. • Cluster Failover - If the master fails, this page to the devices. Default Gateway Specifies an IPv4 address, such as FD4A:A1B2:C3D4::1. Offers a choice of connection - Next hop router...
... of IP addresses on behalf of System features Setup Wizard Basic Settings - Table 290 Network Settings Option definitions Option Change Network Settings Operating mode Definition When clicked, starts a wizard with higher-speed appliances. 292 McAfee Email and Web Security Appliances 5.6.0 Product Guide In Transparent Route or Transparent Bridge mode, other appliances. • Cluster Failover - If the master fails, this page to the devices. Default Gateway Specifies an IPv4 address, such as FD4A:A1B2:C3D4::1. Offers a choice of connection - Next hop router...
Product Guide
Page 293
... that you do not enable scanning on the same subnet, assign each of the two lists. McAfee Email and Web Security Appliances 5.6.0 Product Guide 293 In the other modes, click Network Interface 1 or Network Interface 2 to work on the Cluster Management page changes. When configuring a group of appliances or McAfee Content Security Blade Servers, the current master uses a "least used" algorithm to assign connections to the appliances or blades configured to scan traffic. If you have more...
... that you do not enable scanning on the same subnet, assign each of the two lists. McAfee Email and Web Security Appliances 5.6.0 Product Guide 293 In the other modes, click Network Interface 1 or Network Interface 2 to work on the Cluster Management page changes. When configuring a group of appliances or McAfee Content Security Blade Servers, the current master uses a "least used" algorithm to assign connections to the appliances or blades configured to scan traffic. If you have more...
Product Guide
Page 298
..., ICAP and FTP traffic is available via DHCP. This information is blocked at the appliance. Traffic - If, after installation, you do not want to enable McAfee Global Threat intelligence. Network configuration Information about the protocols the appliance uses. This does not include the passwords for that protocol is not scanned. If the appliance is in Transparent Router or Transparent Bridge mode, and the protocol is disabled, traffic for the protocol...
..., ICAP and FTP traffic is available via DHCP. This information is blocked at the appliance. Traffic - If, after installation, you do not want to enable McAfee Global Threat intelligence. Network configuration Information about the protocols the appliance uses. This does not include the passwords for that protocol is not scanned. If the appliance is in Transparent Router or Transparent Bridge mode, and the protocol is disabled, traffic for the protocol...
Product Guide
Page 307
... New Server/ Delete Adds a new server to the list, or removes one when, for example, 255.255.255.0. Domain Name System (DNS) servers translate or "map" the names of the DNS servers. Use this option in a network. The first server in the network. • broadcast routing information if static routes have to duplicate routing information on port 53), specify the IP address of a local device that you need to Selected Servers decommission a server due to network changes. When enabled, the appliance...
... New Server/ Delete Adds a new server to the list, or removes one when, for example, 255.255.255.0. Domain Name System (DNS) servers translate or "map" the names of the DNS servers. Use this option in a network. The first server in the network. • broadcast routing information if static routes have to duplicate routing information on port 53), specify the IP address of a local device that you need to Selected Servers decommission a server due to network changes. When enabled, the appliance...
Product Guide
Page 330
...-relay settings 89 protocol settings ftp 175 http 165 icap 172 proxy server adding 232 public key authentication 232 PUPs special actions 108 push configuration 235 Q quarantine options off-box 159 on-box 159 quarantined items retention limits 222 R RADIUS configuring 243 RADIUS authentication services 241 Registered Documents with DLP 155 related products 8 relay preventing open relay 89 remote backup server 232 replacement tokens 262 reporting database external access...
...-relay settings 89 protocol settings ftp 175 http 165 icap 172 proxy server adding 232 public key authentication 232 PUPs special actions 108 push configuration 235 Q quarantine options off-box 159 on-box 159 quarantined items retention limits 222 R RADIUS configuring 243 RADIUS authentication services 241 Registered Documents with DLP 155 related products 8 relay preventing open relay 89 remote backup server 232 replacement tokens 262 reporting database external access...