Installation Guide
Page 3
... device in a DMZ 17 SMTP configuration in a DMZ 18 Workload management 20 Connecting and configuring the appliance 21 Installation quick reference table 21 Ports and connections 22 3000, 3100 panel layout 22 3200 panel layout 23 3300 panel layout 23 3400 panel layout 23 Panel components: 3000, 3100, 3200, 3300, 3400 23 Physically installing the appliance 25 Mounting the appliance in a rack 26 Connect to the network 26 McAfee Email and Web Security Appliance 5.5 Installation Guide...
... device in a DMZ 17 SMTP configuration in a DMZ 18 Workload management 20 Connecting and configuring the appliance 21 Installation quick reference table 21 Ports and connections 22 3000, 3100 panel layout 22 3200 panel layout 23 3300 panel layout 23 3400 panel layout 23 Panel components: 3000, 3100, 3200, 3300, 3400 23 Physically installing the appliance 25 Mounting the appliance in a rack 26 Connect to the network 26 McAfee Email and Web Security Appliance 5.5 Installation Guide...
Installation Guide
Page 4
Contents Port numbers 26 Using Copper LAN connections 26 Using Fiber LAN connections 27 Monitor and keyboard 27 Supplying power to the appliance 27 Installing the software 28 Using the Configuration Console 28 Welcome page 29 Performing a standard installation 29 Performing a custom setup 32 Restoring from a file 38 Testing the Configuration 39 Introducing the user interface 39 Testing the device 41 Using the device 42 Updates and HotFixes 42 After installation 42 Exploring the appliance 43 Generating reports 43 Using policies...
Contents Port numbers 26 Using Copper LAN connections 26 Using Fiber LAN connections 27 Monitor and keyboard 27 Supplying power to the appliance 27 Installing the software 28 Using the Configuration Console 28 Welcome page 29 Performing a standard installation 29 Performing a custom setup 32 Restoring from a file 38 Testing the Configuration 39 Introducing the user interface 39 Testing the device 41 Using the device 42 Updates and HotFixes 42 After installation 42 Exploring the appliance 43 Generating reports 43 Using policies...
Installation Guide
Page 7
...). Part of blocked connections and is automatically blocked in this guide Term demilitarized zone (DMZ) DAT files operational mode policy Reputation Service check Definition A computer host or small network inserted as configuration settings, benchmarks, and network access specifications, that defines the level of terms used in future at the kernel level. McAfee Email and Web Security Appliance 5.5 Installation Guide 7 The sender's IP address is set to resources on the private network. Detection definition (DAT) files, also called signature files...
...). Part of blocked connections and is automatically blocked in this guide Term demilitarized zone (DMZ) DAT files operational mode policy Reputation Service check Definition A computer host or small network inserted as configuration settings, benchmarks, and network access specifications, that defines the level of terms used in future at the kernel level. McAfee Email and Web Security Appliance 5.5 Installation Guide 7 The sender's IP address is set to resources on the private network. Detection definition (DAT) files, also called signature files...
Installation Guide
Page 11
... appliance Install the appliance so that you can control physical access to install the appliance in a 19-inch rack - McAfee Email and Web Security Appliance 5.5 Installation Guide 11 Pre-installation Inappropriate use explicit proxy mode, only protocols that are to it within your support representative. The device cannot handle all types of 10% per hour. 0.25 G at 3-200 Hz for storing extra software and files. - A rack-mounting kit is : • Not a firewall. - see Mounting...
... appliance Install the appliance so that you can control physical access to install the appliance in a 19-inch rack - McAfee Email and Web Security Appliance 5.5 Installation Guide 11 Pre-installation Inappropriate use explicit proxy mode, only protocols that are to it within your support representative. The device cannot handle all types of 10% per hour. 0.25 G at 3-200 Hz for storing extra software and files. - A rack-mounting kit is : • Not a firewall. - see Mounting...
Installation Guide
Page 12
... bridge mode Transparent router mode Explicit proxy mode 12 McAfee Email and Web Security Appliance 5.5 Installation Guide The mode you choose determines how you must decide which network mode to use after reading this and the following network modes. • Transparent bridge mode - CAUTION: If you plan on more than one or more scanning blades running McAfee Web Gateway (formally WebWasher) software, you physically connect your appliance to incorporate the device into your network. • Where the configuration...
... bridge mode Transparent router mode Explicit proxy mode 12 McAfee Email and Web Security Appliance 5.5 Installation Guide The mode you choose determines how you must decide which network mode to use after reading this and the following network modes. • Transparent bridge mode - CAUTION: If you plan on more than one or more scanning blades running McAfee Web Gateway (formally WebWasher) software, you physically connect your appliance to incorporate the device into your network. • Where the configuration...
Installation Guide
Page 13
... LAN2 ports. firewall, device, and router - Devices on one logical network. the path is intercepted and scanned by the device before reaching the internal mail server. are on the same logical network, they must use the device inside your clients, default gateway, MX records, Firewall NAT or mail servers to send traffic to update a routing table. The external mail server is unaware that McAfee Email and Web Security Appliance 5.5 Installation Guide 13 What the device does In transparent bridge mode, the device connects...
... LAN2 ports. firewall, device, and router - Devices on one logical network. the path is intercepted and scanned by the device before reaching the internal mail server. are on the same logical network, they must use the device inside your clients, default gateway, MX records, Firewall NAT or mail servers to send traffic to update a routing table. The external mail server is unaware that McAfee Email and Web Security Appliance 5.5 Installation Guide 13 What the device does In transparent bridge mode, the device connects...
Installation Guide
Page 14
... the intervention of it to its routing tables. The device scans the traffic it receives on one IP address for outgoing scanned traffic, and must have one network, and forwards it (the devices connected to the next network device on the information held in its LAN1 and LAN2 ports). The device has one IP address for incoming traffic. the device's operation is said to your default gateway. 14 McAfee Email and Web Security Appliance 5.5 Installation Guide
... the intervention of it to its routing tables. The device scans the traffic it receives on one IP address for outgoing scanned traffic, and must have one network, and forwards it (the devices connected to the next network device on the information held in its LAN1 and LAN2 ports). The device has one IP address for incoming traffic. the device's operation is said to your default gateway. 14 McAfee Email and Web Security Appliance 5.5 Installation Guide
Installation Guide
Page 17
... a DMZ A demilitarized zone (DMZ) is configured to block traffic that comes directly from all users to connect to the Internet, such as a smart host. If you must: • Configure the external Domain Name System (DNS) servers or Network Address Translation (NAT) on specific servers. McAfee Email and Web Security Appliance 5.5 Installation Guide 17 Typically, the firewall is a network separated by identifying the TCP/UDP ports on which applications are using email (SMTP). Deployment Strategies for Using the device in...
... a DMZ A demilitarized zone (DMZ) is configured to block traffic that comes directly from all users to connect to the Internet, such as a smart host. If you must: • Configure the external Domain Name System (DNS) servers or Network Address Translation (NAT) on specific servers. McAfee Email and Web Security Appliance 5.5 Installation Guide 17 Typically, the firewall is a network separated by identifying the TCP/UDP ports on which applications are using email (SMTP). Deployment Strategies for Using the device in...
Installation Guide
Page 23
when the System Identification ( ) button is pressed. McAfee Email and Web Security Appliance 5.5 Installation Guide 23 System status and hard disk drive System status LED • Lights - Connecting and configuring the appliance Ports and connections 3200 panel layout 3300 panel layout 3400 panel layout Panel components: 3000, 3100, 3200, 3300, 3400 CD-ROM Use the CD-ROM drive only when restoring, upgrading, or diagnosing system faults on the drive appliance. during normal use. • Flashes -
when the System Identification ( ) button is pressed. McAfee Email and Web Security Appliance 5.5 Installation Guide 23 System status and hard disk drive System status LED • Lights - Connecting and configuring the appliance Ports and connections 3200 panel layout 3300 panel layout 3400 panel layout Panel components: 3000, 3100, 3200, 3300, 3400 CD-ROM Use the CD-ROM drive only when restoring, upgrading, or diagnosing system faults on the drive appliance. during normal use. • Flashes -
Installation Guide
Page 24
... traffic. • Management and log data, including the communication from the remote web browser that you are: • Initially configuring the appliance. • Restoring and upgrading the appliance's software. • Diagnosing system faults. Use the correct power cord for 10 Mbps, 100 Mbps or 1000 Mbps (1Gb) Ethernet network use . Push the button to access the interface and enable the fiber ports using copper LAN1. HDD LED • Flashes green when the hard disk drive is in LEDs...
... traffic. • Management and log data, including the communication from the remote web browser that you are: • Initially configuring the appliance. • Restoring and upgrading the appliance's software. • Diagnosing system faults. Use the correct power cord for 10 Mbps, 100 Mbps or 1000 Mbps (1Gb) Ethernet network use . Push the button to access the interface and enable the fiber ports using copper LAN1. HDD LED • Flashes green when the hard disk drive is in LEDs...
Installation Guide
Page 25
... allow you to fail. • Failure - The LAN2 port is in a different subnet to reboot the appliance using the appliance: • Explicit Proxy mode - Otherwise, the LAN1 port has a default IP address of 10.1.2.108 (subnet mask 255.255.255.0). the top LED lights green when the drive is used for direct local management connections. McAfee Email and Web Security Appliance 5.5 Installation Guide 25 The 3000 and 3100 appliances have a single hard disk drive. 3200 appliances only - Connecting and configuring the appliance Physically installing the appliance...
... allow you to fail. • Failure - The LAN2 port is in a different subnet to reboot the appliance using the appliance: • Explicit Proxy mode - Otherwise, the LAN1 port has a default IP address of 10.1.2.108 (subnet mask 255.255.255.0). the top LED lights green when the drive is used for direct local management connections. McAfee Email and Web Security Appliance 5.5 Installation Guide 25 The 3000 and 3100 appliances have a single hard disk drive. 3200 appliances only - Connecting and configuring the appliance Physically installing the appliance...
Installation Guide
Page 27
... IP addresses for local management. In explicit proxy mode, the unused switch connection can be used by changing the IP address or the netmask used as a dedicated management port. To manage the appliance locally, use depend on how you have DHCP configured on your network. Transparent bridge mode Use the fiber cables to connect the LAN1 and LAN2 switches to your network. In explicit proxy mode, the unused connector can be used as a router. McAfee Email and Web Security Appliance 5.5 Installation Guide 27 Transparent bridge mode Use the copper LAN cables (supplied...
... IP addresses for local management. In explicit proxy mode, the unused switch connection can be used by changing the IP address or the netmask used as a dedicated management port. To manage the appliance locally, use depend on how you have DHCP configured on your network. Transparent bridge mode Use the fiber cables to connect the LAN1 and LAN2 switches to your network. In explicit proxy mode, the unused connector can be used as a router. McAfee Email and Web Security Appliance 5.5 Installation Guide 27 Transparent bridge mode Use the copper LAN cables (supplied...
Installation Guide
Page 28
... you need your device. However, to its factory defaults. The software is not suitable for the following parameters: • Host name • Domain name • Default gateway • DNS server 28 McAfee Email and Web Security Appliance 5.5 Installation Guide When launched, the Configuration Console provides you with the same options to configure your Grant Number to log onto the appliance user interface, and run the setup Wizard (System | Setup Wizard). After booting up, the Configuration Console appears on the device. NOTE...
... you need your device. However, to its factory defaults. The software is not suitable for the following parameters: • Host name • Domain name • Default gateway • DNS server 28 McAfee Email and Web Security Appliance 5.5 Installation Guide When launched, the Configuration Console provides you with the same options to configure your Grant Number to log onto the appliance user interface, and run the setup Wizard (System | Setup Wizard). After booting up, the Configuration Console appears on the device. NOTE...
Installation Guide
Page 30
... Settings Use this is not enabled by default. Connecting and configuring the appliance Using the Configuration Console Option Definition • Enable protection against Potentially Unwanted Programs (including Spyware) McAfee Anti-Spyware protects your network from your netwrok DHCP server. McAfee, Inc. Please read the details of potentially unwanted software such as device1. 30 McAfee Email and Web Security Appliance 5.5 Installation Guide From the menu, select Email | Email Configuration | Protocol Configuration | Connection Settings (POP3) or Email | Email Configuration...
... Settings Use this is not enabled by default. Connecting and configuring the appliance Using the Configuration Console Option Definition • Enable protection against Potentially Unwanted Programs (including Spyware) McAfee Anti-Spyware protects your network from your netwrok DHCP server. McAfee, Inc. Please read the details of potentially unwanted software such as device1. 30 McAfee Email and Web Security Appliance 5.5 Installation Guide From the menu, select Email | Email Configuration | Protocol Configuration | Connection Settings (POP3) or Email | Email Configuration...
Installation Guide
Page 31
... where you originally typed the value. You can configure Network Time Protocol (NTP) after installation. Specifies the mode - Transparent bridge. If it . Note that the appliance can add more login accounts after installation. The value is the super administrator. Connecting and configuring the appliance Using the Configuration Console Option Domain name IP address Subnet Gateway IP DNS Server IP Mode User ID Password Time zone System Time Set time now Definition Specifies a name, such as 255.255.255.0. Change the password as soon...
... where you originally typed the value. You can configure Network Time Protocol (NTP) after installation. Specifies the mode - Transparent bridge. If it . Note that the appliance can add more login accounts after installation. The value is the super administrator. Connecting and configuring the appliance Using the Configuration Console Option Domain name IP address Subnet Gateway IP DNS Server IP Mode User ID Password Time zone System Time Set time now Definition Specifies a name, such as 255.255.255.0. Change the password as soon...
Installation Guide
Page 34
... mail servers, are combined into one of a list is available only with the following : 34 McAfee Email and Web Security Appliance 5.5 Installation Guide copper wire or optical fiber. If the appliance is transparent to configure the IP address, network speeds and operating mode for the device. If you change the Cluster Mode of the devices. The cluster can specify multiple IP addresses for the Failover appliance. The master both its configuration and balances the network traffic...
... mail servers, are combined into one of a list is available only with the following : 34 McAfee Email and Web Security Appliance 5.5 Installation Guide copper wire or optical fiber. If the appliance is transparent to configure the IP address, network speeds and operating mode for the device. If you change the Cluster Mode of the devices. The cluster can specify multiple IP addresses for the Failover appliance. The master both its configuration and balances the network traffic...
Installation Guide
Page 37
... the network. Time Settings Use this page to set the date, click the calendar icon. When selected, accepts NTP messages from network broadcasts only. Metric Displays a number used by routing software. Connecting and configuring the appliance Using the Configuration Console Option Gateway Definition Specifies the IP addresses of the Network Time Protocol (NTP). For more NTP servers that routers broadcast on the device. If you click Next. You can configure Network Time Protocol (NTP) after installation. McAfee Email and Web Security Appliance 5.5 Installation Guide...
... the network. Time Settings Use this page to set the date, click the calendar icon. When selected, accepts NTP messages from network broadcasts only. Metric Displays a number used by routing software. Connecting and configuring the appliance Using the Configuration Console Option Gateway Definition Specifies the IP addresses of the Network Time Protocol (NTP). For more NTP servers that routers broadcast on the device. If you click Next. You can configure Network Time Protocol (NTP) after installation. McAfee Email and Web Security Appliance 5.5 Installation Guide...
Installation Guide
Page 50
... its LAN2 port, ensure that: • You have used the blue cable supplied with the appliance as its interface. I cannot access the Logon screen. If it is enabled. • The computer you are using is a known issue with the web browser version of the appliance software. If the LEDs are not flashing, ensure that : • The computer you are using has a working connection to check this. 50 McAfee Email and Web Security Appliance 5.5 Installation Guide
... its LAN2 port, ensure that: • You have used the blue cable supplied with the appliance as its interface. I cannot access the Logon screen. If it is enabled. • The computer you are using is a known issue with the web browser version of the appliance software. If the LEDs are not flashing, ensure that : • The computer you are using has a working connection to check this. 50 McAfee Email and Web Security Appliance 5.5 Installation Guide
Installation Guide
Page 51
... my password. If you configured for Internet Explorer 6.0 or later on Windows, and Mozilla Firefox 2.0 on particular operating systems. Client (software) cannot communicate through theappliance. The appliance must have not used the new IP address that you recently restored the appliance's software without maintaining the previous settings, the management password reverts to the default passwords, which URLs to your network. McAfee Email and Web Security Appliance 5.5 Installation Guide 51 My password does not work or URL blocking is...
... my password. If you configured for Internet Explorer 6.0 or later on Windows, and Mozilla Firefox 2.0 on particular operating systems. Client (software) cannot communicate through theappliance. The appliance must have not used the new IP address that you recently restored the appliance's software without maintaining the previous settings, the management password reverts to the default passwords, which URLs to your network. McAfee Email and Web Security Appliance 5.5 Installation Guide 51 My password does not work or URL blocking is...
Installation Guide
Page 55
... a fast Internet connection) but are effective in reducing unwanted email messages but starts it comes from senders, domains and networks in this list for spam. McAfee Email and Web Security Appliance 5.5 Installation Guide 55 Select Monitor | System Status to complete (which can take a few minutes even with an RBL Servers check but some spam through . Some anti-spam features need to type specific email addresses rather than...
... a fast Internet connection) but are effective in reducing unwanted email messages but starts it comes from senders, domains and networks in this list for spam. McAfee Email and Web Security Appliance 5.5 Installation Guide 55 Select Monitor | System Status to complete (which can take a few minutes even with an RBL Servers check but some spam through . Some anti-spam features need to type specific email addresses rather than...