Transcription
Installation GuideRevision DMcAfee Email Gateway 7.6.400 VMtrialAppliancesfor use in Microsoft Hyper-V and VMware vSphere environments
COPYRIGHTCopyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766, www.intelsecurity.comTRADEMARK ATTRIBUTIONSIntel and the Intel logo are registered trademarks of the Intel Corporation in the US and/or other countries. McAfee and the McAfee logo, McAfee ActiveProtection, McAfee DeepSAFE, ePolicy Orchestrator, McAfee ePO, McAfee EMM, McAfee Evader, Foundscore, Foundstone, Global Threat Intelligence,McAfee LiveSafe, Policy Lab, McAfee QuickClean, Safe Eyes, McAfee SECURE, McAfee Shredder, SiteAdvisor, McAfee Stinger, McAfee TechMaster, McAfeeTotal Protection, TrustedSource, VirusScan are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the US and other countries.Other marks and brands may be claimed as the property of others.LICENSE INFORMATIONLicense AgreementNOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETSFORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOUHAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOURSOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR AFILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SETFORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OFPURCHASE FOR A FULL REFUND.2McAfee Email Gateway 7.6.400 VMtrial Appliancesfor use in Microsoft Hyper-V and VMware vSphere environmentsInstallation Guide
Contents12Introducing McAfee Email Gateway (VMtrial)5Description of McAfee Email Gateway . . . . . . . . . . . . . . . . . . . . . . . . . .Supported platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .McAfee Email Gateway features . . . . . . . . . . . . . . . . . . . . . . . . . . . .Evaluation period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .What you get . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .556899Installing VMtrial11Decide how you want to use the evaluation . . . . . . . . . . . . . . . . . . . . . . .Considerations before installing VMtrial . . . . . . . . . . . . . . . . . . . . . . . .Network information you need to collect . . . . . . . . . . . . . . . . . . . . . . . .System requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Task - Install Email Gateway (VMtrial) on Hyper-V using PowerShell . . . . . . . . . . . . .Task - Run the Email Gateway (VMtrial) installation script . . . . . . . . . . . . . .Task - Install Email Gateway (VMtrial) . . . . . . . . . . . . . . . . . . . . . .Task - Install VMtrial on Hyper-V using SCVMM . . . . . . . . . . . . . . . . . . . . . .Task - Import the Email Gateway (VMtrial) installation files . . . . . . . . . . . . . .Task - Import the virtual machine template . . . . . . . . . . . . . . . . . . . .Task - Create a virtual machine . . . . . . . . . . . . . . . . . . . . . . . . .Task - Run the Email Gateway (VMtrial) . . . . . . . . . . . . . . . . . . . . . .Install VMtrial on VMware vSphere . . . . . . . . . . . . . . . . . . . . . . . . . .Install VMtrial on VMware Player . . . . . . . . . . . . . . . . . . . . . . . . . . .Task - Configure the Email Gateway (VMtrial) . . . . . . . . . . . . . . . . . . . . . .3Getting started with VMtrial11111212121314141415151616171821The Dashboard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Benefits of using the Dashboard . . . . . . . . . . . . . . . . . . . . . . . . .2122Dashboard portlets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Testing the configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Task — Test connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . .Task — Update the DAT files . . . . . . . . . . . . . . . . . . . . . . . . . .Using the test email generator . . . . . . . . . . . . . . . . . . . . . . . . . . . .Benefits of using the test email generator . . . . . . . . . . . . . . . . . . . .Generate test email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Task — Generate a stream of test email messages . . . . . . . . . . . . . . . . .Task — View a summary of scanned email traffic . . . . . . . . . . . . . . . . . .Task — Find specific test email messages . . . . . . . . . . . . . . . . . . . . .Exploring the appliance features . . . . . . . . . . . . . . . . . . . . . . . . . . .Introduction to policies . . . . . . . . . . . . . . . . . . . . . . . . . . . .Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Compliance Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Data Loss Prevention settings . . . . . . . . . . . . . . . . . . . . . . . . .Task — Identify quarantined email messages . . . . . . . . . . . . . . . . . . .23232324242425252526262727293233McAfee Email Gateway 7.6.400 VMtrial Appliancesfor use in Microsoft Hyper-V and VMware vSphere environmentsInstallation Guide3
ContentsIndex4McAfee Email Gateway 7.6.400 VMtrial Appliancesfor use in Microsoft Hyper-V and VMware vSphere environments35Installation Guide
1Introducing McAfee Email Gateway(VMtrial) McAfee Email Gateway virtual trial (VMtrial) lets you evaluate the latest McAfee Email Gatewaysoftware.ContentsDescription of McAfee Email GatewaySupported platformsMcAfee Email Gateway featuresEvaluation periodPerformanceWhat you getDescription of McAfee Email GatewayMcAfee Email Gateway delivers comprehensive, enterprise-class protection against email threats in anintegrated and simple-to-manage appliance for SMTP and POP3.If you purchase the McAfee Email Gateway after this evaluation, McAfee can either supply the relevanthardware and other items that accompany an appliance, or you can access the software using a virtualappliance.Supported platformsMcAfee Email Gateway (VMtrial) works on the following virtual platforms: VMware vSphere 4.x or higher VMware vSphere Hypervisor (ESXi ) 4.x or higher Microsoft Hyper-V installations running on: Microsoft Windows 8 Pro Microsoft Windows 8.1 Enterprise Microsoft Windows 8 Enterprise Microsoft Windows Server 2012 Microsoft Windows 8.1 Pro Microsoft Windows Server 2012 R2McAfee Email Gateway 7.6.400 VMtrial Appliancesfor use in Microsoft Hyper-V and VMware vSphere environmentsInstallation Guide5
1Introducing McAfee Email Gateway (VMtrial)McAfee Email Gateway featuresMcAfee Email Gateway featuresThis information describes the features of the product and where to locate them in the productinterface.Email scanning tectionOffers anti-virus and anti-spam protection for the following network protocols: SMTP POP3Anti-virusprotectionEmail Email Policies Anti-VirusReduce threats to all protocol traffic using: Anti-virus settings to identify known and unknown threats in viruses inarchives files, and other file types Other threat detection settings to detect viruses, potentially unwantedprograms, packers, and other malware McAfee Global Threat Intelligence file reputation to complement theDAT-based signatures by providing the appliances access to millions ofcloud-based signatures; this reduces the delay between McAfee detecting anew malware threat and its inclusion in DAT files, providing broader coverageAnti-spamprotectionEmail Email Policies SpamReduce spam in SMTP and POP3 email traffic using: Anti-spam engine, the anti-spam, and anti-phishing rule sets Lists of permitted and denied senders McAfee Global Threat Intelligence message reputation to identifysenders of spam email messages Permit and deny lists that administrators and users can create using aMicrosoft Outlook plug-in (user-level only)Detect phishing attacks and take the appropriate action.EncryptionEmail EncryptionThe McAfee Email Gateway includes several encryption methodologies: Server-to-server encryption Secure Web Mail Pull delivery Push deliveryThe encryption features can be set up to provide encryption services to theother scanning features, or can be set up as an encryption-only server usedjust to encrypt email messages.6McAfee Email Gateway 7.6.400 VMtrial Appliancesfor use in Microsoft Hyper-V and VMware vSphere environmentsInstallation Guide
Introducing McAfee Email Gateway (VMtrial)McAfee Email Gateway featuresFeatureDescriptionMcAfee GlobalThreatIntelligencefeedbackEmail Email Policies Policy Options McAfee GTI feedbackComplianceSettingsEmail Email Policies Compliance1System Setup WizardMcAfee analyzes data about detections and alerts, threat details, and usagestatistics from a broad set of customers to combat electronic attacks, protectvulnerable systems from exploit, and thwart cyber crime. By enabling thisfeedback service in your product, you will help us improve McAfee Global ThreatIntelligence, thereby making your McAfee products more effective, as well ashelp us work with law enforcement to address electronic threats.This release of the product includes enhancements to the way the applianceuses compliance rules: In the Compliance policy, use the Rule Creation wizard to specify the inbuiltdictionaries that you want to comply with, or create the a new rule using anexisting rule as a template. Use the Mail size filtering and File filtering policies to check SMTP email messagesfor true file types and take action on email based on size and number ofattachments.Data LossPreventionEmail DLP and DictionariesMessage SearchReports Message searchUse the Data Loss Prevention policy to upload and analyze your sensitive documents— known as training — and to create a fingerprint of each document.From a single location within the user interface, Message Search allows you toconfirm the status of email messages that have passed through the appliance.It provides you with information about the email, including whether it wasdelivered or blocked, if the message bounced, if it was quarantined, or held in aqueue pending further action.QuarantinefeaturesEmail Quarantine Configuration Quarantine Options Quarantine digests — Allow users to handle quarantined items without involvingthe email administrator. McAfee Quarantine Manager — Consolidate quarantine management for McAfeeproducts.Message Transfer Reroute traffic on-the-fly based on criteria set by the administrator. ForAgentexample, encrypted mail can be rerouted for decryption. Allow the administrator to determine the final status of each message. See a quick view summary of inbound email messages by domain withdrill-down facilities per domain and undeliverable email by domain. Prioritize the redelivery of undeliverable email based on domain. Pipeline multiple email deliveries to each domain. Rewrite an email address on inbound and outbound email based on regularexpressions defined by the administrator. Strip email headers on outbound messages to hide internal networkinfrastructure. Deliver messages using TLS. Manage certificates.McAfee Email Gateway 7.6.400 VMtrial Appliancesfor use in Microsoft Hyper-V and VMware vSphere environmentsInstallation Guide7
1Introducing McAfee Email Gateway (VMtrial)Evaluation periodReporting and System featuresFeatureDescriptionScheduledReportsReports Scheduled ReportsLogging optionsSystem Logging, Alerting and SNMPSchedule reports to run on a regular basis and send them to one or more emailrecipients.You can configure the appliance to send emails containing information aboutviruses and other detected threats, and to use SNMP to transfer informationfrom your stratormanagement ofappliancesSystem Setup WizardThe Dashboard provides a single location for you to view summaries of theactivities of the appliance, such as the email flowing through the appliance, andthe overall system health of the appliance. You can also go directly to areas ofthe user interface that you often use.Choose the ePO Managed Setup option to monitor the status of your appliances andalso manage your appliance from ePolicy Orchestrator.You can directly manage your appliances from ePolicy Orchestrator, withoutneeding to launch the interface for each appliance.In ePolicy Orchestrator, the user interface pages that you use to configure andmanage your appliance have a familiar look-and-feel to the pages that you findwithin the appliances.ClusterManagementSystem System Administration Cluster ManagementCluster management enables you to set up groups of appliances that worktogether to share your scanning workloads, and to provide redundancy in theevent of hardware failure.From these pages you can back up and restore your configurations, pushconfigurations from one appliance to others, and set up load balancing betweenyour appliances.Virtual HostsSystem Virtual Hosting Virtual HostsFor the SMTP protocol, you can specify the addresses where the appliancereceives or intercepts traffic on the Inbound Address Pool.Using virtual hosts, a single appliance can appear to behave like severalappliances. Each appliance can manage traffic within specified pools of IPaddresses, enabling the appliance to provide scanning services to traffic frommany customers.Role-basedAccess ControlSystem Users Users and RolesSystem Users Login ServicesIn addition to the Kerberos authentication method, RADIUS authentication isalso available.Evaluation periodDuring the evaluation period, you get unlimited access to McAfee Email Gateway Appliance (VMtrial)features that can protect your organization from spam, phishing, viruses, undesi
Description of McAfee Email Gateway McAfee Email Gateway delivers comprehensive, enterprise-class protection against email threats in an integrated and simple-to-manage appliance for SMTP and POP3. If you purchase the McAfee Email Gateway after this evaluation, McAfee can either supply the relevant
