Backup Contact

Document Sample
Backup Contact Powered By Docstoc
					IronMail
Installation Site Survey for IronMail 6.7 REQUIRED: IronMail appliance serial numbers (found on front panel of appliance) 1. IRQ5-XGVE-4JS8-ZM80 2. IR8X-4T6C-EZ6T-K728 3. 4. 5.
PLEASE CHECK REASON FOR VISIT
__X_ New IronMail (CQS) Installation ____IronMail Server Upgrade/Replacement __X_IronMail Training/Knowledge Transfer __X_IronMail Fine Tuning

Company Information: Company Name Site Name Contact Person Contact Title Site Address: Street City State Zip Code Contact Phone Number Contact Cell Number Contact FAX Number Contact E-mail Address Backup Contact Backup Contact Phone Backup Contact Cell Backup Contact Email

Washington University – St. Louis Medical School Joe Walters Manager – Systems R&D 660 S Euclid St. Louis MO 63110 314-747-2868 314-341-2671 314-747-2866 jwalters@wusm.wustl.edu Scott Kleinman 314-747-0038 314-341-1529 kleinman@wusm.wustl.edu

Last Updated: 11/5/09 Page 1 of 6

Other Security Solutions installed: (Firewall, NIDS, HIDS, Anti-Virus) 1. 2. 3. Mail Server and Mail Relays installed: 1. IronMail 2. Exchange 3. Notes

Other Email Security Solutions being installed/evaluated: 1. N/A Date Evaluated: 2. Date Evaluated: 3. Date Evaluated:
To aid in the installation process we have provided this simple checklist. [] Hardware Required (Install Only) Computer Monitor (VGA) Computer Keyboard Power Supply TYPE 110-Volt [X ] 220-Volt [ ] Country USA

[] ITEM

Power Supply

[] Network Administrator Checklist ITEM DEFAULT Host Name Newbox Domain Name Companya.com Primary IP Address Network Mask Default Gateway DNS Servers NTP Servers 192.168.0.254 255.255.0.0 192.168.0.1 192.168.0.253 time.nist.gov bitsy.mit.edu clock.isc.org euq.company.com 192.168.0.253

YOUR INFORMATION CQSOS1 cqsos1.wucon.wustl.e du 10.39.46.103 10.39.46.104 255.255.255.0 10.39.46.254 10.39.46.239 10.39.232.239 10.39.232.238

YOUR INFORMATION CQSRD1 cqsrd1.wucon.wustl.edu 10.39.232.82 10.39.232.84 255.255.255.0 10.39.232.254 10.39.46.239 10.39.232.239 10.39.232.238

Virtual Hostname (EUQ) Virtual IP Address (EUQ)

euq.wusm.wustl.edu Public: 128.252.147.7 & 128.252.147.135 Private: 10.39.6.57

euq.wusm.wustl.edu Public: 128.252.147.7 & 128.252.147.135 Private: 10.39.6.56

NAT IP Address – (external) NAT – FQDN CT Support Port # LDAP Server LDAP Port#

12.12.12.12 smtp.company.com 20022

20022 (hop via IronMail)

20022 (hop via IronMail)

389/3268
Last Updated: 11/5/09 Page 2 of 6

LDAP User for Authentication LDAP Base String LDAP User String

“domain”\administrator

LDAP Email Attribute LDAP Mailhost Attribute []

(|(proxyAddresses=SMTP: %%SMTP%%)(proxyAddre sses=smtp:%%SMTP%%)) Mail Mail

DNS (Domain Name Service) Issues YOUR INFORMATION 10.39.232.82 cqsrd1.wucon.wustl.edu 10.39.46.103 cqsos1.wucon.wustl.edu 10.39.232.84 euqrd1.wucon.wustl.edu 10.39.46.104 euqos1.wucon.wustl.edu 128.252.147.7 euq.wusm.wustl.edu (public) 128.252.147.135 euq.wusm.wustl.edu (public) 10.39.6.56 euq.wusm.wustl.edu (private) 10.39.6.57 euq.wusm.wustl.edu (private) n/a 10.39.232.84 cqseuqrd1.wucon.wustl.edu 10.39.46.104 cqseuqos1.wucon.wustl.edu

ITEM DNS “PTR” Record DNS “A” Record

DNS “MX” Record DNS “A” Record (internal-euq)

[] Internal Mail Server(s). Please separate additional servers with comma between. ITEM YOUR INFORMATION n/a Mail Server Type n/a Mail Server IP Address n/a Mail Server FQDN

[] HTTP/HTTPS Proxy ITEM Is HTTP/HTTPS proxy used? Internal WebMail server ip What version of mail server Is SSL/TLS enabled []

Default No 192.168.1.1 Outlook Web Access No

n/a n/a n/a n/a

POP3 / IMAP accessibility Is POP3 and / or IMAP connectivity being utilized? No

[] Internet Connection To host an Internet mail server, your network must have a specific type of connection to the Internet. It must be a permanent connection (connected all the time, not just when you have dialed into an ISP for outgoing use) and it must also have at least one static IP address. [] Domain Name You must have a valid Internet domain name, which is not currently serviced by any existing e-mail server. If you don’t currently have a domain name, you can contact VeriSign (formerly Network Solutions)

Last Updated: 11/5/09 Page 3 of 6

(www.verisign.com), Register.Com (www.register.com) or any other Internet domain name registrar to obtain your own domain name (e.g. mycompany.com). Your connection to the Internet must be a permanent connection, since incoming mail could be sent to you at any time, you must be connected in order to receive it. Your mail server must have a static IP address. [] Virtual IP Address and Host Name The IronMail appliance requires two IP address. The primary IP address of the appliance is used for Web Administration, SMTP, update, and support functions. The second IP address, or Virtual IP Address, is used for the End User Quarantine Notifications (EUQ). [] Internal Mail Server Issues The Internal Mail server is the next hop inbound for internal email. IronMail can communicate via SMTP to any type of internal email server. This includes SendMail proxies, Anti-Virus proxies, and Content-Filtering servers. Multiple inbound mail server support requires IronMail 1.2.6 and newer. Internal Mail server must be configured to forward outbound email to IronMail. It is safe to expose the WebAdmin port to the Internet, especially if you are using strong client authentication with a Secure Computing/VeriSign X.509 administrator client certificate. [] Firewall Issues There are two main styles of firewall: packet filtering (with or without “stateful inspection”) and proxy server. Note that SMTP over SSL will not work via a proxy server style firewall, unless the proxy server also supports SMTP over SSL (most current proxy firewalls do not). With a packet filtering style firewall (e.g. Check Point’s Firewall-1), SMTP over SSL will pass transparently through a firewall. Unlike most mail servers, it is safe to install the Secure Computing mail server on your internal network (rather than in a DMZ), due to its security features. If you choose to do so, it is fairly simple to open the necessary “port holes” in the firewall. Some of the incoming ones are optional, depending on which services you want to allow access to from outside your firewall:

ITEM Firewall Type

TYPE CISCO PIX, Microsoft ISA Server

IP ADDRESS

Outgoing Connections (from IronMail) Port Port 21 (TCP) Port 22 (TCP) Port 25 (TCP) Port 53 (TCP/UDP) Port 123 (UDP) Port 162 (UDP) Port 389 (TCP) Port 514 (UDP) Port 20022 (TCP) Port 20022 (TCP) Connects To: Service FTP Server FTP–Optional (Only if remote IMs log to CMC) SCP Server SCP–Optional (Only if remote Ims log to CMC) any (internal / external) SMTP (Alert Notification) DNS server(s) DNS server(s) DNS Domain Name Servers NTP Server(s) NTP – Optional SNMP Trap Mgr SNMP Trap – Optional (Alert Notification) LDAP Server LDAP – Optional Syslog Server Syslog – Optional 66.179.104.137 CT Updates (update.ciphertrust.net) IronMail CMC CMC IronMail Secure Tunnel (REQUIRED if managed by a CMC)

Incoming Connections (into IronMail - Primary IP) Port Port 20 (TCP) Connects From: FTP Server Service FTP – Optional (FTP Control Connection)

Last Updated: 11/5/09 Page 4 of 6

Port 22 (TCP) Port 25 (TCP) Port 110 (TCP) Port 143 (TCP) Port 443 (TCP) Port 465 (TCP) Port 993 (TCP) Port 995 (TCP) Port 10443 (TCP) Port 20022 (TCP) Port 20022 (TCP)

Internal Network Primary IronMail Any (internal / external) Any (internal / external) Any (internal / external) Any (internal / external) Any (internal / external) Any (internal / external) Internal Network 66.179.104.132 IronMail CMC

CLI Management SMTP POP3 - Optional IMAP4 - Optional HTTPS – Optional (WebMail Reverse Proxy) SMTPS - Optional (Secure SMTP) IMAP4 – Optional (Secure IMAP4) POP3S - Optional (Secure POP3) CT WebAdmin CT Support CMC IronMail Secure Tunnel (REQUIRED if managed by a CMC)

Incoming Connections (into IronMail - Virtual IP (EUQ)) Port Port 80 (TCP) Port 443 (TCP) Connects From: Any (Internal / External) Any (Internal / External) Service HTTP – optional port for EUQ HTTPS – Default port for EUQ

Other requirements for IronMail installation: To help Secure Computing install the IronMail and prepare your personnel for its use, please supply the following:     Approximately eight hours for each installation day purchased. Appropriate network down time for actual integration of the IronMail into your network. An expert on your existing network architecture who is on-site and available during installation. An individual who is familiar with the Internet services (DNS, FTP, etc.) and applications your site wants to run (including access to the manuals or documentation for those applications).

Secure Computing Policy for Installations       Sales order should include a requested installation date Install must be at least 2 weeks after receipt of PO On receipt of PO, install coordinator will contact customer and email/fax site survey After receipt of site survey, installer will contact the customer directly to review content/readiness Install must be at least one week after receipt of validated site survey Final install date will depend on confirmation of customer readiness by installer

Cancellation Policy If the customer cancels the install within 2 business days of the scheduled date, he will be charged the full installation price.

Contact Information Network Services Department

Last Updated: 11/5/09 Page 5 of 6

Secure Computing® your trusted source for enterprise security™

www.securecomputing.com
NASDAQ: SCUR (888) 740-8040 (Toll Free) (651) 628-2718 (Fax)

Network_Services@securecomputing.com
Secure Computing Corporation 2340 Energy Park Drive Saint Paul, MN 55108

Last Updated: 11/5/09 Page 6 of 6


				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:111
posted:11/5/2009
language:English
pages:6