COMPREHENSIVE INTERNET SECURITY ™ SonicWALL Email Security Appliances b SonicWALL Email Security 200 / 300 / 400 / 500 Getting Started Guide
SonicWALL Email Security 200, 300, 400, 500 Getting Started Guide This Getting Started Guide contains installation procedures and configuration guidelines for deploying a SonicWALL Email Security appliance on your network. SonicWALL Email Security provides effective, high-performance and easy-to-use inbound and outbound email threat protection.
Contents This document contains the following sections: Page 2 1 “Before You Begin” on page 3 • “Check Package Contents” on page 3 • “What You Need to Begin” on page 4 • “Record Configuration Information” on page 4 • “Overview of the SonicWALL Email Security Appliance” on page 5 2 “Registering Your SonicWALL Email Security Appliance” on page 6 • “Before You Register” on page 6 • “Creating a mysonicwall.
1 Before You Begin Check Package Contents 1 One SonicWALL Email Security appliance 2 One Getting Started Guide document 3 One Release Note document Any Items Missing? 4 One Thank You card 5 One SonicWALL Resource CD 6 One crossover cable (red) 7 One Ethernet cable (gray) If any items are missing from your package, contact: SonicWALL Support Web: Email: customer_service@sonicwall.
What You Need to Begin • • • A computer to use as a management station for initial configuration of the SonicWALL Email Security appliance A Web browser supporting Java and HTTP uploads. Internet Explorer 5.0 or higher, Netscape Navigator 4.7 or higher, Mozilla 1.
Overview of the SonicWALL Email Security Appliance SonicWALL Email Security Appliance HDD LED Power LED Cooling Fan Serial Port Power Supply Power Button Reset Button* LAN Port * Pressing the reset button for several seconds will result in a reboot of the SonicWALL Email Security appliance. Alert: Do not plug devices into any ports (other than those indicated) unless explicitly instructed to do so by a SonicWALL technical support representative. Doing so may void your warranty.
2 Registering Your SonicWALL Email Security Appliance Before you can use your SonicWALL Email Security appliance, you must first register your appliance and activate your licenses for the SonicWALL Email Protection Subscription and Dynamic Support. Before You Register You need a mysonicwall.com account to register the SonicWALL Email Security appliance. If you already have a mysonicwall.com account, go to “Registering Your SonicWALL Email Security Appliance” on page 7 to register your appliance.
5. When you return to the login screen, log in with your new username and password. 6. Confirm your account by entering the subscription code you received in the email. Congratulations, you have created and logged into your mysonicwall.com account. Registering Your SonicWALL Email Security Appliance 1. Locate your SonicWALL Email Security Software serial number. It should be printed on the label on the right-side of your SonicWALL Email Security appliance. 2.
5. Click . 6. Follow the online prompts to fill out the survey and complete the registration process. Activating Your SonicWALL Email Protection Subscription and Dynamic Support 1. When you purchased your subscription to SonicWALL Email Protection Subscription and Dynamic Support, you should have received an activation code. If you have not purchased a subscription, contact your SonicWALL Sales representative. 2. If you are not already in the Service Management page, click on My Products.
The services that are already activated will display with character license key. and a 27- If a service you purchased a license for is not activated, click the service to activate it. next to Note: If your Email Protection Subscription service is not installed, you must activate it in order to use the spam and phishing protection in your SonicWALL Email Security appliance. 4. Locate your activation codes. They should be sets of 8 alpha-numeric characters in the format XXXXXXXX. 5.
3 Setting Up the SonicWALL Email Security Appliance In this section, you will: • “Apply Power to the SonicWALL Email Security Appliance” on page 10 • “Connect Directly to the SonicWALL Email Security Appliance” on page 10 • “Login to the SonicWALL Email Security Appliance” on page 11 • “Change the Default Administrator Password” on page 13 • “Enter the License Keys for Each Service” on page 14 Apply Power to the SonicWALL Email Security Appliance 1.
Login to the SonicWALL Email Security Appliance 1. Open a Web browser on the computer you are using to administer the SonicWALL Email Security appliance. 2. Enter http://192.168.168.169 (the default IP address of the SonicWALL Email Security appliance) in the Location or Address bar. The SonicWALL Email Security Web management login screen displays. Note: Depending on your browser settings, one or more security warnings may display while connecting to the Email Security Web management interface.
4. The first time you log in to the SonicWALL Email Security appliance, you must configure the monitoring settings before you can use the administrative interface: Email address of the administrator who receives emergency alerts: The email address of the mail server administrator. Enter the complete email address. For example, user@example.com Postmaster for the MTA: The email address of the Mail Transfer Agent administrator. Enter the complete email address. For example, user@example.
Navigate the SonicWALL Email Security Interface The SonicWALL Email Security administration interface has eight buttons across the top of the screen. Each button corresponds to a different set of management topics. Each button brings up a set of management pages you can navigate with a menu in the left column. When you select a different button at the top, the left-navigation menu changes. At all times in the management interface, one button is selected and one page in the leftnavigation menu is selected.
Enter the License Keys for Each Service 1. Enter each license key for a service in the License Key field. 2. Click the Add License Key button. 3. Repeat this step for each license key. The Module table will display the licensing status of each service you enter a key for.
4 Setting Up Network Configuration Before you connect your SonicWALL Email Security appliance to your network, you need to set up the network configuration on the appliance: 1. In the left navigation menu, click on Host Configuration. The Server Configuration > Host Configuration page displays. Hostname: Enter a hostname you can use within your network to address the SonicWALL Email Security appliance. Enter a fully qualified domain name, for example, emailsecurity.example.
3. Disconnect the crossover cable from the SonicWALL Email Security appliance. 4. Reset your management computer’s IP settings to work with your network. For example, if your network uses DHCP, reset your Local Area Connection to obtain and IP address and DNS settings dynamically from the server. 5. Reconnect your management computer to your network. You will use the network to access the SonicWALL Email Security appliance in the next steps.
5 Connecting the SonicWALL Email Security Appliance to Your Network Your SonicWALL Email Security appliance is designed to operate in most network setups with minimal configuration. The following instructions guide you through the process of connecting the SonicWALL Email Security appliance to your network. The diagrams below provide a “before” and “after” view of a network using SonicWALL Email Security.
6 Configuring the SonicWALL Email Security Appliance In this section, you will: • “Set the Time and Date” on page 18 • “Use Quick Configuration to Set Up Email Management” on page 19 Set the Time and Date 1. Under Server Configuration click Host Configuration in the left column. 2. At the bottom of the Server Configuration > Host Configuration page, under More Settings, click Current system date and time: Select the current year, month, day, hour, and minute.
Use Quick Configuration to Set Up Email Management The Quick Configuration page will walk you step-by-step through the configuration of your SonicWALL Email Security appliance. Use this window the first time you configure SonicWALL Email Security if you are installing SonicWALL Email Security as an All-InOne server and have only one downstream server. More options for these settings are available in the other Server Configuration pages.
1. In the Network Architecture section, configure the inbound and outbound message processing paths: Inbound destination server: This is the hostname (or IP address) and port number of the email server that will accept good email after SonicWALL Email Security removes and quarantines junk email. For example, this could be the IP address of a Microsoft Exchange server. The most common port number is 25.
2. In the LDAP Configuration section, configure: LDAP server name: This is the hostname or IP address of the LDAP server. In many instances, this is the name of your Exchange server or your email server. Use the Test LDAP Login button to try out various combinations of server name, login name, and password, until you find one that succeeds. Note: SonicWALL Email Security uses your existing Active Directory or LDAP server to authenticate end users as they log in to their personal junk boxes.
Login name: Many LDAP servers are configured to provide the list of users to anyone who asks. This is called Anonymous Bind. The administrator should first select that option, then click on the Test LDAP Login button to test it. If Anonymous Bind does not work, the administrator will need to provide a username and password to get LDAP to return the list of users. Often this can be the login information of an existing, regular user on the network. It probably will not need to be a network administrator.
NetBIOS domain names: In a Microsoft Windows environment, users are grouped under NT Domains and they are authenticated against the one particular NT Domain they are grouped in. Whatever list is specified here is offered as a pull-down menu to users on the Login page. The intent is to provide users who are used to logging in to their Microsoft Windows computers the identical interface they are normally presented with.
4. In the Junk Box Summary section, configure: Send summaries daily: If checked, users receive daily summary messages of junk mail caught by the SonicWALL Email Security appliance. If unchecked, summary messages are not sent. Users can preview their own quarantined junk mail: If checked, users can preview junk mail messages without unjunking them. If they receive summaries, the summaries will contain a preview link for each junk email.
7 Verification and Further Configuration In this section, you will: • “Verify Your SonicWALL Email Security Appliance Configuration” on page 25 • “Route Mail to Your SonicWALL Email Security Appliance” on page 26 • “Verify Mail from the Internet Through Your SonicWALL Email Security Appliance” on page 26 • “Configure Outbound Mail Filtering” on page 27 Verify Your SonicWALL Email Security Appliance Configuration Now that you have completed the configuration of your SonicWALL Email Security appliance, veri
Route Mail to Your SonicWALL Email Security Appliance In order for your SonicWALL Email Security appliance to start filtering and monitoring mail, you must re-route mail traffic through your SonicWALL Email Security appliance. Mail traffic must pass from the Internet to the appliance, and then the appliance sends the good mail on to your mail server.
Configure Outbound Mail Filtering You can have your SonicWALL Email Security appliance filter outbound mail from your mail server to the Internet. To configure outbound mail filtering, you configure both your mail server and your SonicWALL Email Security appliance for the outbound mail path. Configure the outbound mail destination of your mail server to point to the IP address or host name of your SonicWALL Email Security appliance. This is typically done by configuring a Smart Host on your mail server.
2. Browse to the Delivery tab, and click the Advanced button: 3. In the Smart Host field, enter the FQDN on your SonicWALL Email Security appliance (such as, esa.example.com). Note: The Exchange Server must be able to resolve this host name. 4. Click OK On your SonicWALL Email Security appliance, in the Server Configuration > Network Architecture page, configure a separate, outbound path to handle the outbound email flow at the appliance.
Example Given this: 10.100.0.10: Exchange Server (exch1.example.com) 10.100.0.100: SonicWALL Email Security appliance (esa.example.com) You might have two paths that look like this: Inbound Outbound Source IP Any 10.100.0.10 Listen On Any:25 Any:25 Destination (proxy) exch1.example.com:25 MX In this scenario, any message that arrives at the SonicWALL Email Security appliance from 10.100.0.
Configuring a Static IP Address Complete the following section based on your operating system in order to configure your management computer with a static IP address: Windows XP 1. From the Start menu, highlight Connect To and then select Show All Connections. 2. Open the Local Area Connection Properties window. 3. Double-click Internet Protocol (TCP/IP) to open the Internet Protocol (TCP/IP) Properties window. 4. Select Use the following IP address and type 192.168.168.50 in the IP address field. 5.
Mounting the SonicWALL Email Security 200 / 300 / 400 / 500 The above SonicWALL appliances are designed to be mounted in a standard 19-inch rack mount cabinet. The following conditions are required for proper installation: • Use the mounting hardware recommended by the rack manufacturer and ensure that the rack is adequate for the application. • Four mounting screws, compatible with the rack design, must be used and hand tightened to ensure secure installation.
Weitere Hinweise zur Montage der Modell Die oben genannten SonicWALL-Modelle sind für eine Montage in einem standardmäßigen 19-Zoll-Rack konzipiert. Für eine ordnungsgemäße Montage müssen die folgenden Bedingungen erfüllt werden: • Vergewissern Sie sich, dass das Rack für die Anwendung geeignet ist, und verwenden Sie das vom Rack-Hersteller empfohlene Montagezubehör. • Verwenden Sie für eine sichere Montage vier passende Befestigungsschrauben, und ziehen Sie diese mit der Hand an.
SonicWALL Email Security Appliance Regulatory Statement and Safety Instructions Regulatory Model/Type Product Name 1RK0F-04A, 1RK0E-041 Email Security 200 Email Security 300 1RK0F-04B, 1RK0E-041 Email Security 400 Email Security 500 Unauthorized Ports Do not plug devices into any ports (other than those indicated) unless explicitly instructed to do so by a SonicWALL technical support representative. Doing so may void your warranty.
Notice About Modifying Equipment Alert: Modifying this equipment or using this equipment for purposes not shown in this manual without the written consent of SonicWALL, Inc. could void the user’s authority to operate this equipment. BMSI Statement VCCI Statement Canadian Radio Frequency Emissions Statement This Class A digital apparatus complies with Canadian ICES-003. Cet appareil numérique de la classe A est conforme à toutes la norme NMB-003 du Canada.
Declaration of Conformity Standards to which conformity is declared EN 55022 (1998) Class A EN 55024 (1998) EN 61000-3-2 (2000) + A2 EN 61000-3-3 (1995) + A1 EN 60950-1 (2001) +A11 National Deviations: AT, AU, BE, CH, CN, CZ, DE, DK, FI, FR, GB, GR, HU, IE, IL, IN, IT, JP, KR, NL, NO, PL, SE, SG, SI Regulatory Information for Korea All products with country code “” (blank) and “A” are made in the USA. All products with country code “B” are made in China.
German Language Regulatory and Safety Instructions Hinweis zur Lithiumbatterie Die in der Internet Security appliance von SonicWALL verwendete Lithiumbatterie darf nicht vom Benutzer ausgetauscht werden. Zum Austauschen der Batterie muss die SonicWALL in ein von SonicWALL autorisiertes Service-Center gebracht werden. Dort wird die Batterie durch denselben oder entsprechenden, vom Hersteller empfohlenen Batterietyp ersetzt.
Copyright Notice © 2006 SonicWALL, Inc. All rights reserved. Under the copyright laws, this manual or the software described within, cannot be copied, in whole or part, without the written consent of the manufacturer, except in the normal use of the software to make a backup copy. The same proprietary and copyright notices must be affixed to any permitted copies as were affixed to the original.
Notes Page 38
Notes SonicWALL Email Security Getting Started Guide Page 39
Notes Page 40
SonicWALL, Inc. 1143 Borregas Avenue Sunnyvale, CA 94089-1306 T: 408.745.9600 F: 408.745.9300 www.sonicwall.com © 2006 SonicWALL, Inc . SonicWALL is a registered trademark of SonicWALL, Inc . Other product and company names mentioned herein may be trademarks and/ or registered trademarks of their respective companies. Specifications and descriptions subject to change with out notice.