| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] Anti-Virus Solution
It's false if the real mail server is BEHING the FW-1, in that case the
MX record can point to the real mail server. As long as FW is configured to
send SMTP/HTTP and or FTP traffic thru CVP to an antivirus server you can be
sure than any SMTP/HTTP and or FTP trafic flowing thru the firewall will be
send to the CVP server if you put the right rules in you policies. The only case
you need to point the MX record to the Firewall external interface IP is if you
want to filter SMTP trafic which normally doesn't go thru your FW, for exemple:
*Internet* ------ *Mail Servcr* ---- *FW-1* - INTRANET
|
| CVP
|
Anti-Virus Server
Just in that case do you need to point your MX record to the FW-1 and then forward
it to your mail server.
If you use eSafe in CVP mode you can keep your MX records pointing to
your real smtp server you don't have to point it to the Firewall at all.
I do it for two different company and it work perfectly.
Yves Belle-Isle
----- Original Message -----
From: "Jon Vandiveer" <[email protected]>
To: <[email protected]>
Sent: Tuesday, December 25, 2001 10:25
Subject: Re: [FW-1] Anti-Virus Solution
The MX record points to whoever accepts your mail, if you are doing NAT (the
FW accepts the mail and translates to the mail server), if you are not doing
NAT the fw routes the traffic on through to the mailserver (the MX record is
tied to the PUBLIC IP of the mailserver)
If you are to use E-Safe or some other form of SMTP scanner in conjunction
with Checkpoint. The MX record points to an external IP on the outside of
the FW (you arp for it, or use a router to point the the FW's exrternal
interface); the mail comes into the FW and is spooled in the SMTP Security
Server (smtp proxy on the FW; $FWDIR\spool) you must utilize a resouce and a
CVP server in the rulebase and objects. The mail is shunted off to the CVP
server (e-safe in this case) checked, then sent back to the FW then onto the
internal mailserver (Exchange)
{Internet}
|
FW-- CVP
|
|---------------|
SMTP & LAN
Jon
Out of office replies are not accepted and will be bounced.
Date: Mon, 24 Dec 2001 15:00:24 -0500
From: "Zeltser, Roman" <[email protected]>
Subject: Re: Anti-Virus Solution
I don't think it acts like a router, but rather as a member of Ethernet bus
being able to filter inbound traffic. It did work well as an e-mail
anti-virus system for one of my clints.
**********************************
Roman Zeltser,
@National Computer Center,
RSIS & DNE
-----Original Message-----
From: Eduardo Eirós Valle [mailto:[email protected]]
Sent: Thursday, December 20, 2001 2:39 AM
To: [email protected]
Subject: Re: [FW-1] Anti-Virus Solution
Hi Ed,
Wednesday, December 19, 2001, 10:08:27 PM, escribió:
ED> I am looking at E-Safe Gateway from Aladdin, which is a standalone
product you
ED> place on NT 4.0 or Linux between your router and your firewall -- it
acts
ED> as a router, scanning all SMTP/HTTP/FTP traffic for viruses, vandels,
ED> or bad scripts.
ED> Sounds like a good idea -- It would protect incoming and outgoing
ED> traffic I guess - including the AS/400.
ED> Anyone look at one of these setups?
Jon Vandiveer
"They that can give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety."
- Benjamin Franklin, Historical Review of Pennsylvania, 1759.
rm -rf /bin/laden
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
|
|
