esafe implementation topologies
Download
Skip this Video
Download Presentation
eSafe Implementation Topologies

Loading in 2 Seconds...

play fullscreen
1 / 24

eSafe Implementation Topologies - PowerPoint PPT Presentation


  • 132 Views
  • Uploaded on

eSafe Implementation Topologies. CVP Implementations. Using ESG CVP + ESM SMTP. Mail Relay. DMZ. ESM SMTP. SMTP. HTTP FTP. ESG CVP. Mail Server Exchange Server. Internal Network. Load balancing with ESG CVP. Options 1. Using an extra CR for HTTP, FTP and SMTP

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' eSafe Implementation Topologies' - jerzy


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
using esg cvp esm smtp
Using ESG CVP + ESM SMTP

Mail Relay

DMZ

ESM SMTP

SMTP

HTTP

FTP

ESG CVP

Mail Server

Exchange Server

Internal Network

load balancing with esg cvp
Load balancing with ESG CVP
  • Options
  • 1. Using an extra CR for HTTP, FTP and SMTP
  • 2. Using an extra CR for SMTP only
  • 3. Using FW-1 CVP load-sharing

Mail Relay

DMZ

ESG CVP

ESG CVP

Mail Server

Exchange Server

Internal Network

standard esg nitroinspection implementation
Standard ESG NitroInspection implementation

Mail Relay

DMZ

ESG

HTTP

SMTP

FTP

Mail Server

Exchange Server

Internal Network

esg ni nitroinspection esm smtp
ESG NI (NitroInspection) + ESM SMTP

Mail Relay

DMZ

ESM SMTP

SMTP

ESG

HTTP

FTP

Mail Server

Exchange Server

Internal Network

esm for exchange esm smtp
ESM for Exchange + ESM SMTP

Mail Relay

DMZ

ESM SMTP

SMTP

ESM forExchange

Mail Traffic

Mail Server

Internal Network

multi lan esg ni
Multi-LAN ESG NI

Mail Relay

Second Network

DMZ

ESG NI

Mail Server

Exchange Server

Internal Network

load balancing with esg nitroinspection
Load balancing with ESG NitroInspection

Mail Relay

DMZ

ESGCR+CI

ESGCI

ESGCI

Mail Server

Internal Network

esg ni with hardware load balancers alteon f5 css
ESG NI with Hardware load-balancers (Alteon, F5, CSS…)

Mail Relay

DMZ

ESG

Load balancers

+ HA

ESG

Mail Server

Internal Network

esg ni smart l4 l7 switches no single point of failure
ESG NI smart L4/L7 switches(no single-point-of-failure)

DMZ

Web server

L4/L7 switch

ESG

Only HTTP traffic is redirected

Mail Server

Internal Network

high capacity content security with radware cid
High Capacity Content Security(With Radware CID)
  • MIME type based content routing
  • Built in high-availability and load-balancing

ESGHTML only inspector

HTTPHTML Only

ESGHTML/FTP archive inspector

Aladdin/RadwareContent Manager

HTTP/FTPZIP Only

HTTP/FTPAll other

ESGHTML all other content inspector

SMTPOnly

ESMSMTP content inspector

Other protocols and Trusted HTTP traffic bypasses Content Inspectors (according to MIME type)

Internal Network

high capacity content security with radware cid1
High Capacity Content Security(With Radware CID)

LAN

Radware CSD-AV

FW

Potentially Malicious Content

EXE, ZIP, HTML

eSafe Content Security Farm

ESG3

ESM1

ESG2

ESG1

ESG1 – HTTP traffic, only HTMLs

ESG2 – HTTP/FTP traffic, only archive (zip) files

ESG3 – HTTP/FTP all other traffic

ESM1 – SMTP traffic

esg ni in a dmz with a firewall and a proxy
ESG NI in a DMZ with a Firewall and a Proxy

HTTP

DMZ

Mail Relay

ESM

SMTP

ESGall internal IPs are defined as Trusted Destinations

Only HTTP/FTP requests from the proxy are inspected

Proxy

Mail Server

Exchange Server

Internal Network

esg nitroinspection with a switch and a proxy
ESG NitroInspection™with a switch and a Proxy

DMZ

ESM SMTP

SMTP

Proxy’s Default Gateway

Proxy

ESG NI

Mail Server

Exchange Server

Internal Network

internet connection naming convention
Internet Connection Naming Convention
  • ISDN = 64Kbit/sec
  • USA:
    • DS1/T1 – 24 * ISDN = 1.544Mbit
    • DS2/T2 – 4 * T1 = 6.176Mbit
    • DS3/T3 – 28 * T1 = 44.736Mbit
  • Europe:
    • E1 = 2Mbit
    • E2 = 8Mbit
    • E3 = 34Mbit
  • OC1 = 55Mbit
  • OC3 = 155Mbit
esafe gateway nitroinspection
eSafe Gateway (NitroInspection)
  • Load balancing is done using 3rd party device
  • High-capacity is done using Radware CSD
esafe gateway cvp
eSafe Gateway CVP

* Load balancing for CRs is done using CVP

esafe mail smtp
eSafe Mail / SMTP
  • One eSafe Mail is capable of processing on average:
    • 40,000 to 60,000 emails in one hour
    • 10,000 employees sending/receiving 50 email in one working day
  • Load balancing can be done:
    • Check Point CVP
    • DNS MX records
    • 3rd party load balancer (Radware, F5, CSS, Alteon etc.)
ad