Integrating Data Security with Existing Infrastructure > Working with existing email infrastructure
|
1.
|
Run the Websense installer as described in Installing Data Security components. You can install the SMTP agent on a TRITON Management Server, supplemental Data Security server, or as a stand-alone agent on another Windows server machine equipped with Microsoft IIS.
|
2.
|
To configure the SMTP agent, in TRITON - Data Security, select Settings > Deployment > System Modules. Select the SMTP agent.
|
|
In the General tab:
|
|
|
In the SMTP Filter tab:
|
|
Select the Enable filtering on the following internal email domains check box.
|
|
In the Encryption & Bypass tab:
|
|
If you want encrypted or flagged email to bypass analysis, select the Enable redirection gateway check box, then enter the redirection gateway IP and port. Specify the encryption and/or bypass flags to use.
|
|
In the Advanced tab:
|
|
Click OK to save all the above settings.
|
4.
|
Select Main > Policy Management > DLP Policies. Select the policy rule that you wish to use for email management and click Edit.
|
|
|
Select Severity & Action, then select an action plan that includes notifications.
|
6.
|
Click Deploy to activate the settings.
|
7.
|
2.
|
Run the Websense installer as described in Installing Data Security components. During installation make sure the time, date and time zone are precise, and map eth0 to verify it is located on the main board.
|
4.
|
To configure the protector, in TRITON - Data Security, select Settings > Deployment > System Modules. Select the protector.
|
|
In the General tab:
|
|
Select Enabled.
|
|
In the Networking tab:
|
|
Set Default gateway to the outbound gateway.
|
|
Set Interface to br0.
|
|
For the Connection mode, select Inline (Bridge).
|
|
In the Network Interfaces list, select br0 and click Edit. Select Enable bypass mode to allow traffic in case of Data Security Server software/hardware failure. Click OK.
|
|
|
Select Include specific networks. Add all the internal networks for all sites. This list is used to identify the direction of the traffic.The mail servers and mail relays should be considered part of the internal network.
|
|
|
Select the SMTP service. On the General tab, set the Mode to Monitoring bridge. On the Traffic Filter tab, set the Direction to Outbound. Click OK.
|
|
Select the HTTP service. On the General tab, set the Mode to Monitoring bridge. On the Traffic Filter tab, set the Direction to Outbound. On the HTTP Filter tab, select Exclude destination domains if required. Click OK.
|
|
2.
|
Run the Websense installer as described in Installing Data Security components. Make sure the time, date and time zone are precise, and verify that eth0 (or whatever port you specified during installation) is mapped and located on the main board.
|
1.
|
In TRITON - Data Security, select Settings > Deployment > System Modules. Select the protector.
|
2.
|
In the General tab:
|
|
Select Enabled.
|
3.
|
In the Local Networks tab:
|
|
Select Include specific networks. Add all the internal networks for all sites. This list is used to identify the direction of the traffic.The mail servers and mail relays should be considered part of the internal network.
|
4.
|
In the Services tab:
|
|
|
|
On the Mail Transfer Agent (MTA) tab:
|
|
Set the Operation Mode to Blocking and select the behavior desired when an unspecified error occurs during analysis.
|
|
|
Set the next hop MTA if required (for example, the company mail relay).
|
5.
|
Click OK to save all the above settings for the protector.
|
6.
|
Select Main > Policy Management > DLP Policies. Select the policy rule that you wish to use for email management and click Edit.
|
|
|
Select Severity & Action, then select an action plan that includes notifications.
|
|
Click OK to save all the above settings.
|
8.
|
Click Deploy to activate the settings.
|
Integrating Data Security with Existing Infrastructure > Working with existing email infrastructure
|