If your business relies on Internet connectivity, you need to ensure that connection is secure, and always up!
Yesterday, I helped a new reseller install an Igaware Email & Web Filtering Appliance, at a company with 70 users. And it had to be done without any business disruption.
The installation was very straight forward:
The Email & Web Filtering Appliance was installed in what is called ‘One-handed Mode’, where it is given an IP address on the existing LAN, and given Internet access through the existing Internet gateway. The benefit of one-handed mode is that there’s no disruption to Internet connectivity.
Once the Email & Web Filtering Appliance was visible on the LAN, the Email & Web Filtering Appliance was configured to relay outgoing email for multiple domains, and to forward incoming email to the existing SBS 2008 server.
Next, a scan of the LAN was run from the Email & Web Filtering Appliance, creating a list of all LAN machines to which Internet Access policies were applied. Prior to this, Internet access for machines was completely unrestricted!
To allow user names to appear in Web usage reports the Igaware was joined to the Active Directory Server, and a policy created on the 2008 Server to update Internet Explorer with the Igaware Email & Web Filtering Appliance as the web proxy, thus enabling single sign-on.
Finally, it was time to start sending all Internet and Email traffic through the Email & Web Filtering Appliance. This was done by updating the DHCP Server on the SBS server to set the Igaware as the default gateway, and setting Igaware as the outgoing SMTP server.
On the existing router, incoming email, on port 25, was forwarded to the Igaware Email & Web Filtering Appliance, along with a couple of other ports to allow remote management and monitoring.
Job done. Network secured and no disruption.
The plan is to install the Email & Web Filtering Appliance configured as a full UTM Appliance, replacing the existing firewall/router, but at a time when Internet can be brought down for 20 minutes. This will be even more secure, as then nothing on the LAN can bypass the Igaware to get onto the Internet.