![]() You should see the same messages that were originally listed on the ESA. For final verification, check the Policy Quarantine on the SMA: Revisit the SMA, and navigate to Management Appliance > Centralized Services > Policy, Virus and Outbreak Quarantines. The migration steps will now be completed:Īt this time, the migration of the Policy Quarantine from the ESA to the SMA is complete. If there are a large number of messages already in local quarantine, these may take time to process from ESA to SMA: Do not enable centralized policy, virus, and outbreak quarantines on another Email Security appliance until the previous migration is complete.Ĭlick Submit, and finally click Commit. The info notification should be similar. ![]() Note: Only one migration process can be in progress at any time. Note: If you have policy, virus, and outbreak quarantines configured on an ESA, migration of quarantines and all their messages begins as soon as you commit this change. These must match, and if firewall/network ACL is in use, must be opened in order to allow proper migration between the ESA and SMA. Notice, that here again the proper port used for communication is noted. The prerequisite steps on the SMA are now recognized: Returning to the ESA, navigate to Security Services > Policy, Virus and Outbreak Quarantines. In this example, we will continue with Automatic, which will migrate ANY/ALL Policy Quarantines from the ESA to SMA. Please note that you will see the specified name chosen during the ESA add earlier mentioned, followed by the IP address used in communication:įinally, click Submit, and the "Success" notification is presented: If only a particular quarantine is to be migrated, choose Custom. Select Launch Migration Wizard and continue as follows: Once the Commit Changes is completed, the Launch Migration Wizard? of step 2 will become active: Return to the SMA and continue with the following section. The migration steps must still be completed on the SMA. what is being added, the results of the test may vary, but should be similar to:īe sure to Submit and Commit Changes at this point on the SMA.Īt this time, if you were to revisit the ESA and attempt to configure the Centralized Services section of the Policy Quarantine, it would be similar to the following: Upon establishing connection from the SMA to the ESA, the administrator user name and password will be requested. This is the administrative user and password of the ESA that is being added. Based on what is already active vs. Note: You only need to add the IP address that the SMA will use to communicate with the ESA. The appliance name is used only as an administrative reference.īe sure to Establish Connection and Test Connection. Navigate to Management Appliance > Centralized Services > Security Appliances and add the ESA communication to the SMA: ![]() The screen will refresh to show the ?Service enabled? message, seen below: ![]() Note: The Quarantine Port may be changed, but this will need to be opened if there is a firewall/network ACL in place.Ĭlick Submit. Select the interface, if applicable, that is intended to handle traffic from the ESA to the SMA. On the SMA, navigate to Management Appliance > Centralized Services > Policy, Virus and Outbreak Quarantines. If not enabled already, click Enable: In order to migrate these messages and then rely on the SMA to be the active appliance owning the Policy Quarantine, complete the following directions. Starting with the ESA, in an existing Policy Quarantine, there are active messages in the Policy Quarantine: Firewall - port 7025 / TCP (In and Out) / Hostname use: AsyncOS IPs / Description: Pass policy, virus, and outbreak quarantine data between Email Security appliances and the Security Management appliance when this feature is centralized.ESA running 8.0.1 (ESA User Guide, Chapter 27, Quarantines).SMA running 8.1 (SMA User Guide, Chapter 8, Centralized Policy, Virus, and Outbreak Quarantines).Centralized quarantines can be backed up as part of the standard backup functionality on the SMA.Quarantined messages are stored behind the firewall instead of in the DMZ, reducing the security risk.Administrators can manage quarantined messages from multiple Email Security Appliances (ESA) in one location.Policy quarantines used for messages that are caught by:Ĭentralizing these quarantines offers the following benefits:.The following quarantines can now be collectively centralized on a Cisco Security Management Appliance (SMA):
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |