Presentation is loading. Please wait.

Presentation is loading. Please wait.

eSafe Implementation Topologies

Published byHannah Beach Modified over 10 years ago

Similar presentations

Presentation on theme: "eSafe Implementation Topologies"— Presentation transcript:

1 eSafe Implementation Topologies

2 CVP Implementations

3 Using ESG CVP + ESM SMTP DMZ Mail Relay ESM SMTP ESG CVP
HTTP FTP ESG CVP Mail Server Exchange Server Internal Network

4 Load balancing with ESG CVP
Options 1. Using an extra CR for HTTP, FTP and SMTP 2. Using an extra CR for SMTP only 3. Using FW-1 CVP load-sharing Mail Relay DMZ ESG CVP ESG CVP Mail Server Exchange Server Internal Network

5 NitroInspection™

6 Standard ESG NitroInspection implementation
Mail Relay DMZ ESG HTTP SMTP FTP Mail Server Exchange Server Internal Network

7 ESG NI (NitroInspection) + ESM SMTP
Mail Relay DMZ ESM SMTP SMTP ESG HTTP FTP Mail Server Exchange Server Internal Network

8 ESM for Exchange + ESM SMTP
Mail Relay DMZ ESM SMTP SMTP ESM for Exchange Mail Traffic Mail Server Internal Network

9 Load Balancing -- High Availability

10 Multi-LAN ESG NI DMZ Mail Relay Second Network ESG NI Internal Network
Mail Server Exchange Server Internal Network

11 Load balancing with ESG NitroInspection
Mail Relay DMZ ESG CR+CI ESG CI ESG CI Mail Server Internal Network

12 ESG NI with Hardware load-balancers (Alteon, F5, CSS…)
Mail Relay DMZ ESG Load balancers + HA ESG Mail Server Internal Network

13 ESG NI smart L4/L7 switches (no single-point-of-failure)
DMZ Web server L4/L7 switch ESG Only HTTP traffic is redirected Mail Server Internal Network

14 ESG NI load-balancing with StoneSoft SecurityCluster

15 High Capacity Content Security (With Radware CID)
MIME type based content routing Built in high-availability and load-balancing ESG HTML only inspector HTTP HTML Only ESG HTML/FTP archive inspector Aladdin/Radware Content Manager HTTP/FTP ZIP Only HTTP/FTP All other ESG HTML all other content inspector SMTP Only ESM SMTP content inspector Other protocols and Trusted HTTP traffic bypasses Content Inspectors (according to MIME type) Internal Network

16 High Capacity Content Security (With Radware CID)
LAN Radware CSD-AV FW Potentially Malicious Content EXE, ZIP, HTML eSafe Content Security Farm ESG1 ESG2 ESG3 ESM1 ESG1 – HTTP traffic, only HTMLs ESG2 – HTTP/FTP traffic, only archive (zip) files ESG3 – HTTP/FTP all other traffic ESM1 – SMTP traffic

17 HTTP Proxy environments

18 ESG NI in a DMZ with a Firewall and a Proxy
Mail Relay ESM SMTP ESG all internal IPs are defined as Trusted Destinations HTTP Only HTTP/FTP requests from the proxy are inspected Proxy Mail Server Exchange Server Internal Network

19 ESG NitroInspection™ with a switch and a Proxy
DMZ ESM SMTP SMTP Proxy’s Default Gateway Proxy ESG NI Mail Server Exchange Server Internal Network

20 Throughput

21 Internet Connection Naming Convention
ISDN = 64Kbit/sec USA: DS1/T1 – 24 * ISDN = 1.544Mbit DS2/T2 – 4 * T1 = 6.176Mbit DS3/T3 – 28 * T1 = Mbit Europe: E1 = 2Mbit E2 = 8Mbit E3 = 34Mbit OC1 = 55Mbit OC3 = 155Mbit

22 eSafe Gateway (NitroInspection)
Bandwidth / Number of Users T1/E1 (1.5-2Mbit) T2 (6Mbit) E2/2*T2 (8-12Mbit) T3/OC1 (45-55Mbit) OC3 (155Mbit) CR +CI 10-200 1 2 N/A 1 * HTTP 1 * SMTP 2 * HTTP 1000+ 3 3 * HTTP 2 * SMTP 10* HTTP 10 High Capacity 4 * HTTP 8 * HTTP Load balancing is done using 3rd party device High-capacity is done using Radware CSD

23 eSafe Gateway CVP * Load balancing for CRs is done using CVP T1/E1
Bandwidth / Number of Users T1/E1 (1.5/2Mbit) T2 (6Mbit) E2/2*T2 (8/12Mbit) T3/OC1 (45/55Mbit) OC3 (155Mbit) CR 10-200 1 2 3 N/A 1 * HTTP 1 * SMTP 2 * HTTP 3 * HTTP 1000+ 4 * HTTP 2 * SMTP * Load balancing for CRs is done using CVP

24 eSafe Mail / SMTP One eSafe Mail is capable of processing on average:
40,000 to 60,000 s in one hour 10,000 employees sending/receiving 50 in one working day Load balancing can be done: Check Point CVP DNS MX records 3rd party load balancer (Radware, F5, CSS, Alteon etc.)

Download ppt "eSafe Implementation Topologies"

Similar presentations

TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST

TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST
Numbers Treasure Hunt Following each question, click on the answer. If correct, the next page will load with a graphic first – these can be used to check.

Numbers Treasure Hunt Following each question, click on the answer. If correct, the next page will load with a graphic first – these can be used to check.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Chapter 22 Simple Mail Transfer Protocol (SMTP)

McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Chapter 22 Simple Mail Transfer Protocol (SMTP)
You have been given a mission and a code. Use the code to complete the mission and you will save the world from obliteration…

You have been given a mission and a code. Use the code to complete the mission and you will save the world from obliteration…
1 UNIT I (Contd..) High-Speed LANs. 2 Introduction Fast Ethernet and Gigabit Ethernet Fast Ethernet and Gigabit Ethernet Fibre Channel Fibre Channel High-speed.

1 UNIT I (Contd..) High-Speed LANs. 2 Introduction Fast Ethernet and Gigabit Ethernet Fast Ethernet and Gigabit Ethernet Fibre Channel Fibre Channel High-speed.
Advanced Piloting Cruise Plot.

Advanced Piloting Cruise Plot.
1

1
& dding ubtracting ractions.

& dding ubtracting ractions.
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.

Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.

1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.
By D. Fisher Geometric Transformations. Reflection, Rotation, or Translation 1.

By D. Fisher Geometric Transformations. Reflection, Rotation, or Translation 1.
Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.

Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.
UNITED NATIONS Shipment Details Report – January 2006.

UNITED NATIONS Shipment Details Report – January 2006.
Business Transaction Management Software for Application Coordination 1 www.choreology.com Business Processes and Coordination.

Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Title Subtitle.

Title Subtitle.
CALENDAR.

CALENDAR.
0 - 0.

0 - 0.
1 1  1 =.

1 1  1 =.

Similar presentations

Ads by Google