221 - FortiMail Email Filtering
System Configuration
System Configuration Module 2
© 2013 Fortinet Inc. All r ights reserved. The information contained herein is subject to change without notice. No part of this publication including text, examples, diagrams 1 or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical optical or otherwise, for any purpose, without without prior written permission of Fortinet Inc. 06-50000-0221-20130726
Module Objectives • By the end of this module, you will be able to: » Use CLI and web UI administrative interfaces » Configure initial settings on the FortiMail system » Search FortiMail system logs to obtain data
2
06-50000-0221-20130726
1
221 - FortiMail Email Filtering
System Configuration
Web Access • Admin Login https://192.168.1.99/admin
• Webmail Login https://192.168.1.99
3
Admin Web UI
4
06-50000-0221-20130726
2
221 - FortiMail Email Filtering
System Configuration
System Status
5
Admin Menu • Menu options available in the Admin web UI include the following:
6
06-50000-0221-20130726
3
221 - FortiMail Email Filtering
System Configuration
System • Dashboard JAVA Based Console » Provides direct access to the command line interface via the web GUI
7
Login Customization
8
06-50000-0221-20130726
4
221 - FortiMail Email Filtering
System Configuration
Context Sensitive On-line Help
9
Basic and Advanced Mode • Basic Mode » Commonly used options only » Day-to-day operation
• Advanced Mode » Full set of menu options
10
06-50000-0221-20130726
5
221 - FortiMail Email Filtering
System Configuration
CLI Tree Command
Object
config
system interface
Table
Subcommand edit
Option
set status {up | down}
Field
set ip next end
Value
11
Quick Start Wizard
• Effective way to have the unit up and running in no time by configuring the following parameters: »Default password for the administrator account »Network and time settings »Local host settings »Protected domains »Incoming and outgoing antispam and antivirus » Access control rules for SMTP Relay Note:
The operational mode cannot be set though the Quick Start Wizard
12
06-50000-0221-20130726
6
221 - FortiMail Email Filtering
System Configuration
Configuring Network Interfaces
13
Link Status Propagation • Link status of a port is propagated to other port(s) » Status of an interface is linked to the status of another interface » If associated interface is down, the interface goes down too
14
06-50000-0221-20130726
7
221 - FortiMail Email Filtering
System Configuration
Link Status Propagation
MTA
3.
F OR TI MA IL I S REMOVED FROM THE LB POOL
• If the outgoing interface is down FortiMail unit will disable the incoming interface and vice-versa • Downstream load-balancer:
2 . S TA TU S
» Detects the failure
PROPAGATION
» Removes the appliance from the LB algorithm to stop mail forwarding 1 . F AI LU RE DETECTION
» Sends messages to other units available in the pool
15
Configuring Routing
16
06-50000-0221-20130726
8
221 - FortiMail Email Filtering
System Configuration
Route Selection • The destination IP address is compared to those of the static routes to determine which route a packet will take • The most specific route will always be chosen • If there is more than one specific route available in the routing table, the FortiMail unit will apply the route with the smallest index number • The index number is a unique value used to identify a route entry in the routing table and can be determined with the following CLI command: get system route
17
DNS Settings
• Primary and secondary DNS can be configured using the web UI or the CLI
CLI Configuration: config system dns set primary 10.0.1.1 set secondary 208.91.112.52 end
18
06-50000-0221-20130726
9
221 - FortiMail Email Filtering
System Configuration
Administration Options
19
Access Profiles • Access Profiles are used to: » Control which areas an administrator can access » Define the level of permissions in that area
20
06-50000-0221-20130726
10
221 - FortiMail Email Filtering
System Configuration
Password Policies • Enforce complex passwords • Apply to administrators, webmail and IBE users
21
Admin Authentication • Authentication types supported include local, RADIUS, RADIUS+Local, PKI and LDAP
22
06-50000-0221-20130726
11
221 - FortiMail Email Filtering
System Configuration
Enable and Disable Message Services • Allows you to turn SMTP, POP3 or IMAP services ON/OFF • Required for vulnerability and security assessment tests when those services are not in use • CLI configuration: config system mailserver set smtp-service enable|disable set pop3-service enable|disable set imap-service enable|disable
23
FortiMail Log Types • The following types of log messages can be recorded: » History • Emails handled by the FortiMail unit
» Event • System and admin related logs
» Antivirus • Virus detection and inspection logs
» Antispam • Spam related messages
» Encryption • Encryption subsystem such as IBE and S/MIME
24
06-50000-0221-20130726
12
221 - FortiMail Email Filtering
System Configuration
Log Message Severity Levels
Levels
Description
0 – Emergency
System unstable
1 – Alert
Immediate action required
2 – Critical
General functionality affected
3 – Error
Error condition exists
4 – Warning
Functionality could be affected
5 – Notification
Notification about normal events
7 – Information
General system operation
25
History Log Disposition and Classifier • Disposition and Classifier are used to provide extra information regarding email processing » Disposition defines the action taken by the FortiMail unit » Classifier explains why such action was taken
• For a complete list of Dispositions and Classifiers, refer to the FortiMail Admin Guide 26
06-50000-0221-20130726
13
221 - FortiMail Email Filtering
System Configuration
Logging Storage •
•
Log messages can be logged to local disk (default option) or to a remote device (for example, FortiAnalyzer system, generic syslog) Different logging policies can be configured based on the logging location
27
Log Message Correlation • Since different types of log files record different activities, the same SMTP session may be logged in different types of log files • Click on the Session ID link to display all the logs generated for a specific SMTP session
28
06-50000-0221-20130726
14
221 - FortiMail Email Filtering
System Configuration
Reports • Reports can be generated directly from the FortiMail Unit • Generated reports appear in Monitor > Reports
29
SNMP • SNMP agent can be enabled on the FortiMail unit to generate SNMP traps when certain system events or thresholds have been reached • Up to three SNMP communities can be configured on the FortiMail unit
30
06-50000-0221-20130726
15
221 - FortiMail Email Filtering
System Configuration
SNMP Support
• SNMP message integrity, authentication and encryption
SNMP v1, v2c
SNMP v3
31
SNMP v3 Configuration
32
06-50000-0221-20130726
16