This post will be a collection of thoughts and my own experiences when migrating from a physical C160 to a virtual C100V appliance. Other IronPort ESA P2V appliances may be similar so it’s worth reading on!
In this article I will briefly discuss some content filters that I think could come in handy for IronPort ESA users.
Some of these can also be useful for outbound mail – for example, you should detect and notify when executables are sent outbound as it could be indicative of an internal outbreak which you obviously want to know about.
Just in case you’re reading this and haven’t seen the IronPort x60 replacement programme e-mail – here goes
You get a ‘Violated unidirectional connection’ message in the logs with UDP traffic even if there are rules with ‘ANY’ and ‘ALLOW’ in the rule base.
In my case the problem was that I could not PXE boot clients (using Windows Deployment Services or WDS)
This quick guide will show you how you can create a catchall e-mail for any or all of your secondary/non-primary Google Apps domains.
So by default you can create a catchall account for the primary domain but the same option is not given for secondary/additional domains.
Luckily there is an easy work around for this and we can create a catchall address for any of your Google Apps domains.
The reason I write this post is because most of the guides I found online (when I was searching for a solution for myself) did not seem to implement this in an efficient way (applying the policy to the entire Google Apps ‘company’ rather than on individual domain basis).