Escolar Documentos
Profissional Documentos
Cultura Documentos
This document contains information that is proprietary and confidential to McAfee. No part of this document may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means (electronic, mechanical, photocopying, recording, or oth- Web site: www.mxlogic.com erwise) without prior written permission from McAfee. All copies of this document Documentation Feedback: are the sole property of McAfee and must be documentation@mxlogic.com returned promptly upon request.
McAfee, Inc. 9781 South Meridian Blvd., Suite 400 Englewood, CO 80112 USA Direct +1 720-895-5700 Toll Free +1 877-695-6442 Fax +1 720-895-5757
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
ii
Contents
1 Administering Customers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Quick Start Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 Who Should Use This Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3 Administrative Levels of Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3 Recommended Browsers for Control Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5 Administrative Windows Accessible by Administrators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5 Partner Permissions for Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13 Partner Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13 Parent Partner Administration of Downstream Partners . . . . . . . . . . . . . . . . . . . . . . . . . . . .14 Parent Partner Administration of Customers of Downstream Partners . . . . . . . . . . . . . . . . .14 Ensure the Customer Can Receive Email from the Service Provider . . . . . . . . . . . . . . . . . .15 Sign into the Control Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15 Reset Your Password from the Sign in Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16 Review the List of Customers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19 Download a List of Customers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20 Create a customer and activate package solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20 Bundles and Packages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20 Rules for Selecting Bundles and Packages .....................................................................21 Steps to Create a Customer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22 Create a Primary Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26 Create a Domain Alias, If Necessary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28 Set up the Customers Inbound Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29 Delete an Inbound Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30 Add IP Address of Outbound Server, If Necessary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30 Delete an Outbound Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32 Have the Customer Set up a Smart Host (If Outbound Mail Protection is Turned on) . . . . .32 Have the Customer Redirect the MX Records . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32 Confirm the Policies for Customer Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33 Have the Customer Lock Down the Customer Environment . . . . . . . . . . . . . . . . . . . . . . . . .33 Rebrand your interface and that of your customers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33 Types of branding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34 Available Branding Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35 Levels of Branding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37 Configure Branding at the Partner Level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38 Configure Branding for a Customer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40 Set up a protected user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
iii
Administer Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42 Administer Other Administrators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43 Customize Inbound Mail Filters (Optional) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45 Create Groups, If Necessary (Enterprise Customer Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45 Administer Disaster Recovery Services for the Customer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45 Administer MSP Connector . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46 Create a Partner Distribution List (for MSP Connector only) . . . . . . . . . . . . . . . . . . . . . . . . .47 Configure the Partner MSP Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47 Add Customers for MSP Report Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48 Turn on Exception Notifications for the Partners MSP Connection . . . . . . . . . . . . . . . . . . .49 View an MSP Connector Audit Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50 Download an Audit Report ...............................................................................................54 Sample ConnectWise Configuration page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54 Configuring MSP Connector for Customers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55 Configure Message Audit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
iv
Create a Primary Domain Create a Domain Alias, If Necessary Set up the Customers Inbound Servers
Add IP Address of Outbound Server, If Necessary Have the Customer Set up a Smart Host (If Outbound Mail Protection is Turned on) Have the Customer Redirect the MX Records
To ensure that your outbound email is filtered, you must designate, for each of your outbound mail servers, an Email Protection server as your Smart Host. The Mail Exchange (MX) record for each of your mail servers is a specification within a Domain Name Server (DNS Server) operated by your Internet Service Provider (ISP). These records must be changed by your ISP to fully-qualified domain names (for example, denver.acme.com) within the Email Protection network. The exact changes necessary are provided by your Email Protection provider in the Service Activation Guide.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
Task Confirm the Policies for Customer Domains Have the Customer Lock Down the Customer Environment
Description Click Email Protection > Policies. Select the default inbound policy, then browse each tab for the policy.
Five to seven days after you have redirected your MX record, and after you have verified that email is being filtered and delivered appropriately, restrict all IP access to your mail server with the exception of the Email Protection subnets provided in your Service Activation Guide. To provide the look and feel of your company for your customers service, or to allow customers to change the look and feel for their own company, configure branding. Click Account Management > Partners > Branding or Account Management > Customers > Branding. See also Types of branding, Available Branding Attributes, and Levels of Branding. A protected user cannot be deleted via bulk or batch update processes. Thus, Customer Administrators are recommended candidates to be protected users. Create a user. Select the user, then click Edit. Define how users log in Disable user access to the Control Console Turn on explicit user creation Create remaining users Create user aliases
Administer Users
For information on administering users, see Email Protection Quick Start. Customize Inbound Mail Filters (Optional) You or the customer can customize the default inbound policy for groups of users to fit the customers business needs. For more information on customizing policies, see the Email Protection Quick Start or, for details on all customizing options, see the Email Protection Administrator Guide. Create Groups, If Necessary (Enterprise Customer Only) Groups are used when there are users in the organization whose email should be filtered according to a policy other than the default policy. Creating and applying groups is a three step process: 1 Create a new group. 2 Assign individual User Accounts to the group. 3 Create a new policy with special email filtering rules and associate the group to the policy. For more information on creating groups, see the Account Management Administrator Guide.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
Description Disaster Recovery Services consists of one of two services: Fail Safe Email Continuity Either of these services are optional and available at additional cost. If your customer has purchases Disaster Recovery, you ore the customer can administer Disaster Recovery. See Administer Disaster Recovery Services in the Email Protection Quick Start.
Managed Service Platform (MSP) Connector enables the delivery of email traffic and threat data directly to your ConnectWise network performance dashboards. To utilize the MSP Connector capabilities, you should: Create a Partner Distribution list for MSP Connector notifications Configure your ConnectWise information on the Configuration screen. Select the domains needed to push your data to ConnectWise. Enable Exception Notification if you wish to receive csv. files reporting data. In addition, if a customer also uses ConnectWise, you can configure that customer for MSP Connector.
For more information, see Message Audit Quick Start Guide, which is posted on the Partner Portal under Support.
Administrative level
Group Administrator
Description
The Group Administrator can add and remove members from one or more groups if assigned to those groups. A Group Administrator can also create,edit, and modify Email Protection policies for the assigned groups. A Group Administrator does not need to be a member of a group in order to have these capabilities. Note: A Group Administrator cannot add or remove a group.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
Administrative level
Reports Manager
Description
The Reports Manager can view, for an assigned domain, reports available with Email Protection. The Reports Manager can also manage his or her own user preferences and all other tasks a user can perform. The Quarantine Manager, for an assigned domain, can manage the same areas as a Report Manager, plus manage, for the assigned domain, all users Quarantine for spam and other problematic messages, only if Email Protection is enabled. The Domain Administrator, for an assigned domain, can manage the same areas as a Quarantine Manager, plus manage server setup and authentication rules for the domain. The Customer Administrator, for all domains and groups, can manage the same areas as a Domain Administrator or Group Administrator, plus manage all user accounts for that customer, Email Protection policies, create and delete domains and domain aliases, create and delete groups, and manage additional options, if enabled, such as Message Audit and Performance Reports. The Cusotmer Administrator is also the only administrator who can manage passwords. A Customer Administrator cannot edit domains.
Quarantine Manager
Domain Administrator
Customer Administrator
Partner Administrator
The Partner Administrator can manage all aspects of the partners account. In addition, if given customer management permission and permission to configure the core products of Email Protection, Web Protection, and Email Archiving, can manage all aspects of the customers accounts. Finally, the Partner Administrator can create and modify downstream Partners who have their own customers.
The following figure summarizes the levels of administrators, plus users, in an Email Protection configuration.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
WindowAccess
PartnerTab
Create Partner Edit Partner No Yes. Cannot enable Branding or applicatio ns (Email Protectio n, Web Protectio n, Email Archivin g Yes No No No
Distribution List
No
No
No
No
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
CustomerAdministrator
DomainAdministrator
PartnerAdministrator
QuarantineManager
Branding
Yes
Yes
No
No
No
MSP Connector: Configuration MSP Connector: Customers MSP Connector: Notification MSP Connector: Audit Report
No No No No
No No No No
No No No No
No No No No
CustomerTab
Create Customer Edit Customer Yes. Customer Administratio n must be enabled. Yes. Branding type must be White Label, Co-branding, Rebrand, or Private No Yes. MSP Connector must be enabled Yes No No No No
Branding
Yes
Yes
No
No
No
Distribution Lists MSP Connector: Configuration MSP Connector: Domains MSP Connector: Notification MSP Connector: Audit Report
No No No No No
No No No No No
No No No No No
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
GroupAdministrator
WindowAccess
CustomerAdministrator
DomainAdministrator
PartnerAdministrator
QuarantineManager
Performance Reports
Yes
Yes
No
No
No
Domainstab
Domain Accounts List Create Domain Delete Domain Edit Domain Aliases Edit Domain Branding None Yes. Domain Administratio n must be enabled No Yes. Branding and Domain Administratio n must be enabled No. Yes Yes Yes Yes No No No No No No
Yes Yes
No Yes
No Yes
No No
No No
Aliases
Yes
Yes
Yes. Users must be given ability to set up aliases by admin istrato r. Yes
No
No
Preferences
No
Yes
Yes
No
No
UsersTab
User Accounts My Account No No Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
GroupAdministrator
WindowAccess
CustomerAdministrator
DomainAdministrator
PartnerAdministrator
QuarantineManager
My Account: Aliases My Account: Change Group My Account: Preferences My Account: Quarantine My Account: Email Continuity
No No No No Yes. Email Continuity must be enabled No No No User must be a Group Administrator No No No No Yes. Email Continuity must be enabled No No
My Account: Allow/Deny Lists My Account: Email Activity User Details User Details: Group Administration User Details: Aliases User Details: Change Group User Details: Preferences User Details: Quarantine User Details: Email Continuity
No No No Yes Yes
No No No No Yes
No No No No No
Yes Yes
Yes Yes
Yes No
Yes No
No No
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
GroupAdministrator
WindowAccess
CustomerAdministrator
DomainAdministrator
PartnerAdministrator
QuarantineManager
User Details: Web Activity Create Users Edit Users Delete Users User Synchronization User Synchronization Setup User Authentication
No No
Yes Yes
Yes Yes
No No
No No
No No
No No No
No No Yes
No No No
No No No
Groupstab
Groups : Groups list Groups: New Group Groups: Group Details Groups: Members Groups: Administrators Groups: Email Protection Policies No No No No No No Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No No No No No No No No No No No Yes No Yes Yes Yes Yes
WindowAccess
Overview
No
Yes
Yes
Yes
No
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
GroupAdministrator
WindowAccess
CustomerAdministrator
DomainAdministrator
PartnerAdministrator
QuarantineManager
Policies tab Policy Sets Anti-virus: Action Anti-virus: Notifications Anti-SPAM: Classification Anti-SPAM: Content Groups Anti-SPAM: Reporting Content: Content Groups Content: Notifications Content: HTML Shield Content: Click Protect Attachments: File Types Attachments: File Name Policies Attachments: Additional Policies Attachments: Additional Notifications Enforced TLS: Actions Enforced TLS: Notifications Allow/Deny: Sender Allow Allow/Deny: Sender Deny Allow/Deny: Recipient Shield Notifications: Content Notifications: Attachment Group Subscriptions Disaster Recovery No No No No No No No No No No No No No No No No No No No No No Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
GroupAdministrator
10
WindowAccess
CustomerAdministrator
DomainAdministrator
PartnerAdministrator
QuarantineManager
Quarantine Tab Setup Tab Inbound Servers Setup Outbound Servers Setup
No
Yes
Yes
Yes
Yes
Yes
No Yes. Depending on your purchased package, this service might need to be enabled. Yes. Depending on your purchased package, this service might need to be enabled. Yes. Either FailSafe or Email Continuity must be enabled or included in your package. No No
Yes Yes
Yes Yes
Yes Yes
No No
No No
Outbound Disclaimer
Yes
Yes
Yes
No
No
Yes
Yes
Yes
No
No
MX Records Setup User Creation Settings Message Audit tab Message Search Perimeter Block Search Search History
Yes Yes
Yes Yes
Yes No
No No
No No
No No No
No No No
No No No
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
GroupAdministrator
11
WindowAccess
CustomerAdministrator
DomainAdministrator
PartnerAdministrator
QuarantineManager
Reports tab Traffic Overview Threats Overview Threats: Viruses Threats: Spam Threats: Content Threats: Attachments ClickProtect: Overview ClickProtect: Click Log Quarantine: Release Overview Quarantine: Release Log User Activity Event Log Audit Trail Inbound Server Connections Disaster Recovery: Overview No No No No No No No No No No No No No No Yes. Either FailSafe or Email Continuity must be enabled. Yes. Either FailSafe or Email Continuity must be enabled. Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No No No No No No No No No No No No No No
Yes
Yes
Yes
Yes
No
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
GroupAdministrator
12
WindowAccess
A partner without product administration permissions, but with customer management permissions, can still administer customers, domains, and users. However, such a partner cannot administer product capabilities for those entities. Instead, fields and links to windows that are restricted from a partner's administration will be grayed out. Note: You will have product administration permission for your own company, if your company uses Email Protection, Web Protection, or Email Archiving. Note: A customer can have permission for their own administration within product areas, even if the Partner managing that customer does not have permission.
Partner Hierarchy
A hierarchical relationship between two Partners can exist, with one Partner as a higher level Parent Partner and the other Partner considered a downstream partner to that parent. Normally, this hierarchy represents a business relationship between the two partners. A downstream Partner of one Partner can simultaneously be a Parent Partner of another Partner, if administered as such. In this case, the hierarchy becomes multi-tiered. For example, if Partner A is identified as Parent of Partner D, and Partner D is identified as Parent of Partner E, then Partner A is at the top of the hierarchy, Partner D is in the middle, and Partner E is at the bottom.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
13
Note: Though a Parent Partner Administrator can configure branding for a direct Partner, a Parent Partner Administrator cannot turn on the following options on the Create Partner or Edit Partner window: White label Private Branding
In addition, a Parent Partner cannot enable Customer Management nor enable the following capabilities: Email Protection Email Archiving Web Protection
Instead, your provider of these services must enable them. Note: In most cases, a downstream Partner can have permissions to manage its customers, even if the Parent of that Partner does not. However, if a Parent Partner is not allowed the following capabilities, downstream partners of that Parent Partner cannot be enabled for the capabilities either: Manage Intelligent Routing Use Message Audit Delegate Domain Management
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
14
To administer the customer of a downstream Partner, you can simply select the downstream Partner first from the Partner accounts list, then select the customer of that Partner. In addition, on most administration windows, the Customer drop-down menu at the top of the window lists all customers for whom you have administrative permissions, which can include your direct customers and those of your downstream partners. Note: As with any self-provisioning Partner, a Parent Partner cannot administer the passwords of a customer's users. A Parent Partner also cannot set the branding type of customers or customer domains. Your service provider must set the branding type for these entities. Note: If you are a Partner Administrator of a Parent Partner, but you are not enabled for Intelligent Routing, Message Audit, or delegating domain management to customers, you cannot enable downstream partners for these capabilities either.
Ensure the Customer Can Receive Email from the Service Provider
If the customer had or still has a different email security or filtering service and their network is administered so that the customer can receive email only from IP addresses associated with that security service, the customer must administer their network to allow incoming email from the Control Console servers. For example, a port in the customers company firewall may need to be enabled to receive email from the IP addresses of the Control Console servers. This enablement is necessary in order for you and the customers users to set the initial password for access to the Control Console.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
15
2 3
At the Control Console Sign in page, enter your email address and password. Click Sign in. If you have not previously entered an answer to a security question, the Security Question window pops up.
The answer to the security question is used to validate you, the user, if you forget your password. You can later change your security question and/or security answer on the Preferences page of your user account. See Set User Display Preferences, Including Your Own in Account Management Administrator Guide. 4 Select a security question and type the answer. Your answer is not case-sensitive. Note: If you also use the Email Protection, you can also sign into the Control Console from a Spam Quarantine Report.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
16
On the Sign in page, click the Forgot your password or need to create a password? link. The following window is displayed.
2 3 4
In the Username field, type your email address. Select Email password information to me. Click Next. You will receive an email momentarily with further instructions. Continue with Step 5.
Open the email message. The email subject line says Control Console Login Information. The email is similar to the following:
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
17
Click the link in the email. The link is active for only a limited time after the email is sent (typically, 60 minutes).
If you previously had selected a security question, the security question is displayed. If you had not previously selected a security question, you will receive an error and must contact your administrator. Type the answer to the question in the Security Answer field. For the Security Question field, click Change if you need to change the security question or answer. You must answer this question when you forget your password or need to reset it. The Security Question and Security Answer fields are displayed. Select a question from the Security Question drop-down menu, then type an answer.
8 9
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
18
10 In the Password field, type a password. The password must comply with the following rules: Length must be a minimum of 8 characters. Alpha, numeric, and special character types are allowed. There must be at least one character that differs in character type (alpha, numeric, or special) from the majority of characters. Thus, if the password contains mostly alpha characters, then at least one character must be either a special character or numeric. For example, majordude is invalid, but majordude9 is valid. Allowed special characters are: left parenthesis ( ( ) right parenthesis ( ) ) apostrophe ( `) tilde ( ~ ) exclamation ( ! ) @ hash ( # ) dollar sign ( $ ) percentage sign ( % ) caret ( ^ ) ampersand ( & ) asterisk ( * ) hyphen ( - ) plus sign ( + ) equals sign ( = ) bar ( | ) backslash ( \ ) left curly bracket ( { ) right curly bracket ( }) left bracket ( [ ) right bracket ( ] ) colon ( : ) semicolon ( ; ) double quotes ( " ) single quotes ( ' ) less than sign ( < ) greater than sign ( > ) period ( . ) question mark ( ? )
Spaces are not allowed. Passwords are case-sensitive (for example, Password, password, and PASSword would be different passwords). Make sure you can remember your password, but do not use obvious passwords (for example, password, your name, or a family members name). Keep your password safe and private.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
19
The list displays the following information: Customer Name The customers name. Partner Name The name of the customers partner is displayed. Date Created The date that this customer was added to the Control Console. Domains The number of primary domains administered for this customer.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
20
Perimeter Defense Package A basic email protections service that the customer cannot administer
For each product, you select a bundle or package from the drop-down menu.
These bundles and packages are described in Chapter 3. Service Bundles and Packages
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
21
The following table outlines which Outbound Packages are applicable based on the Inbound Package Selected.
Applicable Outbound Package Outbound Email Continuity Full Outbound Upgrade Specific Outbound Package
Yes N/A
Yes N/A
N/A Yes
Ultimate Defense / Email Protection Critical Defense / Email Inbound Filtering Enterprise Defense with Email Continuity Any Enterprise Package without Email Continuity
N/A
N/A
Yes
N/A
N/A
N/A
Yes
N/A
Yes
N/A
N/A
Yes
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
22
Note: Your company must be certified and have permission to enable your customers for the specific services listed on this window. If your company is not certified in, and therefore not able to, turn on certain services, the related fields on this window will not be available to you.
Field Partner Name Description Your company's name is displayed. If you have downstream Partners, this field is a drop-down menu of those Partners. Select the Partner whose customer you are creating.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
23
Description Select the type of customer, normally Enterprise. The other option, Service Provider, currently requires approval from McAfee. Enterprise - Designates that the Customer is able to use Groups to associate users with user groups, which then can be associated with policy sets. Service Provider - Contact McAfee to verify this assignment. Enter the company name of the customer. Enter the email address of the customers technical contact. Address and telephone contact information for the customer is required. Select the type of branding. The branding that a customer establishes for itself also determines the display of standard branding for that customer's domains. Co-brand - Displays the customer's branding attributes along with the service providers tagline. Private - (Available to select only by your service provider.) Displays the customer's branding attributes, including the customer's tagline, if defined. Private is the only branding type that can rename the Control Console. Private is also the only branding type that does not have the service provider brand in its URL. This type also allows a tagline to be defined for display for the domains that use Co-brand branding. Rebrand - Displays the customer's branding attributes. Rebrand does not use a tagline for the customer's account, but allows a tagline to be defined for display for the customer's domains who use Co-brand branding. Standard - Displays the customer's service provider branding attributes. This is the default branding type. White Label - (Available to select only by your service provider.) No branding attributes are displayed. However, this type allows a tagline to be defined for display for the domains that use Co-brand branding. Select this checkbox to allow the customer to add and delete domains. Select this checkbox to allow the customer to configure and manage their Managed Service Platform (MSP) Connector. Select this checkbox to allow the customer to manage Performance Reports. Select this checkbox to allow the customer administrator or domain administrator to search message details and histories collected by the Message Audit feature. Select an optional field and click Add to have the field appear on the Edit Customer and Customer Details pages.
Customer Name Contact Email Address and Telephone information Branding Type
Add and Delete Domains MSP Connector Performance Reports Message Audit
Optional Fields
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
24
Description
Select the package for inbound email security. If you select a service bundle, you must designate the same bundle for the other services that are included in that bundle. For example, if you select Bundle 02, which contains Email Protection and Email Archiving, then you must select Bundle 02 for Email Archiving. Select the package for outbound email security. An Inbound package must be selected before you can select an Outbound package. Enter the number of billed users of Email Protection. This number must match the number for Email Archiving and/or Web Protection, if those services are enabled as part of a bundle. From the drop-down menu, select the number of days that quarantined email stays in quarantine before it gets deleted. Select the Email Encryption checkbox to allow customers to use the Encrypt Message action when working with Outbound Policy Content Groups. Email Encryption may be used when the customer does not support encryption messages via other systems. Note: Email Encryption is only available for a selected Outbound package.
Outbound Package
Type the number of billed users selected to use the email encryption action. This number must be equal to or less than the number of messaging billed users.
From the drop-down list, select the Email Archiving package the customer ordered. If you select a service bundle, you must designate the same bundle for the other services that are included in that bundle. For example, if you select Bundle 02, which contains Email Protection and Email Archiving, then you must select Bundle 02 for Email Protection. Type the number of billed users of Email Archiving. This number must match the number for Email Protection and/or Web Protection, if those services are enabled as part of a bundle. In the drop-down lists, define the length of time in years, that Email Archiving will store messages retrieved directly from the Exchange Server journal mailbox. The length of time can be either 1, 3, 5 or 7 years. The months drop-down field is not available at this time. Type the maximum Gigabytes (GB) of storage the customer has available for messages that have been uploaded in bulk. The maximum is 250 GB. Storage amounts must be set in 25 GB increments.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
25
Description Select the package for web security. If you select a service bundle, you must designate the same bundle for the other services that are included in that bundle. For example, if you select Bundle 03, which contains Email Protection and Web Protection, then you must select Bundle 03 for Email Protection. Enter the number of billed users. This number must match the number for Email Protection and/or Email Archiving, if those services are enabled as part of a bundle.
Click Save.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
26
In the Domain field, type the fully-qualified domain name. This name should be registered within a DNS server and unique from outside of the company network. In this example, you type denver.acme.com. In the Contact Email field, type the email address of the customer administrator or the email address of the domain administrator, if there is one. In the Branding Type field, select the type of branding: Co-brand - Displays domain's branding attributes along with the service providers tagline. Private - (Available to select only by your service provider.) Displays the domain's branding attributes, including the domain's tagline, if defined. Private is the only branding type that can rename the Control Console. Private is also the only branding type that does not have the service provider brand in its URL. Rebrand - Displays the domain's branding attributes. Rebrand does not use a tagline for the domain's account. Standard - Displays the service providers or customer's branding attributes. This is the default branding type. White Label - (Available to select only by your service provider.) No branding attributes are displayed.
4 5
6 7 8
Select the Message Audit checkbox to allow the customer administrator to search message details and histories using Message Audit. For the User Alias Management section, click the Allow customer to manage user aliases checkbox.to allow Customer Administrators to create alias email addresses. In the Set limit to x aliases per user field, type the maximum number of allowed alias email addresses per user account in this domain.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
27
Select the Allow customer to manage domain aliases checkbox to allow customer administrators and domain administrators to create alias email addresses for users.
10 Click Save.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
28
Complete the Add field, and click Add. For more information, click Help.
If necessary, from the Customer drop-down menu, select the customer whose server you are setting up. If you have downstream Partners, their customers are also listed.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
29
4 5 6
From the Domain drop-down menu, select the domain whose SMTP server you want to add. Click Add New Host. A new set of fields appears for the server. In the SMTP Host Address field, type the fully qualified DNS or IP address of the server host being configured. CIDR notation is not allowed. If you do not have a registered and valid DNS name for the email servers, you must enter the IP addresses of each server.
7 8
In the Port field, type the port on the server to which Email Protection will connect. The default value is 25. In the Preference field, type the number indicating order of connection preference between multiple servers. Email Protection attempts to connect first to the server with the lowest preference number. If that server is not available (either down or too busy), Email Protection tries the server with the next lowest preference number, and so on. If multiple servers have the same preference number, Email Protection will randomly route the email delivery between them. Click the Active checkbox to allow the server is immediately start accepting email traffic. Caution: If all servers are set to inactive, all emails received for this Domain will be tempfailed.
10 Click Save.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
30
Alternatively, you can specify a Classless Inter-domain Routing (CIDR) address for a range of outbound servers (for example, 111.222.111.0/27) only. The address must be a public address. Any server addresses designated here must be valid and available for a connection. After the Save Changes button is clicked, Email Protection immediately accepts email traffic from the active servers. Note: If email is received from an outbound server that is not configured in the Email Protection system, it will be refused. If no outbound package has been designated for the selected domain, this window is unavailable. 1 Click Email Protection > Setup> Outbound Servers. The Outbound Server Setup page is displayed.
2 3 4 5 6
If necessary, from the Customer drop-down menu, select the customer whose server you are setting up. If you have client Partners, their customers are also listed. From the Domain drop-down menu, select the domain whose SMTP server you want to add. Click Add New Address, and add the address of the outbound server. Click Save. Record the address listed under Recommended Smart Host Server Settings. You should use this address to perform the next task, Have the Customer Set up a Smart Host (If Outbound Mail Protection is Turned on). Important: The customer should also do the following before or immediately after adding the outbound server(s): Update Sender Policy Framework (SPF) records on the customers mail server(s) to ensure only authorized sources are sending outbound email. Scan the network for open relays, viruses and malware.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
31
Refer to the Accepted Use Policy (AUP) at http://www.mxlogic.com/terms/aup/ index.cfm for information on bulk mail.
Have the Customer Set up a Smart Host (If Outbound Mail Protection is Turned on)
To ensure that the customers outbound email is filtered, the customer must designate, for each outbound mail server, an Email Protection server as the Smart Host. The customers outbound email is then relayed through Email Protection before continuing to its final destinations. See the customers Service Activation Guide for more details. Note: This task is performed on the customers outbound email server or servers, on the customers network router, or on some other server, depending on your customers network configuration.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
32
If the policy does not meet customer needs, you or the customer, if enabled, can customize the policy. The way in which you customize policies varies, depending on whether the customer is a service provider customer or an enterprise customer. For information on customizing policies, see Customize Inbound Mail Filters in Email Protection Administrator Guide.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
33
Types of branding
You can rebrand your interface on the Control Console if you are enabled for one of the four types of branding (see item 1 in the accompanying illustrations): White branding No logos or branding appear in the user interface. However, you can display and change the following items: Your company host name, which appears when users log in or receive spam notifications. The From Email address for SQR Reports A custom support email address You can also specify a co-brand tagline for your company. This tagline is displayed below the customer logo for users of any of your customers or their domains if the customer or domain is designated for co-branding.
Private branding Your company logo and tagline appears in the user interface. In addition, you can change the following items: Your company host name, which appears when users log in or receive spam notifications. The site name, which changes Control Console to a name of your choice The From Email address for SQR Reports A URL from which users can download the Spam Control for Outlook tool. A custom support email address You can also specify a co-brand tagline for your company. This tagline is displayed below the customer logo for users of any of your customers or their domains if the customer or domain is designated for co-branding.
Co-branding Your company logo appears, along with the parent accounts tagline. In addition, you can change the following items: Your company host name, which appears when users log in or receive spam notifications.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
34
The From Email address for SQR Reports A custom support email address
Rebranding Your company logo appears in the user interface without a tagline. In addition, you can change the following items: Your company host name, which appears when users log in or receive spam notifications. The From Email address for SQR Reports A custom support email address You can also specify a co-brand tagline for your company. This tagline is displayed below the customer logo for users of any of your customers or their domains if the customer or domain is designated for co-branding.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
35
Customizable (by Type of Branding) Standard No. Displays service provider tagline No. Displays service provider name White Label Removed from display Private Yes Co-brand No. Displays service provider tagline Yes. Applies only to customers and dependent domains whose branding type is Co-brand.a No. Displays Control Console or service provider name No. Displays McAfee Privacy Policy No. Displays service provider URL Yes Rebrand Removed from display
Yes. Applies only to customers and dependent domains whose branding type is Co-brand.a Removed from display
Yes. Applies only to customers and dependent domains whose branding type is Co-brand.a Yes
Yes. Applies only to customers and dependent domains whose branding type is Co-brand.a No. Displays Control Console or service provider name Displays McAfee Privacy Policy No. Displays service provider URL Yes
No. Displays Control Console or service provider name No. Displays McAfee Privacy Policy No. Displays service provider URL No. Displays news based on service provider setting No. Displays service provider email No. Displays service provider host name
Privacy Policy
Yes
Support Email
Yes
Yes
Yes
Yes
Custom Hostname
Yes
Yes
Yes
Yes
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
36
Levels of Branding
Customer branding settings override McAfee or partner branding settings. Domain branding settings override customer branding settings. If the domain branding settings are not set, the customer branding settings are used as the defaults. See Rebrand the User Interface of a Domain. The following table lists the effect of branding configuration on your account and your customers and your customers domains.
Branding Type Standard Partner Use settings from McAfee Customer Use settings from McAfee or, if partner has configured branding, use partners branding settings. Eliminates logo, tagline, and other branding attributes from display in customers account. Eliminates the same for the customers domains that use standard branding. Domain Use settings from McAfee or, if partner or customer has configured branding, use branding settings from partner or customer. Eliminates logo, tagline, and other branding attributes from display in domain interface.
White Label
Eliminates logo, tagline, and other branding attributes from display in partners account. Eliminates the same for the partners customers who have standard branding and the domains that use standard branding. Replaces the standard logo, tagline, and other branding attributes with the partners preferred attributes. Becomes the branding for the partners customers who have standard branding and the domains that use standard branding. Replaces the standard logo, and other branding attributes with the partners preferred attributes. Becomes the branding for the partners customers who have standard branding and the domains that use standard branding. Continues to use the standard McAfee tagline.
Private
Replaces the standard or partner-defined logo, tagline, and other branding attributes with the customers preferred attributes. Becomes the branding for the customers domains that use standard branding. Replaces the standard or partner-defined logo and other branding attributes with the customers preferred attributes. Uses the Partner Co-brand tagline image or uses the standard McAfee tagline if the Partner does not have a Co-brand tagline image configured
Replaces the standard, partner-defined, or customerdefined logo, tagline, and other branding attributes with the preferred attributes for the specific domain.
Co-brand
Replaces the standard, partner-defined, or customerdefined logo and other branding attributes with the preferred attributes for the specific domain. Uses the Customer's or Partner's Cobrand tagline image or uses the standard McAfee tagline if both the Customer and the Partner do not have a Cobrand tagline image configured
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
37
Partner Replaces the standard logo, and other branding attributes with the partners preferred attributes. Does not use a tagline, but allows the assignment of a tagline for display for customers and their domains. Becomes the branding for the partners customers who have standard branding and the domains that use standard branding.
Customer Replaces the standard logo, and other branding attributes with the customers preferred attributes. Does not use a tagline, but allows the assignment of a tagline for display for the customers domains. Becomes the branding for the customers domains that use standard branding.
Domain Replaces the standard, partner-defined, or customerdefined logo and other branding attributes with the preferred attributes for the specific domain. No tagline is used.
2 3
Skip the Enable Branding checkbox until you have completed the rest of the window. In the Custom Hostname field, type a custom hostname. The custom hostname changes the name contained within the URL listed in the Spam Quarantine Report and the URL for access to the Control Console. The custom hostname can be one of the following: Your standard service URL that was identified in your service agreement prepended with your brand name (e.g. acme.console.mcafeesaas.com)
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
38
Your brand name that precedes portal or console and saascontrol.com (e.g. acme.console.saascontrol.com). Use of portal or console depends on your original URL designated in your service agreement.
In the From Email field, type the full email address that will be used as the From: email address when sending Spam Quarantine Reports (if Email Protection is enabled) and Performance Reports (if enabled). This email address must be valid to support the user clicking the Reply button in his/her email application. For example, a Customer Administrator at Acme company might have a support mailbox set up with the email address of spam-control@console.acme.com. In the Support Email field, type the full email address that will be used for customer and/or technical support and as the From: email address for lost password or alias email address requests. This email address must be valid to support the user clicking the Reply button in his/her email application. For example, a Customer Administrator at Acme company might have a support mailbox set up with the email address of support@console.acme.com. (For private branding only) In the Site Name field, type the full name that will appear as the title in your browser when viewing any of the Control Console windows. Once the change is applied, users will see the changed information the next time they sign into the Control Console. For example, the browser name for Acme Company might simply be a name like Acme Control Console. (For private branding only) In the Spam Control for Outlook URL field, type the full URL to the location where the Spam Control For Outlook utility will be available for download. (Applies to Email Protection only.) This field is used if the Allow users to download Spam Control For Outlook field is checked in the Control Console. Click the Display News checkbox to make the News area appear in the Sign in window and the Email Protection Overview window in the Control Console. (For private branding, rebranding, and co-branding only) In the Logo Image field, use the Browse button to select the graphic logo file. Navigate to the location of the graphic logo file, click to select the file, and click the Open button. The path and filename appear in the Logo Image field (for example, Acme company might have the logo ) that will appear in the Control Console windows. The graphic logo image must be a gif image that is no greater than 190x42 pixels in size for private or co-brand branding, and no greater than 190x63 pixels for rebrand branding.
8 9
10 (For private branding only) In the Tagline Image field, use the Browse button to select the graphic logo file. Navigate to the location of the graphic logo file, click to select the file, and click the Open button. This graphic is a secondary (tagline) logo that will appear in the Control Console windows below the graphic designated in the Logo Image field. For example, for a logo like , the tagline might say Your Brand for Generics. This tagline would appear for users at your company and for any customers and their domains who have Standard branding.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
39
Note: The graphic tagline image must be a gif image that is 190x21 pixels or less in size. 11 (For Private, White Label, and Rebrand branding only) In the Co-brand Tagline Image field, use the Browse button to select the graphic logo file. Navigate to the location of the graphic logo file, click to select the file, and click the Open button. This graphic is a secondary (tagline) logo that will appear in the Control Console windows below the graphic designated in the Logo Image field. For example, the tagline might say Powered by Acme Corp. This tagline would appear only for any customers and their domains who have Co-brand branding. Note: The graphic tagline image must be a gif image that is 190x21 pixels or less in size. 12 Click the Enable Branding checkbox to turn on branding. The Control Console will use your settings after you click Save. 13 Click Save. Customers and domains who are set to use standard branding see the same interface changes as you do.
Note: You can also brand the domains of a customer. For more information, see the Account Management Administrator Guide.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
40
removed from the database. In this way, the users account is preserved on the Control Console so the user can continue to access the Control Console, regardless of the users status within the customers network. Note: Protected accounts receive email messages in the same way as those received by any other active account. 1 2 3 Click Account Management > Users. If necessary, from the Customer drop-down menu, select the customer. If you have downstream Partners, their customers are also listed. Click Create.
4 5
In the Creation Modes drop-down list, select Individual. See the online help for how to complete the remaining fields for adding users. Note: Group administration currently applies only to Email Protection and Web Protection. If you are using Email Archiving as a standalone application, ignore the Group Membership field.
For the user you just created, click Edit. The Edit User window is displayed.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
41
Administer Users
7 8
Administer Users
You or the customer should administer users on the Control Console. Although the Email Protection, if activated, uses SMTP Discovery to add users who are receiving email, this method might NOT add users who receive email infrequently. This method also adds users who might no longer work at the customers company, and might even add users who never worked at the customers company. There are several methods for adding users to a customer account. These methods include: Add Users Manually Add Users with Directory Integration Add Users with a Batch File Define how users log in Disable user access to the Control Console Turn on explicit user creation Create remaining users Create user aliases
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
42
Administer Users
To create a user account with administrative access, perform the following steps: 1 2 Decide what administrative role each user should have. For more information, see Administrative Levels of Users. For the particular customer for which you are adding an administrator, click Account Management > Users. The User Management User List window is displayed. 3 4 From the Domain drop-down menu, select the domain in which the user resides. Click Create.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
43
Administer Users
5 6 7
In the Creation Modes drop-down list, select Individual. In the Email field, type the handle or prefix portion of the users email address. For more information on this field, see the online help. From the Role drop-down menu, select one of the following administrative roles for the user: Group Administrator Reports Manager Quarantine Manager Domain Administrator Customer Administrator Partner Administrator
See the online help for more information on completing the remaining fields on the window. Note: Group administration currently applies only to Email Protection and Web Protection. If you are using Email Archiving as a standalone application, ignore the Group Membership field.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
44
Once completed, the users in the group will have their email filtered according to the newly created policy, instead of the email filtering rules in the default policy. Note: All users who are not assigned a group continue to receive email according to the default Email Protection policy. Also, users from up to three different domains can be assigned to the same group. For more information on creating groups, see the Account Management Administrator Guide.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
45
Fail Safe Fail Safe saves messages for later delivery if your mail server becomes unavailable. When your mail server becomes available, Fail Safe delivers the messages. Users cannot access their messages while messages are in Fail Safe only. Fail Safe has an unlimited amount of storage capacity but removes messages that have been in Fail Safe storage for more than 5 days. Email Continuity Email Continuity saves messages for later delivery if your mail server becomes unavailable. When your mail server becomes available, Email Continuity delivers the messages. Users can access their messages through a Webbased interface while messages are in Email Continuity only. Email Continuity also has unlimited storage capacity and removes messages that have been in Email Continuity storage for more than 60 days.
Either of these services are optional and available at additional cost. If a customer has purchased Disaster Recovery, you or the customer can administer Disaster Recovery. See Administer Disaster Recovery Services in the Email Protection Quick Start.
NOTE: To utilize this functionality the user must have ConnectWise 7.2 and an MSP Integration Add-On.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
46
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
47
2 3 4
If you have downstream Partners, select the Partner from the Partner drop-down menu. Check the box to enable the ConnectWise integration Click the SSL: Enable to ensure your information is encrypted through Secure Socket Layer. NOTE: When SSL is disabled, a warning message displays. In the Site field, type your ConnectWise access site. In the Company ID field, type your ConnectWise Company ID. In the Integrator Username field, type your ConnectWise Integrator Username. In the Integrator Password field, type your Integrator Password for ConnectWise. Note: Click the Change Password button to update or change your Integrator Password information to match your Integrator Password to ConnectWise.
5 6 7 8
In the Time Zone drop-down menu, select the time zone on which to base the timestamp for the ConnectWise instances.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
48
3 4 5 6
If you have downstream Partners, select the Partner from the Partner drop-down menu. To find a customer in a long list, type part of the customers name in the Filter search field and click Filter. Click the checkbox for each listed customer whose data you want sent to ConnectWise. Click Add.
Note: You can also add all customers for inclusion in report data with the Add All.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
49
Click Notifications.
3 4 5
If you have downstream Partners, select the Partner from the Partner drop-down menu. Click the Exception Notification: Enable checkbox. Select a distribution list from the Exception Notification Distribution drop-down menu.
Note: If an error occurs, an email notification is sent within 24 hours, not immediately. The Exception Report is a .csv file, sent out at approximately 12:00 A.M. MT, which includes all failures that occurred in the last 24 hours. Failures may include one of the following: Failed - authentication Failed - connection Failed - invalid Company ID Failed - invalid Solution Name Failed - rejected Failed - unknown
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
50
The Status column lists the status of attempts to pass data to ConnectWise. 4 Double-click a report to view the details of the report. The details of the audit reports are displayed.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
51
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
52
Suggested Actions Domains failed because they may not have been provisioned on the ConnectWise side.
Failed authenticatio n Failed connection Failed invalid Company ID Failed invalid Solution Name Failed rejected Failed unknown Domain Spam removed Viruses Removed Account Messages
Username, password, or site is invalid; check information on the ConnectWise side. ConnectWise server was moved ConnectWise server was offline ConnectWise network potentially down
Contact Support.
Domains failed because they may not have been provisioned on the ConnectWise side. Contact Support
The customer's domain. The total number of inbound messages detected as medium or high-likelihood spam for the previous calendar month. The total number of messages with known viruses ("infected emails") for the previous calendar month. The total number of messages successfully delivered to the receiving MTA for the previous calendar month.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
53
Description The total number of messages processed for the previous calendar month. Note: The sum of Spam Removed, Viruses Removed and Account Messages may not equal the Total Messages.
Spam Removed
The total number of inbound messages detected as medium or high-likelihood spam starting from the beginning of the current calendar year through the date the report was generated. The total number of messages with known viruses ("infected emails") starting from the beginning of the current calendar year through the date the report was generated. The total number of messages successfully delivered to the receiving MTA starting from the beginning of the current calendar year through the date the report was generated. The total number of messages processed starting from the beginning of the current calendar year through the date the report was generated Note: The sum of Spam Removed, Viruses Removed and Account Messages may not equal the Total Messages.
Total Messages
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
54
For this connection, the Configuration Type is always SpamStats. For the Domain Name, you enter your companys domain.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
55
Important: In the ConnectWise configuration for a customer, on the SpamStats configuration, you must configure each primary domain of the customer separately. Also, for a customers SpamStats configuration, you specify the customers domains, not your partner domains.
For more information, see Message Audit Quick Start Guide, which is posted on the Partner Portal under Support.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
56
The Partner Accounts List lists the following information: Partner Name The partners name. Parent Partner The Parent Partner of the Partner, as administered on the Create Partner screen. As a Partner Administrator for a Parent Partner, you can designate a downstream Partner to be a Parent Partner also, in which case, that Partner will have its own downstream Partners. This designation normally reflects a business relationship between the Partners, such as a distributorship. Date Created The date that this Partner was added to the Control Console. Partners - The number of direct downstream Partners of the Partner. This number does not include downstream Partners of downstream Parent Partners. Customers - The number of customers of each direct downstream Partner. Domains - The cumulative number of primary domains of all customers of each direct downstream Partner.
Create a Partner
To create a Partner, perform the following steps: 1 Click Account Management > Partners > Create.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
57
Create a Partner
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
58
Create a Partner
Description Select the type of branding. The branding that a partner establishes for itself also determines the display of standard branding for that partner's customers and their domains. Co-brand - Displays the partner's branding attributes along with the service providers tagline. Private - (Available only if previously assigned by your service provider.) Displays the partner's branding attributes, including the partner's tagline, if defined. Private is the only branding type that can rename the Control Console. Private is also the only branding type that does not have the service provider brand in its URL. This type also allows a tagline to be defined for display for the customers and/or domains that use Co-brand branding. Rebrand - Displays the partner's branding attributes. Rebrand does not use a tagline for the partner's account, but allows a tagline to be defined for display for the partner's customers and/or domains who use Co-brand branding. Standard - Displays the partner's service provider branding attributes. This is the default branding type. White Label - (Available only if previously assigned by your service provider.) No branding attributes are displayed. However, this type allows a tagline to be defined for display for the customers and/or domains that use Co-brand branding. (Available to select only by your service provider.) A checked box indicates the Partner can administer customers. This field applies only to permissions to use of the Control Console to manage customers. Partners might also have permission to manage customers using the API. In addition, a Parent Partner can manage customers on behalf of its downstream Partners even if the Parent Partner doesn't have permissions to manage their own direct customers.
Customer Management
Message Audit
Checking the box allows the Partner to research specific message disposition information based on the Message Details, Message ID or Message Header. Note: If the Partner is a Parent Partner, but is not allowed to use Message Audit, downstream partners of this Parent Partner cannot be enabled for Message Audit use either.
Intelligent Routing Email Protection Email Archiving Web Protection Performance Reports Optional Fields
Checking the box allows the Partner to administer Intelligent Routing on behalf of their customers. (Available to select only by your service provider.) A checked box indicates the Partner can administer Email Protection on behalf of their customers. (Available to select only by your service provider.) A checked box indicates the Partner can administer Email Archiving on behalf of their customers. (Available to select only by your service provider.) A checked box indicates the Partner can administer Web Protection on behalf of their customers. Checking the box allows customers to manage Performance Reports under this Partner. Select an optional field. Click Add to have the field appear on the Edit and Details pages.
Click Save.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
59
Delete a Partner
You can delete a Partner from the Partner Details screen. Note: All partner accounts, customer accounts, and domains that are subordinate to a Partner must be manually moved or deleted before the Partner account may be deleted. To delete a Partner, perform the following steps: 1 2 3 4 Click Account Management > Partners. Click on a Partner on the list. The Partner Details screen is displayed. Click Delete. A confirmation screen is displayed. Click OK.
You can also administer customers of a downstream Partner as described in Chapter 1. Administering Customers.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
60
Bundle Inclusions (full descriptions below) Email Security and Web Security
Applicable Outbound Package(s) Outbound Full -orOutbound Email Continuity Outbound Full -orOutbound Email Continuity Outbound Full -orOutbound Email Continuity
Email Security & Archiving - 1 year or multi-year Web & Email Security w Arch - 1 year or multi-year
Yes
Yes
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
61
Web Security
Anti-spyware scanning Anti-virus scanning Anti-phishing protection Group policies management IP- and user-level authentication URL Filtering Safe Search Protection Peer-to-peer Site Blocking Streaming Media Site Blocking Control Console admin and reporting portal Automated, around-the-clock Web threat monitoring and protection
Email Security & Archiving, both 1-yr. and multi-yr., inclusions Email Security
Advanced spam blocking, including Premium Multi-Language Anti-Spam Filter Triple virus and worm scanning Content and attachment filtering Email attack protection Fraud protection Email Continuity, including outbound virus filtering Control Console administration and reporting portal Sophisticated quarantine management 14-day spam quarantine Automated, around-the-clock email threat monitoring and protection
Archiving
One gigabyte of storage per user, per year, with an increase of one gigabyte per user, for each additional year of service Advanced search options and fast, accurate information retrieval by authorized persons Multiple levels of permissions/authority for employers, compliance officers, corporate officers and legal departments Definable retention policies based on content Single Instance Storage Real-time data backups Storage capabilities for comments and notes Flexible options for creating automatic or ad hoc reports Audit trails provide comprehensive activity logs For multi-year packages, journaled email retention times of 3, 5, or 7 years, assigned during provisioning
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
62
Complete Security bundles, both 1-yr. and multi-yr., inclusions Email Security
Advanced spam blocking, including Premium Multi-Language Anti-Spam Filter Triple virus and worm scanning Content and attachment filtering Email attack protection Fraud protection Email Continuity, including outbound virus filtering Control Console administration and reporting portal Sophisticated quarantine management 14-day spam quarantine Automated, around-the-clock email threat monitoring and protection (Optional) Outbound message filtering
Web Security
Anti-spyware scanning Anti-virus scanning Anti-phishing protection Group policies management IP- and user-level authentication URL Filtering Safe Search Protection Peer-to-peer Site Blocking Streaming Media Site Blocking Control Console admin and reporting portal Automated, around-the-clock Web threat monitoring and protection
Archiving
One gigabyte of storage per user, per year, with an increase of one gigabyte per user, for each additional year of service Advanced search options and fast, accurate information retrieval by authorized persons Multiple levels of permissions/authority for employers, compliance officers, corporate officers and legal departments Definable retention policies based on content Single Instance Storage Real-time data backups Storage capabilities for comments and notes Flexible options for creating automatic or ad hoc reports Audit trails provide comprehensive activity logs
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
63
For multi-year packages, journaled email retention times of 3, 5, or 7 years, assigned during provisioning
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
64
Not allowed
Optional
Pkg 41 In - Ent Plus -TPL Virus Pkg 42 In - Ent Plus -FS Pkg 43 In - Ent Plus -FSTPL Virus
Optional
Pkg 41 Out - Ent Plus TPL Virus Pkg 42 Out - Ent Plus Pkg 43 Out - Ent Plus TPL Virus
Optional Optional
Pkg 44 In - Ent Plus DBL Virus Pkg 45 In - Ent Plus -FSDBL Virus
Optional
Pkg 44 Out - Ent Plus DBL Virus Pkg 45 Out - Ent Plus DBL Virus
Optional
Yes
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
65
Definition MX Enterprise Plus Defense, plus Double Virus protection and Email Continuity Disaster Recovery Basic protection against inbound spam from highvolume spam sources
Applicable Outbound Package(s) Pkg 47 Out - Ent Plus DBL Virus -or Outbound EC
Noa
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
66
Pkg 01 Out Ultimate Defense / Email Protection Pkg 03 Out Ultimate Access / Email Protection and Continuity Pkg 40 Out - Ent Plus Pkg 41 Out - Ent Plus -TPL Virus Pkg 42 Out - Ent Plus Pkg 43 Out - Ent Plus -TPL Virus Pkg 44 Out - Ent Plus -DBL Virus Pkg 45 Out - Ent Plus -DBL Virus Pkg 46 Out - Ent Plus -TPL Virus Pkg 47 Out - Ent Plus -DBL Virus Pkg 62 - Outbound Full Pkg 91 Out - Perimeter Defense
MX Ultimate Defense, Outbound (Pkg 01 In) MX Ultimate Access, Outbound (Pkg 03 In) MX Enterprise Plus Defense, Outbound (Pkg 40 In) MX Enterprise Plus Defense, Outbound plus Triple Virus protection (Pkg 41 In) MX Enterprise Plus Defense, Outbound (Pkg 42 In) MX Enterprise Plus Defense, Outbound plus Triple Virus protection (Pkg 43 In) MX Enterprise Plus Defense, Outbound plus Double Virus protection (Pkg 44 In) MX Enterprise Plus Defense, Outbound plus Triple Virus protection (Pkg 45 In) MX Enterprise Plus Defense, Outbound plus Triple Virus protection (Pkg 46 In) MX Enterprise Plus Defense, Outbound plus Double Virus protection (Pkg 47 In) Full outbound email filtering (available only when choosing a Service Bundle) Perimeter Defense does not filter against outbound email. Used to ensure no live outbound package
See the Outbound Package Selections Table for details on which Outbound Package should be selected, based on the Inbound Package selection.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
67
Provides URL, Anti-Phishing, Anti-Spyware and Anti-Virus filtering Allows for Explicit User Authentication and or IP Address Authentication
Bundles that include Web Protection are described at Email & Web Security Bundle inclusions and Complete Security bundles, both 1-yr. and multi-yr., inclusions.
November 2010
Proprietary: Not for use or disclosure outside McAfee without written permission
68