01-28-2011 06:42 AM
I'm curious as to what other email admins are doing today with DLP inside the organization. I mean, the Ironport is meant to monitor traffic in and out of the org and apply DLP policies, but what about internal mail traffic going from dept to dept that might viloate as well? Any crafty transport rules if using Exchange out there? Any add-on third party software that I don't know about? Modify internal routing so that all messages pass through ironport for dlp processing.
What are you doing today? And also if this is not allowed discussion on the board, please let me know and I will post on a blog.
Chris
01-31-2011 10:43 PM
Hi Chris,
I am not aware of any third party softwares but you can diffinitely route your internal traffic through IronPort. Customers normally route internal traffic through IronPort for virus scanning, can go for DLP too.
Regards,
Viquar
Customer Support Engineer Cisco IronPort
02-08-2011 06:29 AM
Viquar -
Thanks for the response. Do you have any customers that are currently routing internal exchange 2007 / 2010 messages through the ironport for processing?
I ask because the way the hub transport role works, I'm not sure how one would achieve this, even if they configure all connectors to route through a smart host.
Chris
02-08-2011 12:41 PM
Hi Chris,
Routing internal traffic through IronPort is not recommended but it is configurable. Your internal traffic is still going to match the sender group 'RelayList' but instead of sending traffic to internet, IronPort will deliver back to internal servers. IronPort check the destination host once recieved the message and based on destination it routes the traffic. If the destination host is your internal server, it will check the RAT table for the destination domain entry and via SMTP routes it will deliver to the destination server. If the message is going to internet, DNS servers will decide the destination server based on domain MX record.
Hope answered the question.
Viquar
Customer Support Engineer
02-09-2011 05:11 AM
Thanks Viquar, I'm following you with the IronPort routing. However, I'm not following how I could route my internal exchange traffic through the ironport.
The hub transport server introduced with Exchange 2007 handles all message routing for intra-org and inter-org messages. Intra-org messages however will not be routed through to my smarthost (ironport) for processing, only delivered to proper destination mailbox server and eventually my email client.
So my question is still this.. Specific to Exchange 2007 and Exchange 2010, if it's possible and has been done, how would one configure the hub transport role
to route ALL mail traffic to the IronPort device for processing?
Thanks again for the help,
Chris
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide