SMA DEPLOYMENT PLACEMENT

mahadevan.v@netcon.in · ‎07-02-2020

In our existing virtual SMA appliance is in Internal zone and ESA appliances are in DMZ. We are now deploying a new SMA appliance as a replacing for our existing virtual SMA device.

We are enabling secured centralised SPAM Quarantine access to employees through Intrenet & Internet. Since the appliance has web service enabled we prefer to go with DMZ but still we couldn't find any recommendation in Cisco portal.

a) Does CISCO recommends placement for SMA in any documents.

b) If you have come across such situation please suggest

balaji.bandi · ‎07-02-2020

Most of the cases this is Manangment Box, Managed By Internal Admin, So they can manange using internal LAN or remote workers get in to corportate and use jump box to conect to SMA to manage.

Always my suggestion is to place them internally behind the FW so it is secured and trusted.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

mahadevan.v@netcon.in · ‎07-02-2020

Hi,

Thanks for your reply. CISCO offers Quarantine email release service in both http and secure http ports. In that case this appliance will also be accessed by users from internet. In that case I have to expose my internal segment to internet users.

SMA DEPLOYMENT PLACEMENT

[CVIM] Ceph Placement Group について

【原创】Firepower AMP Introduction & Deployment

Upgrading CUC using Prime Collaboration Deployment (PCD)

Cisco Umbrella VA deployment

ISE Secure Wired Access Prescriptive Deployment Guide