Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1458
Views
0
Helpful
2
Replies

SMA DEPLOYMENT PLACEMENT

mahadevan.v@netcon.in
Level 1
Level 1

‎07-02-2020 04:28 AM

In our existing virtual SMA appliance is in Internal zone and ESA appliances are in DMZ. We are now deploying a new SMA appliance as a replacing for our existing virtual SMA device.

We are enabling secured centralised SPAM Quarantine access to employees through Intrenet & Internet. Since the appliance has web service enabled we prefer to go with DMZ but still we couldn't find any recommendation in Cisco portal.

 

a) Does CISCO recommends placement for SMA in any documents. 

b) If you have come across such situation please suggest

 

 

Labels:
0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎07-02-2020 05:26 AM

Most of the cases this is Manangment Box, Managed By Internal Admin, So they can manange using internal LAN or remote workers get in to corportate and use jump box to conect to SMA to manage.

 

Always my suggestion is to place them internally behind the FW so it is secured and trusted.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

mahadevan.v@netcon.in
Level 1
Level 1
In response to balaji.bandi

‎07-02-2020 07:00 AM

Hi,

 

Thanks for your reply. CISCO offers Quarantine email release service in both http and secure http ports. In that case this appliance will also be accessed by users from internet. In that case I have to expose my internal segment to internet users. 

0 Helpful
Customers Also Viewed These Support Documents