Showing results for 
Search instead for 
Did you mean: 

Hybrid Mode - What is it and do I want it?

We are currently in the process of migrating from Ironmail/MEG 6.7.2 as a physical device to a Virtual Appliance running 7.5.  I have just started configuring the device and reviewing the settings I will need to migrate from the existing server.  One option the install presented to me was to activate the 'McAfee Email Protection (Hybrid) provisioning service'.  What exactly is that?  Is that related to the SaaS service in some capacity, pulling extra data from an online source in addition to local scanning?  Is it similar to Trusted Source or something like that?

My goal is to set up multiple virtual appliances (one at our DR network and one in production) to help mitigate any outage issues or downtime tied to a single appliance.


0 Kudos
4 Replies

Re: Hybrid Mode - What is it and do I want it?

Okay, if I understand this correctly: hybrid mode submits my messages to scanning in the cloud for inbound messages, then evaluates them against the policies on my device, while outbound are only scanned on the device.  Which, if that is the case, I DO NOT want.    So I'll have to see about removing hybrid mode or starting over and not selecting it, since that feature set is not what I want for our solution.

0 Kudos
Level 11

Re: Hybrid Mode - What is it and do I want it?


When you set up hybrid mode, you need to point your MX record to the McAfee SaaS cloud. The integration part on MEG is the bit that tells the cloud which MEG appliances are working for the specific domain (sets up the trust). Mail from the outside goes directly (via the MX) to the cloud rather than being sent there by your local MEG appliances.

So, no, it is not like Trusted Source at all. The actual messages are processed in the cloud prior to reaching your MEGs. The main advantage is the added scalabilty provided by the cloud service.

If all you want is to setup DR, hybrid is optional, and from your previous post it sounds like you don't want do use hybrid as it is.

Hope this helps.

0 Kudos
Level 10

Re: Hybrid Mode - What is it and do I want it?

Ditto...  Can Hybrid Mode be switched off after the build?  I also turned it on during the build without fully understanding what it was.  It looks like it's a subscription service anyway.  Can I just "not set it up" or do I need to specifically do something to disable it post-build?

0 Kudos
Level 8

Re: Hybrid Mode - What is it and do I want it?

The only reason we selected to engage hybrid mode was to replicate a service we had with Google Postini whereby mail would still be "delivered" to the cloud and queued if there were network issues. Right now we are forced to send mail through the cloud as well because our public IPs NAT'd to our mail hosts was somehow blacklisted; we are working to get that corrected.

Now back to hybrid mode; we despise it. A few reasons why:

  1. We have had problems with spam getting to our end users even though the cloud scores it high but is still delivered to our mail servers
  2. You have no control over what the cloud does. This is especially bothersome if you need to ensure TLS between you and another entity. Must engage SaaS support to have them do that for you.
  3. We ahve gotten bounced around McAfee support for problems; MEG team says it's SaaS, SaaS team refers us to MEG team, you get the picture

So it's basically been a nightmare for us. Wish we could turn it off but the bosses are too concerned about network outage and email not getting in. The way I see it (and I've reiterated this in public forums at work) if you have a network outage, getting email working again during such time should be the least of your worries.

0 Kudos