Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
624 Views 3 Replies Latest reply: Oct 8, 2013 10:46 AM by Brad McGarr RSS
PhilM Champion 528 posts since
Jan 7, 2010
Currently Being Moderated

Oct 8, 2013 10:24 AM

Configuring Firewall Rules to ensure access is restricted appropriately

I am new to the SaaS Email product (though have done some work with MEG7 and Firewall Enterprise).

 

It is possible the answers I seek are located within the documentation and I simply haven't reached that part yet, but I thought I'd ask the questions in advance.

 

I am shortly going to be assisting an existing customer with the transition from an old on-site email security appliance to SaaS Email. With an on-premise solution the only gateway Firewall requirement is to allow SMTP traffic in and out. However, with the solution moving to the cloud there are a couple of additional considerations. To ensure that people of questionable intent don't try to by-pass the SaaS solution, I would imagine that locking down the inbound SMTP firewall rule to only allow traffic from the SaaS servers is necessary. Which hostnames/IP addresses are associated with the SaaS SMTP servers?

 

Similarly there will be a requirement to create an inbound rule to allow the SaaS system to perform the Active Directory Synchronization task. Again, I'm sure it would be wise to make sure that no-one else is allowed to try and access these services, so (again) which hostnames or IP addresses should we use?

 

Many thanks.

-Phil.

  • Brad McGarr McAfee Employee 154 posts since
    Dec 4, 2012

    Phil,

     

    Welcome to the McAfee SaaS Email Protection Community! All of the SaaS Services (the former MX Logic line of products) use the same IP ranges. You can find these in your Email Protection service, under Email Protection > Setup > MX Records. At the bottom of the page is a section for locking down servers. You'll need only the CIDR /21 or /24 notation, but not both, depending on what format your firewall works with. For some older firewalls, individual IPs are needed, and are provided.

     

    If your firewall requires host min/max and subnets, those are available as well.

     

    See also: https://support.mcafeesaas.com/MCAFEE/_cs/AnswerDetail.aspx?sSessionID=&aid=7378


    Brad McGarr
    McAfee SaaS Email & Web Protection
    Technical Support Technician I (Legacy & Partner Support)
    Microsoft Certified Professional
    Microsoft Technology Associate - Windows OS | CompTIA A+ Certified Technician | CIW Web Foundations Associate
    Visit my blog: Brad's Corner - Insights from SaaS Email & Web Security Support https://community.mcafee.com/blogs/brad-denver

    Frequently Requested Information
  • Brad McGarr McAfee Employee 154 posts since
    Dec 4, 2012

    Phil,

     

    You're correct. The same IP blocks apply to Inbound and Outbound SMTP Traffic, LDAP connections, as well as the Web Proxy services.


    Brad McGarr
    McAfee SaaS Email & Web Protection
    Technical Support Technician I (Legacy & Partner Support)
    Microsoft Certified Professional
    Microsoft Technology Associate - Windows OS | CompTIA A+ Certified Technician | CIW Web Foundations Associate
    Visit my blog: Brad's Corner - Insights from SaaS Email & Web Security Support https://community.mcafee.com/blogs/brad-denver

    Frequently Requested Information

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points