3 Replies Latest reply: Oct 8, 2013 10:46 AM by Brad McGarr RSS

    Configuring Firewall Rules to ensure access is restricted appropriately


      I am new to the SaaS Email product (though have done some work with MEG7 and Firewall Enterprise).


      It is possible the answers I seek are located within the documentation and I simply haven't reached that part yet, but I thought I'd ask the questions in advance.


      I am shortly going to be assisting an existing customer with the transition from an old on-site email security appliance to SaaS Email. With an on-premise solution the only gateway Firewall requirement is to allow SMTP traffic in and out. However, with the solution moving to the cloud there are a couple of additional considerations. To ensure that people of questionable intent don't try to by-pass the SaaS solution, I would imagine that locking down the inbound SMTP firewall rule to only allow traffic from the SaaS servers is necessary. Which hostnames/IP addresses are associated with the SaaS SMTP servers?


      Similarly there will be a requirement to create an inbound rule to allow the SaaS system to perform the Active Directory Synchronization task. Again, I'm sure it would be wise to make sure that no-one else is allowed to try and access these services, so (again) which hostnames or IP addresses should we use?


      Many thanks.