WatchGuard XCS Outlook Add-In

advertisement
What’s New in WatchGuard
XCS v9.1 Update 2
WatchGuard XCS v9.1 Update 2
 Introduce New Features
•
•
•
WatchGuard XCS Outlook Add-in
SecureMail Email Encryption
Intercept Component Report
 Install WatchGuard XCS v9.1 Update 2
WatchGuard Training
2
WatchGuard XCS Outlook Add-In
WatchGuard Training
3
WatchGuard XCS Outlook Add-in
 Adds special Spam and Not Spam buttons to your
Microsoft Outlook client toolbar
•
•
Spam: Report any spam messages that bypassed the spam filters and were
delivered to your inbox
Not Spam: Report false positives in which legitimate messages were
classified as spam
WatchGuard Training
4
WatchGuard XCS Outlook Add-in
 When you click Spam:
•
•
•
•
The message can remain in the inbox, be moved to the Junk folder, or
deleted (configurable)
The message is trained as spam by the WatchGuard XCS
The message is relayed to WatchGuard servers for training

Sent to spam@mailsupport.watchguard.com
The sender is added to your personal Blocked Senders List
 When you click Not Spam:
•
•
•
The message is trained as legitimate mail (Not Spam) by the WatchGuard
XCS
The message is relayed to WatchGuard servers as legitimate mail training

Sent to notspam@mailsupport.watchguard.com
The sender is added to your personal Trusted Senders List
WatchGuard Training
5
WatchGuard XCS Outlook Add-in
 Available for these software versions of Outlook:
•
•
Outlook 2003
Outlook 2007
 Operating System Support
•
•
•
Windows XP
Windows Vista
Windows 7
 Supported locales:
•
•
•
•
•
English (default)
French (fr)
Spanish (es)
Japanese (ja)
Simplified Chinese (zh-CHS)
WatchGuard Training
6
WatchGuard XCS Outlook Add-in Requirements
 Software Requirements
•
•
•
•
.NET Framework 3.5 or greater - Not included with the Outlook Add-in .zip file
You must download the .NET Framework software from Microsoft
Windows Installer 3.1
Microsoft Office Primary Interop Assemblies (PIA)
Visual Studio Tools for Office (VSTO)
 To download the Add-in for your version of Outlook
•
•
•
•
Select Support > Microsoft Outlook Add-ins on the XCS menu.
The WatchGuard Support Center appears.
From the WatchGuard Support Center, select Download Software.
Select WatchGuard XCS.
Select the download link for the Add-in for your version of Outlook.
WatchGuard Training
7
Install the Outlook Add-in
To install the WatchGuard XCS Outlook Add-in:
1. Close Microsoft Outlook if it is currently running.
2. Make sure you have downloaded and installed the .NET Framework (3.5 or
greater) software.
3. Unzip the download package.
4. Double-click the setup.exe installation file.
5. You are prompted to install each prerequisite software as required.
6. Follow the prompts to install the WatchGuard XCS Outlook Add-in.
Note: If you already have the prerequisite software installed, you can install the WatchGuard
XCS Outlook Add-in with the XCSOutlook2003AddinInstaller.msi or
XCSOutlook2007AddinInstaller.msi file. Network administrators can use the .msi
installation file to push the add-in to desktop workstations in an Active Directory domain,
but the prerequisite software must already be installed on the desktop workstations or be
pushed by the administrator before the add-in installation
WatchGuard Training
8
Configure the Outlook Add-in
 When you launch Outlook, new buttons appear on the toolbar
 Click Configure
WatchGuard Training
9
Configure the Outlook Add-in
 To configure the Outlook Add-in options on your XCS device, go to
Security > Content Control > Custom Actions
 All options are enabled by default
WatchGuard Training
10
Advanced Training Options
 Available for User Submitted messages at Security > Anti-Spam >
Anti-Spam > Token Analysis > Advanced
•
•
User Submitted Limit – Not Spam (Legitimate Mail)
User Submitted Limit – Spam

WatchGuard Training
Default = 2000 messages, 10% source weighting
11
New Default Pattern Filters
 New default Pattern Filters available for User Submitted messages
•
Security > Content Control > Pattern Filters

WatchGuard Training
Sets training action for submitted messages sent to the
notspam@mailsupport.watchguard.com and spam@mailsupport.watchguard.com
addresses
12
SecureMail Email Encryption
WatchGuard Training
13
SecureMail Email Encryption
 Encrypt outbound messages directly from the WatchGuard XCS without
the need for a local encryption server or additional desktop software
 Messages are secured until they are delivered and decrypted by the
recipient of the message
 Recipients open an attachment to the encrypted message that allows
them to create an account on the SecureMail web site and log in to read
the message
WatchGuard Training
14
SecureMail Email Encryption
 When encryption is enabled, you can use these features to scan for
specific patterns in email messages that indicate the message must be
encrypted
•
•
•
•
•
Pattern Filters
Objectionable Content Filter
Content Scanning
Content Rules
Document Fingerprinting
 For example, you can create a Pattern Filter to search for the word
“[Encrypt]” in the subject field of a message.
•
An end user can add this phrase to their message subject header to indicate the
message must be encrypted before it is delivered.
WatchGuard Training
15
Replaces PostX/CRES Encryption
 SecureMail Email Encryption subscription replaces the existing
WatchGuard XCS Email Encryption technology powered by PostX/CRES
(Cisco Registered Envelope Service)
 Current PostX/CRES customers can continue to use and receive support
for PostX Encryption until their current license expires
WatchGuard Training
16
How SecureMail Works
•
•
•
•
•
When a user sends a message, the WatchGuard XCS uses pattern and content filters to
determine if a specific encryption policy applies to the message.
The SecureMail engine communicates with the SecureMail service to generate
encryption keys, any branding data, and creates the notification message. SecureMail
uses IBE (Identity-Based Encryption), which generates encryption keys based on the
sender and recipient email addresses.
The message is signed with the sender's public key and delivered to the recipient as a
message attachment.
The recipient opens the attachment that allows them to register (if this is the first
encrypted message received) and authenticate their email address to the SecureMail
web site.
The SecureMail web site uses the recipient's private session key to allow the recipient to
read the unencrypted message.
WatchGuard Training
17
Read an Encrypted Message
 When you receive an encrypted SecureMail message, open the
message attachment “message_zdm.html”
 Click Read Message
WatchGuard Training
18
Read an Encrypted Message
 If this is the first encrypted message you receive, you are prompted to
register with the SecureMail service to create an account and establish a
password.
 You must respond to a verification email message before you can open
the encrypted message.
WatchGuard Training
19
Read an Encrypted Message
 You must type your password to verify your identity
 When you are authenticated, the secure message is decrypted and
displayed
WatchGuard Training
20
Reply to an Encrypted Message
 You can securely reply to or forward encrypted messages with the same
web-based service that allows you to read the encrypted message
•
Click Reply
•
•
Type your reply, and click Send Secure
An encrypted reply is sent to the sender of the original encrypted message
WatchGuard Training
21
Reply to an Encrypted Message
•
•
•
The SecureMail server sends secure replies on behalf of your organization's email
domain, and the email message appears to originate from a SecureMail domain.
In certain cases, mail security devices may block these messages because they originate
from a different domain than your own. You must make sure that your mail security
devices are configured to allow messages from SecureMail servers when secure replies
are sent back to your email domain.
On the WatchGuard XCS, you can set up a Pattern Filter to Accept these SecureMail
server IP addresses:

mail1.vsn.voltage.com 165.193.228.181, 205.140.196.245* replaces mail1 address soon
 mail2.vsn.voltage.com 165.193.228.186, 205.140.196.250* replaces mail2 address soon
 mail3.vsn.voltage.com 165.193.91.245
 mail4.vsn.voltage.com 165.193.91.250
WatchGuard Training
22
Activate SecureMail
 When you purchase SecureMail Email Encryption, you must activate the
subscription from the LiveSecurity activation page.
• From the WatchGuard Support page, select Activate a Product.
• Log in, select your XCS product, then enter your activation key for
SecureMail Email Encryption.
WatchGuard Training
23
Activate SecureMail
 You must provide information about your organization:
•
•
Email Domains – The email domains from which your users will send
encrypted messages (example.com, example1.com, etc.)
Gateway IP addresses – The public IP addresses from which your
WatchGuard XCS device connects to the SecureMail servers.

•
This is required to authorize only your organization's IP addresses to establish a
connection with the SecureMail service.
Authorization Code – Authorizes SecureMail Email Encryption for use with
your WatchGuard XCS device.


WatchGuard Training
This code is entered in your SecureMail configuration on the WatchGuard XCS.
The Authorization Code must be 15-20 alphanumeric characters in length and
cannot contain symbols or spaces.
24
Activate SecureMail

You will receive your SecureMail account information and confirmation from WatchGuard
customer care in 24-36 hours.
WatchGuard Training
25
SecureMail Branding
 You can display custom logos and branding text for your organization on
encrypted message envelopes
 You must purchase and activate the subscription from the LiveSecurity activation
page
WatchGuard Training
26
Activate SecureMail Branding
 Provide the following information:
•
•
Branding Profile code
 Identifies your branding profile (logo and branding text) on the
SecureMail service
 The branding profile value is entered in your SecureMail configuration on
the WatchGuard XCS
 Can be up to 20 alphanumeric characters, must start with a letter, and
cannot contain symbols or spaces
Logo
 After activation, you will be contacted by customer care.
 You can send a custom logo to customer care to display on your
encrypted message envelopes
 Must be 370 pixels wide and 70 pixels high on a transparent background
in gif, jpg or png format
WatchGuard Training
27
Configure SecureMail
 Go to Security > Encryption > SecureMail
and select the Enable SecureMail
Encryption check box
 In the Authorization Code text box, you
must type your authorization code to
authorize SecureMail Email Encryption for
use with this WatchGuard device
 In the Branding Profile text box, type an
optional branding profile value that
corresponds to your branding profile (logo
and text) configured with the SecureMail
service
•
If you type an incorrect Branding Profile
value, the default WatchGuard branding
appears on the encrypted message envelope
 From the User List drop-down list, select
the list that contains the users allowed to
use SecureMail encryption
WatchGuard Training
28
Troubleshoot SecureMail Configuration
 When you apply the SecureMail configuration, the WatchGuard XCS
connects to the SecureMail server and tests your configuration.
 If you receive an error that the WatchGuard XCS cannot contact the
SecureMail server, check the following:
•
•
The WatchGuard XCS requires an outbound HTTPS connection on port 443 to
connect to the SecureMail server. Make sure this connection is allowed by your
network firewall.
The SecureMail service returns an XML-based configuration file. Make sure your
network firewall or content filter allows XML files.
 If the connection to the SecureMail server completes, but you receive an
error that the Message Encryption verification test failed, check the
following:
•
•
Confirm that you correctly entered your Authorization Code.
Check the gateway IP addresses you activated with SecureMail to make sure
you are connecting from the public IP address of the WatchGuard XCS.
WatchGuard Training
29
Configure SecureMail – Upload Users
 You must upload a list of user email addresses that are permitted to
encrypt messages with SecureMail encryption.
•
If the user does not appear in the list, the message is rejected with the error
code "550 Error: content rejected".
 Create a text file containing a list of user email addresses with one
address per line. For example:
user1@example.com
user2@example.com
user3@example.com
user4@example.com
 Click Manage User Lists. (You can also select Security > Content
Control > Dictionaries & Lists on the menu)
WatchGuard Training
30
Configure SecureMail – Upload Users (continued)
 Click Browse to select your list of users to upload.
 From the Character set drop-down list, select the encoding used in the
uploaded file. For example, select ASCII.
 Click Continue.
WatchGuard Training
31
Configure SecureMail – Upload Users (continued)
 In the Name text box, type a descriptive name for the list.
 From the Type drop-down list, select email.
 Click Continue to finish uploading the file.
WatchGuard Training
32
Configure SecureMail – Upload Users (continued)
 The SecureMail configuration page displays:
•
•
A summary of users in your encryption list
The total number of users in the list and the license limit
WatchGuard Training
33
Configure SecureMail – Create Content Filters
 Use the following features to create content filters to determine
messages to encrypt:
•
•
•
•
•
Pattern Filters
Objectionable Content Filter
Content Scanning
Content Rules
Document Fingerprinting
WatchGuard Training
34
Intercept Component Report
WatchGuard Training
35
Intercept Component Report
 Reports on Intercept Anti-Spam component processing
 Includes the frequency of spam received based on each spam category, the
Token Analysis score of messages received, and the Intercept component
contribution
•
•
•
Spam Frequency – This graph displays the frequency of Certainly Spam, Probably
Spam, and Maybe Spam, received over a period of time
Token Analysis Score – This graph displays the number of messages received
based on their Token Analysis score
Intercept Component Contributions – This table displays statistics on identified
spam for each Intercept component that contributed to the overall Intercept score
WatchGuard Training
36
Install XCS v9.1 Update 2
Install XCS v9.1 Update 2
 If enabled, Security Connection automatically downloads update
releases
•
•
Install the update in Administration > Software Updates > Updates
The update appears in the Available Updates section
•
•
Select the update, then click Install
The device restarts
This process can take several minutes to complete!
WatchGuard Training
38
Install XCS v9.1 Update 2 (continued)
 You can also download the update software from the LiveSecurity site
•
From the Software Downloads page, download the XCS v9.1 Update 2
software [xcs91_update_2.pf] to your local computer
Click to download
WatchGuard Training
39
Install XCS v9.1 Update 2 (continued)
 Upload the software update in Administration > Software Updates >
Updates
•
•
Click Browse to find the downloaded file on your computer
Click Upload
WatchGuard Training
40
Install XCS v9.1 Update 2 (continued)
 The update appears in the Available Updates section
 Select the update, then click Install
 The device restarts
This process can take several minutes to complete!
WatchGuard Training
41
Thank You!
Download