Main Menu
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Network Segmentation
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • English English English en
  • BLOG
  • CONTACT SALES
  • FREE TRIALS
  • English English English en
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Network Segmentation
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • Menu

Email Security: Split Architecture Configuration

03/26/2020 1,110 People found this article helpful 120,686 Views

    Download
    Print
    Share
    • LinkedIn
    • Twitter
    • Facebook
    • Email
    • Copy URL The link has been copied to clipboard

    Description

    In the Split configuration there is one Control Center and one or more Remote Analyzers. The Control Center, in addition to acting as the control center for all the Remote Analyzers, acts as a central administration and quarantine server. Remote Analyzers are SMTP proxies placed in the email flow. They judge whether email is good or junk. Good email is routed to its intended destination, and junk email is routed immediately to the Control Center and qurantined there; it is not quarantined on the Remote Analyzers. Remote Analyzer machines can be configured to handle inbound email messages, outbound email messages, or both. Users can log in to the Control Center to change their settings; they never log in to Remote Analyzers. The most common reason for deploying in a Split mode is to support multiple physical data centers, where any settings made by an administrator or end user automatically takes effect in multiple remote locations.

    Resolution

    The IP addresses used in this example:

    20.20.5.158  Control Center
    20.20.5.157  Remote Analyzer
    20.20.5.156  Remote Analyzer

    Part 1: Set up a Remote Analyzer

    To set up a Remote Analyzer, install on the machine to be used as a Remote Analyzer and follow the steps below:

    1. Log in to the web interface using the Administrator name and password (the default is admin / password).

    2. Make This Server a Remote Analyzer:

    1. Select System | Network Architecture.
    2. Select the This server is: Split radio button.
    3. Select the If split, this machine is a: Remote Analyzer Server radio button.
    4. Click the Apply button.

    Image

    The interface will immediately change into the Remote Analyzer simplified interface with fewer menus on the left side of the screen.

    Click the Add Server button to identify this Remote Analyzer's Control Center

    Image

    Part 2: Set Up A Control Center


    To set up a Control Center, install on the machine to be used as a Control Center, then follow these steps:
    Log in to the web interface using the Administrator name and password (the default is admin / password).

    Make This Server a Control Center

    1. Select System | Network Architecture.
    2. Select the This Server Is: Split radio button.
    3. Select If Split, this machine is a: Control Center Quarantine Server.
    4. Click the Apply button.
      Once you click Apply, the interface changes to the more complex Control Center interface.
      Image

    The Control Center name is automatically filled out to be the current hostname

    Part 3: Add a Remote Analyzer:

    1. Click the Add Server button under Inbound/Outbound Remote Analyzer Paths.
    2. Enter the IP address of a Remote Analyzer that is controlled by this Control Center.

    Image
    After configuring a server as a Control Center, any changes made to the Control Center are automatically propagated to all the Remote Analyzers listed on this page. You can monitor the status of these Remote Analyzers on the Reports page for the Control Center.

    Click the Test Connectivity button to make sure all the Remote Analyzer is responding.
    Image

    If you log in on the remote analyzer the test connectivity to control center will also return the success

    Image

    You can add now further remote analyzers repeating the steps described in part I and III

    Part 4: Configure Email Flow through Remote Analyzers from the Control Center

    All configuration of the entire Split deployment is done from the Control Center, including setting up the email flow through the Remote Analyzers.

    Follow these steps to configure one of the Remote Analyzers such that the IP address and port number accept SMTP traffic and pass SMTP traffic downstream.

    1. Log in to the Control Center (do not log in to the Remote Analyzer).

    2. Choose which Remote Analyzer to configure. In the Network Architecture page on the Control Center, select the checkbox indicating which Remote Analyzer Server to configure. This is found near the bottom of the page, in the box labeled Inbound/Outbound Remote Analyzer Paths.

    Image

    3. Add an SMTP Upstream and Downstream server. Click the Add Path button to the right of the Remote Analyzer Server name you have selected. In the Split configuration, you can specify a different SMTP flow for each Remote Analyzer.

    Image

    Once created you can also edit and reconfigure the path

    Image

    Image

    Here are the settings you shall choose depending on your architecture

    1. Source IP Contacting Path
    In this section you can specify the IP addresses of sending email servers that are allowed to connect to and relay through this path.
    Any source IP address is allowed to connect to this path - Use this setting if you want any sending email server to be able to connect to this path and relay messages. Warning: using this option could make your server an open relay.
    Any source IP address is allowed to connect to this path but relaying is allowed only for specified domains - Use this setting if you want any sending email servers to connect to this path, but you want to relay messages only to the domains specified. Enter domains for which you are willing to relay email messages by adding one domain per line.
    Only these IP addresses can connect and relay - Use this setting if you know the sending email server IP addresses and you do not want any other servers to connect. Separate multiple IP addresses with a comma.

    2. Path Listens On
    In this section, you can specify the IP addresses and port number on which this path listens for connections.

    Listen on all IP address on this port - Use this setting if you want this path to listen for all IP addresses on the specified port. It is a common practice to listen for incoming email on port 25.

    Listen only on this IP address and port - Use this setting if you want this path to listen in on traffic coming through a specific IP address and port.

    3. Destination of Path
    In this section, you can specify the destination server for the email messages in this path.

    This is a proxy. Pass all email to destination server - Use this setting if you want this path to act as a proxy and relay messages to a downstream email server. Enter the host name or IP address of the downstream email server and the port on which it should be contacted. If the downstream server is unavailable, incoming messages will not be accepted or queued.

    This is an MTA. Route email using SmartHost to destination server - This setting is the same as the proxy option above, except that the incoming messages will be accepted and queued if the downstream server is unavailable.

    This is an MTA. Route email using SmartHost with load balancing to pass email to the following multiple destination servers - This setting is same as the MTA option immediately above, except that the incoming messages can be routed to multiple servers. If round robin is chosen, email is load-balanced by sending a portion of the email flow through each server listed in the text box. If fail over is chosen, email will be sent to the servers listed in the text box only if the downstream server is unavailable. Email will be queued if all of the servers listed are unavailable.

    This is an MTA. Route email using MX record routing - Use this setting to configure this path to route messages by standard MX (Mail Exchange) records. To use this option, your DNS server must be configured to specify the MX records of your internal mail servers that need to receive the email. Email will be queued if necessary.

    This is an MTA. Route email using MX record routing with these exceptions - Use this setting to configure the path to route messages by standard MX (Mail Exchange) records, except for the specified domains. For the specified domains, route messages directly to the IP address corresponding to the domain. Email will be queued if necessary.

    4. Advanced Settings

    Use this text instead of a host name in the SMTP banner - If you do not want the host name of the server running to appear in the banner for the path, specify the text you want to use here. If this field is left blank, the host name will be used.

    Action for messages sent to email addresses that are not in your LDAP server - Select the action you want to take when this path receives messages for recipients not listed in your LDAP server. It is strongly recommended that you select the "Adhere to corporate setting" option and configure DHA protection on the Connection Management page. Change this setting in the unusual circumstance when an administrator needs to configure DHA differently depending on the path.

    Reserve the following port - Specify a port that can use for miscellaneous internal "localhost to localhost" communication between components. Most Administrators will not need to change the default value.

    Enable StartTLS on this path - Enable email communication over an encrypted socket. Click the Configure StartTLS button to configure the way handles encrypted email communications.

    Related Articles

    • Windows Defender Smartscreen in Edge is blocking SonicWall's Rewritten Sandboxing URL
    • Generate & Import a SSL certificate (PKCS#12) file for import on an Email Security appliance
    • How to manually create FTP backup from CLI - Email Security appliance

    Categories

    • Email Security > Email Security Appliance
    • Email Security > Email Security Software
    • Email Security > Hosted Email Security

    Not Finding Your Answers?

    ASK THE COMMUNITY

    Was This Article Helpful?

    YESNO

    Article Helpful Form

    Article Not Helpful Form

    Company
    • Careers
    • News
    • Leadership
    • Awards
    • Press Kit
    • Contact Us
    Popular resources
    • Communities
    • Blog
    • SonicWall Capture Labs

    Stay In Touch

    • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
    • This field is for validation purposes and should be left unchanged.
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
    • Instagram

    © 2022 SonicWall. All Rights Reserved.

    • Legal
    • Privacy
    • English
    Scroll to top
    Trace:63d06900c8ef267d887744bb716d43f8-78