Cisco Cisco Email Security Appliance C160 Mode D'Emploi

You can install your Cisco IronPort appliance into your existing network 
infrastructure in several ways. This section addresses several options available to 
you as you plan your installation. 

Please note that your Cisco IronPort appliance is designed to serve as your SMTP 
gateway, also known as a mail exchanger or “MX.” In addition to the “hardened” 
operating system dedicated for Internet messaging, many of the newest features 
in the AsyncOS operating system function optimally when the appliance is 
situated at the first machine with an IP address that is directly accessible to the 
Internet (that is, it is an external IP address) for sending and receiving email. For 
example: 

The per-recipient reputation filtering, anti-spam, anti-virus, and Virus 
Outbreak Filter features (see 

, 

, 

) are designed to work with a direct flow of 

messages from the Internet and from your internal network. You can 
configure the Cisco IronPort appliance for policy enforcement (

) for all 

email traffic to and from your enterprise. 

You need to ensure that the Cisco IronPort appliance is both accessible via the 
public Internet and is the “first hop” in your email infrastructure. If you allow 
another MTA to sit at your network’s perimeter and handle all external 
connections, then the Cisco IronPort appliance will not be able to determine the 
sender’s IP address. The sender’s IP address is needed to identify and distinguish 
senders in the Mail Flow Monitor, to query the SenderBase Reputation Service for 
the sender’s SenderBase Reputation Score (SBRS), and to improve the efficacy of 
the IronPort Anti-Spam and Outbreak Filters features.