Руководство Пользователя для Cisco Cisco Email Security Appliance C170

See “Using Virtual Gateway™ Technology” in the Cisco IronPort AsyncOS for Email Advanced 
Configuration Guide and 

 for more information 

about assigning multiple IP addresses to the available interfaces. 

The Cisco IronPort X1000/1050/1060/1070, C60/600/650/660/670, and C30/300/350/360/370 Email 
Security appliances have three available Ethernet interfaces by default. The Cisco IronPort 
C10/100/150/160 Email Security appliances have two available Ethernet interfaces. 

In addition to this configurations shown in 

 and 

, you can also configure:

Multiple Cisco IronPort appliances using the Centralized Management feature

Redundancy at the network interface card level by “teaming” two of the Ethernet interfaces on Cisco 
IronPort appliances using the NIC Pairing feature. 

Both of these features are discussed in the Cisco IronPort AsyncOS for Email Advanced Configuration 
Guide.

Depending on your network configuration, your firewall may need to be configured to allow access on 
the following ports.

SMTP and DNS services must have access to the Internet. For other system functions, the following 
services may be required:

 contains all information about the possible ports that may need to 

be opened for proper operation of the Cisco IronPort appliance. For example, ports in the firewall may 
need to be opened for connections:

from the external clients (MTAs) to the Cisco IronPort appliance

to and from groupware servers

to the Internet root DNS servers or internal DNS servers

to the Cisco IronPort downloads servers for McAfee and Sophos Anti-Virus updates, Outbreak 
Filters rules, and updates to AsyncOS

to the NTP servers

to LDAP servers

SMTP: port 25

DNS: port 53

HTTP: port 80

HTTPS: port 443

SSH: port 22

Telnet: port 23

LDAP: port 389 or 3268

NTP: port 123

LDAP over SSL: port 636

LDAP with SSL for Global Catalog queries: port 3269

FTP: port 21, data port TCP 1024 and higher

Cisco IronPort Spam Quarantine: port 6025