Cisco Cisco Email Security Appliance X1050 安装指南
These simple-to-follow steps will allow you to install,
configure, and start using your Cisco IronPort Email Security
Appliance right away.
configure, and start using your Cisco IronPort Email Security
Appliance right away.
Before you start, be sure you have the following:
Rack cabinet enclosure
•
Appropriate rails and adaptor kits
•
10/100/Gigabit BaseT TCP/IP local area network (LAN)
•
Web browser software (or SSH and terminal software)
•
Network cable(s) for connecting to your network
•
Check to make sure the following items are present in the Cisco
IronPort Email Security appliance system box:
IronPort Email Security appliance system box:
Cisco IronPort C670 Email Security Appliance
•
Dual-head power cable
•
Straight power cables (2)
•
Null modem serial cable
•
Cisco IronPort C670 Quickstart Guide (this guide)
•
Cisco IronPort AsyncOS Documentation CD
•
Cisco IronPort AsyncOS for Email Configuration Guide
•
Safety and Compliance Guide
•
Note:
You can download the AsyncOS Release Notes from the Cisco IronPort
Customer Support Portal located at www.ironport.com/support.
You can download the AsyncOS Release Notes from the Cisco IronPort
Customer Support Portal located at www.ironport.com/support.
Cisco IronPort C670
Depending on your network configuration, your firewall may need
to be configured to allow access on the following ports.
SMTP and DNS services must have access to the Internet. For
other system functions, the following services may be required:
other system functions, the following services may be required:
SMTP: port 25
•
HTTP: port 80
•
SSH: port 22
•
LDAP: port 389 or 3268
•
LDAP over SSL: port 636
•
LDAP with SSL for Global Catalog queries: port 3269
•
FTP: port 21, data port TCP 1024 and higher
•
See the appendix “Firewall Information” in the Cisco IronPort AsyncOS
for Email Configuration Guide for more information.
for Email Configuration Guide for more information.
Install in Rack
Install the Cisco IronPort Appliance into your rack cabinet. Ensure the
ambient temperature around the system is within the specified limits.
Ensure there is
ambient temperature around the system is within the specified limits.
Ensure there is
sufficient airflow around the unit.
Data
The Cisco IronPort Appliance requires at least one IP address to send
and receive email. Ideally, two IP addresses should be used:
and receive email. Ideally, two IP addresses should be used:
Connect the Data 1 network port to your public network
•
Connect the Data 2 network port to your private network
•
Alternately, you can receive and deliver email from a single connection
to either network port, if your network topology dictates it. Multiple IP
addresses can be configured on one network interface.
to either network port, if your network topology dictates it. Multiple IP
addresses can be configured on one network interface.
Setup and Management
For access by Ethernet™, connect to the
•
Management Network
Port. Use a browser to access the web-based interface on the
default IP address 192.168.42.42. You can also access the
command line interface by
default IP address 192.168.42.42. You can also access the
command line interface by
SSH or terminal emulation software
on the same IP address. (The netmask is /24.)
Or, for Serial access, connect to the Serial Port. Access the command
Or, for Serial access, connect to the Serial Port. Access the command
•
line interface by a terminal emulator using 9600 bits, 8 bits, no parity,
1 stop bit
1 stop bit
(9600, 8, N, 1), flowcontrol = Hardware.
Power
Plug the female end of each straight power cable into the redundant
•
power supplies on the back panel of the appliance.
Or, plug the female ends of the dual-head power cable into the
Or, plug the female ends of the dual-head power cable into the
•
redundant power supplies on the back panel of the appliance.
Cisco IronPort Email
Security appliance
Security appliance
Clients
Firewall
Internet
Groupware Server
(Microsoft Exchange™, Lotus
Notes™, SunONE Messaging™)
(Microsoft Exchange™, Lotus
Notes™, SunONE Messaging™)
Dual-Head
Power Cable
Power Cable
Straight
Power Cables
Power Cables
Documentation
CD
Public
Network
Private
Network
Network
Public and Private
Networks
Networks
Turn on the system power by pressing the On/Off switch on the front
panel of the the appliance. You must
panel of the the appliance. You must
wait five minutes for the system to
initialize the very first time you power up before moving on to Step 5.
Fill out the
•
Networking Worksheet on the back of this
Quickstart Guide. Contact your network administrator if
you need assistance.
Use a browser to
you need assistance.
Use a browser to
•
connect to the following URL:
http://192.168.42.42
Log in as:
•
Username:
admin
Password:
ironport
The System Setup Wizard begins and the end user license
•
agreement is displayed. Please read and accept the license
agreement to continue.
Use the information from the Networking Worksheet to complete
agreement to continue.
Use the information from the Networking Worksheet to complete
•
the System Setup Wizard.
(Or, you may connect using SSH or terminal emulation software.
Initiate a session to the IP address 192.168.42.42. Log in as
Initiate a session to the IP address 192.168.42.42. Log in as
admin
with the password
ironport
and, at the prompt, run the
systemsetup
command.)
Record critical information
from the Networking Work-
sheet to assist in completing
the System Setup Wizard.
from the Networking Work-
sheet to assist in completing
the System Setup Wizard.
Wait 5
minutes
minutes
Quickstart
Guide
Safety and
Compliance Guide
INSTALL
2
UNPACk
1
C oNNECT
3
PoWER-UP
4
C oNfIgURE
5
DNS: port 53
•
HTTPS: port 443
•
Telnet: port 23
•
NTP: port 123
•
Cisc
o Iro
nPor
t C3
70
Ema
il Se
curit
y Ap
plian
ce
Cisco IronPort C370
Cisc
o Iro
nPor
t C3
70
Power
(2)
(1)
(1)
Serial
50
95
F
C
35
10
Temperature Limits
SERIAL
MGMT DATA 1
2
3
1
2
3
4
MGMT DATA 1
2
MGMT DATA 1
2
or
or
SERIAL
MGMT DATA 1
2
3
3
4
SERIAL
MGMT DATA 1
2
3
3
4
SERIAL
MGMT DATA 1
2
3
1
2
3
4
Serial via Terminal
(9600, 8, N, 1)
Ethernet via SSH or HTTP
(on 192.168.42.42)
(on 192.168.42.42)
SERIAL
or
SERIAL
MGMT DATA 1
Power
Configuration
Guide
Plan the installation within your network
Your Cisco IronPort Appliance is designed to serve as your SMTP
email gateway at your network perimeter – that is, the first machine
with an IP address that is directly accessible to the Internet for sending
and receiving email. Many of the features (including Email Security
Monitor, Reputation Filtering, Spam Detection, Virus Protection, and
Encryption) require you to install the Cisco IronPort appliance into your
existing network infrastructure in the following way.
email gateway at your network perimeter – that is, the first machine
with an IP address that is directly accessible to the Internet for sending
and receiving email. Many of the features (including Email Security
Monitor, Reputation Filtering, Spam Detection, Virus Protection, and
Encryption) require you to install the Cisco IronPort appliance into your
existing network infrastructure in the following way.