Question

In: Computer Science

A consultant has recommended your organization look to increase its security profile in relation to SMTP...

A consultant has recommended your organization look to increase its security profile in relation

to SMTP traffic. Management has asked you devise a firewall-specific strategy to address the

recommendation. What strategy would you recommend, and why?

Your answer should be approximately 200-250 words in length.

Solutions

Expert Solution

Solution:

  1. SSL Inspection decrypts SSL-encrypted SMTP connections. For incoming connections, your mail server's SSL certificates are used.
  2. The DNS blacklist database is queried via a DNS lookup using the sender's IP address. If the DNS reputation database is not available, the email is not modified. If the domain or IP address is blacklisted, the email's subject line is modified to start with[SPAM]and the following non-configurable MIME type headers are set:

    • X-Spam-Prev-Subject:Your email subject without the [SPAM] tag.

    • X-Spam-Flag: YES

    • X-Spam-Status: Yes

    • X-Spam-Level: ***

  3. Email attachments are scanned by the virus scanner. If malware is found, the attachment is stripped from the email and replaced by a customizable text informing the user that the malicious attachment has been removed

Some of the steps to be taken are,

Step1. Import the mail server certificates

import the SSL certificates of your internal mail server(s). For more information, see How to Use and Manage Certificates with the Certificate Manager.

Step 2: Enable virus protection for mail traffic

  1. Enable virus scanning and SSL Inspection in the firewall.

  2. Go to FIREWALL > Settings.
  3. In the Firewall Policy Settings section, enable TCP Streams Reassembly.
  4. Make sure that Application Control is enabled.
  5. In the Virus Protection section,
    1. Set Enable Virus Protection to yes
  6. (Optional) Enable Advanced Threat Detection. For more information, see Advanced Threat Protection (ATP/ATD).
  7. In the Mail Security section, enter the public IP address that your mail server domain's MX record resolves to in the Mail Server SSL Certificates section, select the mail server SSL certificate from the Certificate list, and click +.
  8. Enter the FQDN of the DNS Blacklist Server. Default:b.barracudacentral.org
  9. Click Save.

Step 3. Create a DNAT access rule for incoming SMTP traffic

Enable Application Control, SSL Interception, and Virus Protection in the access rule.

  1. Go to FIREWALL > Firewall Rules.
  2. Create an access rule with the following settings:
    • Action – Select DNAT.
    • Connection – Select No SNAT.
    • Source – Select Internet, and click +.
    • Network Services – Select SMTP, and click +.
    • Destination – Enter the public IP address that your mail server domain's MX record resolves to, and click +.
    • Redirect – Enter the IP address(es), or select a network object for your internal mail server(s), and click +.
  3. Enable Application Control, SSL Inspection, Virus Protection, and Mail Blacklist Checks.
  4. Click Save.

Related Solutions

A consultant has recommended your organization look to increase its security profile in relation to SMTP...
A consultant has recommended your organization look to increase its security profile in relation to SMTP traffic. Management has asked you devise a firewall-specific strategy to address the recommendation. What strategy would you recommend, and why? Your answer should be approximately 200-250 words in length Use your own words. Please do not copy and paste or use an answer already posted on Chegg
A consultant has recommended your organization look to increase its security profile in relation to SMTP...
A consultant has recommended your organization look to increase its security profile in relation to SMTP traffic. Management has asked you devise a firewall-specific strategy to address the recommendation. What strategy would you recommend, and why? Your answer should be approximately 200-250 words in length. Please use your own words. Do not copy and paste from other Chegg answers or the internet.
A security consultant has observed that the attempts to breach the security of the companys computer...
A security consultant has observed that the attempts to breach the security of the companys computer system occurs according to a Poisson process with a mean rate of 3 attempts per day. (The system is on 24 hours per day.) (a) What is the probability that there will be four breach attempts tomorrow, and two of them will occur during the evening (eight-hour) shift? could u recalculate using 1 probability i think the probability is p(4 breaches tom | 2...
A security consultant has observed that the attempts to breach the security of the companys computer...
A security consultant has observed that the attempts to breach the security of the companys computer system occurs according to a Poisson process with a mean rate of 3 attempts per day. (The system is on 24 hours per day.) (a) What is the probability that there will be four breach attempts tomorrow, and two of them will occur during the evening (eight-hour) shift?
As you increase the security of your network, you are concerned that the added security measures...
As you increase the security of your network, you are concerned that the added security measures may impact in ways you had not intended. For example, how could a firewall have a negative impact on business from the following list? Explain It can filter packets from a site known to cause DoS attacks. It can filter packets that have a virus signature. It can block traffic that should be allowed through. It can log every packet that is transmitted.
Your nonprofit organization wishes to increase the efficiency of its fundraising efforts. What sort of data...
Your nonprofit organization wishes to increase the efficiency of its fundraising efforts. What sort of data might be useful to achieve this goal? How might BI tools be used to analyze this data?
List the capability(ies) profile needed for a typical business position in an organization of your choice.
List the capability(ies) profile needed for a typical business position in an organization of your choice.
Explain what a functional organization is in relation to a horizontal organizational structure and provide its...
Explain what a functional organization is in relation to a horizontal organizational structure and provide its advantages and disadvantages. Explain what a divisional organization is in relation to horizontal structures and provide the advantages and disadvantages of using a divisional organization
Discuss the potential security challenge in your life or your organization, despite that the highlight of...
Discuss the potential security challenge in your life or your organization, despite that the highlight of the security policies shall be archive in the development of the organization's security policies and keys of the security concept important to any security fundamentals.
What is the capital asset pricing model (CAPM)? What is its relation to the security market...
What is the capital asset pricing model (CAPM)? What is its relation to the security market line (SML)?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT