advertisement
Trend Micro™ InterScan™ Web Security Virtual Appliance 6.5 Installation Guide
Audience
The IWSVA documentation is written for IT managers and system administrators working in enterprise environments. The documentation assumes that the reader has in-depth knowledge of networks schemas, including details related to the following:
• HTTP, HTTPS, FTP and other Internet protocols used by an enterprise
• VMware ESX administration experience when installing on VMware ESX and
Microsoft Hyper-V experience when installing on Hyper-V virtual platforms.
The documentation does not assume the reader has any knowledge of antivirus or Web security technology.
How to Use this Guide
This guide contains the information you need to understand and use IWSVA.
If you are an advanced user, you might want to go directly to Chapter 3, Installing
InterScan Web Security Virtual Appliance
. If you are installing IWSVA on VMware ESX, see
Appendix E, Creating a New Virtual Machine Under VMware ESX for IWSVA . If you are
installing IWSVA on Microsoft Hyper-V, see Appendix F, Creating a New Virtual Machine
Under Microsoft Hyper-V for IWSVA .
Chapter 1, Preinstallation Planning
Chapter 3, Installing InterScan
Web Security Virtual Appliance
This chapter describes the tasks you need to do before installing IWSVA. This includes planning for network traffic and HTTP and FTP service flows and ensuring that your server meets specific requirements.
This chapter provides an overview of the different topologies in which IWSVA can be installed and helps you plan your server placement and network protection with HTTP and FTP service flows.
This chapter describes how to obtain either a evaluation or production version of IWSVA and how to install the application.
1-x
Preface
Scan Web Security Virtual Appliance
IWSVA Installation and Deployment
This chapter describes the different migration scenarios and how to complete a migration to
IWSVA.
This appendix describes deployment scenarios for
IWSVA, involving several technologies such as
LDAP, Cisco routers using WCCP, ICAP, and
Transparent Bridge.
This appendix describes performance tuning involving URL filtering and LDAP performance.
Also, this appendix provides general troubleshooting tips and possible installation and feature issues.
This appendix describes the installation and deployment best practices that Trend Micro recommends for IWSVA
This appendix describes the maintenance agreement and the aspects of the Trend Micro Technical Support Center.
This appendix describes how to create a new virtual machine for IWSVA under VMware ESX.
Appendix F,
Virtual Machine Under Microsoft Hyper-V for IWSVA
This appendix describes how to create a new virtual machine for IWSVA under Microsoft
Hyper-V.
1-xi
Trend Micro™ InterScan™ Web Security Virtual Appliance 6.5 Installation Guide
IWSVA Documentation
In addition to the Trend Micro™ InterScan Web Security Virtual Appliance 6.5 Installation
Guide, the documentation set includes the following:
• Administrator’s Guide—this guide provides detailed information about all
IWSVA configuration options. Topics include how to update your software to keep protection current against the latest risks, how to configure and use policies to support your security objectives, and using logs and reports.
• Readme file—the Readme file contains late-breaking product information that is not found in the online or printed documentation. Topics include a description of new features, installation tips, known issues, and release history.
The latest versions of the Installation Guide, Administrator’s Guide, and readme file are available in electronic form at: http://downloadcenter.trendmicro.com/index.php?clk=tbl&clkv al=1747®s=NABU&lang_loc=1#undefined
DVD ISO creation document—Entitled, How to Use the Trend Micro IWSVA ISO
File, this document describes how to create a bootable installation DVD from an
ISO file.
Online Help—Helps you configure all features through the user interface. You can access the online help by opening the Web console and then clicking the help icon.
The purpose of Online Help is to provide “how to’s” for the main product tasks, usage advice, and field-specific information such as valid parameter ranges and optimal values. Online Help is accessible from the IWSVA management console.
• Knowledge Base—The Knowledge Base is an online database of problem-solving and troubleshooting information. It provides the latest information about known product issues. To access the Knowledge Base, open: http://esupport.trendmicro.com/support
• TrendEdge—a program for Trend Micro employees, partners, and other interested parties that provides information on unsupported, innovative techniques, tools, and best practices for Trend Micro products. The TrendEdge database contains numerous documents covering a wide range of topics. http://trendedge.trendmicro.com
1-xii
Preface
Document Conventions
To help you locate and interpret information easily, the InterScan Web Security Virtual
Appliance documentation uses the following conventions.
T ABLE 1-1.
Document Conventions
C ONVENTION
ALL CAPITALS
Bold
Italics
Monospace
D ESCRIPTION
Acronyms, abbreviations, and names of certain commands and keys on the keyboard
Menus and menu commands, command buttons, tabs, options, and ScanMail tasks
References to other documentation
Examples, sample command lines, program code, Web URL, file name, and program output
Configuration notes
Note:
Recommendations
Tip:
WARNING!
Reminders on actions or configurations that should be avoided
About Trend Micro
Trend Micro, Inc. is a global leader in network antivirus and Internet content security software and services. Founded in 1988, Trend Micro led the migration of virus protection from the desktop to the network server and the Internet gateway-gaining a reputation for vision and technological innovation along the way.
Today, Trend Micro focuses on providing customers with comprehensive security strategies to manage the impacts of risks to information, by offering centrally controlled server-based virus protection and content-filtering products and services. By protecting
1-xiii
Trend Micro™ InterScan™ Web Security Virtual Appliance 6.5 Installation Guide information that flows through Internet gateways, email servers, and file servers, Trend
Micro allows companies and service providers worldwide to stop viruses and other malicious code from a central point, before they ever reach the desktop.
For more information, or to download evaluation copies of Trend Micro products, visit our award-winning Web site: http://www.trendmicro.com
1-xiv
Preinstallation Planning
This chapter describes the following:
•
Server Requirements on page 1-2
•
Information Needed to Install IWSVA on page 1-6
•
Planning Network Traffic Protection on page 1-9
Chapter 1
1-1
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
advertisement
Table of contents
- 5 Contents
- 11 Preface
- 12 Audience
- 17 Preinstallation Planning
- 18 Server Requirements
- 18 Operating System
- 18 Hardware Requirements
- 19 Component Installation
- 20 Web Browser
- 21 Other Requirements
- 22 Information Needed to Install IWSVA
- 22 Fresh Installation
- 22 Migration
- 23 Type of Proxy Configuration
- 23 Control Manager Server Information
- 23 Database Type and Location
- 23 SNMP Notifications
- 23 Web Console Password
- 24 Command Line Access
- 24 Proxy for Internet Updates
- 24 Activation Codes
- 25 Planning Network Traffic Protection
- 25 Transparent Bridge Mode
- 26 Forward Proxy Mode
- 26 Reverse Proxy Mode
- 26 ICAP Mode
- 26 Simple Transparency Mode
- 27 WCCP Mode
- 29 Deployment Primer
- 30 Identifying Your Server Placement
- 30 Two Firewalls with DMZ
- 31 One Firewall with No DMZ
- 32 Planning Network Traffic Flows
- 33 Planning the HTTP Flow
- 35 Planning FTP Flows
- 38 Deploying in Forward Proxy Mode
- 38 Overview of Forward Proxy Mode
- 43 Planning the HTTP Flow Using the Forward Proxy Mode
- 51 Deploying in ICAP Mode
- 51 Overview of ICAP Mode
- 53 Planning the HTTP Flow Using the ICAP Mode
- 57 Deploying in Reverse Proxy Mode
- 57 Overview of Reverse Proxy Mode
- 58 Planning the HTTP Flow Using Reverse Proxy Mode
- 61 Deploying in Transparent Bridge Mode
- 61 Overview of Transparent Bridge Mode
- 62 Planning the HTTP Flow Using Transparent Bridge Mode
- 62 High Availability Deployment Mode
- 63 HA Deployment Mode Installation Guidelines
- 65 Installing InterScan Web Security Virtual Appliance
- 66 Obtaining IWSVA
- 66 Using the Trend Micro Enterprise Solutions DVD
- 67 Downloading the Installation File
- 68 Installing IWSVA
- 75 Logging in to IWSVA for the First Time
- 75 Post-Installation Notes
- 77 Migrating to InterScan Web Security Virtual Appliance
- 78 About Migration
- 78 Important Notes
- 79 Information Not Migrated
- 80 Overview of the Migration Process
- 81 Migrating from IWSVA 5.6, 6.0, 6.0 SP1 to IWSVA 6.5
- 82 Migrating from IWSVA 6.5 to Another IWSVA 6.5
- 83 After Migrating
- 85 Deployment Integration
- 86 IWSVA in a Distributed Environment
- 86 Connection Requirements and Properties
- 88 Integration with LDAP
- 88 Support Multiple Domains for Multiple LDAP Servers
- 90 LDAP Authentication in Transparent Mode
- 91 Integration with a Cisco Router using WCCP
- 92 Protecting an HTTP or FTP Server using Reverse Proxy
- 93 Integration with an ICAP Device
- 93 Setting up an ICAP 1.0-compliant Cache Server
- 93 Setting up ICAP for NetCache Appliances
- 95 Setting Up ICAP for the Blue Coat Port 80 Security Appliance
- 98 Setting up ICAP for Cisco CE ICAP Servers
- 100 Configuring Virus-scanning Server Clusters
- 100 Deleting a Cluster Configuration or Entry
- 101 Enabling “X-Virus-ID” and “X-Infection-Found” Headers
- 103 Tuning and Troubleshooting
- 104 IWSVA Performance Tuning
- 104 URL Filtering
- 104 LDAP Performance Tuning
- 108 Troubleshooting
- 108 Troubleshooting Tips
- 108 Before Contacting Technical Support
- 108 Installation Problems
- 109 General Feature Problems
- 111 Best Practices for IWSVA Installation and Deployment
- 112 IWSVA Installation Overview
- 114 Properly Sizing Your Environment
- 114 Best Practice Suggestions
- 115 Selecting Deployment Method and Redundancy
- 117 Best Practice Suggestions
- 119 Maintenance and Technical Support
- 120 Product Maintenance
- 120 Maintenance Agreement
- 121 Renewing Your Maintenance Agreement
- 122 Contacting Technical Support
- 123 TrendLabs
- 123 Knowledge Base
- 124 Known Issues
- 124 Sending Suspicious Code to Trend Micro
- 125 Security Information Center
- 127 Creating a New Virtual Machine Under VMware ESX for IWSVA
- 128 Introduction
- 128 Creating a New Virtual Machine
- 142 Powering On the IWSVA Virtual Machine and Completing the Installation
- 143 Creating a New Virtual Machine Under Microsoft Hyper-V for IWSVA
- 144 Introduction
- 144 IWSVA Support for Hyper-V
- 144 Hyper-V Virtualization Modes
- 145 Installing IWSVA 6.5 on Microsoft Hyper-V
- 149 Importing the IWSVA Image
- 151 Assigning Resources to IWSVA
- 162 Powering On the IWSVA Virtual Machine and Completing the Installation
- 170 Accessing the IWSVA Web console
- 171 Index