McAfee WebShield e500 Installation Manual

INSTALLATION GUIDE

WebShield e500 Appliance

VERSION 2.5

English/Deutsch/Français/ ᣣᧄ⺆

ᣣᧄ⺆

ᣣᧄ⺆ᣣᧄ⺆

NAI-525-0061-3

Issued MARCH 2002 / McAfee WebShield e500 Appliance version 2.5

Contents

Ports and connectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .vii

Mounting kit instructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii

User interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .x

Installation Guide — English . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-1

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-1

Copyright and trademark attributions . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-2

Power and safety information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-3

About the WebShield e500 Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-5

Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-6

What comes with the appliance? . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-10

Getting started with the appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-13

Who should install the appliance? . . . . . . . . . . . . . . . . . . . . . . . . . ENG-13

Ports and connectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-14

Gathering the configuration information . . . . . . . . . . . . . . . . . . . . ENG-18

Installing the appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-28

Configuring the network settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-32

Configuring the protocol settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-40

Configuring the appliance’s protocols . . . . . . . . . . . . . . . . . . . . . . ENG-41

Configuring the automatic updating feature . . . . . . . . . . . . . . . . . ENG-47

Configuring your other equipment . . . . . . . . . . . . . . . . . . . . . . . . . ENG-48

Testing your configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-50

Using the appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-53

Backing up and restoring your settings . . . . . . . . . . . . . . . . . . . . ENG-55

Restoring and upgrading the appliance’s software . . . . . . . . . . . ENG-57

Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-60

Hardware problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-60

User interface problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ENG-63

Installation Guide iii

Contents

Installationshandbuch – Deutsch . . . . . . . . . . . . . . . . . . . . . . . . . . . DEU-1

Übersicht . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DEU-1

Copyright und Marken . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DEU-2

Informationen zu Stromversorgung und Sicherheit . . . . . . . . . . . . . . . . DEU-3

Infos zu WebShield e500 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DEU-5

Funktionen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DEU-6

Lieferumfang des WebShield e500 . . . . . . . . . . . . . . . . . . . . . . . . . DEU-11

Erste Schritte mit dem Gerät . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DEU-14

Wer das Gerät installieren sollte . . . . . . . . . . . . . . . . . . . . . . . . . . . DEU-14

Ports und Stecker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DEU-15

Zusammenfassen der Konfigurationsinformationen . . . . . . . . . . DEU-20

Installation des McAfee WebShield e500 . . . . . . . . . . . . . . . . . . . . . . . . DEU-32

Konfigurieren der Netzwerkeinstellungen . . . . . . . . . . . . . . . . . . . . . . . DEU-36

Konfigurieren der Protokolleinstellungen . . . . . . . . . . . . . . . . . . . . . . . DEU-45

Konfigurieren der Protokolle des WebShield e500 . . . . . . . . . . . . DEU-46

Konfigurieren der Funktion zum automatischen Aktualisieren . . DEU-52

Konfigurieren weiterer Geräte . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DEU-53

Testen Ihrer Konfiguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DEU-55

Verwenden des WebShield e250 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DEU-59

Sichern und Wiederherstellen der Einstellungen . . . . . . . . . . . . . DEU-61

Wiederherstellen und Aktualisieren der Gerätesoftware . . . . . . . DEU-64

Fehlerbehebung . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DEU-68

Hardwarefehler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DEU-68

Probleme mit der Benutzeroberfläche . . . . . . . . . . . . . . . . . . . . . . DEU-71

iv McAfee WebShield e500 Appliance version 2.5

Contents

Guide d'installation – Français . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .FRA-1

Présentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . FRA-1

Copyright et attribution de marques commerciales . . . . . . . . . . . . . . . . FRA-2

Informations sur l'alimentation et la sécurité . . . . . . . . . . . . . . . . . . . . . . FRA-3

A propos de l'application WebShield e500 . . . . . . . . . . . . . . . . . . . . . . . . FRA-5

Fonctionnalités . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . FRA-6

Contenu fourni avec l'application . . . . . . . . . . . . . . . . . . . . . . . . . . FRA-10

Mise en route de l'application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . FRA-13

Installateur de l'application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . FRA-13

Ports et connecteurs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . FRA-14

Collecter les informations de configuration . . . . . . . . . . . . . . . . . FRA-19

Installation de l'application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . FRA-31

Configuration des paramètres réseau . . . . . . . . . . . . . . . . . . . . . . . . . . FRA-35

Configuration des paramètres de protocole . . . . . . . . . . . . . . . . . . . . . FRA-45

Configuration des protocoles de l'application . . . . . . . . . . . . . . . FRA-46

Configuration de la fonctionnalité de mise à jour automatique . FRA-52

Configuration des autres équipements . . . . . . . . . . . . . . . . . . . . . FRA-53

Tester votre configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . FRA-55

Utilisation de l'application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . FRA-59

Sauvegarde et restauration de vos paramètres . . . . . . . . . . . . . . FRA-61

Restauration et mise à niveau du logiciel de l'application . . . . . . FRA-63

Dépannage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . FRA-67

Problèmes matériels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . FRA-67

Problèmes d'interface utilisateur . . . . . . . . . . . . . . . . . . . . . . . . . . FRA-70

Installation Guide v

Contents

䉟䊮䉴䊃䊷䊦

䉟䊮䉴䊃䊷䊦 䉧䉟 䊄

䉟䊮䉴䊃䊷䊦䉟䊮䉴䊃䊷䊦

䉧䉟 䊄 䋭䋭䋭䋭 ᣣᧄ⺆

䉧䉟 䊄䉧䉟 䊄

᭎ⷐ

᭎ⷐ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

᭎ⷐ᭎ⷐ
⪺૞ᮭ

⪺૞ᮭ 䈫䈫䈫䈫໡ᮡ

⪺૞ᮭ⪺૞ᮭ
㔚Ḯ

㔚Ḯ䈍 䉋䈶

㔚Ḯ㔚Ḯ
WebShield e500 䉝䊒䊤䉟䉝䊮䉴

䉝䊒䊤 䉟䉝䊮䉴

䉝䊒䊤 䉟䉝䊮䉴䈱䈱䈱䈱Ḱ஻

䉝䊒䊤 䉟䉝䊮䉴䉝䊒䊤 䉟䉝䊮䉴

䉝䊒䊤 䉟䉝䊮䉴

䉝䊒䊤 䉟䉝䊮䉴䈱䈱䈱䈱䉟䊮䉴 䊃䊷䊦

䉝䊒䊤 䉟䉝䊮䉴䉝䊒䊤 䉟䉝䊮䉴
䊈䉾 䊃䊪䊷䉪

䊈䉾 䊃䊪䊷䉪᭴ᚑ

䊈䉾 䊃䊪䊷䉪䊈䉾䊃䊪䊷䉪

䊒䊨䊃 䉮䊦

䊒䊨䊃 䉮䊦䈱䈱䈱䈱⸳ቯ

䊒䊨䊃 䉮䊦䊒䊨 䊃 䉮䊦

䉝䊒䊤 䉟䉝䊮䉴

䉝䊒䊤 䉟䉝䊮䉴䈱䈱䈱䈱૶↪ᣇᴺ

䉝䊒䊤 䉟䉝䊮䉴䉝䊒䊤 䉟䉝䊮䉴

䊃䊤䊑䊦䉲䊠䊷䊁䉞䊮䉫

䊃䊤䊑䊦䉲䊠䊷䊁䉞䊮䉫 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

䊃䊤䊑䊦䉲䊠䊷䊁䉞䊮䉫䊃䊤䊑䊦䉲䊠䊷䊁䉞䊮䉫

໡ᮡ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

໡ᮡ໡ᮡ

䈍䉋䈶቟ో

቟ో䈮䈮䈮䈮㑐㑐㑐㑐䈜䉎

䈍䉋䈶䈍䉋䈶

቟ో቟ో

⵾ຠ

⵾ຠ䈱䈱䈱䈱․⦡

⵾ຠ⵾ຠ

䊌䉾䉬䊷䉳

䊌䉾䉬䊷䉳䈱䈱䈱䈱ౝኈ

䊌䉾䉬䊷䉳䊌䉾䉬䊷䉳

䉟䊮䉴䊃䊷䊦

䉟䊮䉴䊃䊷䊦䈮䈮䈮䈮ᔅⷐ

䉟䊮䉴䊃䊷䊦䉟䊮䉴䊃䊷䊦

䊘䊷 䊃

䊘䊷 䊃 䈫䈫䈫䈫䉮䊈䉪䉺

䊘䊷 䊃䊘䊷 䊃

⸳ቯᖱႎ

⸳ቯᖱႎ䈱䈱䈱䈱෼㓸

⸳ቯᖱႎ⸳ቯᖱႎ

䊒䊨䊃 䉮䊦

䊒䊨䊃 䉮䊦䈱䈱䈱䈱⸳ቯ

䊒䊨䊃 䉮䊦䊒䊨 䊃 䉮䊦

⥄േ

⥄േ䉝 䉾 䊒䊂䊷 䊃

䉝䉾䊒䊂䊷䊃䈱䈱䈱䈱⸳ቯ

⥄േ⥄േ

䉝䉾䊒䊂䊷䊃䉝䉾䊒䊂䊷䊃

ઁઁઁઁ䈱䈱䈱䈱ᯏེ

ᯏེ䈱䈱䈱䈱⸳ቯ

ᯏེᯏེ

⸳ቯ

⸳ቯ䈱䈱䈱䈱䊁䉴 䊃

⸳ቯ⸳ቯ

⸳ቯ

⸳ቯ䈱䈱䈱䈱䊋䉾 䉪 䉝 䉾 䊒

⸳ቯ⸳ቯ

䉸䊐䊃䉡䉢䉝

䉸䊐䊃䉡䉢䉝䈱䈱䈱䈱ᓳర

䉸䊐䊃䉡䉢䉝䉸䊐䊃䉡䉢䉝

䊊䊷 䊄 䉡 䉢 䉝

䊊䊷 䊄 䉡 䉢 䉝䈮䈮䈮䈮㑐㑐㑐㑐䈜䉎

䊊䊷 䊄 䉡 䉢 䉝䊊䊷 䊄 䉡 䉢 䉝

䊡䊷䉱

䊡䊷䉱 䉟䊮䉺䊷䊐䉢䊷䉴

䊡䊷䉱䊡䊷䉱

ᣣᧄ⺆ . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

ᣣᧄ⺆ᣣᧄ⺆

䈜䉎ᖱႎ

ᖱႎ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

䈜䉎䈜䉎

ᖱႎᖱႎ

䉝䊒䊤 䉟䉝䊮䉴䈮䈧䈇䈩

䉝䊒䊤 䉟䉝䊮䉴䉝䊒䊤 䉟䉝䊮䉴

․⦡ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

․⦡․⦡

ౝኈ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

ౝኈౝኈ

Ḱ஻ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

Ḱ஻Ḱ஻

ᔅⷐ䈭䈭䈭䈭䉴䉨䊦

ᔅⷐᔅⷐ

䉮䊈䉪䉺 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

䉮䊈䉪䉺䉮䊈䉪 䉺

෼㓸 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

෼㓸෼㓸

䉟䊮䉴䊃䊷䊦 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

䉟䊮䉴䊃䊷䊦䉟䊮䉴䊃䊷䊦

᭴ᚑ䈱䈱䈱䈱⸳ቯ

᭴ᚑ᭴ᚑ

⸳ቯ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

⸳ቯ⸳ቯ

䊁䉴䊃 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

䊁䉴䊃䊁䉴䊃

䊋䉾䉪䉝䉾䊒䈫䈫䈫䈫ᓳర

䊋䉾䉪䉝䉾䊒䊋䉾䉪䉝䉾䊒

䉟䊮䉺䊷䊐䉢䊷䉴䈮䈮䈮䈮㑐㑐㑐㑐䈜䉎

䉟䊮䉺䊷䊐䉢䊷䉴䉟䊮䉺䊷䊐䉢䊷䉴

⸳ቯ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

⸳ቯ⸳ቯ

⸳ቯ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

⸳ቯ⸳ቯ

⸳ቯ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

⸳ቯ⸳ቯ

⸳ቯ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

⸳ቯ⸳ቯ

૶↪ᣇᴺ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

૶↪ᣇᴺ૶↪ᣇᴺ

ᓳర 䈫䈫䈫䈫䉝䉾䊒䉫䊧䊷䊄

ᓳరᓳర

䈜䉎໧㗴

䈜䉎䈜䉎

䈮䈧䈇䈩 . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

䈮䈧䈇䈩䈮䈧䈇䈩

䉴䉨䊦 . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

䉴䉨䊦䉴䉨䊦

ᓳర . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

ᓳరᓳర

䉝䉾䊒䉫䊧䊷䊄 . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

䉝䉾䊒䉫䊧䊷䊄䉝䉾䊒䉫䊧䊷䊄

໧㗴 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

໧㗴໧㗴

䈜䉎໧㗴

໧㗴 . . . . . . . . . . . . . . . . . . . . ᣣᧄ⺆

䈜䉎䈜䉎

໧㗴໧㗴

ᣣᧄ⺆ - 1

ᣣᧄ⺆ᣣᧄ⺆

ᣣᧄ⺆ - 1

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 2

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 3

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 5

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 6

ᣣᧄ⺆ᣣᧄ⺆

ᣣᧄ⺆ - 10

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 13

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 13

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 14

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 19

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 31

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 35

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 43

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 44

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 50

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 51

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 53

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 57

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 59

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 61

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 65

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 65

ᣣᧄ⺆ᣣᧄ⺆
ᣣᧄ⺆ - 67

ᣣᧄ⺆ᣣᧄ⺆

vi McAfee WebShield e500 Appliance version 2.5

Ports and connectors
Ports und Stecker
Ports et connecteurs

䊘䊷 䊃

䊘䊷 䊃 䈫䈫䈫䈫䉮䊈䉪䉺

䊘䊷 䊃䊘䊷 䊃

A

Two hard disk drives Zwei Festplattenlaufwerke Deux unités de disque dur

B

CD-ROM drive CD-ROM-Laufwerk Lecteur CD-ROM

C

Control panel Bedienungsfeld Panneau de contrôle

D

Power socket Netzanschluß Prise d'alimentation

E

Power supply switch Stromversorgungsschalter Interrupteur d'alimentation

F

Keyboard port Tastatur-Port Port clavier

G

Monitor port Monitor-Port Port écran

H

LAN1 port (NIC 1) LAN1-Port (NIC 1) Port réseau local 1 (carte

I

LAN2 port (NIC 2) LAN2-Port (NIC 2) Port réseau local 1 (carte

䉮䊈䉪䉺

䉮䊈䉪䉺䉮䊈䉪䉺

D E G H IF

A B C

électrique

réseau 1)

réseau 2)

䊊䊷 䊄 䊂 䉞 䉴 䉪 2 ୘

CD-ROM 䊄䊤䉟䊑

䉮䊮䊃 䊨䊷䊦 䊌䊈䊦

㔚Ḯ䉸 䉬 䉾 䊃

㔚Ḯ䉴 䉟 䉾 䉼

䉨䊷䊗䊷 䊄 䊘䊷 䊃

䊝䊆䉺 䊘䊷 䊃

LAN1 䊘䊷 䊃 (NIC 1)

LAN2 䊘䊷 䊃 (NIC 2)

Installation Guide vii

Mounting kit instructions
Anweisungen für den Montagerahmen
Instructions de montage

䊙䉡䊮 䊃䉨䉾 䊃

䊙䉡䊮 䊃䉨䉾 䊃䈱䈱䈱䈱⚵⚵⚵⚵䉂䉂䉂䉂┙┙┙┙䈩䈩䈩䈩ᣇᣇᣇᣇ

䊙䉡䊮 䊃䉨䉾 䊃䊙䉡䊮 䊃䉨䉾 䊃

Supplied:
Im Lieferumfang:
Fourni:

ห

ห 䈘 䉏䈩 䈇 䉎

䈘䉏䈩䈇䉎ㇱຠ

หห

䈘䉏䈩䈇䉎䈘䉏䈩䈇䉎

Required:
Zusätzlich
erforderlich:
Requis:

ᔅⷐ

ᔅⷐ䈭䈭䈭䈭Ꮏౕ

ᔅⷐᔅⷐ

1

Ꮏౕ :

ᎿౕᎿౕ

ㇱຠ :

ㇱຠㇱຠ

22

882222

2

3

viii McAfee WebShield e500 Appliance version 2.5

Standard rack / Standardgestell/Rack standard / ᮡḰ

4

5

ᮡḰ䊤 䉾 䉪

ᮡḰᮡḰ

䊤䉾䉪 :

䊤䉾䉪䊤䉾䉪

Telco rack / Telco-Gestell / Rack Telco/ Telco ␠⵾

4

5

␠⵾䊤 䉾 䉪

␠⵾␠⵾

䊤䉾䉪 :

䊤䉾䉪䊤䉾䉪

Installation Guide ix

User interface
Benutzeroberfläche
Interface utilisateur

䊡䊷䉱

䊡䊷䉱 䉟䊮䉺䊷䊐䉢䊷䉴

䊡䊷䉱䊡䊷䉱

Your user interface might look slightly different depending on the version and language.
Ihre Benutzeroberfläche kann je nach Version und Sprache anders aussehen.
L'interface utilisateur peut présenter de légères différences selon la version et la langue
utilisées.

૶↪䈜䉎 ⸒⺆ 䈫 䊋䊷䉳 䊢 䊮䈮 䉋 䈦 䈩䇮 䉟 䊮 䉺 䊷䊐 䉢 䊷䉴 䈱ᄖⷰ䈏ᄙዋ⇣䈭 䉎 ႐ว䈏䈅 䉍 䉁䈜䇯

A

䉟䊮䉺䊷䊐䉢䊷䉴

䉟䊮䉺䊷䊐䉢䊷䉴䉟䊮䉺䊷䊐䉢䊷䉴

B

C

D

A

Navigation bar Navigationsleiste Barre de navigation

B

Page Seite Page

C

Panel Dialogfeld Panneau

D

Control buttons Steuerungsschaltflächen Boutons de contrôle

x McAfee WebShield e500 Appliance version 2.5

䊅䊎䉭䊷䉲 䊢 䊮 䊋䊷

䊕䊷䉳

䊕䉟䊮

䉮䊮䊃 䊨䊷䊦 䊗䉺䊮

1Installation Guide — English

Overview

This Installation Guide provides the information you need to install and

configure your WebShield appliance. Please refer to the following sections for

specific information:

Copyright and trademark attributions Page 2

Power and safety information Page 3

About the WebShield e500 Appliance Page 5

• Features Page 6

• What comes with the appliance? Page 10

Getting started with the appliance Page 13

• Who should install the appliance? Page 13

• Ports and connectors Page 14

• Gathering the configuration information Page 18

Installing the appliance Page 28

Configuring the network settings Page 32

Configuring the protocol settings Page 40

• Configuring the appliance’s protocols Page 41

• Configuring the automatic updating feature Page 47

• Configuring your other equipment Page 48

• Testing your configuration Page 50

Using the appliance Page 53

• Backing up and restoring your settings Page 55

• Restoring and upgrading the appliance’s software Page 57

Troubleshooting Page 60

• Hardware problems Page 60

• User interface problems Page 63

Installation Guide ENG - 1

Installation Guide — English

Copyright and trademark attributions

COPYRIGHT

© 2001–2002 Networks Associates Technology, Inc. All Rights Reserved. No part of this publication may
be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language
in any form or by any means without the written permission of Networks Associates Technology,
Inc., or its suppliers or affiliate companies. To obtain this permission, write to the attention of
the Network Associates legal department at: 3965 Freedom Circle, Santa Clara, California 95054,
or call +1-972-308-9960.

TRADEMARK ATTRIBUTIONS

Active Security, Active Security (in Katakana), ActiveHelp, ActiveShield, AntiVirus Anyware and design, Bomb
Shelter, Certified Network Expert, Clean-Up, CleanUp Wizard, CNX, CNX Certification Certified Network Expert
and design, CyberCop, CyberCop (in Katakana), CyberMedia, CyberMedia UnInstaller, Design (stylized N), Disk
Minder, Distributed Sniffer System, Distributed Sniffer System (in Katakana), Dr Solomon’s, Dr Solomon’s label,
Enterprise SecureCast, Enterprise SecureCast (in Katakana), EZ SetUp, First Aid, ForceField, GMT, GroupShield,
GroupShield (in Katakana), Guard Dog, HelpDesk, HomeGuard, Hunter, ISDN TEL/SCOPE, LANGuru,
LANGuru (in Katakana), M and design, Magic Solutions, Magic Solutions (in Katakana), Magic University,
MagicSpy, MagicTree, McAfee, McAfee (in Katakana), McAfee and design, MultiMedia Cloaking, Net Tools, Net
Tools (in Katakana), NetCrypto, NetOctupus, NetScan, NetShield, NetStalker, Network Associates, NetXray,
NotesGuard, Nuts & Bolts, Oil Change, PC Medic, PC Medic 97, PCNotary, PGP, PGP (Pretty Good Privacy),
Pretty Good Privacy, PrimeSupport, Recoverkey, Recoverkey – International, Registry Wizard, ReportMagic,
RingFence, Router PM, SalesMagic, SecureCast, Service Level Manager, ServiceMagic, SmartDesk, Sniffer, Sniffer
(in Hangul), SniffMaster, SniffMaster (in Hangul), SniffMaster (in Katakana), SniffNet, Stalker, SupportMagic,
TIS, TMEG, TNV, TVD, TNS, Total Network Security, Total Network Visibility, Total Network Visibility (in
Katakana), Total Service Desk, Total Virus Defense, Trusted Mail, UnInstaller, Virex, Virus Forum, ViruScan,
VirusScan, WebScan, WebShield, WebShield (in Katakana), WebSniffer, WebStalker, WebWall, Who’s Watching
Your Network, WinGauge, Your E-Business Defender, ZAC 2000, Zip Manager are registered trademarks of

Network Associates, Inc. and/or its affiliates in the US and/or other countries. All other registered and
unregistered trademarks in this document are the sole property of their respective owners.

LICENSE AGREEMENT

NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT
CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL
TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW
WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER
RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANIES YOUR
SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE
PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEB
SITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE
TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF
APPLICABLE, YOU MAY RETURN THE PRODUCT TO NETWORK ASSOCIATES OR THE PLACE OF
PURCHASE FOR A FULL REFUND.

ENG - 2 McAfee WebShield e500 Appliance version 2.5

Power and safety information

 IMPORTANT: To ensure safe operation of the WebShield e500

Appliance, read all of the following information carefully before installing
the appliance.

Power requirements

• Ensure that the power cord is suitable for the country of use. If it is not
suitable, contact your supplier. Do not attempt to modify the power cord.

• The power outlet to which you connect the appliance must meet all
applicable electrical standards for the country of use.

• When connecting the appliance to the power outlet and other equipment,
ensure that the cables are stowed or grouped safely, so that no one will trip
over them.

Using the appliance

• Do not open the appliance’s case. There are no user-serviceable parts
inside.

Installation Guide — English

• The appliance is heavy. When you lift it, ensure that you have a firm grip
and carry it correctly, so that you do not injure yourself or damage the
appliance.

• Place the appliance on a flat sturdy surface, such as a desk, or secure it in a
rack, such as a 19” (inch) rack. Ensure that the surface or rack can support
the weight of the appliance, and that it cannot fall.

• Do not place any heavy objects on top of the appliance.

• The appliance’s network ports are only suitable for use with RJ-45

connectors. Do not use them with telephone equipment unless the socket
to which you are connecting is specifically intended for 10Mbps or
100Mbps Ethernet network use.

• In the unlikely event that the appliance encounters a hardware failure, turn
off the appliance and disconnect it from the power outlet. Contact your
supplier.

Installation Guide ENG - 3

Installation Guide — English

Operating conditions

• Ensure that the environmental conditions surrounding the appliance are
suitable for standard computer use. Check that it is not damp, with
adequate ventilation. The operating temperature must remain within
10–40
appliance could fail to operate.

• When you use the appliance, ensure that there is a gap of at least 1” (25mm)
behind the case, so that the appliance can cool itself properly.

• Ensure that liquid and other objects do not enter the appliance through its
ventilation holes or fan grill.

°C, and the humidity within 0–90%. If these values are exceeded, the

ENG - 4 McAfee WebShield e500 Appliance version 2.5

About the WebShield e500 Appliance

The WebShield e500 Appliance (Figure 1-1) is a purpose-built anti-virus and
content-scanning server containing powerful WebShield software. It is fully
configurable through a web browser, and it can be used in almost any network
topology. It provides virus scanning for the following protocols:

• Simple Mail Transfer Protocol (SMTP) e-mail messages

• File Transfer Protocol (FTP) exchanges

• Hypertext Transfer Protocol (HTTP) web browsing

• Post Office Protocol version 3 (POP3) Internet e-mail messages

Installation Guide — English

Figure 1-1. WebShield e500 Appliance

With additional features such as content scanning, anti-relay and anti-spam,
the appliance provides complete protection for your Internet gateway,
preventing undesirable material entering and leaving your organization.

The WebShield e500 Appliance shares its resources between the protocols that
it scans, checking inbound and outbound traffic as required. It can detect,
clean, log, and quarantine infected e-mail items, including compressed files
and macros, preventing them from reaching their intended recipients. It can
also block infected HTTP, FTP and POP3 items.

Using the appliance to perform your anti-virus scanning allows your mail
server to remain dedicated to mail activities. You can also use multiple
WebShield e500 Appliances together to increase scanning throughput and
provide fault tolerance.

For details of the different ways to use the appliance and some example
topologies, refer to Chapter 1 of the Product Guide.

Installation Guide ENG - 5

Installation Guide — English

Features

Transparency — a new feature for version 2.5

If you have used a previous version of the WebShield appliance, be aware that
a new feature for version 2.5 is the addition of transparency. This means that
you can now use the appliance in either proxy mode or transparency mode:

• Proxy mode (explicit proxy) is suitable for networks where you can easily
configure your equipment to route its protocol traffic through the
appliance. Before transparency was introduced, the appliance only
operated in proxy mode.

In proxy mode, the appliance only handles traffic for the protocols that it
proxies.

• Transparency mode (transparent proxy) allows you to slot the appliance
into networks where it is difficult or time-consuming to reconfigure your
other equipment. The appliance then sits transparently on the network
using static and dynamic routing information to receive and pass on the
traffic that it scans.



NOTE: In transparency mode, the appliance must be connected to
two different subnets (through its LAN1 and LAN2 ports).

The appliance handles all IP traffic flowing between the two subnets.

For more details about these modes, see the “Proxy or transparency?” section
in the Product Guide.

 IMPORTANT: Both modes are different so it is important that you

understand and decide which mode you want to use before you install
and configure the appliance.

For details on configuring the appliance with a configuration file taken from
an earlier version of the appliance, see “Restoring your settings” on page 56.

Some of the appliance’s other features are summarized in the remainder of this
section.

ENG - 6 McAfee WebShield e500 Appliance version 2.5

Installation Guide — English

Hardware

The appliance has many features, including the following:

• 1U high 19” (inch) rack-mountable hardware.

• Dual Intel Pentium III 1

MB of PC133 SDRAM.

• 256

GHz processors.

• Two RJ-45 10/100Mbps auto-sensing Ethernet network ports, allowing
flexible connection to your existing network and a dedicated management
interface (only available in proxy mode).

• Two 17.4

GB “hot-pluggable” SCSI hard disk drives managed in a

hardware-based RAID 1 (mirror) configuration. This ensures seamless
processing in the unlikely event of a problem with one of the drives. When
you insert a replacement drive, the RAID controller re-mirrors the new
drive automatically.

For details on the appliance’s ports and connectors, see page 14.

Software

The software on the appliance has the following features:

• Web management through Secure Sockets Layer (SSL) encryption from a
web browser.

• An easy-to-configure user interface, allowing you to set up the appliance
quickly. The appliance then requires minimal user-intervention, making it
a configure-and-forget solution.

• Flexible proxies that are simple to configure even in complex
environments; see “Gathering the configuration information” on page 18.

• Virus scanning of SMTP e-mail messages, checking for infected items and
banned content. Other SMTP features include:

– Flexible SMTP e-mail delivery configurations, allowing you to set

up multiple e-mail delivery methods and introduce fault tolerance.

– Flexible content scanning of messages, allowing you to search for

banned content and block specific attachment types.

– Spam blocking (rejecting unwanted e-mail messages) by recipient,

sender, or server.

Installation Guide ENG - 7

Installation Guide — English

• Virus scanning of FTP exchanges for infected items.

• Virus scanning of HTTP web browsing, blocking infected content. You can

also block Java, ActiveX and scripting.

• Virus scanning of POP3 e-mail messages, checking for infected items.

• Separate scanning for inbound and outbound traffic, allowing you to

configure different scanning options for each direction.

• Separate automatic updating schedules for the appliance’s McAfee virus
definition (.DAT) files and McAfee scanning engine, ensuring up-to-date
virus scanning at all times.

• Virus detection within common compressed file formats.

– Support for real-time Blackhole lists, which identify potential

sources of spam messages. The appliance can use these lists to block
spam messages. Blackhole lists are available from many
organizations, including the Mail Abuse Prevention System
(MAPS); see http://www.mailabuse.org.

– Message relay from a specified server or domain name to another

server. There is also an anti-relay feature to block unauthorized
senders from using the appliance to relay spam messages.

• Flexible scan actions that allow you to clean, delete, block or quarantine
(isolate) infected items.

• Separate quarantine storage, allowing you to inspect the following types of
quarantined e-mail messages:

– Inbound messages containing infected items.

– Outbound messages containing infected items.

– Inbound messages containing banned content.

– Outbound messages containing banned content.

• Notification upon detection of an infected item, using a variety of

configurable alerting methods, such as e-mail messaging, XML logging,
SNMP reporting and ePolicy Orchestrator reporting; see the Configuration
Guide.

• Advanced logging of scan activities and protocol streams, allowing you to
view past performance and delivery information. You can also generate
charts, reports and logs from the user interface.

ENG - 8 McAfee WebShield e500 Appliance version 2.5

Installation Guide — English

• McAfee ePolicy Orchestrator support, allowing you to integrate the
appliance with an ePolicy Orchestrator server to produce advanced
statistical, historical, management and graphical reports for the
information recorded by the appliance; see the Configuration Guide.

• A quick backup process, allowing you to store and restore your appliance’s
settings quickly over the network; see page 55.

• A quick restoration process, allowing you to restore the appliance’s
software in the unlikely event of a problem; page 57.

What doesn’t it do?

The appliance has many features, but remember the following:

• It is not a firewall. You must use it within your organization, behind your
existing firewall.

• It is not a mail server. You might need to configure your firewall, mail
server, web cache and other equipment to route protocol traffic through the
appliance; see page 48.

• It is not a mail transfer agent, and does not keep copies of the e-mail
messages that pass through it, unless they are quarantined or deferred.

• It is not a general-purpose web server for storing web pages.

• It is not a general-purpose server for storing extra software and files. Do not

install any software on the appliance or add any extra files to it unless
specifically instructed by the appliance’s documentation or your support
representative.

• In proxy mode, it handles SMTP, FTP, HTTP and POP3 traffic only. Do not
attempt to route other traffic through the appliance.

Installation Guide ENG - 9

Installation Guide — English

What comes with the appliance?

Ensure that you have all the items that accompany the appliance, checking the
product’s packaging for any hidden compartments. If any of the items are
missing or damaged, please contact your supplier.

Hardware and software

• Three Cat 5 (Category 5) UTP network cables with RJ-45 connectors:

– The two blue cables are straight-through (uncrossed).

– The orange cable is crossed.

“Installing the appliance” on page 28 describes how you use these cables

with the appliance.

• Mounting kit, for installing the appliance into a 19” (inch) rack.

• WebShield e500 Appliance recovery CD.

• Various power cords for different countries.

IMPORTANT: Ensure that you use the power cord that is suitable



for the country of use. If a suitable cable is not included, contact
your supplier. Do not connect the appliance to a power source until
you have read “Power and safety information” on page 3.

User documentation

This guide is just one of the documents that we have included with the
appliance, to help you use the product effectively. See the Release Notes for a
description of the other documentation components.

Supplementary documentation

• Warranty information and mail-back card.

• McAfee PrimeSupport information.

• Additional literature, such as special offers and third-party licenses.

ENG - 10 McAfee WebShield e500 Appliance version 2.5

What additional items are required?

You can use the mounting kit to install the WebShield e500 Appliance into a
19” (inch) rack. To install it into an alternative location, you might need
addition equipment to prepare that location and secure the appliance in place.
Ensure that you follow all safety warnings at all times; see “Power and safety

information” on page 3.

To configure and manage the appliance, you must have a computer connected
either to the same network as the appliance or directly to the appliance; see

Step 4 on page 29. You can then use the computer’s web browser to access the

appliance’s user interface.

Configuration computer’s requirements

The appliance’s user interface is optimized for Microsoft Internet Explorer
v4.0, v5.0, v5.5 or v6.0, and supports Netscape Navigator v4.7.

When you access the appliance, it checks that your web browser contains the
correct components, and displays dialog boxes for any missing components.

Your web browser must have the following enabled:

• Secure Sockets Layer (SSL) v3.0 encryption

Installation Guide — English

• JavaScript

• ActiveX (for Microsoft Internet Explorer)

• Plug-ins (for Netscape Navigator)

The user interface displays best with the following screen settings:

• 65,536 colors (256 colors minimum)

• 1152x864 resolution

Installation Guide ENG - 11

Installation Guide — English

Restoring or upgrading the appliance’s software

In addition to general management of the appliance, you might also need to
do the following:

• Restore the appliance’s software to both of the appliance’s drives, in the
unlikely event of a problem.

• Upgrade the appliance’s software with a WebShield e500 Appliance
upgrade CD.

To perform these tasks, you must connect a keyboard and monitor directly to
the appliance; see page 57 for more details.

Updating the appliance anti-virus definition (.DAT) files and
scanning engine

The appliance’s automatic updating feature keeps the .DAT file and scanning
engine up-to-date, maintaining full anti-virus protection. This feature is
configured through the appliance’s user interface (using a web browser); see

page 47. You can also initiate immediate updates at any time, using the same

set of user interface pages.

Installing Service Packs and HotFixes

You might receive Service Packs and HotFixes from
your support representative, which contain improved
software for the appliance. If this happens, you can
install them through the appliance’s user interface
(using a web browser). Refer to the information
that accompanies the Service Packs and HotFixes
for information on installing them.

ENG - 12 McAfee WebShield e500 Appliance version 2.5

Getting started with the appliance

Installation Guide — English

When you have decided how you want to use the
appliance — see Chapter 1 of the Product Guide —
you must perform the following actions to integrate
the WebShield appliance with your current network:

1. Gather the required configuration information;
see page 18.

2. Install the appliance in the required location,
making the necessary connections; see page 28.

3. Configure the appliance’s network settings;
see page 32.

4. Configure the appliance’s protocol settings; see

page 40.

5. Back up your settings, so that you can
reconfigure the appliance quickly if you need to
restore its drives; see page 55.

When you have installed and configured the
appliance, access its user interface to tailor the
features that you require. For detailed information on
configuring a feature in the user interface, view its
Help topic by clicking the Help button; see page

54.

Who should install the appliance?

1

Gather the

configuration

information

2

Install the
appliance

3

Configure the

appliance’s

network settings

4

Configure the

appliance’s

protocol settings

5

Back up the

appliance’s

settings

We strongly recommend that the Information Technology administrator
responsible for your organization’s e-mail system and Internet gateway
installs and configures the appliance. The configuration process requires
information for the protocols that you want to scan, and it must be configured
correctly. Additionally, you might need to configure your other equipment to
route traffic to the appliance, depending on which mode the appliance is using
(proxy mode or transparency mode).

See page 18 for a summary of the required information.

Installation Guide ENG - 13

Installation Guide — English

Ports and connectors

The appliance’s ports and connectors are shown on page vii (at the front of this
guide). The installation steps on page 28 describe how to connect your
equipment to the ports.

NOTE: We might change the physical appearance of the appliance at any



time during manufacture. For this reason, the locations and types of the
ports and connectors on your appliance might be different from those
shown in this guide. If the changes are substantial, refer to the
accompanying Release Notes for new information.

These ports and connectors are described below.

A

Two hard disk drives

Both drives are 17.4GB “hot-pluggable” SCSI hard disk drives, managed in a
RAID 1 (mirror) configuration. They mirror the appliance’s operating system
and data processing, ensuring seamless operation in the unlikely event of a
problem with one of the drives (indicated by a red LED on the drive).
The drives are in caddies, allowing you to replace a faulty drive while the
appliance is operational. The replacement drive is imaged automatically from
the existing drive; see “One hard disk drive LED is red” on page 61.

B

CD-ROM drive

The CD-ROM drive is used for restoring and upgrading the appliance’s
software, and must not be used at other times; see Step 4 on page 58.

ENG - 14 McAfee WebShield e500 Appliance version 2.5

Installation Guide — English

C

Control panel

The control panel on the bottom right-hand corner of the appliance contains
LEDs that provide system information. There is also a reset button and power
button:

Reset button

Restarts the appliance, simulating it being turned on and off.

Power button

Turns on the appliance, so that it is operational (the power LED is lit).
If the power button is off, the appliance is in standby mode.

When the appliance is in standby mode, its network ports remain active
but no protocols or data intended for the appliance can pass through it,
maintaining your organization’s anti-virus protection.

NOTE: If the power supply switch (on the back of the appliance)



E

is in the OFF position, the appliance does not receive any power.

Overheat LED

Lights when the appliance has overheated. This can be caused by poor
airflow around the unit, or if room temperature exceeds normal
operating conditions. Listen for the noise of the appliance’s fan — in the
center of the unit — to check that it is still working. If it does not appear
to be working, turn off the appliance and contact your supplier.

Network activity LEDs

Flash when there is network activity on the network ports: NIC 1 is the
LAN1 port, NIC 2 is the LAN2 port. If these LEDs flash when the power
LED is off, the appliance is in standby mode.

CD-ROM drive activity LED

Flashes when the appliance is accessing the CD in the CD-ROM drive.

Power LED

Lights when the appliance is both switched on and operational.

D

Power socket

Use the supplied power cord to connect the appliance to a power outlet.

 IMPORTANT: Ensure that the power cord is suitable for the country of

use. If it is not, contact your supplier.

Installation Guide ENG - 15

Installation Guide — English

E

Power supply switch

Use this switch to turn on the appliance, so that it receives power from the
connected power outlet.

NOTE: If the power supply switch is in the ON position but the power



button (on the control panel on the front of the appliance) is in the
OFF position, the appliance is in standby mode.

F

Keyboard port

Connect a keyboard to this port (colored purple) only if you are going to
restore or upgrade the appliance’s software; see Step 1 on page 58.

G

Monitor port

Connect a monitor to this port only if you are going to restore or upgrade the
appliance’s software; see Step 2 on page 58.

H

LAN1 port (NIC 1)

The LAN1 port is an RJ-45 10/100Mbps auto-sensing Ethernet network port,
and is used to connect the appliance to your existing network. See Step 4 on

page 29 for connection information.

The LAN1 port receives and transmits the following traffic:

C

• Inbound and outbound protocol traffic.

• Management and log data, including the communication from the remote

web browser that you use to access the appliance’s user interface. If you use
ePolicy Orchestrator software with the appliance, its communication is also
transmitted through this port.

The LAN1 port has a default IP address of 10.1.1.108 (subnet mask

255.255.255.0) to allow you to access the appliance initially across the network.
When you configure the appliance, you can do the following:

• Add new IP addresses that are valid for your network.

• Modify or disable the default IP address.

• Delete the default IP address so that it cannot be used.



NOTE: For previous versions of the WebShield appliance, the LAN1 port
was known as the data port, so you might see such references in existing
documentation.

ENG - 16 McAfee WebShield e500 Appliance version 2.5

Installation Guide — English

I

LAN2 port (NIC 2)

The LAN2 port is an RJ-45 10/100Mbps auto-sensing Ethernet network port,
and its operation depends on how you are using the appliance:

• Proxy mode — The LAN2 port can only be used for a direct local
management connection. It cannot receive and transmit inbound and
outbound protocol traffic.

You might use this port if you cannot achieve a remote management
connection through the LAN1 port, because of these reasons:

– The LAN1 port’s IP address belongs to a different subnet than your

remote computer.

– You have forgotten the LAN1 port’s IP address that you set, and

have disabled the default IP address of 10.1.1.108 for that port.

• Transparency mode — The LAN2 port is used (in conjunction with the
LAN1 port) to connect the appliance to your existing network. It receives
and transmits the same type of traffic as the LAN1 port.

See Step 4 on page 29 for connection information.

The LAN2 port has a default IP address of 10.1.2.108 (subnet mask

255.255.255.0). When you configure the appliance, you can do the following:

• Add new IP addresses that are valid for your network.

• Modify or disable the default IP address.

• Delete the default IP address so that it cannot be used.

• Disable the port so that it cannot be used.

 IMPORTANT: If you are using transparency mode, do not disable the

LAN2 port.
For previous versions of the WebShield appliance, the LAN2 port was

known as the management port, so you might see such references in
existing documentation.

Installation Guide ENG - 17

Installation Guide — English

Gathering the configuration information

When you have decided how you want to use the
appliance — see Chapter 1 of the Product Guide —
you are ready to gather the required configuration
information (step 1).

This section lists the information you must supply.
We recommend that you gather the information
before installation and configuration, so you can set
up the appliance quickly.

We have provided spaces so that you can record the
information on a printed copy of this section.

Chapter 11 of the Product Guide contains useful
details about the configuration information that
you can specify, and how it affects the operation of
the appliance.

Step 2 — installing the appliance — is described on

page 28.

Appliance host name

Supply the unique host name for the appliance:

Host name

Domain

1

Gather the

configuration

information

2

Install the
appliance

3

Configure the

appliance’s

network settings

4

Configure the

appliance’s

protocol settings

5

Back up the

appliance’s

settings

Supply the fully qualified domain or subdomain in
which the appliance is located:

Domain name

Examples: myorg.com, network1.myorg.com

ENG - 18 McAfee WebShield e500 Appliance version 2.5

Network addresses

Supply the TCP/IP network address information for the appliance:

Installation Guide — English

TCP/IP address

LAN1 port IP address
and subnet mask

LAN2 port IP address
and subnet mask

Local DNS server IP address

Default gateway or router
IP address

NOTE: You can configure multiple IP addresses for the LAN1 and LAN2



. . .

. . .

. . .

. . .

. . .

. . .

ports.
For previous versions of the WebShield appliance, the LAN1 port was

known as the data port, and the LAN2 port was known as the management
port. Therefore, you might see such references in existing documentation.

Internal networks

Supply the domains or IP addresses for the internal networks (inside your
organization) with which the appliance communicates. You can identify as
many internal networks as you want (spaces for 10 networks are provided
below):

NOTE: Remember to include the domain in which the appliance is



located, unless you want that domain treated as an external network.

Network Domain, or IP address and subnet mask

Example 1

Example 2

myorg.com

192 . 168 . 1 . 0

255 . 255 . 255 . 0

Example 3

1

*.myorg.com

. . .

Installation Guide ENG - 19

Installation Guide — English

2

3

4

5

6

. . .

. . .

. . .

. . .

. . .

. . .

. . .

. . .

. . .

. . .

7

8

9

10

. . .

. . .

. . .

. . .

. . .

. . .

. . .

. . .

. . .

ENG - 20 McAfee WebShield e500 Appliance version 2.5