Esafe Appliance Esafe Gateway: Last Revised: January 1, 2009

Installation and Setup Guide
eSafe Appliance
with
eSafe Gateway
Version 7.X
Last Revised: January 1, 2009

Important Note:
Please note that the contents of this guide may change from time to
time, to accommodate new features, corrections, etc.
The most recent product documentation can be found in the following
location: www.esafe.com/support/eSafeDocuments.asp
eSafe Software products described in this document are protected by

one or more of the following Patents: US 7,013,483, US 7,047,369, US
7,386,884, EP 1318646 and EP 1122932, and may be protected by other
U.S. Patents, foreign patents, or pending applications.
At eSafe we welcome feedback about our documentation. You can

send comments about the documents to: esafe-docs@ealaddin.com
(Document revision number 3.06-1/1/09) All attempts have been made to make the information in this document complete and accurate. Aladdin is not responsible for any direct or indirect
damages or loss of business resulting from inaccuracies or omissions. The specifications in this document are subject to change without notice.
COPYRIGHT
No part of this Technical Document may be reproduced or transmitted in any form or by any means, except for the use of the registered user(s) without permission from Aladdin Knowledge Systems,
Ltd. Copyright© 2000-2002, Aladdin Knowledge Systems, Ltd. All rights reserved. © Partial copyright for information relating to Check Point products 2000-2002 Check Point Software Technologies
Ltd. All rights reserved.
TRADEMARKS
eSafe is a trademark of Aladdin Knowledge Systems, Ltd. Red Hat is a trademark of Red Hat, Inc. Linux is a trademark of Linus Torvalds. Check Point Software, the Check Point Software logo, FireWall-1, FireWall-1 SecureServer, FloodGate-1,
INSPECT, IQ Engine, Meta IP, MultiGate, Open Security Extension, OPSEC, Provider-1, SVN, User-to-Address Mapping, VPN-1, VPN-1 Accelerator Card, VPN-1 Appliance, VPN-1 Certificate Manager, VPN-1 Gateway, VPN-1 SecuRemote, VPN-1
SecureServer, and ConnectControl are trademarks or registered trademarks of Check Point Software Technologies Ltd. or its affiliates. Windows 95, Windows 98, Windows Me, Windows NT, Windows XP, Windows 2000, Exchange and ActiveX are
trademarks or registered trademarks of Microsoft Corporation. Java is a registered trademark of Sun Microsystems. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The Check Point
product described in this document is protected by U.S. Patent No. 5,606,668 and 5, 835,726 and may be protected by other U.S. patents, foreign patents or pending applications.
eSafe Installation Guide
Table of Contents
Before you Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4
eSafe Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4
Chapter 1:Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
About the eSafe Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2
Chapter 2:Installing the eSafe Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Before you Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
Creating an eSafe Appliance using the eSafe Virtual Appliance CD . . . . . . . . . . . . . . . . . .6
Deciding which eSafe Product to Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
Connecting the eSafe Appliance to a Workstation (for basic configuration) . . . . . . . . . . . 12
Using the eSafe Appliance Setup Wizard to Configure your eSafe Appliance . . . . . . . . . . . 13
Connecting the eSafe Appliance to the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Adding Firewall Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Installing eConsole Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Registering your eSafe Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Restoring the eSafe Appliance’s Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Chapter 3:Managing the eSafe Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

About the eSafe Appliance Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Accessing the eSafe Appliance Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
The Appliance Status Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
The Settings Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
The Support Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Chapter 4:eSafe Add-Ons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

About the eSafe Add-ons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
eSafe Advanced Anti-spam Add-on . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
eSafe URL Filter Add-on . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
eSafe AppliFilter Add-on . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Updating the eSafe Add-ons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Registering the eSafe Add-ons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
eSafe Appliance Default Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Additional Connection Options (for advanced Linux users) . . . . . . . . . . . . . . . . . . . . . . 72
i
eSafe Installation Guide
ii
Preface
This installation guide provides detailed information for

installing and setting up the eSafe Appliance with . The aim of
the Preface is to explain some basic concepts regarding the eS-
afe Appliance and introduce you to the terminology that will
be used throughout this guide.
We strongly recommend that you read this section before
starting to work with your eSafe Appliance:
• Before you Start
• eSafe Terminology
3
eSafe Appliance Setup Guide
Before you Start

Two types of eSafe Appliance are available:
• eSafe Virtual Appliance CD (for 500+ users): The eSafe Virtual Appliance CD
enables creating an eSafe Appliance from any Intel-based computer (that
meets the minimum requirements).
• Aladdin eSafe HG/XG Appliances: The eSafe Appliances, shown below, are
hardware devices that are pre-installed and pre-configured with eSafe
software. The following types of appliances are available: HG-100, HG-200,
and XG-300.
eSafe HG-100 eSafe HG-200
eSafe XG-300
eSafe Terminology
The terms that follow will be used throughout this guide. We recommend
familiarizing yourself with these terms prior to getting started with this guide.
eSafe Virtual Appliance CD: A CD that provides the ability to transform a PC

(that meets the minimum requirements) into an eSafe Appliance with all the
capabilities of a regular Aladdin eSafe Appliance.
Aladdin eSafe Appliance: A pre-installed appliance (see picture above) that can
be purchased from Aladdin that only needs to be configured and placed in the
network.
eSafe Appliance: A collective name that refers to any type of eSafe Appliance,
whether it is a pre-installed appliance from Aladdin or an appliance created using
the eSafe Virtual Appliance CD.
4 Before you Start

eSafe Appliance Manager: Web-based management software that enables

changing the eSafe Appliance settings, defined using the eSafe Appliance Setup
Wizard, and viewing information about the appliance.
eSafe Appliance Setup Wizard: A web-based wizard program that is used to

configure the eSafe Appliance for first-time operation.
eSafe Operation Mode: The eSafe Appliance is pre-installed with eSafe software.
You can choose a specific product type that enables operating in a specific mode.
If you received an Aladdin eSafe Appliance (or an eSafe Appliance from an
Aladdin partner), it will be pre-configured to operate in NitroInspection (Bridge)
mode. You can change this mode, if necessary.
5
6 eSafe Terminology
Chapter 1
Introduction
This chapter introduces you to the eSafe Appliance and de-

scribes the eSafe Gateway/Mail software and components.
In this chapter you will find the following topics:
• eSafe Gateway
• eConsole Manager
Introduction 1
About the eSafe Appliance

Because it fits easily into any existing security infrastructure, the eSafe Appliance
provides high-quality corporate content security that can be deployed quickly and
cost effectively. The eSafe Appliance provides:
• A high level of security with a hardened operating system.
• Optimized for high performance.
• Enhanced updates including virus/vandal tables, content security engine, lists

and configurations and also the operating system.
• Higher ROI due to reduced integration costs and faster deployment.
• Out-of-the-box simplicity with an excellent initial content security policy that

can be fine-tuned at any time.
eSafe Gateway
eSafe Gateway provides full content security protection when installed as a
gateway between the local area network (LAN) and the Internet. It scans and
cleans data passing through FTP, HTTP, SMTP, and POP3 connections.
eSafe Gateway is a powerful content inspection gateway that:
• Includes anti-vandal and anti-virus scanners.
• Provides full content security protection for any connection established

between the internal LAN and the Internet.
• Scans and cleans data passing through FTP, HTTP, SMTP and POP3
connections.
• Operates with any firewall or router.
eSafe Gateway can operate in the following modes:
• eSafe Gateway NitroInspection (Bridge)
• eSafe Gateway NitroInspection (Router)
• eSafe Gateway Forwarding Proxy
• eSafe Proxy
All eSafe Gateway modes include built-in mail relay capabilities for scanning
SMTP traffic, providing all the benefits of eSafe Mail (described below).
A detailed description of these product types appears in Deciding which eSafe

Product to Use on page 9.
2 About the eSafe Appliance

eConsole Manager
eConsole Manager is a management console that lets you configure and enforce
the corporate content security policy throughout the network. The console allows
remote configuration and administration from anywhere in the organization, or
from remote-managed service providers (MSP). Communication is over a TCP/IP
connection and is authenticated and encrypted.
You can define security rules according to specific clients, servers, e-mail
addresses, destinations, domains, senders, recipients, and file types. This allows
you to fine-tune the inspected content.
A real time statistics window shows the current traffic status presented in graphs
according to protocol. Extensive reports and alerts inform you whenever a vandal
or virus attempts to enter your network. The detailed reports can be broken
down by protocol, source, and destination.
After installing eSafe, you can install eConsole Manager from within the eSafe
Appliance Manager, as described on page 33.
Detailed instructions for using eConsole Manager appear in the eConsole

Administrator’s Manual, also accessible via the eSafe Appliance Manager.
Introduction 3
4 About the eSafe Appliance

Chapter 2
Installing the eSafe Appliance
This chapter provides important information that should be

noted prior to installing the eSafe Appliance, and guides you
through the installation procedure.

• Before you Install
• Creating an eSafe Appliance using the eSafe Virtual Appli-
ance CD
• Deciding which eSafe Product to Use
• Connecting the eSafe Appliance to a Workstation (for basic
configuration)
• Using the eSafe Appliance Setup Wizard to Configure your
eSafe Appliance
• Connecting the eSafe Appliance to the Network
• Adding Firewall Rules
• Installing eConsole Manager
• Registering your eSafe Software
Installing the eSafe Appliance 5

Before you Install

If you are using a preinstalled eSafe Hellgate Appliance, refer to the Quick
Installation guide for installation information. If you want to perform advanced
operations, go to "Connecting the eSafe Appliance to a Workstation (for basic
configuration)" on page 12 for instructions on working with the appliance.
Installation of the eSafe Virtual Appliance consists of the following steps:
1. Creating an eSafe Appliance using the eSafe Virtual Appliance CD (if you
choose to use your own hardware).
2. Deciding which product (operation mode) you want to use.
Creating an eSafe Appliance using the eSafe Virtual

Appliance CD
The next section guides you through creating an eSafe Appliance using the eSafe
Virtual Appliance CD. If you purchased a preinstalled eSafe Appliance, go to
"Connecting the eSafe Appliance to a Workstation (for basic configuration)" on
page 12 and follow the instructions from there on to set up the appliance.
You can create an eSafe Appliance from an Intel-based computer (that meets the
minimum requirements) by installing the eSafe Virtual Appliance CD to the
computer’s hard disk.
Minimum Requirements
• Pentium 4, 2 Ghz & above, with CD-ROM
• 1 GB RAM (or above)
• 36 GB disk space (minimum)
• Two Ethernet 10/100/1000 Mbps NICs (An optional third NIC can be used for
management)
Note: Please note that these are minimum hardware requirements. For more
accurate and recommended hardware please consult with your eSafe
partner/sales representative.
6 Before you Install

Creating the eSafe Appliance

Follow the instructions below to create the eSafe Appliance.
To create an eSafe Appliance:
1. Use a computer that meets the minimum requirements listed in the previous
section. If you wish to install eSafe in NitroInspection mode, make sure you
install three NICs.
2. Power-on the PC.
3. Ensure that the BIOS is configured to first boot from the CD-ROM, which is
capable of reading long filenames. (For additional information on configuring
the machine's BIOS, refer to the machine manufacturer.)
4. Insert the eSafe Virtual Appliance CD into the CD-ROM.
Warning: In the next step, the PC’s hard disk will be re-partitioned and
formatted. The contents of the hard disk will be erased and replaced
with the contents from the eSafe Virtual Appliance CD, including the
operating system. Before you continue, make sure that you do not
need the data on the hard disk!
5. Reboot the PC.
The PC boots from the eSafe Virtual Appliance CD.
6. At the boot prompt, type install and press <ENTER>.
Automatic system requirement verification takes place. Should the hardware

not meet the minimum requirements, a message will appear, similar to the
one that follows. (Although it is physically possible to install the eSafe
Appliance on a machine that does not meet the requirements, this practice is
not recommended since it can hamper performance.)
This machine doesn’t match the minimum requirements for eSafe Virtual
Appliance.
Reason(s):
No suitable HD found
Not enough memory
If you proceed with installation, possible problems may occur.
(Please contact eSafe Technical Support for details.)
Type “C” to continue installation or press <ENTER> to abort.
The Virtual Appliance CD is installed onto the hard disk, which transforms the
PC into a pre-installed and pre-configured appliance, with all the capabilities
of the Aladdin eSafe Appliance.

At the end of the installation process, a message appears prompting you to

reboot the PC. The PC will reboot TWICE.
This concludes the process of creating an eSafe Appliance and it is now

possible to configure the appliance to work in a specific operation mode.
7. Remove the CD.
8. Shut down the newly created eSafe Appliance.
Note: The next time you start the eSafe Appliance, the machine
will automatically boot twice.
The information in the next section assists you in deciding which type of
product you want to use.
8 Creating an eSafe Appliance using the eSafe Virtual Appliance CD

Deciding which eSafe Product to Use

Use the descriptions that follow to choose the operation mode that best suits
your organization’s security requirements. Should you require further assistance
in choosing a mode, please contact your reseller for advice.
You can choose one of the following operation modes:
• eSafe Gateway in Forwarding Proxy Mode
• eSafe Gateway in NitroInspection Bridge Mode*
• eSafe Gateway in NitroInspection Router Mode*
• eSafe Proxy
* These modes also allow installing an eSafe Cluster for load balancing and fail
over.
eSafe Gateway Forwarding Proxy

In this mode, eSafe scans all HTTP traffic/FTP over HTTP traffic between a proxy
server and clients in the LAN of organizations that use a proxy server. The parent
proxy IP is assigned to the eSafe machine, and thus a new IP must be assigned to
the parent proxy machine. You can also enable use of eSafe’s SMTP module that
enables scanning SMTP traffic.

eSafe Gateway NitroInspection (Bridge)

In this mode, eSafe physically separates the LAN and the Internet. eSafe
transparently scans HTTP, FTP, SMTP, and POP3 traffic between the LAN and the
Internet.
eSafe Gateway NitroInspection (Router)

In this mode, eSafe acts as a router and requires creating a subnet and
reassigning the LAN’s Default Gateway to the internal NIC of the eSafe Gateway
machine. The eSafe machine operates as the default gateway and traffic is
forwarded to the firewall and then to the Internet. eSafe transparently scans
HTTP, FTP, SMTP, and POP3 traffic between the LAN and the Internet.
Detailed instructions for working with eSafe Web SSL are available in the eSafe
Web SSL Installation Guide.
10 Deciding which eSafe Product to Use

eSafe Proxy
eSafe Proxy combines a standard proxy server with eSafe NitroInspection Bridge
mode in a single box. This allows deploying eSafe as a proxy server that includes
all of eSafe’s content security features.
eSafe Cluster Mode

eSafe Gateway with NitroInspection (Bridge and Router) can be adapted to allow
use of eSafe’s security cluster for load balancing and fail over. In this type of
configuration, you can install up to eight eSafe machines to share the network
load. Detailed information about the eSafe Cluster is available on the eSafe
Documentation web page.
The next section guides you through connecting the eSafe Appliance to a PC that
will be used to access the eSafe Appliance Manager.

Connecting the eSafe Appliance to a Workstation (for basic

configuration)
Before you start working with the eSafe Appliance, you will need to define basic
product settings via the eSafe Appliance Setup Wizard, accessed via a workstation
that you connect directly to the eSafe Appliance. Follow the instructions below to
connect the eSafe Appliance to the PC that will be used to access the eSafe
Appliance Manager.
Note: The eSafe Appliance (with two network cards) will be configured
with the following IP addresses after a fresh installation:
ETH0:
IP address: 192.118.131.243 Subnet mask: 255.255.255.248
ETH1:
IP address: 192.118.131.249 Subnet mask: 255.255.255.248
To connect a workstation to the eSafe Appliance:
1. Use a Windows-based workstation (PC or laptop) with Microsoft Internet

Explorer version 6.0 or above.
2. Plug one end of a crossover cable (a red crossover cable is provided with the
Aladdin eSafe Appliance) into the ETH0 Ethernet port of the Appliance and
the other end of the crossover cable into the Ethernet port of the workstation
you prepared in the previous step.
Note: If you do not have a crossover cable, you can use a hub instead. In
this case, connect a cable between the hub and the workstation, and
between the hub and the eSafe Appliance.
• If the eSafe Appliance has more than one NIC, continue with step 3.
• If the eSafe Appliance has one NIC, continue with step 4.
3. Connect the eSafe Appliance’s second network interface card to the network
via a regular Ethernet network cable. (The eSafe Appliance thus physically
separates the workstation and the LAN, and is now in-line between the
workstation and the LAN.)Connect the power cable to the eSafe Appliance,
plug it into the power supply, and turn on the power switch.
The next section guides you through the process of configuring the eSafe
Appliance to work in a specific operational mode.
12 Connecting the eSafe Appliance to a Workstation (for basic configuration)

Using the eSafe Appliance Setup Wizard to Configure your

eSafe Appliance
The eSafe Appliance Setup Wizard assists you in defining the basic configuration
required to enable the eSafe Appliance to operate in your organization's network.
To configure the eSafe Appliance:
1. Follow the instructions that are relevant to the operational mode you intend
to use:
For eSafe Appliances with 2 NICs:
• Using the workstation you connected in the previous section, open

Internet Explorer and connect to the eSafe Appliance using the following
address: https://192.118.131.243:37233.
For eSafe Appliances with 1 NIC:

a. Add an additional IP address to the NIC properties of the workstation you
connected in the previous section. For the IP address enter 10.0.0.4 and,
for subnet mask, enter 255.255.255.0.
b. Open Internet Explorer on the workstation, and connect to the eSafe

Appliance using the following address: https://10.0.0.1:37233.
This connects to the eSafe Appliance Setup Wizard that allows you to choose
the mode in which the eSafe Appliance will operate and configure Appliance
settings. A security alert appears.

2. Follow the instructions below for the version of Internet Explorer you are
using:
• For Internet Explorer 7.0, select Continue to this website.
• For Internet Explorer 6.0, accept the certificate when requested to do

so (see picture below).
The Login page appears.
14 Using the eSafe Appliance Setup Wizard to Configure your eSafe Appliance
3. Log in to the eSafe Manager using the default username (admin), and
password (esafe).
The Setup Wizard starts and the Welcome screen appears.
4. Read the information in the Welcome screen.
Click Next to proceed. The License Agreement screen appears.

5. Read the License Agreement and select I Accept.
Click Next to continue. The Choose Product Type screen appears.
6. From the Product type drop-down list, choose eSafe Gateway.
Click Next. The Choose Installation Mode page appears.
7. From the drop-down list, you can choose to install eSafe Gateway in one of
the following modes:
• NitroInspection Bridge mode
• NitroInspection Router mode
• Forwarding Proxy mode
• eSafe Proxy
When available, you can select the Cluster Mode check box if you want this
machine to be part of the eSafe Cluster.
Note: If you are isntalling eSafe Cluster in Router mode, you will be
prompted to define virtual IP addresses. At least two VIPs are needed; one
for each side of the cluster. The VIPs will be the external identity of the
eSafe Cluster. The VIPs will be available as long as at least one node in the
cluster remains healthy.
If you select NitroInspection in Bridge mode, you will be prompted to choose

which network interfaces the appliance will work with.
Select the interfaces and then click Next to continue.
The Network Settings page appears.

8. In the Network Settings page, define the network settings to enable the eSafe
Appliance to communicate with the network.
You need to enter the following information:
• Under Appliance IP settings, enter the eSafe Appliance’s IP address and

netmask that the eSafe Appliance uses to interface with the network, for
each NIC. This must be a valid IP address from the network/DMZ.
• For eSafe Gateway Forwarding Proxy, eSafe will act as the proxy
server. Use a valid IP address from the network.
• For eSafe Gateway with NitroInspection (Bridge mode), as shown

above, you need to define two regular IP addresses from the internal
subnet and the LAN’s default gateway.
• For eSafe Gateway with NitroInspection (Router mode), assign an IP

address from the same subnet as the IP address of the firewall to the
NIC that faces the firewall (eth0). At the NIC that faces the internal
network (eth1), define an IP address from a subnet other than the
subnet used by eth0. This IP address should be the default gateway of
the internal LAN. By doing this, all network traffic that goes to the
Internet will first go to the default gateway machine (inner NIC of the
eSafe Appliance). eSafe will scan the traffic and forward it to the
subnet that exists between the outer NIC and the firewall, towards
the firewall address.
• For eSafe Proxy, see the eSafe Proxy Installation Guide for detailed
instructions on working with eSafe Proxy.
What is eth0 and eth1?

Eth is a commonly used term for Linux machines that use Ethernet
connections network interface cards (NIC).
Eth0 refers to the NIC that is numbered as 0 (usually faces the default
gateway machine), while eth1 (if available) usually faces the LAN.
Note: Pay attention to the note at the bottom of the Network Settings
page, which shows via which Ethernet port the appliance is connected.
It is important that you know which IP address is assigned to which port
because later you will connect eth0 to the firewall and eth1 to the
internal network.
• Next to Default Gateway, enter the IP address of the gateway device that
is used to forward traffic to destinations beyond the local network.
• Under Name Resolution, enter the hostname of the eSafe Appliance to

enable identification of the appliance in the network, and the IP
addresses of the DNS servers in the network that will be used to resolve
machine names.
• Under SMTP Client Identification, enter the string eSafe will use for
identification purposes when communicating with SMTP clients that use
the helo command. It is recommended that the string equals the name of
the eSafe machine (esafe.domain.com).
Define the settings and click Next. The next page that appears depends on
the type of eSafe product selected.
• For eSafe Gateway NitroInspection Router/Bridge, the NitroInspection

Parameters page appears. Continue with step 9.
• For eSafe Gateway Forwarding Proxy, the Forwarding Proxy Parameters

page appears. Continue with step 10.
9. In the NitroInspection Parameters page, define the ranges of the networks

that will NOT be inspected by eSafe Gateway. By default, eSafe includes a list

of virtual IP ranges that are “trusted”. This means that traffic to and from
these addresses will NOT be scanned.
If these default ranges are not sufficient, you can define additional IP ranges
that will not be scanned.
a. Click Add to add an internal network range.
b. Enter the IP address of the first and last workstation in each of the
networks.
c. Click Save to return to the previous page.
d. Click to edit a network range, or to delete a range, if necessary.
Click Next. The Mail Servers page appears. Continue with step 11.
10. If you are configuring eSafe Gateway Forwarding Proxy, you must define the
parent proxy IP and port, and the port eSafe will listen on.
a. Next to IP Address, enter the IP address of the parent proxy.
b. Next to Port enter the port of the parent proxy; usually port 8080.
c. Next to Listen on port enter the port eSafe will listen on.(The port
number must be 1024 or above.)
Click Next. The Internal Mail Servers page appears.

11. In the Mail Servers page, define all internal mail servers to enable scanning
SMTP traffic.
a. Click Add to add an internal mail server.
b. Enter the FQDN (Fully Qualified Domain Name) and IP address of the mail
server. If the machine does not use the default SMTP port (port 25), add a
“:” and the port number at the end of the IP address.
If you have a back-up/secondary mail server for this domain, press

<Enter> to define the IP address of the back-up/secondary mail server
machine.
c. Click Save. The server is added to the list of Internal Mail Servers.
d. Repeat steps a—c to define all the internal mail servers on your network.
Click Next. The Password page appears.
12. The eSafe Appliance Manager is supplied with a default username (admin) and
password (esafe). To ensure that only authorized users have access to the
Appliance, you must change the default password.
Note: It is also possible to change the password at a later stage using via
the eSafe Appliance Manager.
Enter and confirm the new password. Click Next to save the change.
Click Next. If you have not yet changed the default root password for the
appliance, you will be prompted to do so now. In this case, the Root Password
page appears. If you have already changed the root password, the Set Time
and Date page appears.

13. Enter a new root superuser password; re-enter the password for confirmation.
Click Next. The Set Time and Date page appears.
14. By default, the Appliance is not pre-configured with the current time and
date. We recommend setting the exact time and date since this information
will be used by eSafe for various purposes, such as in all logs and reports
related to the product.
Define the current date and time, and the time zone in which the eSafe
Appliance will operate.
Note: It is also possible to use a Network Time Protocol (NTP) server.

This option appears under Support | Time & Date in the eSafe Appliance
Manager.
Click Next. You will be prompted to enable use of eSafe’s HeartBeat

Information and Outbreak Sentry Service.
15. Click Next to enable working with the HeartBeat Information and the
Outbreak Sentry Service.
• The HeartBeat Information Service provides vital information about the

status of eSafe’s components, as well as abnormal system behavior. This
information is periodically sent to the eSafe Operations Center at Aladdin
for analysis. In future, based on this information, Aladdin will be able to
provide you with real-time maintenance and preventive services,
including suggestions on how to ensure uninterrupted eSafe operation and
keep your software up-to-date.
• The Outbreak Sentry Service automatically detects files, macros, and

attachments that are likely to contain a new virus or vandal designed to
circumvent eSafe's proactive protection. The service sends the detected
items to eSafe’s Content Security Response Team (CSRT) for immediate
analysis. If a new virus or vandal capable of circumventing eSafe's
proactive protection is found, a member of the CSRT will immediately

contact you with a solution.
A page appears allowing you to download eConsole.
16. Click the Download eConsole link to download the eConsole application, if
required. (If you choose to download eConsole, make sure that you do not
click on the Apply buttons until the end of the download process.)
After installing eConsole, you must now apply the new configuration in order
to continue.
You can do one of the following:
• If you still need to place the eSafe Appliance in its physical location and
connect it to the network, click the Apply and Shutdown button and
locate the appliance in the network. After restarting, you can access the
eSafe Appliance Manager at any time using the URL displayed in this
screen.
• If you have already placed the eSafe Appliance in its physical location
and connected it to the network, click the Apply and Restart button. You
can then access the eSafe Appliance Manager at any time using the URL
displayed in this screen.
17. Click Apply and Shutdown or Apply and Restart to continue.
Note: You can change the eSafe Appliance settings at any time, by re-
connecting to the eSafe Appliance Setup Wizard. You will need to use the
new IP assigned to the eSafe Appliance (see step 8.), rather than the
default IP: 10.0.0.1, or 192.118.131.243.
Follow the instructions in the next section to physically connect the eSafe
Appliance to the network.

Connecting the eSafe Appliance to the Network

The final stage of the installation is to actually connect the eSafe Appliance to
the network.
Follow the instructions for the operation mode you selected.
For eSafe Gateway NitroInspection:
1. Place the eSafe Appliance in its physical location.
2. Power up the eSafe Appliance.
3. Disconnect the firewall from the internal switch.
4. Using the cross-over cable, connect the eSafe Appliance to the firewall
(eth0).
5. Using an Ethernet cable, connect the eSafe Appliance to the internal switch
(eth1).
6. Check the status of the link LED on your Ethernet hub or switch to ensure that
the Ethernet connection is ’live’.
For eSafe Gateway Forwarding Proxy:
1. Place the eSafe Appliance in its physical location and connect the appliance
to the LAN/switch using an Ethernet cable.
2. Power up the eSafe Appliance.
3. Ensure that the eSafe Appliance IP address is the IP address of the proxy
machine, as defined in the client browser settings, and that a new IP address
was assigned to the parent proxy.
At this point your eSafe Appliance is physically connected to the network with a
default configuration. In order to operate properly, eSafe needs to connect to
various ports and sites. Follow the instructions in the section that follows to
enable connecting to these ports/sites.
28 Connecting the eSafe Appliance to the Network

Adding Firewall Rules

In order for eSafe to operate correctly, send email and receive updates, you must
enable the following permissions on your firewall:
• Allow the eSafe machine to connect to the following eSafe sites for updates:
For HTTP: (Port 80) For FTP: (Port 20 & 21)
upd1.esafe.com ftp.esafe.com
upd2.esafe.com ftp2.esafe.com
upd3.esafe.com ftp.protectme.com
upd4.esafe.com
• Allow the eSafe machine to perform DNS queries (port 53).
• Allow eSafe to send email and alerts to the Internet and internal network
(port 25).
• If eSafe also serves as an SMTP relay, allow it to accept connections on

Port 25.
• Allow the eSafe machine to check license validity via the eSafe site (port 80).
• If you are using the eSafe Add-ons, enable the following addresses for HTTPS
(port 443) and HTTP (port 80):
For www.cobion.com:
213.252.152.103
195.127.173.190
213.252.152.118
213.252.152.105
213.252.152.81
For license.cobion.com:
213.252.152.106
195.127.173.180
213.252.152.101
• If you have a firewall between your management machine (with eConsole)

and the eSafe machine, you will need to allow the eSafe management
protocol (UDP on port 43982 and TCP on port 43970).

What’s next?
You can now:
• Install eConsole (see a description on page 4) to remotely monitor and
manage eSafe products installed, view reports, and define security rules. For
details on installing eConsole, see "Installing eConsole Manager" on page 31.
• Register your eSafe software (recommended); see"Registering your eSafe
Software" on page 32.
• Access the eSafe Appliance Manager for maintenance and management
purposes. A description of the various options available appears in Chapter 3,
"Managing the eSafe Appliance" on page 35.
30 Adding Firewall Rules

Installing eConsole Manager

eConsole Manager is a Windows-based management console that allows remote,
IP based management by allowing you to monitor and manage the eSafe product
over a TCP/IP connection. All communication is authenticated and encrypted.
You can install eConsole Manager on a machine that meets the following minimum
requirements:
Processor: Pentium II or above with a TCP/IP connection to the

network
RAM: 250 MB
Disk Space: 30 MB
Additional Drives: CD-ROM drive or Internet connectivity (for installation)
Operating System: Windows NT/2000/2003/XP
For your convenience, a link has been included in the eSafe Appliance Manager
that enables downloading the eConsole software.
To install the eConsole:
1. In the eSafe Appliance Manager, select Support | eConsole Manager.
2. Click the Download eConsole from eSafe Appliance link. You will be
prompted to open or save the eConsole executable file.
3. Select Save and choose the location to which you want to save the file.

4. After downloading the executable file to the location defined, double click
the esg_gui.exe file to install eConsole.
5. Follow the on-screen instructions to complete installation.
Detailed instructions for using eConsole appear in the eConsole Administrator’s

Manual. This manual is available in PDF format via the eSafe Appliance Manager,
or can be downloaded from the following location:
http://www.ealaddin.com/support/listesafe.asp?pd=eSafe%20Gateway#docs
Registering your eSafe Software

Upon completion of the eSafe Appliance Setup Wizard, the 30 day evaluation
period begins.This provides you with enough time to make all necessary changes
to your network, test eSafe operation, and register the product. During the
evaluation period, the eSafe Appliance is fully functional (including updates).
At the end of this evaluation period, the evaluation license will expire and
allow ALL traffic to enter the network without scanning or blocking.
To ensure uninterrupted network protection, you should register the product at

the earliest opportunity.
To register the product:
1. Contact your reseller to acquire a 43-character long license key.
2. In the eConsole, select Help | Enter License Key to enter your name,
company name, and the license key.
3. Click OK to save the details.
32 Registering your eSafe Software

Restoring the eSafe Appliance’s Configuration

After fine-tuning the appliance’s configuration, you can access the Support menu
in the eSafe Appliance Manager and create a backup file of the appliance’s
configuration. By doing this, you can restore the configuration if this is required
in the future.
To restore appliance settings:
1. Run the eSafe Appliance Setup Wizard.
2. In the Welcome page, under Restore eSafe Appliance Configuration, enter the
path and file name to reach a previously backed-up configuration file, or click
Browse to search for the file. For details on creating a backup file, see
"Providing Information to eSafe Technical Support" on page 54.
3. Click the Restore Appliance Configuration button to restore the settings.

34 Restoring the eSafe Appliance’s Configuration

Chapter 3
Managing the eSafe Appliance
This chapter provides details for using the eSafe Appliance

Manager application to manage the eSafe Appliance.
• About the eSafe Appliance Manager
• Accessing the eSafe Appliance Manager
• The Appliance Status Menu
• The Settings Menu
• The Support Menu
Managing the eSafe Appliance 35

About the eSafe Appliance Manager

The eSafe Appliance Manager is a web-based application that provides you with
the tools to change the settings defined using the eSafe Appliance Setup Wizard,
view information, and perform additional actions.
You can use the eSafe Appliance Manager application to:
• View the status of the eSafe product being used
• View system information
• View network information
• View messages in the Spool Manager
• View and modify IP settings
• Define name resolution settings
• Define settings for scanning POP3 traffic
• Set the Appliance Date and Time
• Change the Appliance Manager Password
• Control access to the Appliance
• Defining SNMP settings and Redirecting Logs
• Reconfigure the eSafe Appliance Setup Wizard
• Defining SSL Proxy Settings (For eSafe Web SSL)
• Prepare information for eSafe Technical Support
• Link to various eSafe-related web pages
• Download eConsole
• Test connectivity
This chapter provides detailed descriptions of all these options, available in the
eSafe Appliance Manager menus.
36 About the eSafe Appliance Manager

Accessing the eSafe Appliance Manager

Follow the steps below to access the eSafe Appliance Manager.
To access the eSafe Appliance Manager:
1. Open Internet Explorer and connect to the IP address of the eSafe Appliance
as configured using the eSafe Appliance Setup Wizard. For example,
https://x.x.x.x:37233, where x.x.x.x is the IP of the eSafe Appliance.
Note: eSafe Appliance uses secure HTTP protocol. Make sure that you
enter HTTPS and not HTTP.
You will be notified that you are about to view information over a secure
connection.
2. Click Yes to continue. A dialog box appears providing information about

security certificates.

3. Click Yes to continue. The eSafe Appliance Manager login page appears.
4. Enter the username (admin) and password as defined in the eSafe Appliance
Setup Wizard.
5. Click Login. The eSafe Appliance Status page appears.
38 Accessing the eSafe Appliance Manager

The Appliance Status Menu

The Appliance Status menu includes the following options:
• eSafe Status—displays the status of eSafe and its add-ons.
• System Info—displays system related information.
• Network Info—displays information about the eSafe Appliance’s network

card(s), and the routing table.
• Spool Manager—displays information about messages in the Spool Manager.
A description of these options follows.
Viewing the eSafe Appliance Status

In the eSafe Appliance Status page you can see the status of the eSafe product
being used, as well as the status of any add-ons.
The following information appears:
• Type: Shows the type of eSafe product installed.
• Status: Shows the status of the eSafe product being used. (When add-ons are
installed, you can select Click to Activate to activate the add-on.)
• Product version: Shows the version of the product installed.
• Update version: Shows the version of the latest update.

• Last updated: Shows when the software was last updated.
• License: Shows license details.
• Registered to: Shows details of who the product is registered to.
• Expiry date: Shows the date that the license expires.
You can perform the following actions:
• Click the Stop/Start eSafe button to toggle between stopping and starting the
eSafe product installed. (Note: When the add-ons are disabled via the Status
screen, eSafe must be restarted in order for the changes to take effect.)
• Click Advanced to shut down or reboot the eSafe Appliance.
Note:
Currently, the following types of add-ons are available:
• URL filter add-on: Enables blocking access to websites according to
specific categories.
• Anti-spam add-on: Enables checking incoming and outgoing email for
spam content using advanced anti-spam technology.
• AppliFilter: Allows realtime filtering of malicious Internet content as
it enters the network.
The add-ons are automatically operational for a 30-day evaluation

period, after which an additional license is required. Detailed
information for working with the add-ons appears in Chapter 4, eSafe
Add-Ons.
When the add-ons are disabled via the Status screen, eSafe must be
restarted in order for the changes to take effect.
40 The Appliance Status Menu

Viewing System Information

The System Information page displays information about the CPU and memory,
and the amount of free storage space. Under Advanced, you can view the
contents of the system log files.
The following information appears:
• CPU and Memory Information: Displays the CPU's vendor name, model,
speed, RAM, and swap memory.
• Storage space: Displays the amount of free space available in the various
partitions.
• Click Advanced to view system log files. Click on a log file to download the
log file and view information about Appliance/system events.

Viewing Network Information

Displays the type of network interface card(s) being used, the status of the link,
and routing table information. Click on a specific card to view additional detailed
information about that card and its driver.
Note: eSafe automatically negotiates the network type and speed. The
default setting should only be changed in the event that eSafe is
connected to an unsupported network device or if the auto-negotiate
feature does not operate properly.
You can also perform the following actions:
• Click Refresh to update the network card and routing table information.
• Click the Restart Networking button to restart eSafe and networking

services. (Note that eSafe will only be restarted if it was already operational
when the Restart Networking button is clicked.)
42 The Appliance Status Menu

Viewing Information about Messages in the eSafe Spool

Manager
When the SMTP service is enabled, this page shows the number of messages in the
Spool Manager, and the date and time the messages entered the spool. Messages
that appear in the Spool Manager for extended periods of time could indicate a
problem.
Clicking the Advanced button displays a list of all messages in the spool. The
option exists to delete messages, but is not recommended and should only be
used after consulting with eSafe technical support.
Warning: Deleting messages from the spool is irreversible!

The Settings Menu

The Settings menu includes the following options:
• IP Settings—allows you to define the eSafe Appliance’s IP address.
• Host Name and DNS—allows defining name resolution parameters.
• POP3 Retriever—allows you to define POP3 account details to enable

scanning of POP3 traffic.
• Time and Date—allows you to change the eSafe Appliance’s time and date
settings.
• Passwords—allows you to change the admin and root account passwords.
• Access Control—allows you to define settings to control access to the eSafe

Appliance.
• SNMP—allows you to enable or disable use of the SNMP service, and define a
management station.
• eSafe Proxy—available when working with eSafe Proxy and allows viewing
and editing proxy server settings, including defining the authentication type.
• Domain Registration—available when working with eSafe Proxy and allows

registering the eSafe Proxy Machine in the domain.
• SSL Settings—allows you to view and edit SSL proxy settings, when working
with eSafe Web SSL.
• Configuration Wizard—provides access to the eSafe Appliance Setup Wizard.
44 The Settings Menu

Defining IP Settings
Depending on the type of eSafe product installed, one or two (eSafe Gateway
with NitroInspection) network interface cards may exist. You can change the
status of a network interface card, define a new network interface card, define
the default gateway, and add a static route.
To define a new network interface card:
1. Enter the following information in the space provided below the IP Settings:
• Under Interface, enter the name of the network interface card.
• Under IP address, enter a valid IP address belonging to the internal

subnet for each interface. For eSafe Proxy you only need to define one IP
address. (eSafe Gateway with NitroInspection has two network interface
cards therefore you must define a reserved IP address for each interface.
The IP addresses should not be similar to any workstation on the subnet.)
• The netmask of the network segment in which the Appliance will be

placed. The netmask is a 32-bit number that is notated by using four
numbers from 0 through 255, separated by periods.
2. Click Add to add the newly defined interface information.
You can perform the following additional actions:
• Next to Default Gateway, you can change the IP address of the gateway
machine that is used to forward traffic to destinations beyond the local
network.
• To remove interface information, select an interface and click to remove

the interface details.

• Click Advanced to add a static route to the routing table. Enter the interface,
network, netmask, and gateway. Click Add to save the changes.
• Click Apply and Restart Networking to apply the changes and restart eSafe
and the networking services.
Defining Host Name and DNS Settings

The settings in the Host Name and DNS page enable you to define name resolution
parameters. These parameters allow the eSafe Appliance to recognize, and be
recognized by, the network.
You can view/edit the following information:
• Host Name: The eSafe Appliance's host name.
• DNS Servers: The IP addresses of the DNS servers in the network. The DNS
servers will be used to resolve DNS names to IP addresses when queried by the
Appliance.
In addition, you can click Advanced to define search domains and hosts:
• In the Search Domains box, enter domain names that will be appended
automatically when searching for a host name that does not include the full
domain name.
• Under Hosts, enter the IP address and host name of all host machines. Click
Add to include the host in the Hosts list.

Retrieving POP3 Traffic

If your organization supports POP3 message formats, eSafe can periodically
retrieve POP3 email from a specified server and scan these messages. The POP3
Retriever page allows you to define parameters that enable accessing the POP3
server.
To enable POP3 scanning:
1. From the Settings menu, choose POP3 Retriever.
2. Click Add to define a new account.
Enter the following details:
• The name of the POP3 account.
• A password to access the account.
• The IP address or name of the POP3 server from which messages will be

retrieved.
• The port that will be used to listen to POP3 traffic (default=110).
• The address to which you want to redirect email from the POP3 account.
This should be an email address that exists in one of your internal email
servers. Leaving this field empty will redirect traffic to the address that
appears in the email body.
3. Click Save to save the account details and return to the previous page.
4. From the drop-down list, define how often eSafe will check the POP3 server
for new messages. Click Apply to save the settings.
• Click to edit account details.
• Click to delete account details.

Setting the Time and Date

By default, the eSafe Appliance is not pre-configured with the date and time. We
recommend setting the exact time and date since this information will be used in
all logs and reports related to the product. It is also possible to define an NTP
server.
If you did not set the date and time using the eSafe Appliance Setup Wizard, you
should do so now.
To set the date and time:
1. Use the drop-down lists to select the correct date and time.
2. Select the applicable time zone.
3. Click Apply to save the settings.
• Click the Advanced button to define a Network Time Protocol (NTP) Server.
Select the checkbox to enable using the server.
• In the NTP Server field, enter the IP address of the NTP server.
Note: The NTP Server is based on UTC and therefore it is

important to choose the relevant time zone.

Changing the Admin Account Password

You can change the admin account password, defined using the eSafe Appliance
Setup Wizard, at any time. You can also enable/disable the root account and
define a password for the account.
Note: The default password for the root account is: kn1TG7psLu. It is
recommended to change the root account password, or disable the root
account.
To change the admin account password:
1. Enter the new password.

2. Re-enter the password to confirm.
3. Click Apply.
To define a password for the root account:
1. In the Change Password page, click the Advanced button.

2. Select the Enable eSafe Appliance root account option.
3. Enter the existing password and then enter the new password.
4. Re-enter the new password for confirmation.
5. Click Apply to save the changes.

Controlling Access to the eSafe Appliance

The eSafe Appliance communicates with internal and external networks in one of
two ways:
• By accepting connections on all defined IP addresses.
or
• By accepting connections on a specific IP address only.
In addition, you can configure which external IPs will be able to establish a
connection with the Appliance.
To control access to the eSafe Appliance:
1. From the Preferences menu, select the Access Control option.
2. Define which IP addresses on the eSafe Appliance will accept connections:
• Select All IP addresses to accept connections on all defined IP addresses.
• Select Specific IP to define a specific IP that will accept connections.
3. Next to Listen on port, define the port that the Appliance will use to listen to
connections.
4. Define from which IP addresses the eSafe Appliance will accept connections:
• Select All IPs to allow connections from ALL IP addresses.
• Select Listed IPs Only to define a specific list of IP addresses from which
connections will be allowed.

• Select All, except listed IPs to define an exclusion list. This means that
connections will be accepted from all IP addresses EXCEPT those that
appear in the list.
5. Click Apply to save the settings.
Defining SNMP settings and Redirecting Logs

eSafe enables sending alerts, via SNMP traps, to SNMP servers. This allows using
third party applications to monitor the eSafe Appliance. All events that are
written to the syslog file (Linux message file), will be sent to the SNMP server.
When SNMP is enabled, you can save and send system logs that are related to
eSafe to the management station, in standard format.
It is also possible to redirect (and copy) syslog files to an alternate server.
• Click the Enable SNMP or Disable SNMP radio button.
• In the Management Station field, enter the IP address of the SNMP

management station to which the system logs will be sent.
• Under Syslog redirect, click the Enable or Disable radio button. If you choose
to enable syslog redirecting, enter the IP address of the server to which the
logs will be redirected (copied).

Defining Proxy Parameters (For eSafe Proxy)

When working with eSafe Proxy, you can view and edit the proxy settings by
selecting Settings | eSafe Proxy.
In the eSafe Proxy Parameters page, you can edit the port number. The default is
8080.
Click the Authentication Settings button to view and edit the authentication
parameters.

Depending on the type of authentication you select, you will need to define
authentication settings:
For NTLM:
• Host Name: Define the eSafe machine name.
• Domain Name: Define the domain in which eSafe will be located.
• AD Server: Define the Active Directory server name. Enter the full FQDN
name. Then enter the password server name and Wins server name. (These
values are usually the same.)
• Samba Group: Define the workgroup name.
For LDAP:
• Server Location: Define the IP address of the Active Directory or LDAP

server.
• Base DN: Define the distinguished name of the root from which user/group
details will be taken.
• Bind DN: Define a user name to allow access to the LDAP server.
• Bind Password: Define the password to connect to the server.
• Search filter: Define expressions to search the user data.

Registering the Domain (For eSafe Proxy)

After defining the proxy settings, you must register the eSafe Proxy machine in
the domain.
A description of the details you must enter in this screen follows:
• Administrator username: Enter the administrator username of the domain you

want to register to.
• Administrator password: Enter the administrator password of the domain you

want to register to.
• Domain: Enter the name of the domain in which you want to register the eSafe
Proxy machine.
• Domain Controller: Enter the IP address of the domain controller.
Reconfiguring the eSafe Appliance Setup Wizard

The Configuration Wizard option allows you to re-access the eSafe Appliance
Setup Wizard from within the eSafe Appliance Manager and change the eSafe
operational mode.
Using the eSafe Appliance Setup Wizard allows you to define the basic
configuration required to enable operation of the eSafe Appliance in your
organization's network.
For details on working with the eSafe Appliance Setup Wizard, refer to Using the
eSafe Appliance Setup Wizard to Configure your eSafe Appliance on page 14.

The Support Menu

The Support menu includes the following options:
• General—enables providing information to eSafe technical support and allows

uploading service packs to the eSafe Appliance machine.
• eConsole Manager—allows downloading the eConsole executable file.
• eSafe on the Web—enables quick access to eSafe-related links on the web.
• Test Connectivity—enables checking the connection between the appliance

and the Internet.
• Help Index—displays links to the help topics.
Providing Information to eSafe Technical Support

The Support Features page allows creating comprehensive reports that can be
supplied to the eSafe Technical Support department for troubleshooting
purposes.
After setting the required troubleshooting level and allowing eSafe to gather
information, files can be sent to technical support for analysis.
Note: Consult with the eSafe technical support team prior to making
any changes to these parameters.
56 The Support Menu

• Select the level of troubleshooting (debug level) required: off (default), low,
or high.
• Click the Create and download eSafe Support Info file link to create files for
technical support. You can either create and save the files, or create the files
and automatically upload them to eSafe technical support.
• Click the Create and download eSafe Session Log files link to collect session
log files. In the page that appears, you can choose to only collect files,
collect and upload, or clear the log files. It is also possible to schedule
automatic log file collection.
• Click the Create and download eSafe Appliance Configuration backup file
link to create a backup of the configuration file. After creating the backup
file, you can download the file to a location of your choice. (To reload the
configuration, access the Configuration Wizard, enter the file details and
then click the Restore Appliance Configuration button.)
• Click the View eSafe Module Versions link to view the version number of the
eSafe modules.
• Click Advanced to view information about the following eSafe files:
eSafe log files: Displays a list of eSafe log files. Click on a filename to
open or download the file.
eSafe .ini files: Displays a list of eSafe .ini files. Click on a filename to
open or download the file, or click to edit the file.
Any changes to the .ini files will only take effect after
restarting eSafe.
You can also:
• Next to RPM package Upload, enter the path to upload a hotfix, or click
Browse to locate the hotfix file. Click Install to install the hotfix. (You
can also upload hotfix files via eConsole.)

Downloading the eConsole Manager

The eConsole Manager page allows you to download and install eConsole, and
view the eConsole Administrator's Manual.
eConsole is a remote management console that can be used to manage all eSafe
products over the local network or over the Internet. eConsole is a Windows-
based application that can run on any PC running a supported Windows operating
system.
Whenever a new version of eConsole becomes available, it will be automatically

updated and available for installation directly from the eSafe Appliance.
• Click on the Download eConsole from eSafe Appliance link, save the
executable file and run it after the download is complete.
• View the eConsole Administrator’s Manual.
58 The Support Menu

Viewing Links to eSafe on the Web

Use the links in this page to:
• Display the eSafe home page.
• Access the Content Security Response Team web site to view information on
the latest viruses and alerts, get the latest virus and content security
updates, and security news.
• Download product documentation.
• Download eSafe products.
• Find an eSafe reseller or distributor in your area.
• View Aladdin contact details.

Testing Connectivity
This screen enables performing the following tests:
• Pinging to an FTP site.
• Checking connectivity with the eSafe site for the add-ons.
• Checking connectivity with the License Center site.
• Checking DNS resolving capabilities.
To conduct a test:
• Click on the Test button next to the test you want to perform.
Viewing Online Help

The Help option in the Support menu displays the online help table of contents
with links to all helps topics. In addition, the help button in the top right-hand
corner of each page provides information about the page you are currently
viewing.
• Click on a link to display the related help topic.
60 The Support Menu

Chapter 4
eSafe Add-Ons
eSafe includes add-ons that enable advanced protection

against spam, URL filtering and blocking communication of un-
wanted applications.
This chapter provides information on activating, updating and
registering the add-ons.
• About the eSafe Add-ons
• eSafe Advanced Anti-spam Add-on
• eSafe URL Filter Add-on
• eSafe AppliFilter Service
• Updating the eSafe Add-ons
• Registering the eSafe Add-ons
eSafe Add-Ons 63
About the eSafe Add-ons

eSafe enables working with the following add-ons:
• eSafe Advanced Anti-spam Add-on
• eSafe URL Filter Add-on
• eSafe AppliFilter Add-on
Once installed, the add-ons are valid for a period of 30 days after which you must
obtain a special license to continue using them. (At the end of this period, all
traffic will be allowed without scanning or blocking.)
Updated information is constantly added to the add-on databases and lists. You
can enable updating the add-ons on a daily basis. For further information, see
Updating the eSafe Add-ons on page 69.
eSafe Advanced Anti-spam Add-on

eSafe’s Advanced Anti-spam add-on uses a combination of techniques to combat
spam. The Anti-spam add-on enables choosing the method for checking for spam
and the action that will be taken if spam is detected, blocking email containing
specific URLs or URL categories, and defining email address Honey Pots.
To activate the anti-spam add-on:
1. In the eSafe Appliance Manager, select Appliance Status | eSafe Status.
The following screen appears:
64 About the eSafe Add-ons

2. Under Anti-spam Add-on, click on the Click to Activate link. The following
page appears:
3. Click Start Download to download the database.
While the download is in process, you can return to the eSafe Status page to
view a progress bar. At the end of the installation, the add-on will be active.
At the end of the installation, the status will be changed to “Installed” and
the add-on will be active.
4. In eConsole, select Options | Configuration | Anti-spam to configure and

fine-tune the anti-spam parameters. For detailed information regarding the
various anti-spam options, see the eConsole Administrator’s Guide.
eSafe Add-Ons 65
eSafe URL Filter Add-on

The URL Filter contains approximately 61 categories that enables blocking web
pages according to categories. When enabled, eSafe checks all surfing to web
sites against an extensive database and blocks access to sites that fall into the
block category.
To install and enable URL Filtering:
1. In the eSafe Appliance Manager, select Appliance Status | eSafe Status.
66 eSafe URL Filter Add-on

2. Under URL Filter Add-on, click on the Click to Activate link. The following
screen appears:
Note: Activating the add-on requires downloading an extensive

database from the Internet. This process can take up to a few hours due
to the large size of the database (approx. 600MB). To download the
database successfully, ensure that HTTP/HTTPS connections are
allowed and do not interrupt the Internet connection.
3. Click Start Download to download the database.
While the download is in process, you can return to the eSafe Status page to
view a progress bar. At the end of the installation, the add-on will be active.
At the end of the installation, the status will be changed to “Installed” and
the add-on will be active.
4. In eConsole, select Options | Configuration | Rules | HTTP | Block.
5. Select the Use URL Filters check box. Click List to choose which categories
will be blocked.
6. Click the Add categories button to choose the categories to block.
7. In the Add URL Categories dialog box, select the categories to block. (Use
CTRL and/or SHIFT to select multiple categories.) Click OK.
8. Click Apply to apply the changes.
Note: Under Unblocked URLs, click the Unblock a URL button to define
specific URLs that will not be blocked if they belong to one of the
categories selected in step 5.
eSafe Add-Ons 67
eSafe AppliFilter Add-on

AppliFilter™ technology allows real-time filtering of various malicious Internet
content as it enters the organization. It operates in a similar way to active IDS
(Intrusion Detection Systems), inspecting all content in transit, while remaining
transparent to end users. AppliFilter examines all traffic at the gateway, analyzes
the content of the passing packets and blocks traffic that is deemed malicious,
inappropriate or otherwise restricted.
AppliFilter can block the following types of traffic:
• Gateway-level (TCP/IP) malicious code attacks
• P2P (Peer to Peer) file-sharing such as KaZaa, iMesh, Gnutella, eDonkey
• Instant messengers such as ICQ, MSN, AOL, and Yahoo! Messengers
• Adware/Spyware components found in many “free” and commercial software
• Unauthorized tunneling which is used to circumvent firewall restrictions by

disguising forbidden traffic (such as P2P, remote computing and telnet) as
ordinary Web surfing content.
• Streaming multimedia (video and audio)
• Remote management tools
When installing eSafe Gateway with NitroInspection, the AppliFilter add-on

service is automatically installed with the Peer to Peer and Adware/Spyware
filters activated by default. You can activate additional filters and configure
advanced settings. When active, a green “v” appears in the checkbox next to the
filter name.
The AppliFilter operates for a 30 day evaluation period, after which a separate
license is required.
68 eSafe AppliFilter Add-on

Updating the eSafe Add-ons

The add-on databases and lists are constantly updated. You can enable updating
these lists and databases at a predefined interval or on a daily basis at the time
you choose.
To enable updating the add-ons:
1. In eConsole, select Administration | Updates.
2. Select the Update Add-ons daily at check box, and from the drop-down list,
select when the add-ons will be updated.
3. Click Apply.
Registering the eSafe Add-ons

At the end of the 30 day evaluation period, the add-ons will no longer be
functional. To continue using the add-ons, you need to obtain a unique license
key from Aladdin.
To register the add-on:
1. In eConsole, select Help | Enter License Key.
2. Enter your name, company name, and the license key and click OK.
eSafe Add-Ons 69
70 Registering the eSafe Add-ons

Appendix A
eSafe Appliance Technical Information
This appendix provides basic technical information about the

eSafe Appliance.
In this appendix you will find the following topics:
• eSafe Appliance Default Settings
• Additional Connection Options (for advanced Linux users)
71
eSafe Appliance Default Settings

The eSafe Appliance is configured with the following default parameters:
For eSafe Appliances with 1 NIC:

The NIC is pre-configured with the following IP address and netmask which should
be used for first-time connection:
IP address: 10.0.0.1
Netmask: 255.255.255.0.
For eSafe Appliances with 2 or 3 NICs:

Use the following IP to connect to the eSafe Appliance: 192.118.131.243.
Default Passwords
The default usernames and passwords for the eSafe Appliance and eSafe
Appliance Manager appear below — we strongly recommend that you change the
default passwords for security purposes.
eSafe Appliance
(only valid if the password was NOT changed during installation)
Username: root
Password: kn1TG7psLu
eSafe Appliance Manager
Username: admin
Password: esafe
Additional Connection Options (for advanced Linux users)

The eSafe Appliance is a Linux-based appliance. In addition to using the eSafe
Appliance Manager and eSafe Appliance Setup Wizard, you can also view and edit
appliance settings directly at root level, either locally or remotely:
To connect locally:
1. Connect a screen and keyboard to the eSafe Appliance.
2. Press CTRL+ALT+F11 simultaneously.
3. Enter the root account user name and password:

User name: root
72 eSafe Appliance Default Settings

To connect remotely using SSH protocol:
1. Connect to the eSafe Appliance IP address using an SSH client.
2. Enter the root account user name and password:

User name: root
3. Change the password for added security.
73
74 Additional Connection Options (for advanced Linux users)

Esafe Appliance Esafe Gateway: Last Revised: January 1, 2009

Transféré par

Informations du document

Description originale:

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Esafe Appliance Esafe Gateway: Last Revised: January 1, 2009

Transféré par

Droits d'auteur :

Formats disponibles

Installation and Setup Guide

Last Revised: January 1, 2009

eSafe Software products described in this document are protected by

At eSafe we welcome feedback about our documentation. You can

Chapter 2:Installing the eSafe Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Chapter 3:Managing the eSafe Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Chapter 4:eSafe Add-Ons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

This installation guide provides detailed information for

Before you Start

eSafe HG-100 eSafe HG-200

eSafe Virtual Appliance CD: A CD that provides the ability to transform a PC

4 Before you Start

eSafe Appliance Manager: Web-based management software that enables

eSafe Appliance Setup Wizard: A web-based wizard program that is used to

This chapter introduces you to the eSafe Appliance and de-

About the eSafe Appliance

• A high level of security with a hardened operating system.

• Optimized for high performance.

• Enhanced updates including virus/vandal tables, content security engine, lists

• Higher ROI due to reduced integration costs and faster deployment.

• Out-of-the-box simplicity with an excellent initial content security policy that

eSafe Gateway is a powerful content inspection gateway that:

• Includes anti-vandal and anti-virus scanners.

• Provides full content security protection for any connection established

• Operates with any firewall or router.

eSafe Gateway can operate in the following modes:

• eSafe Gateway NitroInspection (Bridge)

• eSafe Gateway NitroInspection (Router)

• eSafe Gateway Forwarding Proxy

A detailed description of these product types appears in Deciding which eSafe

2 About the eSafe Appliance

Detailed instructions for using eConsole Manager appear in the eConsole

4 About the eSafe Appliance

Installing the eSafe Appliance

This chapter provides important information that should be

In this chapter you will find the following topics:

Installing the eSafe Appliance 5

Before you Install

Installation of the eSafe Virtual Appliance consists of the following steps:

Creating an eSafe Appliance using the eSafe Virtual

• 1 GB RAM (or above)

• 36 GB disk space (minimum)

6 Before you Install

Creating the eSafe Appliance

To create an eSafe Appliance:

2. Power-on the PC.

4. Insert the eSafe Virtual Appliance CD into the CD-ROM.

5. Reboot the PC.

The PC boots from the eSafe Virtual Appliance CD.

6. At the boot prompt, type install and press <ENTER>.

Automatic system requirement verification takes place. Should the hardware

Installing the eSafe Appliance 7

At the end of the installation process, a message appears prompting you to

This concludes the process of creating an eSafe Appliance and it is now

7. Remove the CD.

8. Shut down the newly created eSafe Appliance.

8 Creating an eSafe Appliance using the eSafe Virtual Appliance CD

Deciding which eSafe Product to Use

You can choose one of the following operation modes:

• eSafe Gateway in Forwarding Proxy Mode

• eSafe Gateway in NitroInspection Bridge Mode*

• eSafe Gateway in NitroInspection Router Mode*