Using the Configuration Wizard

Use the Configuration Wizard to quickly configure the basic settings you need to start protecting your network.

To use the Configuration Wizard:

  1. Choose Administration > IMSA Configuration > Configuration Wizard from the menu. The Configuration Wizard window appears.

  2. Click Next > to begin. The wizard will guide you through the following screens:

  1. Local System Settings—Configure or modify the device IP address and other network settings.

    Your first task is to configure system settings for the device.

    The local system settings take effect immediately when you click Next. If the IP address or time settings are changed, IMSA will restart. Wait until IMSA is online and then logon again.

    To configure local system settings:

      1. Under Network Settings, configure the following:

      2. Host name—The host name for the device.

      • IP address—The IP address of the Data port (by default 192.168.0.1).

      • Netmask—The corresponding netmask for the IP address.

      • Default gateway—The IP address of any gateway server on your network.

      • Primary DNS server—The primary DNS server on your network. IMSA needs to access the DNS server to determine domains.

      • Secondary DNS server—Any other DNS server on your network.

      1. Under System Time, configure the following:

      • Local time zone—Select a continent and country, and the nearest city.

      • Date and time—the current date and time.

      1. Click Next. If you modified the IP address, the button changes to Save.

  2. Deployment Settings—If you will deploy the device in a group, choose whether the device will be a parent or child. If you are going to enable IP Filtering, you must deploy InterScan™ Messaging Security Appliance (IMSA) at the gateway and select the Gateway deployment checkbox on this screen.

    You can deploy two or more IMSA devices in a group. One device acts as the parent device, which controls the child devices. The deployment settings take effect when you click Finish on the final Wizard screen.

    If you want to import the configuration settings from another device, click Import Settings and select the correct file. When you import settings, the original settings will be overwritten with the new settings immediately. You will not be able to roll back to the original settings.

    To configure deployment settings:

      1. Click either of the following radio buttons:

      • Parent server—Configure the following:

      • Gateway deployment—Select the check box if you are putting the IMSA device at the gateway. To use IP Filtering, you must select this check box. See the Deployment Guide for more information on device deployment.

      • Enable End User Quarantine—Select the check box to use EUQ.

      • NTP server IP address or host name—Select the check box to use an NTP server and type the NTP server information.

      • Child server—Type the IP address of the parent IMSA device to which this device will register.

      1. Click Next to continue configuring the Wizard.

  3. SMTP Routing—Add the domains on your network so IMSA can relay email messages to them and configure domain-based delivery.

    Configure the domains that IMSA requires to relay email messages to mail servers.

    Email Relay

    To prevent spammers from using the IMSA MTA as a relay for spam, configure relay control. You will add the mail domains on your network to the Relay Domains list. When IMSA receives an email message, it looks at the final destination of the email and compares it to this list. IMSA discards the message under the following circumstances:

      • The destination domain is not in this list

      • The parent domain of the destination domain is not in this list

      • The host is not on the Permitted Senders of Relayed Mail list

    To configure relay domains:

    You can configure relay domains by adding domains one at a time or importing a file containing a list of domain names.

      • To add domain names individually

      • Under Add Domain, type the name of an email domain on your network; for example, mydomain.com.

      • To add the domain to the list, click >>. To remove a domain, click it in the list, and then click <<.

      • To import a list of domain names

      • Click Import From File.

      • Type the path and name of the import file or click Browse to select from the directory.

      • Select the option to either Merge with current list or Overwrite current list.

      • Click Import.

     

    The imported text file may contain only one domain name per line.

      

    SMTP Routing

    When IMSA receives an email message addressed to a certain domain, it passes the email to another SMTP server for delivery. If the SMTP server cannot resolve the IP address of the destination computer, IMSA needs access to a DNS server to resolve the IP address. Use this screen to specify a list of SMTP server domains and their corresponding SMTP servers.

    To configure domain-based delivery:

    You can configure domain-based delivery by adding domains one at a time or importing a file containing a list of domain names.

      • To add domain names individually

      • To add a new domain and specify an associated SMTP server, click Add. The Destination Domain window appears.

      • Next to Destination Domain, type the domain name.

      • Next to Server address and Port, type the SMTP server IP address and port number for the SMTP server to which you want IMSA to send email for this domain.

      • Click OK.

      • To delete an item from the list, select the check box next to the domain name and click Delete.

      • To import a list of domain names

      • Click Import from File.

        • Type the path and name of the import file or click Browse to select from the directory.

        • Select the option to either Merge with current list or Overwrite current list.

      • Click Next > to progress to the next screen.

     

    The imported text file may contain only one destination domain name and delivery method per line.

     

  4. Notification Settings—Configure email and SNMP trap notification settings for default system events (rules use different notification settings).

    Configure email and SNMP trap notifications for both system and policy notifications.

    To configure notification settings:

      1. Under Email Settings, configure the following:

      • To address(es)—Type the recipient email addresses.

      • Sender's email address—Type the email address to appear as the sender. (Default: postmaster@imsa.trendmicro.com)

      • Server name or IP address—Type the FQDN or IP address of the SMTP server that delivers email on your network.

      • SMTP server port—Type the port number that the SMTP server uses to connect to IMSA.

      • Preferred charset—Choose the language in which you will write the notification message.

      • Message header—Type the text to appear at the top of the notification.

      • Message footer—Type the text to appear at the bottom of the notification.

      1. Under SNMP Trap, configure the following:

      2. Server name—Type the FQDN or IP address of the SNMP server.

      • Community—Type the SNMP server community name.

      1. Click Next >.

     

  5. Update Source—Select the source where IMSA will retrieve updated antivirus, anti-spam, and anti-spyware components.

    By default, IMSA downloads components from the Trend Micro ActiveUpdate server, which is the only source for up-to-date components. However, if you are using Trend Micro Control Manager (TMCM) to manage IMSA, you can update the components from the TMCM server. See your TMCM documentation for details on how a TMCM server can act as an update source.

    To choose an update source:

      1. Under Source, select one of the following:

      2. Trend Micro ActiveUpdate server—The default selection. The Trend Micro ActiveUpdate server is the only standard source for up-to-date components.

      • Other Internet source—Type the URL or IP address of the Control Manager server.

      1. If traffic from IMSA must pass through a proxy server to get to the Internet, configure the following:

      2. Use a proxy server for pattern, engine, and license updates—Select the check box if you are using a proxy server and configure the following:

      • Proxy type—Select HTTP, SOCKS4, or SOCKS5.

      • Proxy server—Type the host name or IP address of the proxy server.

      • Port—Type the port the proxy server uses to communicate.

      • Username—Type the username you need for administrative access to the proxy server.

      • Password—Type the corresponding password.

      1. Click Next>.

  6. LDAP Settings—Set LDAP server settings and administrative information.

    Configure LDAP settings for user-group definition, administrator privileges, or end-user quarantine authentication. You can enable up to two LDAP servers for each IMSA device.

    To configure LDAP settings:

      1. Next to LDAP server type, choose the type of LDAP servers on your network:

      • Microsoft Active Directory

      • Domino

      • Sun iPlanet Directory

      1. Next to Enable LDAP 1, select the check box.

      2. Next to LDAP server, type the server name or IP address.

      3. Next to Listening port number, type the port number that the LDAP server uses to listen to access requests.

      4. Configure the settings under LDAP 2 if necessary.

      5. Under LDAP cache expiration for policy servers and EUQ servers, type the time to live in minutes.

      6. Under LDAP admin, type the administrator account, and the corresponding password.

      7. Type the based distinguished name.

      8. Select an authentication method:

      • Simple

      • Advanced—Uses Kerberos authentication for Active Directory. Configure the following:

      • Kerberos authentication default realm

      • Default domain

      • KDC and admin server

      • KDC port number

      1. Click Next >.

  7. Internal Addresses—Define internal addresses and domains to determine which policies and events are inbound and outbound for reporting and rule creation.

    Internal addresses refer to all the users on your network. IMSA refers to the internal address list when it analyzes a rule's route—a specific "To" and "From" combination that includes a recipient and sender address or domain, LDAP groups, or address groups.

    Any senders and recipients in a rule's route must be on the Internal Addresses list if you selected incoming messages or outgoing messages when adding a new rule or modifying an existing rule. See Configuring the Route for more information.

    To define internal users and domains:

      1. Under Internal Domains and User Groups, choose one of the following from the drop down box:

      2. Enter domain—Type a domain and click >>. Do not type the "@" or user name parts of an email address. For example, domainname or domainname1.domainname2 are valid; user@domainname is invalid.

      • Search for LDAP group—A screen for searching the LDAP groups appears. Type an LDAP group name (not an individual LDAP user) for which you want to search in the text box and click Search. The search result appears in the list box. To add it to the Selected list, click the LDAP group, then click >>.

      1. To import user groups from a file, click Import from File and select the file.

      2. Click Save. The new domain or LDAP group appears on the Selected list.

  8. TMCM Settings—To use Trend Micro Control Manager (TMCM) 3.5 or above to manage IMSA, enable the TMCM agent on the IMSA server and configure TMCM server settings.

    To use Trend Micro Control Manager (TMCM) 3.5 to manage IMSA, enable the TMCM agent on the IMSA server and configure TMCM server settings. If a proxy server is between the TMCM server and IMSA, configure proxy settings. If a firewall is between the TMCM server and IMSA, configure port forwarding to work with the firewall's port-forwarding functionality.

    To configure TMCM settings:

      1. Select the Enable TMCM Agent check box.

      2. Next to Server, type the TMCM IP address or FQDN.

      3. Next to Communication protocol, select HTTP or HTTPS and type the corresponding port number. The default port number for HTTP access is 80, and the default port number for HTTPS is 443.

      4. Under Web server authentication, type the access credentials to access the TMCM Web server.

      5. Select the Enable proxy check box.

      6. Next to Proxy Type, select the protocol the proxy server uses: HTTP, SOCKS4 or SOCKS5.

      7. Type the proxy server FQDN or IP address, port number, and the username and password.

      8. Click Next >.

  9. Product Activation—Register and activate the antivirus and content filter, Spam Prevention Solution, and the IP Filter.

    IMSA can use the following products:

      • Antivirus and Content Filter—Basic scanning and filtering functionality. You can think of this product as the IMSA program itself.

      • Spam Prevention Solution (SPS)—A built-in filter to help IMSA identify content typically found in spam.

      • IP Filtering—Automatic blocking of known spam senders. IP Filtering includes the following:

      • NRS—Trend Micro Network Reputation Services (NRS) are designed to be used to identify and block spam before it enters a computer network by routing Internet Protocol (IP) addresses of incoming mail connections to Trend Micro Threat Protection Network for verification against an extensive Reputation Database.

      • IP Profiler—IP Profiler allows you to configure threshold settings and determine what action IMSA will take when it detects any of the four potential Internet threats:

      • Spam—Email with unwanted advertising content.

      • Viruses—Various virus threats, including Trojan programs.

      • Directory Harvest Attack (DHA)—Programs that could add your user's email addresses to spam databases.

      • Bounced Mail—Email messages returned to you because the messages were sent with your domain in the sender address.

    To activate products, registering the product online with the Registration Key that came with IMSA. Trend Micro will send you an Activation Code.

    To register products:

      1. Click Register Online.

      2. Follow the instructions on the Trend Micro Web site.

    To activate products:

      1. Under Activate, type the codes for the products to activate.

      2. Click Next >.

  1. On the review settings screen, click Finish to save your settings and exit the wizard. To return to any of the screens above, click < Back.

 

To return to the last saved settings or continue to the next step without specifying the mandatory setting(s) on any of the above screens, click Skip.