Portal Administrator Guide 1 June 2014

Similar documents
VMware AirWatch Content Gateway Guide For Linux

VMware AirWatch Content Gateway for Linux. VMware Workspace ONE UEM 1811 Unified Access Gateway

EASYLAMP REDHAT V1.0 DOCUMENT OWNER: OUDHUIS, JONATHAN INGRAM MICRO CLOUD EUROPE

VMware AirWatch Content Gateway Guide for Linux For Linux

Kollaborate Server. Installation Guide

Version 1.26 Installation Guide for SaaS Uila Deployment

EASYLAMP UBUNTU V1.0 DOCUMENT OWNER: OUDHUIS, JONATHAN INGRAM MICRO CLOUD EUROPE

Version 1.26 Installation Guide for On-Premise Uila Deployment

Comodo Dome Shield - Admin Guide

QuickStart Guide for Managing Computers. Version 9.73

StreamSets Control Hub Installation Guide

Acronis Backup & Recovery 11.5

QuickStart Guide for Managing Computers. Version

Installing SmartSense on HDP

Installing and Upgrading Cisco Network Registrar Virtual Appliance

Acronis Backup Advanced Version 11.5 Update 6

Service Desk 7.2 Installation Guide. March 2016

Sophos Virtual Appliance. setup guide

QuickStart Guide for Managing Computers. Version 9.32

McAfee Endpoint Security Threat Prevention Installation Guide - Linux

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

Service Portal User Guide

Installing Data Exchange Layer

ForeScout CounterACT. (AWS) Plugin. Configuration Guide. Version 1.3

VMware AirWatch Content Gateway Guide for Linux For Linux. AirWatch v9.3

VMware AirWatch Content Gateway for Windows. VMware Workspace ONE UEM 1811 Unified Access Gateway

QuickStart Guide for Managing Computers. Version

Apache Manual Install Ubuntu Php Mysql. Phpmyadmin No >>>CLICK HERE<<<

StorageGRID Webscale 11.1 Expansion Guide

Red Hat Development Suite 2.1

Nubo on premise POC requirements for VMWare ESXi

Automated Installation Guide for CentOS (PHP 7.x)

Contents. Limitations. Prerequisites. Configuration

REDCENTRIC AGENT FOR LINUX (64-BIT) VERSION

Getting Started with ESXi Embedded

QuickStart Guide for Managing Mobile Devices. Version

AppDefense Getting Started. VMware AppDefense

JAMF Software Server Installation and Configuration Guide for Linux. Version 9.72

NGFW Security Management Center

Installing or Upgrading ANM Virtual Appliance

Cymmetria MazeRunner INSTALLATION GUIDE

Downloading and installing Db2 Developer Community Edition on Ubuntu Linux Roger E. Sanders Yujing Ke Published on October 24, 2018

Stonesoft Management Center. Release Notes for Version 5.6.1

Kaspersky Security Center 10

Smart Bulk SMS & Voice SMS Marketing Script with 2-Way Messaging. Quick-Start Manual

IT STARTED WITH A KICKSTARTER CAMPAIGN

Installation Guide for 3.1.x

Version 1.24 Installation Guide for On-Premise Uila Deployment Hyper-V

KASPERSKY SECURITY FOR VIRTUALIZATION LIGHT AGENT. Quick Deployment Guide.

VMware vfabric Data Director Installation Guide

USER GUIDE. Accessing the User Interface. Login Page Resetting your Password. Logging In

Comodo Dome Shield. Administrator Guide Guide Version Software Version 2.4. Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013

vsphere Installation and Setup Update 2 Modified on 10 JULY 2018 VMware vsphere 6.5 VMware ESXi 6.5 vcenter Server 6.5

Salesforce CRM Content Implementation Guide

Installing Cisco Virtual Switch Update Manager

JAMF Software Server Installation and Configuration Guide for Linux. Version 9.31

Vembu BDR Suite Free Edition

Puppet on the AWS Cloud

FileCruiser VM Quick Configuration Guide For Trial Version V1.0

VMware vfabric Data Director Installation Guide

VMware AirWatch Content Gateway Guide for Windows

Virtual Appliance Installation Guide


vcenter Server Installation and Setup Modified on 11 MAY 2018 VMware vsphere 6.7 vcenter Server 6.7

EMC Smarts SAM, IP, ESM, MPLS, NPM, OTM, and VoIP Managers Support Matrix

Deploy IBM Spectrum Control Virtual Appliance into VMware ESXi V5.1 IBM

SentinelOne Technical Brief

IMC Network Traffic Analyzer 7.3 (E0504) Copyright 2015, 2017 Hewlett Packard Enterprise Development LP

Table of Contents 1.1. Install, Deploy, Maintain Infrastructure Installation Download. Deploy the Appliance

CS197U: A Hands on Introduction to Unix

ForeScout Extended Module for IBM BigFix

Cloud Services. Introduction

vcenter Server Installation and Setup Update 1 Modified on 30 OCT 2018 VMware vsphere 6.7 vcenter Server 6.7

EMC Smarts SAM, IP, ESM, MPLS, NPM, OTM, and VoIP Managers 9.5 Support Matrix

Deploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2

Ansible Tower Quick Setup Guide

Goliath Performance Monitor v11.7 Prerequisites Guide


IMC Network Traffic Analyzer 7.1 (E0301P04) Copyright (c) 2015 Hewlett-Packard Development Company, L.P. All Rights Reserved.

UDS Enterprise Preparing Templates Xubuntu X2Go + UDS Actor

vsphere Update Manager Installation and Administration Guide 17 APR 2018 VMware vsphere 6.7 vsphere Update Manager 6.7

Vembu NetworkBackup. File Backup, Microsoft Exchange, SQL Server, SharePoint, System State, Outlook and MySQL Backup VEMBU TECHNOLOGIES PARTNERS

Table of Contents 1.1. Introduction. Overview of vsphere Integrated Containers 1.2

VMware AirWatch Content Gateway Guide for Windows

vcloud Director Administrator's Guide

OpenIAM Identity and Access Manager Technical Architecture Overview

InstallAnywhere: Requirements

IMC Network Traffic Analyzer 7.2 (E0401P04) Copyright 2016 Hewlett Packard Enterprise Development LP

How to Use This Lab Manual

Linux application virtualization with UDS Enterprise. Versión Rev. 1

Parallels Remote Application Server

VMware AirWatch Content Gateway Guide for Windows

Cisco Configuration Engine 2.0

Quick Start Guide to Compute Canada Cloud Service

Stonesoft Management Center. Release Notes for Version 5.4.6

This material is based on work supported by the National Science Foundation under Grant No

Exam Name: VMware Certified Professional on vsphere 5 (Private Beta)

Dell EMC Ready Architectures for VDI

Runecast Analyzer User Guide

Zenoss Resource Manager Upgrade Guide

Transcription:

Portal Administrator Guide 1 June 2014

Overview... 1 Architecture... 1 Supported Operating Systems... 1 Installation and Prerequisites... 1 Minimum and Recommended Hardware... 2 Network Firewall... 2 Mailborder Portal Server Installation... 2 Installation Environment... 3 Installation Script Download... 3 Installation Details... 3 Source Guardian... 3 Portal Member Groups and Permissions... 4 Groups... 4 Base User Group... 4 Global User Group... 4 Organization Groups... 4 Requirements and Limitations... 4 Privilege Levels... 5 Member Level... 5 Organizational Level... 5 Global Level... 6 Portal Interface... 7 My Email... 7 Email Log... 7 Filters... 7 Advanced Search... 7 Charts and Graphs... 7 Organizations... 8 Email Log... 8 Filters... 8 Advanced Search... 8 Charts and Graphs... 8 Global... 8 Email Log... 8

Filters... 8 Advanced Search... 8 Charts and Graphs... 8 Rule Logic... 9 Example... 9

Overview The Mailborder Member Portal is an add-on component for Mailborder clusters that allows for distinct user, manager, and administrator access to information and resources within the cluster. This capability greatly reduces the work load for Mailborder cluster administrators by safely granting lower level administrative capabilities to users, which is tightly controlled by role assignments. v4.1 Architecture The Mailborder Member Portal is designed to run on a web server platform, which accesses the Mailborder Master server remotely. The Portal utilizes several capabilities that are only available on Linux operating systems and therefore must be hosted only on supported platforms. Supported Operating Systems As of the current version, the Mailborder Member Portal installation script supports the following operating system deployments for hosting: - CentOS 6 - Debian 7 - RedHat 6 ** - Ubuntu 12.04 LTS - Ubuntu 14.04 LTS ** The licensing required for the use of Red Hat Enterprise Linux is not included in Mailborder licensing. Other Linux or BSD variants may be used as long as the appropriate web server capabilities are supported and the PHP version is at a minimum of v5.3. However, automatic installation scripts and cron task support are not available for unsupported operating systems. Installation and Prerequisites The Mailborder Member Portal must be installed on a fresh installation of one of the supported operating systems in order to utilize the automated installation scripts and cron tasks. Graphical interfaces such as Gnome or KDE are not required or recommended, but may be installed if so desired. The architecture can be either physical or virtual. The Mailborder Member Portal has been extensively tested on VMware vsphere Hypervisor (ESXi v5 and v5.1) and is the recommended platform for virtualization. However, any virtualization platform should be sufficient. 1

v4.1 Minimum and Recommended Hardware The following is the bare minimum system resources recommended and supported: - 512MB RAM - Late model multi-core Intel or AMD processor - 5GB hard disk The following or greater system resources are recommended and encouraged: - 2GB - 8GB RAM - Late model multi-core server Intel or AMD processor - 20GB hard disk Network Firewall The Mailborder Member Portal will require the ports listed below for normal operation. Additional ports may be opened as required for any additional services running on the server. Ports may be changed for the web service as required. The Mailborder Member Portal does not require a specific port for the web service in order to function correctly. Port Protocol Network Direction 22 TCP Internal Network Inbound 80 TCP External Network Inbound 443 TCP External Network Inbound 3306 TCP Master Server Outbound Mailborder Portal Server Installation The Mailborder Portal should be installed on a supported operating system and version. Only the server variants of these operating systems should be utilized. Graphical user interfaces such as Gnome and KDE are not recommended or supported, but may be utilized. Additional third party software can be installed if desired. If an unsupported operating system is used, the following capabilities or their equivalent are required: PHP 5.3+ PHP: GeoIP PHP: MySQL Client PHP: GD PHP: Mcrypt PHP: Command Line Interface PHP: JSON PHP: Curl PHP: Suhosin (recommended) Apache: Mod Security (recommended) 2

Installation Environment The Mailborder Portal installation script must be installed as the root user. On systems such as Ubuntu where the root user is disabled by default, you will be required to switch to a persistent root environment using sudo. To switch to root: Debian, Red Hat, and variants: > su - > (enter password) Ubuntu: > sudo -i > (enter password) Installation Script Download Once in the root environment, change to a safe directory (e.g /root) to download the install script. For the exact install script, see the Mailborder website for direction specific to your operating system: www.mailborder.com > Main Menu > Docs > Install Installation Details The install script downloads the required components for the Mailborder Portal server from a repository and logs the details of installation to /mailborder/install/mbs_install.log During the installation process a number of software packages are installed. This requires that the server have access to the Internet to download the required packages. For a list of all installed packages, review the Mailborder install script for your distribution or for a complete list, which includes installed dependencies, review the /mailborder/install/mbs_install.log file. On Red Hat based systems the EPEL repository may be installed and enabled. For more information regarding this repository, see: http://fedoraproject.org/wiki/epel Source Guardian The Mailborder Portal GUI (Graphical User Interface) is a web-based interface written in PHP. In order for the interface and Mailborder Portal scripts to function, the appropriate version of Source Guardian must be installed. This is typically done by the Mailborder Portal installation script, but may need to be changed or updated if the PHP version on the server is upgraded. For more information regarding the Source Guardian loaders: http://www.sourceguardian.com/loaders.html v4.1 3

Portal Member Groups and Permissions There are three basic permission groups on the Mailborder Portal that control access, features, and actions of each user. These groups are combined with a privilege level for that group that determines what a portal user can view and what actions can be executed by that user. Groups Base User Group The Base User Group is the group that all portal members are assigned to when created and is the group that controls access to their own personal email in the Mailborder Portal. Every portal user account must be a member of this group. Global User Group The Global User Group is the group used to assign Demo Reviewer, Global Reviewer, and Global Administrator roles to portal members. Being a member of this group enables the display of the Global menu in the Mailborder Portal and allows the user to see all email and related data within the entire cluster. Organization Groups Within the Mailborder Master server Organizations can be defined. Each Organization can then have hosted domains assigned to it, which in turn can be reviewed or managed by organizational roles assigned to portal members. Requirements and Limitations The Base User Group and the Global User Group cannot be modified or deleted. Portal Members can be assigned to these groups. The Base User Group is managed automatically by the Mailborder Master server. Every portal member must be a member of the Base User Group and is automatically assigned to this group during creation. If a member is created with an organizational group as the only assignment, the member will automatically be added to the Base User Group with the lowest level permission set. If a user is edited and removed from this group, the user will automatically be added back to the group with the lowest level permission set. The Global User Group must be used to assign Global Administrator, Global Reviewer, and Demo Reviewer roles. Attempts to assign these privilege levels to other groups will be ignored during the save process. Domains may be assigned to multiple groups at the same time. For example, domain.com can be assigned to the organization group Manny s Widgets and then also be assigned to Global Tire Company. Portal members assigned organizational privilege levels from either group will be able to see and manage domain.com. v4.1 4

Privilege Levels A portal member may have multiple privilege levels assigned to control access to various sections of the Mailborder Portal. These privilege levels run in parallel and do not stack. The three base tiers are Member Level, Organizational Level, and Global Level. Each tier opens new base menu trees within the portal interface depending upon if the base tier is assigned to the portal user. Member Level Member level permissions apply directly to the email address registered to the user s Mailborder portal account. Any action taken under this privilege level will apply only to that address and no other. This includes email logs, charting and graphing, whitelists and blacklists, and Object Templates. Basic User This is the most limited privilege level for users. Users will be able to view and search their own email. Standard User This privilege level allows users to view, chart, and release quarantined email for their own email address. Extended User This privilege level has the same privileges as the Standard User and is also allowed to add addresses and domains to their own whitelists and blacklists. These lists only apply to the user s own email address. Power User ** This privilege level has the same privileges as the Extended User and is also allowed to create Object Templates, which are custom scanning rules, for themselves. ** Future release capability. Expected September 2014. Organizational Level Organizational privileges apply to all domains associated with an organization. For example, an organization named Manny s Widgets has the domains mailborder.net and mailborder.org assigned to it. When a portal user is assigned an organizational role in Manny s Widgets, a new tree menu item will be available in the Mailborder Portal for that user labeled Organizations. When the user views the email log, it will show all email for both mailborder.net and mailborder.org. The same applies for creating whitelists and blacklists, charting data, and performing an advanced search. Organizational Reviewer This privilege level allows the user to view and chart all email for all domains that belong to an organization. Organizational Release Manager This privilege level allows the user to view, chart, search, and release quarantined email for all domains belonging to an organization. v4.1 5

Organizational Manager This privilege level includes all capabilities of the Organizational Release Manager plus the ability to edit Object Templates for the organization. ** Organizational Administrator This privilege level includes all capabilities of the Organizational Manager plus the ability to manage user privileges for organizational members. ** ** Future release capability. Expected September 2014. Global Level Global privileges apply to all organizations and domains. The global level also allows viewing of email that does not belong to any organization or domain hosted by the Mailborder cluster. An example would be all email that is relayed through the cluster from an external device in the Relay Policy. Note that all rules from whitelists, blacklists, and Object Templates will apply to all email passing through the Mailborder cluster. Rules that are defined within the Mailborder Master server will be combined with global level rules defined within the Mailborder Portal. Global Reviewer This privilege level allows the user to view and chart all email that passes through the Mailborder cluster. Global Administrator This privilege level allows the user to execute all available administrative actions within the Member Portal. v4.1 Demo Reviewer This permission level is designed as a marketing tool for the Mailborder Portal. If a user is assigned this privilege level, it locks all actionable items available in the Member Portal. All portal menus will be available, but the user will not be able to change anything to include the password or preferences for their own account. Note that the locks for this privilege assignment override all other assignments. 6

v4.1 Portal Interface The graphical user interface for the Mailborder Portal is broken into three primary groups based upon the portal member s permission assignments. Menu tree items will only be available if the corresponding privilege level is assigned. The three primary menu items are My Email, Organizations, and Global. My Email All menu actions under this menu item are restricted to the portal member s personal email address. All views, rules, searches, and charting are filtered to include only this address. Email Log When viewing the email log only email that contains the member s email address in the From or To portions of the personal email will be displayed. If the portal member has the required privilege level to release his or her own quarantined email, then the Release button will be visible and functional. Note that non delivery reports (NDRs) related to the user s email will not be shown since the sender, or From address, is null and the recipient, or To address, is typically an external user being notified of the delivery failure. Filters Filters refer to user created whitelists and blacklists. These filters only apply directionally To the member s personal email address and to nothing else within the Mailborder cluster. When each Mailborder server rebuilds its configuration files these rules are placed first in the rule logic allowing their personal preferences to override any organizational or global rules. Advanced Search The search feature applies only to the portal member s personal email address. All search requests will automatically filter the results to include only the results that contain the portal member s email address in the From or To fields of the email message. Charts and Graphs Like the Advanced Search feature, the charting features will only include the data where email messages include the portal member s personal email address in the From or To fields of each email message. 7

Organizations This menu item is visible only if the portal member is assigned an organizational role within the Mailborder Master server. All menu actions under this menu item are restricted to domains assigned to the organization within the Mailborder Master sever. Email Log The email log is limited to viewing email where the From or To domain is one that belongs to the organization in which the user is assigned privileges. A drop down filter allows the viewer to view all records for all domains at once or by individual domain. Filters Filters refer to organizational user created whitelists and blacklists. The filters apply directly to any domain belonging to the organization. Organizational filters are applied after user filters when building cluster rules. Organizational filters will override global and Mailborder Master server filters where the To domain is one that is owned by the organization. Advanced Search The advanced search is limited to domains assigned to the organization. Search results are filtered so that results are displayed only when the From or To domain in the email message matches a domain or domains assigned to the organization. Charts and Graphs The charting and graphing capability is limited to domains assigned to the organization. The From or To domain in each email message must match a domain assigned to the organization in order to be included in statistical results. A drop down filter allows the viewer to chart and graph all records belonging to the organization at once or by individual domain. Global The global menu item is only visible if the portal member is assigned a global role within the Mailborder Master server. All menu items are unrestricted in regards to the email logs, filters, search, and charting functions. Email Log The email log in the global menu will display all email recorded by the Mailborder cluster. This includes additional email not assigned to a hosted domain. A drop down filter allows the viewer to view records for all email or to filter the records by domain. Filters Any filter created in the global menu will apply to the From address of all incoming email into the cluster. For example, if domain.com is blacklisted, any email From domain.com will be quarantined regardless of the destination To address in the email message. Global filters are built and applied to rule logic after Member and Organizational filters. Advanced Search The advanced search is unlimited and allows all email records to be searched. Charts and Graphs The charting and graphing capability is unlimited. A drop down filter allows charting and graphing of individual domains if desired. v4.1 8

Rule Logic Below is an example of the rule logic used when building whitelists and blacklists. The rule logic is applied from top to bottom on a first-match basis. Example # Built by Mailborder Systems # Build Time: Sun, 01 Jun 14 14:18:01 +0000 # Mailborder version: 4.1.1 build: 1 # Blacklist Rules v4.1 # Individual Portal Member Rules # From: *@kgagerin.us and To: qool@jaranya.com From: marzspray@biosiseyasscbc.us and To: qool@jaranya.com From: *@lpsealsnc.us and To: qool@jaranya.com # Portal Organization Domain Rules # From: *@aol.com and To: hekil.com From: *@aol.com and To: jaranya.com From: *@aol.com and To: mailborder.net From: necole_cummins@yahoo.com and To: hekil.com From: necole_cummins@yahoo.com and To: jaranya.com From: necole_cummins@yahoo.com and To: mailborder.net # Portal Global Rules # From: *@etb.net.co From: *@eco.de yes yes yes # Mailborder Gateway Rules # From: user@domain.com and To: mailborder.net From: bob@ibm.com and To: mailborder.net From: user@domain.com and To: jaranya.com From: bob@ibm.com and To: jaranya.com From: user@domain.com and To: milposts.com From: bob@ibm.com and To: milposts.com From: user@domain.com and To: hekil.com From: bob@ibm.com and To: hekil.com FromOrTo: default no 9

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback