proofpoint gateway

regarding proof point gateway

Did we need Edge servers or not between Proofpoint and HUB?
-How to do recipient validation
pramod1Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jian An LimSolutions ArchitectCommented:
having Edge server or not is a on-premises requirement.
Some customer says all emails must terminate at DMZ, then EDGE is a must.
Usually, i don't see a reason if you can proove proofpoint gateway is a semi-controlled and act as your DMZ on email point of view.

to do recipient validation, proofpoint needs to have access to your ACtive directory via LDAPS to read your users.

you can look at the help file (it might not exactly the same but it definitely have something like this. talk to helpdesk if you have issues finding it)
http://support.proofpointessentials.com/index.php?/Knowledgebase/Article/View/42/11/active-directory-settings
0
pramod1Author Commented:
can you highlight what other considerations needs to be addressed while setting up proofpoint gateway in DMZ
0
Jian An LimSolutions ArchitectCommented:
proofpoint gateway is in the cloud controlled by proofpoint.

so i said it "ACT" as DMZ, not it is saying it is "IN" DMZ.

the security concept is that everything entered from public to internal should be terminating in DMZ.
you have to argue proofpoint is not PUBLIC, it is semi-trusted because it is their job to make sure all connection is secure, clean and etc.

this way you argue you don't need to install an Exchange Edge server.


Depends on security officer, some of them accept you don't need an EDGe but some of them insist you need one.

I usually don't argue with security people but I always say everything we do come with a cost and whether it bring any benefit while proof point have done 90% of the job. In fact, not hosting any extra infrastructure on-premises is a bonus from my point of view.

I rest my case to security personnel and let them decide, but my recommendation is you don't need EDGE.

For proofpoint side, as long as you follow your on-boarding process, they covers everything. (unless you got a bad one)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.