Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

proofpoint gateway

Posted on 2017-11-14
3
Medium Priority
?
26 Views
Last Modified: 2017-11-15
regarding proof point gateway

Did we need Edge servers or not between Proofpoint and HUB?
-How to do recipient validation
0
Comment
Question by:pramod1
  • 2
3 Comments
 
LVL 37

Expert Comment

by:Jian An Lim
ID: 42368970
having Edge server or not is a on-premises requirement.
Some customer says all emails must terminate at DMZ, then EDGE is a must.
Usually, i don't see a reason if you can proove proofpoint gateway is a semi-controlled and act as your DMZ on email point of view.

to do recipient validation, proofpoint needs to have access to your ACtive directory via LDAPS to read your users.

you can look at the help file (it might not exactly the same but it definitely have something like this. talk to helpdesk if you have issues finding it)
http://support.proofpointessentials.com/index.php?/Knowledgebase/Article/View/42/11/active-directory-settings
0
 

Author Comment

by:pramod1
ID: 42369099
can you highlight what other considerations needs to be addressed while setting up proofpoint gateway in DMZ
0
 
LVL 37

Accepted Solution

by:
Jian An Lim earned 2000 total points
ID: 42369769
proofpoint gateway is in the cloud controlled by proofpoint.

so i said it "ACT" as DMZ, not it is saying it is "IN" DMZ.

the security concept is that everything entered from public to internal should be terminating in DMZ.
you have to argue proofpoint is not PUBLIC, it is semi-trusted because it is their job to make sure all connection is secure, clean and etc.

this way you argue you don't need to install an Exchange Edge server.


Depends on security officer, some of them accept you don't need an EDGe but some of them insist you need one.

I usually don't argue with security people but I always say everything we do come with a cost and whether it bring any benefit while proof point have done 90% of the job. In fact, not hosting any extra infrastructure on-premises is a bonus from my point of view.

I rest my case to security personnel and let them decide, but my recommendation is you don't need EDGE.

For proofpoint side, as long as you follow your on-boarding process, they covers everything. (unless you got a bad one)
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Join & Write a Comment

On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses

782 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question