Manualshelf

User Manual

ManualsBrandsGFI Manualssoftware licenses/upgradesMailDefense Suite, 100-249u, 3Y, SMA RNW
11121314151617181920
8 GFI MailSecurity 2011 Typical deployment scenarios
3.1.3 Installing GFI MailSecurity in front of your firewall
Figure 3 - Installing GFI MailSecurity on a separate machine on a DMZ
Recommendation: If utilizing a firewall, a good way to deploy GFI MailSecurity is to install it on a
separate machine in front of your firewall or on the firewall itself. This allows you to keep your
corporate mail server behind the firewall. GFI MailSecurity will act as a smart host/mail relay server
when installed on the perimeter network (also known as DMZ - demilitarized zone).
NOTE: In a Microsoft Exchange Server 2007/2010 environment, the mail relay server in the DMZ
can be a machine running Microsoft Exchange Server 2007/2010 with the Edge Transport Server
Role installed.
When GFI MailSecurity is not installed on your mail server:
You can perform maintenance on your mail server whilst still receiving email from the Internet.
Fewer resources are used on your mail server.
Additional fault tolerance - if anything happens to your mail server, you can still receive email
since emails are queued on the GFI MailSecurity machine.
NOTE: GFI MailSecurity does not require a dedicated machine when not installed on the mail
server. For example, you can install GFI MailSecurity on your firewall machine or on machines
running other applications such as GFI MailEssentials.