Data Loss Prevention

 View Only

  • 1.  Integration of Network Prevent for Email with Microsoft Exchange 2013 in Reflect Mode

    Posted Oct 20, 2016 12:17 AM

    Hello everyone,

    I have been trying to integrate DLP NW Prevent for Email with MS Exchange 2013 in reflect mode. 

    I have been trying MTA Integration Guide but it just gives a theoritical overwiew of the implementation. And doesn't shed light how Exchange will reat when it recieves email back from DLP. Email loop is likely to occur.

    Can anyone help me with issue?

    Thanks.

    Atif



  • 2.  RE: Integration of Network Prevent for Email with Microsoft Exchange 2013 in Reflect Mode
    Best Answer

    Posted Oct 21, 2016 09:54 AM

    Is there a reason that you are using Reflect Mode and not forwarding mode?  I've found it very difficult to setup Reflect Mode as you need to have Exchange listening on one port to receive email from internal people and then send email out to NPE and then listen back to receive email from another port from NPE.  Make sense?  So you need to configure a bunch of ports withiin Exchange due to this.  

    The one time I did this i had to setup a new MTA to receive the reflect from NPE and then pass that back to Exchange.

    Forwarding mode is much easier to setup and configure.  You probably have an upstream MTA to pass the email from NPE that might be easaier to configure



  • 3.  RE: Integration of Network Prevent for Email with Microsoft Exchange 2013 in Reflect Mode

    Posted Oct 22, 2016 07:46 PM

    Thanks for your response Jonathan.

    I configured Email Prevent in forward mode twice in my previous organization.

    Need to configure in Reflect mode for my current organization.

    If possible, please share your working steps for Exchange configuration. That would be of great help.

     

    Atif

     

     

     

     

     

     

     



  • 4.  RE: Integration of Network Prevent for Email with Microsoft Exchange 2013 in Reflect Mode
    Best Answer

    Broadcom Employee
    Posted Nov 03, 2016 11:05 AM

    Exchange traditionally does not play well with reflect mode. In order to get it working prior to Exchange 2013 you needed to make a "linked connector" which is an unconditional forward to the outbound connector. An example of that is avaiable at https://theucguy.net/linked-connector-in-exchange-2010/. Starting in Exchange 2013 the linked connector is no more however which means forwarding mode or bust. If you dont have an MTA already in place you could stadn up a simple MTA to serve as the forward to host for outbound email.



  • 5.  RE: Integration of Network Prevent for Email with Microsoft Exchange 2013 in Reflect Mode

    Posted Nov 14, 2016 01:11 AM

    Thanks guys.

    Tested with forward mode, worked fine. Going to test for reflect today.

     

    BR

    Atif

     



  • 6.  RE: Integration of Network Prevent for Email with Microsoft Exchange 2013 in Reflect Mode

    Posted Nov 21, 2016 04:11 PM

    Hi Atif,

    Can you please give me detail, how you configure NP with forword mode.

    CAS ----------- > NP-email ------------> MS exchange edge server-------------- microsoft EOP (internet)

    Thanks,