Centralizing Policy, Virus, and Outbreak Quarantines

If your Email Security appliance is in your DMZ and your Security Management appliance is behind your firewall, open a port in the firewall to allow the appliances to exchange centralized policy, virus, and outbreak quarantine data.

On the Security Management appliance, enable the feature.

On the Security Management appliance, allocate disk space for non-spam quarantines.

(Optional)

• Create centralized policy quarantines on the Security Management appliance with desired settings.

• Configure settings for the centralized virus and outbreak quarantines, and for the default policy quarantines.

  If you configure these settings before migration, you can refer to the existing settings on your Email Security appliances.

  You can also create required quarantines while configuring custom migration, or quarantines will be created for you during automatic migration. All quarantines created during migration have default settings.

  Local quarantine settings are not retained in the centralized quarantine, even if the quarantine name is the same.

On the Security Management appliance, add Email Security appliances to manage, or select the Policy, Virus and Outbreak Quarantines option from the centralized services of an already-added appliance.

• If your Email Security appliances are clustered, all appliances that belong to a particular level (machine, group, or cluster) must be added to the Security Management appliance before you enable centralized Policy, Virus and Outbreak Quarantines on any Email Security appliance in the cluster.

Commit your changes.

On the Security Management appliance, configure migration of existing policy quarantines from Email Security appliances.

On an Email Security appliance, enable the centralized policy, virus, and outbreak quarantines feature.

• Important

  If you have policy, virus, and outbreak quarantines configured on an Email Security appliance, migration of quarantines and all their messages begins as soon as you commit this change.

Migrate additional Email Security appliances.

• Only one migration process can be in progress at any time. Do not enable centralized policy, virus, and outbreak quarantines on another Email Security appliance until the previous migration is complete.

Edit centralized quarantine settings as needed.

• Quarantines created during migration are created with default settings, not the settings in the originating local quarantines, even if the centralized and local quarantine names are the same.

If message filters, content filters, and DLP message actions could not be automatically updated with the names of centralized quarantines, manually update those configurations on your Email Security appliances.

• In cluster configurations, filters and message actions can be automatically updated on a particular level only if filters and message actions are defined at that level.

(Recommended) Specify an Email Security appliance to process released messages if the originating appliance is not available.

If you delegate administration to custom user roles, you may need to configure access in a certain way.