i-ii Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files, release notes and the latest version of the Installation Guide, which are available from Trend Micro’s Web site at: http://docs.trendmicro.com Trend Micro, the Trend Micro t-ball logo, InterScan, TrendLabs, and Trend Micro Control Manager are trademarks or registered trademarks of Trend Micro Incorporated. All other product or company names may be trademarks or registered trademarks of their owners. Copyright© 2015 Trend Micro Incorporated. All rights reserved. No part of this publication may be reproduced, photocopied, stored in a retrieval system, or transmitted without the express prior written consent of Trend Micro Incorporated. Release Date: October 2015 Protected by U.S. Patent No. 5,951,698 The Administrator’s Guide for Trend Micro is intended to provide in-depth information about the main features of the software. You should read through it prior to installing or using the software. For technical support, please refer to the Technical Support and Troubleshooting chapter for information and contact details. Detailed information about how to use specific features within the software are available in the Online Help file and online Knowledge Base at Trend Micro’s Web site. Trend Micro is always seeking to improve its documentation. If you have questions, comments, or suggestions about this or any Trend Micro documents, please contact us at [email protected]. Your feedback is always welcome. Please evaluate this documentation on the following site: http://docs.trendmicro.com/en-us/survey.aspx i ii Contents Preface Audience ...............................................................................................................x How to Use this Guide ......................................................................................x IWSVA Documentation ..................................................................................xii Document Conventions .................................................................................xiii About Trend Micro .........................................................................................xiii Chapter 1: Preinstallation Planning Server Requirements .......................................................................................1-2 Operating System .......................................................................................1-2 Hardware Requirements ...........................................................................1-2 Component Installation ............................................................................1-3 Web Browser ..............................................................................................1-4 Other Requirements ..................................................................................1-5 Information Needed to Install IWSVA .......................................................1-7 Fresh Installation .......................................................................................1-7 Migration .....................................................................................................1-7 Type of Proxy Configuration ...................................................................1-7 Control Manager Server Information .....................................................1-8 Database Type and Location ....................................................................1-8 SNMP Notifications ..................................................................................1-8 Web Console Password ............................................................................1-8 Command Line Access .............................................................................1-9 Proxy for Internet Updates ......................................................................1-9 Activation Codes ........................................................................................1-9 Planning Network Traffic Protection ..........................................................1-9 Transparent Bridge Mode .......................................................................1-10 iii Trend Micro™ InterScan™ Web Security Virtual Appliance 6.5 SP2 Installation Guide Forward Proxy Mode ...............................................................................1-11 Reverse Proxy Mode ................................................................................1-11 ICAP Mode ...............................................................................................1-11 Simple Transparency Mode ....................................................................1-11 WCCP Mode .............................................................................................1-12 Chapter 2: Deployment Primer Identifying Your Server Placement ..............................................................2-2 Two Firewalls with DMZ .........................................................................2-2 One Firewall with No DMZ .....................................................................2-3 Planning Network Traffic Flows ..................................................................2-4 Planning the HTTP Flow ..........................................................................2-5 HTTPS Decryption ...............................................................................2-7 Planning FTP Flows ..................................................................................2-7 FTP Proxy in Standalone Mode ..........................................................2-7 FTP Proxy in Dependent Mode .........................................................2-9 Deploying in Forward Proxy Mode ............................................................2-10 Overview of Forward Proxy Mode .......................................................2-10 Reconfiguring Client Settings ............................................................2-11 Using a Layer 4 Switch .......................................................................2-12 Using a WCCP-enabled Switch or Router .......................................2-14 Planning the HTTP Flow Using the Forward Proxy Mode ..............2-15 HTTP Proxy in the Standalone Mode .............................................2-15 HTTP Proxy in Simple Transparency Mode .................................2-16 HTTP Proxy in Dependent Mode (Proxy Ahead) .........................2-17 HTTP Proxy in Dependent Mode (Proxy Behind) ........................2-19 HTTP Double Proxy in Dependent Mode .....................................2-21 Deploying in WCCP Mode ................................................................2-23 HTTP Proxy in WCCP Mode (Single and Multiple IWSVA Servers) 2-23 Deploying in ICAP Mode ............................................................................2-23 Overview of ICAP Mode ........................................................................2-23 Planning the HTTP Flow Using the ICAP Mode ...............................2-25 HTTP Proxy in ICAP Mode (Single and Multiple IWSVA Servers) .. 2-25 iv Contents IWSVA ICAP Mode with Multiple Servers ....................................2-27 Deploying in Reverse Proxy Mode ............................................................2-29 Overview of Reverse Proxy Mode ........................................................2-29 Planning the HTTP Flow Using Reverse Proxy Mode ......................2-30 HTTP Reverse Proxy in Dependent Mode ....................................2-30 Deploying in Transparent Bridge Mode ....................................................2-33 Overview of Transparent Bridge Mode ...............................................2-33 Planning the HTTP Flow Using Transparent Bridge Mode .............2-34 High Availability Deployment Mode ....................................................2-34 HA Deployment Mode Installation Guidelines ..................................2-35 Chapter 3: Installing InterScan Web Security Virtual Appliance Obtaining IWSVA ..........................................................................................3-2 Using the Trend Micro Enterprise Solutions DVD .............................3-2 Downloading the Installation File ...........................................................3-3 Installing IWSVA ............................................................................................3-4 Logging in to IWSVA for the First Time ..................................................3-11 Post-Installation Notes ................................................................................3-11 Chapter 4: Migrating to InterScan Web Security Virtual Appliance About Migration ..............................................................................................4-2 Important Notes ........................................................................................4-2 Information Not Migrated .......................................................................4-3 Overview of the Migration Process ........................................................4-4 Migrating from IWSVA 6.5 or 6.5 SP1 to IWSVA 6.5 SP2 .....................4-5 Migrating from IWSVA 6.5 SP2 to Another IWSVA 6.5 SP2 ................4-6 After Migrating ................................................................................................4-7 Appendix A: Deployment Integration IWSVA in a Distributed Environment .......................................................A-2 v Trend Micro™ InterScan™ Web Security Virtual Appliance 6.5 SP2 Installation Guide Connection Requirements and Properties .............................................A-2 Throughput and Availability Requirements .....................................A-3 Integration with LDAP .................................................................................A-4 Support Multiple Domains for Multiple LDAP Servers .....................A-4 LDAP Authentication in Transparent Mode ........................................A-6 Integration with a Cisco Router using WCCP ...........................................A-7 Protecting an HTTP or FTP Server using Reverse Proxy .......................A-8 Integration with an ICAP Device ..............................................................A-10 Setting up an ICAP 1.0-compliant Cache Server ...............................A-10 Setting Up ICAP for the Blue Coat Port 80 Security Appliance .....A-10 Setting up ICAP for Cisco CE ICAP Servers .....................................A-13 Configuring Virus-scanning Server Clusters .......................................A-14 Deleting a Cluster Configuration or Entry ..........................................A-15 Enabling “X-Virus-ID” and “X-Infection-Found” Headers ...........A-16 Appendix B: Tuning and Troubleshooting IWSVA Performance Tuning .......................................................................B-2 URL Filtering .............................................................................................B-2 LDAP Performance Tuning ....................................................................B-2 LDAP Internal Caches ........................................................................B-2 Disable Verbose Logging When LDAP is Enabled ........................B-4 LDAP Authentication in Transparent Mode ...................................B-4 Troubleshooting .............................................................................................B-6 Troubleshooting Tips ...............................................................................B-6 Before Contacting Technical Support ....................................................B-6 Installation Problems ................................................................................B-6 General Feature Problems .......................................................................B-7 Appendix C: Best Practices for IWSVA Installation and Deployment IWSVA Installation Overview .....................................................................C-2 Properly Sizing Your Environment .............................................................C-4 Best Practice Suggestions .........................................................................C-4 vi Contents Selecting Deployment Method and Redundancy .......................................C-5 Best Practice Suggestions ..........................................................................C-7 Appendix D: Maintenance and Technical Support Product Maintenance ....................................................................................D-2 Maintenance Agreement ..........................................................................D-2 Renewing Your Maintenance Agreement .............................................D-3 Contacting Technical Support .....................................................................D-4 TrendLabs ..................................................................................................D-5 Knowledge Base ........................................................................................D-5 Known Issues ............................................................................................D-6 Sending Suspicious Code to Trend Micro ............................................D-6 Security Information Center ........................................................................D-7 Appendix E: Creating a New Virtual Machine Under VMware ESX for IWSVA Introduction .....................................................................................................E-2 Creating a New Virtual Machine ..................................................................E-2 Powering On the IWSVA Virtual Machine and Completing the Installation E-16 Appendix F: Creating a New Virtual Machine Under Microsoft Hyper-V for IWSVA Introduction .....................................................................................................F-2 IWSVA Support for Hyper-V .......................................................................F-2 Hyper-V Virtualization Modes ................................................................F-2 Installing IWSVA 6.5 SP2 on Microsoft Hyper-V ....................................F-3 Importing the IWSVA Image ..................................................................F-7 Assigning Resources to IWSVA ..............................................................F-9 Powering On the IWSVA Virtual Machine and Completing the Installation ................................................................................F-20 Accessing the IWSVA Web console .....................................................F-28 vii Trend Micro™ InterScan™ Web Security Virtual Appliance 6.5 SP2 Installation Guide Index viii
Description: