McAfee Security for Microsoft Exchange 8.6.0

Quarantine using McAfee Quarantine Manager

Specify repository settings to quarantine items detected by MSME on a McAfee Quarantine Manager server.

McAfee products such as McAfee Security for Microsoft Exchange and McAfee Email Gateway use a pre-assigned port number to send the detection information to McAfee Quarantine Manager. McAfee Quarantine Manager in turn uses the same port number by default, to release or send configuration information of the detected email messages to the McAfee product.

The communication port mentioned in the McAfee Security for Microsoft Exchange and McAfee Quarantine Manager user interface should be the same.

You can use McAfee Quarantine Manager to consolidate the quarantine and anti-spam management functionality. It gives you a central point from which you can analyze and act upon emails and files that have been quarantined.

This guide does not provide detailed information about installing or using the McAfee Quarantine Manager software. See the McAfee Quarantine Manager product documentation for more information.
Task
1 Install McAfee Security for Microsoft Exchange software on <server 1>.
2 Install the supported McAfee Quarantine Manager software on <server 2>.
3 Launch the MSME user interface from <server 1>.
4 From the product's user interface, click Settings & Diagnostics | Detected Items.
The Detected Items page appears.
5 From the McAfee Quarantine Manager section, select Enable.
6 In Communication mode, select the mode.
RPC — Remote Procedure Call (RPC) is a communication mechanism that requires uninterrupted connection to communicate with McAfee Quarantine Manager server. If there is a communication failure with McAfee Quarantine Manager server, the processes such as quarantine and release are interrupted.
HTTP — A stateless communication mechanism to communicate with McAfee Quarantine Manager server. If there is a communication failure with McAfee Quarantine Manager server, the items are stored in the local database until the connection is restored. MSME tries to send the quarantined items to MQM for three times. If all three attempts fail, a product log entry is created and the item is stored in the local database.
HTTPs — A secured HTTP communication mechanism where the data is transferred in encrypted format.
McAfee recommends that you use HTTP/HTTPs communication channel because stateless connections make sure that the software can communicate with McAfee Quarantine Manager seamlessly.
7 In IP address, specify the IP address of the MQM server.
8 In Port and Callback Port, specify the default values.
Communication mode Port value Callback port BW List Update Interval (hours)
RPC 49500 49500
HTTP 80 4
HTTPs 443 4
Modify this value only if you have configured a different port value on the McAfee Quarantine Manager server.
9 Click Apply to save the settings.
You have now successfully configured your MSME server to start quarantining detected items on the MQM server.