This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New Licensing Model and Web Security

Hi:

I've got an ASG-320, on 7.505, classic license. I do not have the Web Security license, but have the Gold. In my current version I can use the http proxy and with it look at web usage - biggest users, most visited sites, etc. etc. I did not want the blocking.

Under the "new" license model, as I understand it, the http proxy is only available if you buy the full web security license - which includes the block by category, etc. something I've delt with in the past and had more issues with, and felt it just wasn't worth the effort.

So, from what I can figure out, the only way, with the new license model, to look at web usage, is to license the full web security, with features I don't really want.

It looks like the new licensing model is taking things away - things that I based my decision to go with Astaro on. Although it looks like I do get an additional year of support on the new license.

I've asked both Astaro and my vendor for options, etc. to get at least the web usage (something I think is a basic part of any corporate firewall), but haven't yet gotten any feedback.

Anyone have the same issues, or have gotten any feedback from Astaro on options?

Thanks,

John S.

This thread was automatically locked due to age.

Parents

0 BAlfson over 15 years ago
Yes, this is now true. We also had used the SMTP proxy similarly in the past, hoping to position ourselves for an easy upgrade to Mail Security. Now that we're more familiar with Astaro, and that WebAdmin has a structure that's easier to understand, we didn't mind this change. In fact, we recently added Mail Security to one client's Astaro, and I don't think that took me two minutes longer.

The quick-n-easy sequence that let's you make the change now without taking anything off-line is:
[LIST=1]
New Packet Filter rule: 'Exchange -> SMTP -> Any {or your smarthost if you're using one} : Allow'
New NAT rule: 'Any -> SMTP -> External Address : DNAT to Exchange'
If you have a smart host listed in the Astaro SMTP Proxy, modify Exchange to use that smarthost instead of the Astaro. Other wise, just delete the Astaro as a smarthost.
By now, all of the mails being relayed by the Astaro should have been delivered, so you can disable the proxy.
[/LIST]

Please let me know if I forgot something!

Cheers - Bob
Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 15 years ago
Yes, this is now true. We also had used the SMTP proxy similarly in the past, hoping to position ourselves for an easy upgrade to Mail Security. Now that we're more familiar with Astaro, and that WebAdmin has a structure that's easier to understand, we didn't mind this change. In fact, we recently added Mail Security to one client's Astaro, and I don't think that took me two minutes longer.

The quick-n-easy sequence that let's you make the change now without taking anything off-line is:
[LIST=1]
New Packet Filter rule: 'Exchange -> SMTP -> Any {or your smarthost if you're using one} : Allow'
New NAT rule: 'Any -> SMTP -> External Address : DNAT to Exchange'
If you have a smart host listed in the Astaro SMTP Proxy, modify Exchange to use that smarthost instead of the Astaro. Other wise, just delete the Astaro as a smarthost.
By now, all of the mails being relayed by the Astaro should have been delivered, so you can disable the proxy.
[/LIST]

Please let me know if I forgot something!

Cheers - Bob
Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data