Manualshelf

Installation guide

ManualsBrandsMicroweb ManualsComputer equipmentPRO Series
111112113114115116117118119120
Best Practices for IWSVA Installation and Deployment
C-7
Best Practice Suggestions
IWSVA uses a hybrid malware scanning architecture that is comprised of
cloud-based scanning and on-box scan engines. This solution provides one of the
industry's highest detection and prevention rates. Cloud-based scan engines provide
proactive detection and blocking services based on reputation services. To ensure
fast performance with low latency, you need to provide IWSVA access to a fast and
robust DNS architecture. ISP provided DNS servers should not be used as frequent
DNS requests made by the IWSVA device may not be adequately supported and
may possibly overwhelm the ISP's DNS server.
IWSVA's internal clock settings should be synchronized with other servers and
devices in your security architecture. These include LDAP servers, syslog servers,
upstream SIEM devices, and Trend Micro's Advanced Reporting and Management
server. If the date and time are mismatched, you may experience improper logging
and reporting of critical events. For best results, use the same set of NTP servers to
sync the date and time on all devices.
For high volume installations of more than 3000 users, you should consider
dedicating a server to house the Squid caching function (if enabled). During high
workloads, IWSVA and Squid will contend for the same disk services. This will
affect the cache hit performance as well as IWSVA's reporting performance. One
alternative is to use two physical hard disk adapter cards in the same server with two
separate disk volumes - one for IWSVA and one for Squid.
For redundancy and scalability, consider installing more than one instance of
IWSVA and using one of the scaling options mentioned in this section to eliminate
single points of failure and improve system up time. Alternatively, two IWSVA
devices can be installed as cluster pairs in High Availability deployment mode.
For installations with an upstream proxy, you must properly configure IWSVA’s
upstream proxy settings in the Forward Proxy settings and the Update Connection
Settings to ensure proper Internet access.
If you are planning to use IWSVA to protect external facing web servers that
customers can access, consider installing a separate instance of IWSVA in reverse
proxy mode to protect these web servers. Do not place the external facing web
servers behind your corporate IWSVA server that your normal users would go
through as this may affect your ability to enforce both customer facing policies and
your normal corporate user policies.