Connecting CAS to SMG
Purpose
The purpose of this document is to walk through connecting you Content Analysis System (CAS) to your Symantec Messaging Gateway (SMG). There is no all in one documentation that goes through this process, and although it is easy to find on search engines, I figured it would be better to have one document, rather than referring to multiple sources.
Steps
1. The 1st step we need to do is to connect to your CAS via SSH or the Serial Console. In my guide I will be connecting via SSH using MobaXterm. Once you have connected to your CAS you will need to type enable and enter in the enable password
2. Once you have logged in as ‘enable’ you will then be ready to create your API key for your SMG. To do this you will need to run ma-actions api-key create administrator this will generate the API key for you, you will need to copy this API key so you can use this when you connect your SMG to CAS
3. To check that your API key exists you can run the command via SSH ma-actions api-key list this will return your API keys privileges. Note that the API key is not shown, your key will never be shown which is why it is important to copy it and save it to a text file.
4. Now we have created the API key we can now close the SSH session and open up your browser and navigate to your CAS. Once you have logged into your CAS you will need to enable HTTPS Administration, to do this go to ‘Settings >Web Management’ and ensure that you have selected ‘Enable HTTPS Administration’ and click save changes.
5. Once you have ensured that HTTPS Administration is enabled, we will now need to create a valid certificate. To create a valid certificate, click on the ‘Certificate Management’
6. Once you have clicked Certificate Management a box will pop up. You will see that the CAS is using the Default Certificate, you can either download the public certificate or create a new certificate. In this instance we will create our own certificate. To do this Click on ‘Create Certificate’ you will see the following screen. Enter in your details for you CAS certificate
7. Once you have filled in the details and clicked save you will see a message saying ‘The certificate has been changed. Please wait for browser to refresh and then accept the new certificate’
8. Once your browser has refreshed you will be logged back into your CAS, we will now need to download the ‘Public Certificate’ to do this click on ‘Certificate Management’ and then ‘Download Public Certificate’ and save to a safe place
9. We have now finished working on the CAS, we now need to log into the SMG console. When you have logged into the console you will need to navigate to the following page ‘Threat Defense>Settings>CA Connect>SymantecContent Analysis setup’
10. To connect your CAS we will need to fill in the following details. We will need to tick the ‘Enable Content Analysis for the Scanner Host’, we will then need to click ‘Add’ under the ‘Send Content to Content Analysis Servers’
11. Once you have clicked ‘Add’ you will see a new box appear, this is where you enter in the CAS details, you will need to add you CAS IP or Host Name, the HTTPS Administration Port you will also need to paste the API key that you created in step 2. If you want to apply to all scanner hosts select this now. Once you have entered these details hit the ‘Save’ button
We should have now successfully connected the CAS to the SMG using an API key. Any mail with attachments should be now scanned by the CAS when the mail hits the SMG.
Thanks