The last couple of days has been interesting and stressful at the same time. We got the License for the MailServer and Firewall as promised and surprisingly it came as promised on Monday. I was sort of surprised when i got the e-mail from Techsol with the License from Kerio in it. I was actually expecting the License on Tuesday. This just shows how competent Techsol is, and like i said they are really up to the task.
I quickly downloaded the new versions of both applications and ran the installation. I then added the Licenses to it and everything was up and running. I now had McAfee Antivirus running on my MailServer which would scan all incoming and outgoing emails. I decided that i will have a different Antivirus that will be running on the Firewall. This will make things really tight should in case one of the AV does not catch a particular virus, the other one will surely find it. I have not made up my mind yet on which of the AV's in the market this will be. Ill Google and then have a discussion with Techsol, and i think they will be able to advice me on that.
I finally got to know the reason why we were having so high response time. After so much work and thinking all these days, the answer came so easily. Because we had been running our Firewall without a license and no Antivirus on it all these while, a lot of doors had been open to attackers and spammers. Our IP address had been marked by these spammers. So any time we came online, they located us and attacked. From what i noticed, they used our MailServer for spamming. So anytime our Firewall was up, which gave them access to the MailServer, they attacked and started spamming through it. Now since our MailServer sends mails through the Firewall, they could not have access to the MailServer when the Firewall was down.
I noticed that while restarting the Firewall, only the users on our LAN are present on the Active Host tab. Then after a couple of minutes, i noticed a lot of unusual IP address that connected to the Firewall. Now clicking on these IP addresses to see there activities, i noticed they were all using our MailServer as there source and sending to other destinations. This was where our problems were coming from. It had been looking at me all these days and i never noticed it. What i did next was block everything on our MailServer's Block list, applied and restarted the Firewall. To my surprise, the response time was stable for over an hour, before there were some fluctuations.
I just learnt from this experience that just like in life, you should always look very well before you leap, also not to over look the little things in life. The little things are always the most important. Like Linkin Park said, "The little things give you away".
Ill keep you posted on my decision of Antivirus, and how i finally settled the matter of the high response time.
I quickly downloaded the new versions of both applications and ran the installation. I then added the Licenses to it and everything was up and running. I now had McAfee Antivirus running on my MailServer which would scan all incoming and outgoing emails. I decided that i will have a different Antivirus that will be running on the Firewall. This will make things really tight should in case one of the AV does not catch a particular virus, the other one will surely find it. I have not made up my mind yet on which of the AV's in the market this will be. Ill Google and then have a discussion with Techsol, and i think they will be able to advice me on that.
I finally got to know the reason why we were having so high response time. After so much work and thinking all these days, the answer came so easily. Because we had been running our Firewall without a license and no Antivirus on it all these while, a lot of doors had been open to attackers and spammers. Our IP address had been marked by these spammers. So any time we came online, they located us and attacked. From what i noticed, they used our MailServer for spamming. So anytime our Firewall was up, which gave them access to the MailServer, they attacked and started spamming through it. Now since our MailServer sends mails through the Firewall, they could not have access to the MailServer when the Firewall was down.
I noticed that while restarting the Firewall, only the users on our LAN are present on the Active Host tab. Then after a couple of minutes, i noticed a lot of unusual IP address that connected to the Firewall. Now clicking on these IP addresses to see there activities, i noticed they were all using our MailServer as there source and sending to other destinations. This was where our problems were coming from. It had been looking at me all these days and i never noticed it. What i did next was block everything on our MailServer's Block list, applied and restarted the Firewall. To my surprise, the response time was stable for over an hour, before there were some fluctuations.
I just learnt from this experience that just like in life, you should always look very well before you leap, also not to over look the little things in life. The little things are always the most important. Like Linkin Park said, "The little things give you away".
Ill keep you posted on my decision of Antivirus, and how i finally settled the matter of the high response time.
No comments:
Post a Comment