Fortinet Document Library

Version:


Table of Contents

Symantec Messaging Gateway

1.0.0
Copy Link

About the connector

Symantec Messaging Gateway (SMG) delivers inbound and outbound messaging security, real-time antispam and antivirus protection, advanced content filtering, threat detection and sandboxing, and data loss prevention to your enterprise. SMG provides various features such as, detection of spam, denial-of-service attacks and other inbound email threats, filtration of email by policies to remove unwanted content, compliance with regulations, and protection against intellectual property and data loss over email, and integration with Symantec Content Analysis to provide advanced threat detection and virtual sandboxing.

This document provides information about the Symantec Messaging Gateway connector, which facilitates automated interactions, with Symantec Messaging Gateway using FortiSOAR™ playbooks. Add the Symantec Messaging Gateway connector as a step in FortiSOAR™ playbooks and perform automated operations, such as blocking or unblocking IP address, domains, or emails.

 

Version information

Connector Version: 1.0.0

Compatibility with FortiSOAR™ Versions: 4.10.3-161 and later

Compatibility with Symantec Messaging Gateway Versions: 10.6.5 and later

 

Installing the connector

For the procedure to install a connector, click here.

 

Prerequisites to configuring the connector

  • You must have the URL of Symantec Messaging Gateway on which you will perform the automated operations and the username and password configured for your account to access that Symantec Messaging Gateway.
  • To access the FortiSOAR™ UI, ensure that port 443 is open through the firewall for the FortiSOAR™ instance.

 

Configuring the connector

For the procedure to configure a connector, click here.

 

 

Configuration parameters

In FortiSOAR™, on the Connectors page, select the Symantec Messaging Gateway connector and click Configure to configure the following parameters:

 

Parameter Description
Server URL URL of the Symantec Messaging Gateway server to which you will connect and perform automated operations.
Username Username for accessing Symantec Messaging Gateway to which you will connect and perform the automated operations.
Password Password for accessing Symantec Messaging Gateway to which you will connect and perform the automated operations.
Verify SSL Specifies whether the SSL certificate for the server is to be verified or not.
Defaults to True.

 

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

 

Function Description Annotation and Category
Block Email Adds an email address that you have specified to the list of bad senders on Symantec Messaging Gateway. block_email
Containment
Unblock Email Removes an email address that you have specified from the list of bad senders on Symantec Messaging Gateway. unblock_email
Remediation
Block Domain Adds a domain that you have specified to the list of bad senders on Symantec Messaging Gateway. block_domain
Containment
Unblock Domain Removes a domain that you have specified from the list of bad senders on Symantec Messaging Gateway. unblock_domain
Remediation
Block IP Adds an IP address that you have specified to the list of bad senders on Symantec Messaging Gateway. block_ip
Containment
Unblock IP Removes an IP address that you have specified from the list of bad senders on Symantec Messaging Gateway. unblock_ip
Remediation

 

operation: Block Email

Input parameters

 

Parameter Description
Email Address Email address that you want to block, i.e., add to the list of bad senders on Symantec Messaging Gateway.

 

Output

The JSON output returns a Success message if the email address that you have specified is successfully added to the list of bad senders on Symantec Messaging Gateway.

Following image displays a sample output:

 

Sample output of the Block Email operation

 

operation: Unblock Email

Input parameters

 

Parameter Description
Email Address Email address that you want to unblock, i.e., remove from the list of bad senders on Symantec Messaging Gateway.

 

Output

The JSON output returns a Success message if the email address that you have specified is successfully removed from the list of bad senders on Symantec Messaging Gateway.

Following image displays a sample output:

 

Sample output of the Unblock Email operation

 

operation: Block Domain

Input parameters

 

Parameter Description
Domain Name of the domain that you want to block, i.e., add to the list of bad senders on Symantec Messaging Gateway.

 

Output

The JSON output returns a Success message if the domain name that you have specified is successfully added to the list of bad senders on Symantec Messaging Gateway.

Following image displays a sample output:

 

Sample output of the Block Domain operation

 

operation: Unblock Domain

Input parameters

 

Parameter Description
Domain Name of the domain that you want to unblock, i.e., remove from the list of bad senders on Symantec Messaging Gateway.

 

Output

The JSON output returns a Success message if the domain name that you have specified is successfully removed from the list of bad senders on Symantec Messaging Gateway.

Following image displays a sample output:

 

Sample output of the Unblock Domain operation

 

operation: Block IP

Input parameters

 

Parameter Description
IP Address IP address that you want to block, i.e., add to the list of bad senders on Symantec Messaging Gateway.

 

Output

The JSON output returns a Success message if the IP address that you have specified is successfully added to the list of bad senders on Symantec Messaging Gateway.

Following image displays a sample output:

 

Sample output of the Block IP operation

 

operation: Unblock IP

Input parameters

 

Parameter Description
IP Address IP address that you want to unblock, i.e., remove from the list of bad senders on Symantec Messaging Gateway.

 

Output

The JSON output returns a Success message if the IP address that you have specified is successfully removed from the list of bad senders on Symantec Messaging Gateway.

Following image displays a sample output:

 

Sample output of the Unblock IP operation

 

Included playbooks

The Sample - Symantec Messaging Gateway - 1.0.0 playbook collection comes bundled with the Symantec Messaging Gateway connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Symantec Messaging Gateway connector.

  • Block Domain
  • Block Email
  • Block IP
  • Unblock Domain
  • Unblock Email
  • Unblock IP

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.

 

About the connector

Symantec Messaging Gateway (SMG) delivers inbound and outbound messaging security, real-time antispam and antivirus protection, advanced content filtering, threat detection and sandboxing, and data loss prevention to your enterprise. SMG provides various features such as, detection of spam, denial-of-service attacks and other inbound email threats, filtration of email by policies to remove unwanted content, compliance with regulations, and protection against intellectual property and data loss over email, and integration with Symantec Content Analysis to provide advanced threat detection and virtual sandboxing.

This document provides information about the Symantec Messaging Gateway connector, which facilitates automated interactions, with Symantec Messaging Gateway using FortiSOAR™ playbooks. Add the Symantec Messaging Gateway connector as a step in FortiSOAR™ playbooks and perform automated operations, such as blocking or unblocking IP address, domains, or emails.

 

Version information

Connector Version: 1.0.0

Compatibility with FortiSOAR™ Versions: 4.10.3-161 and later

Compatibility with Symantec Messaging Gateway Versions: 10.6.5 and later

 

Installing the connector

For the procedure to install a connector, click here.

 

Prerequisites to configuring the connector

 

Configuring the connector

For the procedure to configure a connector, click here.

 

 

Configuration parameters

In FortiSOAR™, on the Connectors page, select the Symantec Messaging Gateway connector and click Configure to configure the following parameters:

 

Parameter Description
Server URL URL of the Symantec Messaging Gateway server to which you will connect and perform automated operations.
Username Username for accessing Symantec Messaging Gateway to which you will connect and perform the automated operations.
Password Password for accessing Symantec Messaging Gateway to which you will connect and perform the automated operations.
Verify SSL Specifies whether the SSL certificate for the server is to be verified or not.
Defaults to True.

 

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

 

Function Description Annotation and Category
Block Email Adds an email address that you have specified to the list of bad senders on Symantec Messaging Gateway. block_email
Containment
Unblock Email Removes an email address that you have specified from the list of bad senders on Symantec Messaging Gateway. unblock_email
Remediation
Block Domain Adds a domain that you have specified to the list of bad senders on Symantec Messaging Gateway. block_domain
Containment
Unblock Domain Removes a domain that you have specified from the list of bad senders on Symantec Messaging Gateway. unblock_domain
Remediation
Block IP Adds an IP address that you have specified to the list of bad senders on Symantec Messaging Gateway. block_ip
Containment
Unblock IP Removes an IP address that you have specified from the list of bad senders on Symantec Messaging Gateway. unblock_ip
Remediation

 

operation: Block Email

Input parameters

 

Parameter Description
Email Address Email address that you want to block, i.e., add to the list of bad senders on Symantec Messaging Gateway.

 

Output

The JSON output returns a Success message if the email address that you have specified is successfully added to the list of bad senders on Symantec Messaging Gateway.

Following image displays a sample output:

 

Sample output of the Block Email operation

 

operation: Unblock Email

Input parameters

 

Parameter Description
Email Address Email address that you want to unblock, i.e., remove from the list of bad senders on Symantec Messaging Gateway.

 

Output

The JSON output returns a Success message if the email address that you have specified is successfully removed from the list of bad senders on Symantec Messaging Gateway.

Following image displays a sample output:

 

Sample output of the Unblock Email operation

 

operation: Block Domain

Input parameters

 

Parameter Description
Domain Name of the domain that you want to block, i.e., add to the list of bad senders on Symantec Messaging Gateway.

 

Output

The JSON output returns a Success message if the domain name that you have specified is successfully added to the list of bad senders on Symantec Messaging Gateway.

Following image displays a sample output:

 

Sample output of the Block Domain operation

 

operation: Unblock Domain

Input parameters

 

Parameter Description
Domain Name of the domain that you want to unblock, i.e., remove from the list of bad senders on Symantec Messaging Gateway.

 

Output

The JSON output returns a Success message if the domain name that you have specified is successfully removed from the list of bad senders on Symantec Messaging Gateway.

Following image displays a sample output:

 

Sample output of the Unblock Domain operation

 

operation: Block IP

Input parameters

 

Parameter Description
IP Address IP address that you want to block, i.e., add to the list of bad senders on Symantec Messaging Gateway.

 

Output

The JSON output returns a Success message if the IP address that you have specified is successfully added to the list of bad senders on Symantec Messaging Gateway.

Following image displays a sample output:

 

Sample output of the Block IP operation

 

operation: Unblock IP

Input parameters

 

Parameter Description
IP Address IP address that you want to unblock, i.e., remove from the list of bad senders on Symantec Messaging Gateway.

 

Output

The JSON output returns a Success message if the IP address that you have specified is successfully removed from the list of bad senders on Symantec Messaging Gateway.

Following image displays a sample output:

 

Sample output of the Unblock IP operation

 

Included playbooks

The Sample - Symantec Messaging Gateway - 1.0.0 playbook collection comes bundled with the Symantec Messaging Gateway connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Symantec Messaging Gateway connector.

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.