Configuring F5 for Symantec Secure Email

book

Article ID: 157842

calendar_today

Updated On:

Products

Symantec Products

Issue/Introduction

You want to lock down your Exchange Active Sync (EAS) access to only allow Symantec Secure Email. You use F5 network controls and want to configure F5 to filter everything except traffic coming from Symantec Secure Email.

Resolution

You can use the useragent string in the EAS communications to identify the Symantec Secure Email app. You configure F5 to filter traffic on the basis of the useragent string. The useragent strings required to identify Symantec Secure Email are:

  • Symantec Secure Email on iOS useragent:   iSymEmail
  • Symantec Secure Email on Android usersagent:   aSymEmail

The following example provides implementation guidance (but is an example only and not intended as an actual solution):

set string_useragent [string toupper [HTTP::header User-Agent]]
if { $string_useragent != "" && [class match $string_useragent contains UserAgent_DataGroup] } {
            pool EAS_pool
}
 
UserAgent_DataGroup is a string type datagroup and contains the following strings (in uppercase):
 
ASYMEMAIL
ISYMEMAIL
 
EAS_pool is the name of the pool which points to the Exchange servers through your current path.

 

For more information, see Symantec Secure Email - Enterprise support solutions.


Applies To

EAS in an F5-controlled environment