MXtreme is designed to be situated between mail servers and the Internet so that there are no direct SMTP (Simple Mail Transport Protocol) connections between external and internal servers.
MXtreme is typically installed in one of three locations:
In parallel with the firewall
On your DMZ (Demilitarized Zone)
Behind the existing firewall on the Internal network
SMTP TCP port 25 traffic is redirected from either the external interface of the firewall or from the external router to MXtreme. When the mail is accepted and processed, MXtreme initiates an SMTP connection to the internal mail server to deliver the mail.
MXtreme in Parallel with the Firewall
The preferred deployment strategy for MXtreme is to be situated in parallel with an existing network Firewall. MXtreme’s inherent firewall security architecture eliminates the risk associated with deploying an appliance on the perimeter of a network. This parallel deployment eliminates any mail traffic on the firewall and decreases its overall load.
MXtreme on the DMZ
Deploying MXtreme on the DMZ is an equally secure method of deployment configuration. This type of deployment prevents any direct connection from the Internet to the internal servers, but does not ease the existing load on the firewall.
MXtreme on the Internal Network
MXtreme can also be deployed on the Internal Network. Although this configuration allows a direct connection from the Internet into the internal network, it is a perfectly legitimate configuration when dictated by existing network resources.
