1 / 31

Henrik Davidsson Nordic & Baltic Territory Manager

Henrik Davidsson Nordic & Baltic Territory Manager. Securing your corporate Email. The 25 year old security infrastructure problem. IronPort Systems: The New Leader in Email Security. Industry-leading technology AsyncOS, powers the world’s fastest Messaging Gateway Appliance

beauregard
Download Presentation

Henrik Davidsson Nordic & Baltic Territory Manager

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Henrik Davidsson Nordic & Baltic Territory Manager Securing your corporate Email. The 25 year old security infrastructure problem

  2. IronPort Systems: The New Leader in Email Security • Industry-leading technology • AsyncOS, powers the world’s fastest Messaging Gateway Appliance • SenderBase, the world’s first & largest email traffic monitoring network • Industry-leading customers • 1400+ customers • Over 50% of the world’s largest ISPs, media & technology companies choose IronPort • Industry-leading partnerships • Symantec, Sophos, PGP, Veritas, BlueCoat and more IronPort C-SeriesEmail Security Appliance

  3. Fixing Email • Email - Where Are We Now? • The Current State of Messaging (Security) • Top Enterprise Email Threats & The Cost to Corporations • Where Is The Industry Going? • Reactive Point Solutions • Proposed Email Identity Standards • How does IronPort Address these Issues? • Identity, Reputation, Policy Control & Enforcements • Unique solutions available now

  4. The Mission-Critical App Is Collapsing • Email Is The Form Of Business Communication • 80% Of Businesses Consider Email More Important Than Phones • Usage has heavily increased, both in terms of number of accounts, penetration and size of messages • Email Is No Longer Reliable • Spam, False-Positives, Viruses, Forgery And Other Threats Make Email Unreliable • Users Are Rapidly Losing Trust In Email 52% Say They Trust Email Less 25% Have Reduced Email Use —Pew Internet Life Project —

  5. Some Email Statistics • United States • South Korea • China • Canada • Ukraine • Spain • Brazil • France • UK • Hong Kong • 18B message per day (68% of which is SPAM) • Message volume increase by 2B monthly since January • 8B messages coming for “Zombie” hosts • Infected hosts tracked every week • 15,000+ compromised zombie networks • 75% of all Viruses are deployed via an email • Phishing scam’s accounted for 1% of SPAM • Top countries sending SPAM …….. Source: Senderbase network – got to www.ironport.com/toc

  6. Today’s Top Enterprise Email Threats It’s only going to get worse!

  7. Spam Will cost corporate users over USD18B in the US alone.1 Overall cost of spam between USD18B and USD120B, or USD80 to USD2,500 per worker per year.2 Costly downtime Costs from USD85 to USD150 for companies, depending on email platform.3 Corporations Pay the Consequences • Viruses • Sobig virus cost more than USD160M.4 • Disaster recovery costs increased by 23% in 2003 to almost USD150,000 per organization per virus outbreak.5 • Confidential information • Difficult to estimate • Devastating impacts 3. Radicati Group 4. Computer Economics 5. ICSA Labs’ Prevalence Survey 1. Ferris Research 2. Pew Internet and American Life Project

  8. It Takes Two: Senders and Receivers • We Are All Email Senders And Email Receivers • Solving Receiver Problems Means Addressing Sender Issues And Vice Versa • The Solution To Fixing Email Is NOT One-sided • A Healthy Email System Requires Feedback Loops • Integrating complaint and other corrective data back into the system is a fundamental requirement

  9. Email Gateway Infrastructure Issues On top of all the Security vulnerabilities, the infrastructure itself is at breaking point….. • Bespoke deployments • Complexity • Performance issues & bottlenecks • Reliability of the solutions • Huge Admin Overhead • Limited visibility or control • Managing the escalating costs $$$

  10. Fixing Email • Email - Where Are We Now? • The Current State of Messaging (Security) • Top Enterprise Email Threats & The Cost to Corporations • Where Is The Industry Going? • Reactive Point Solutions • Proposed Email Identity Standards • How does IronPort Address these Issues? • Identity, Reputation, Policy Control • Unique solutions available now

  11. Spy Vs. Spy

  12. The Industry “Reacts” • Solutions are reactive – NOT proactive • Point solution approach • Content-based filtering band-aids • Cat and mouse game – its never going to end! • New filter, new threat, new filter, new threat, new filter, new threat, new filter There is some good news! >>>>

  13. Industry Adopts Identity • Sender-ID/SPF • Technical Solution For Sender Address Forgery • Yahoo! Domain Keys • Authenticating Entire Email Message Based On Sender Domain There are limitations to this “partial” solution.

  14. Fixing Email • Email - Where Are We Now? • The Current State of Messaging (Security) • Top Enterprise Email Threats & The Cost to Corporations • Where Is The Industry Going? • Reactive Point Solutions • Proposed Email Identity Standards • How does IronPort Address these Issues? • Identity, Reputation, Policy Control • Unique solutions available now

  15. “Fixing E-mail” • The vulnerability exposed by spam, viruses, phishing is inherent to the email protocol, SMTP • Reputation services are a critical component of the solution: 1 Advanced authentication standards IDENTITY 2 A holistic view of a sender’s trustworthiness REPUTATION 3 Intelligently apply filtering techniques based on the apparent threat POLICY

  16. AsyncOS™ Revolutionary MTA Platform WITHOUT IRONPORT C-SERIES WITH IRONPORT C-SERIES Single Queue - 200 - 300 connections Up to 30,000 Messages per Hour Queue per destination - 10,000 connections Up to 500,000 Messages per hour • All mail delayed by 1 slow domain • Deliverable mail backed up • Poor scalability for future volume • No delay if a domain goes down • Deliverable mail cleared Real Time • Highly scalable, low appliance count

  17. Black and White Lists

  18. SenderBase:Leading Reputation Service • 75,000 contributing organizations • 4-5 billion queries daily • >25% of world’s Internet email SpamCop,SpamHaus (SBL), NJABL Extensive network of “invalid”accounts SpamCop, ISP abuse data, BondedSender abuse data Spamtraps & Complaint Data Blacklists 3rd party email accreditation Message size, number of attachments, attachment types Message Composition Data Open Proxy Data SORBS, OPM, DSBL… Fortune 1000 status, length of sending history, location, whether domain accepts email, etc. Global Volume Data Other Data 75,000 organizations (25% of all email) -10 +10 Authenticated Unknown Sender Reputation Established

  19. Traffic Shaping:Mail Flow Control NOT Filtering

  20. IronPort Reputation Filters Stops 75% of Hostile Mail at the Door…. +10 Trusted Policy Accepted Policy Untrusted Policy Rejected Policy -10 • IronPort uses identity & reputation to apply policy • Trusted Known senders are delivered • Suspicious and Unknown senders are throttled & controlled • Hostile senders are rejected or deleted Sophisticated Response to Email Threats

  21. IronPort Outbreak Filter Advantage

  22. Prevention: Temporary Quarantine Bagel.AI +30,000 files Quarantined 100% capture Outbreak Rules TemporaryQuarantine Virus Filter • Pulls outbreak rules for all incoming email attachments • Triggers automated quarantine for suspicious attachments • Releases messages for rescanning through standard filters Closes the Reaction Gap

  23. Email Security Manager Tailor policy by group or individual • Block media files • Quarantine executables ENGINEERING • Mark and Deliver Spam • Executables Deleted SALES • Archive all mail • No VOF for .doc files LEGAL Point and Click User Interface Apply policy by domain,email address, or LDAP Group

  24. IronPort Content Scanningfor Regulatory Compliance IronPort Content Scanning Engine Encrypt Archive BCC to Compliance Officer Notify Legal Personnel Remove Attachment Return to Sender Bounce Email Drop Email HighPerformance Flexible Fine Grained Incoming / Outgoing Mail Customer Specific Filters Pre- defined HIPAA, GLB, SOX Filters LDAP Server Queries

  25. Simple and Powerful Custom Content Filters • Custom content filters to meet the needs of any business • Supports scanning in international character sets • Easy-to-use GUI flexible and fast • Integrated Administrator quarantine for content review

  26. IronPort Consolidates the Email Perimeter BEFORE IRONPORT AFTER IRONPORT Revolutionary MTA Platform for High Availability & Performance Exclusive Preventive Filters IronPort Reputation Filters™ IronPort Virus Outbreak Filters™ Best of Breed Reactive Filters Symantec Brightmail Anti-Spam™ Sophos Anti-Virus™ IronPort Content Policy Engine PGP Encryption Real-time Mailflow visibility & access control

  27. IronPort C-Series Architecture

  28. Carrier-Proven Technology & Enterprise Class Solutions 6 of the 10 Largest ISPs The World’s Largest Enterprises

  29. Intelligent Protection for Dell • Dell’s challenge: • Dell currently receives 26M messages per day • Only 1.5M are legitimate • Spam Assassin on 68 gateways was not accurate • IronPort solution: • Reputation filters block over 19M messages per day • C-Series sends 5.5M messages per day through Brightmail content filtering • IronPort replaced 68 servers with 8 IronPort C60 appliances Accuracy of spam filtering increased 10x Servers consolidated by 70% Operating costs reduced as much as 75% “IronPort has increased the quality and reliability of our network operations, while reducing our costs.” —Tim HelmstetterManager, Global Collaborative Systems Engineering and Service Management, Dell Corporation

  30. Case Study: “I just wanted to let you know that the penny has finally dropped with regards to the Ironport and message flow!!! I now understand exactly what, how and where things are going and I must say the power of the technology has blown me away. This thing is awesome, so good in fact that I would recommend every company in the world gets one or (two)…!!” IT Operations Manager 13th Jan 2005

  31. Any Questions? Thank you for listening – For more info visit www.ironport.com www.senderbase.org Henrik Davidsson +46 701 90 11 00 henrik@ironport.com To win the Enigma Machine Book Question: Which country is the source for the SECOND highest volume of SPAM on a global basis? SOUTH KOREA

More Related