1 / 33

Securing E-mail

Securing E-mail. The BorderWare Mail Gateway. Confusion over E-mail Security. “I don’t know why we got hit, ….we have a Firewall”. Quote from a well-known Far East Financial Institution in the wake of the I Love You Virus. Hacker launched Anna bug 'as a warning'.

jake
Download Presentation

Securing E-mail

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Securing E-mail The BorderWare Mail Gateway

  2. Confusion over E-mail Security “I don’t know why we got hit, ….we have a Firewall” Quote from a well-known Far East Financial Institution in the wake of the I Love You Virus

  3. Hacker launched Anna bug 'as a warning' A young Dutchman confessed yesterday to having engineered the Anna Kournikova computer virus that brought chaos to millions of machines around the world this week, saying he believed that the Russian tennis star deserved the extra attention.

  4. Internal Mail Server is open to: Break-ins and denial of service attacks Mail flooding Mail relay abuse Virus and Trojan Horse Attacks Spam E-mail Standard Firewalls do not provide: Protection for internal mail server(s) Mail routing capability Secure Remote access to e-mail Problems with Standard Firewall Configuration

  5. S.A.F.E.R. Security Bulletin 10123.EXP.1.10 TITLE : Buffer overflow in Lotus Domino SMTP Server DATE : January 23, 2001 NATURE : Remote execution of code, Denial-of-Service AFFECTED : Lotus Notes/Domino 5 (up to and including 5.05)

  6. Simple Mail Transport Protocol, the root of the problem • SMTP, defined in 1983 as the Internet Mail Transport Protocol • RFC 821 • Based on an “open” and “co-operative” model

  7. Implementing SMTP Delivery Inputs Local Outputs Address Processing (aliases etc) Internet (SMTP) Usenet (UUCP) Local Mailboxes, Other SMTP Servers

  8. Implementing SMTP • SMTP’s Architecture and design philosophy has lead to implementations that lack: • Privacy and security for Mail Transport • Authentication of sender/recipient • Message authenticity checks • Relay controls

  9. Firewalls are defensive Work by keeping unauthorised and Hostile users out of protected network The “perfect Firewall” is incompatible with a working E-mail Service Limitations of Most Firewalls No Access Inbound External (Internet)  Perimeter Firewall Internal (Corporate LAN) Controlled Access Outbound

  10. Most Firewalls provide no real facilities for E-mail Forced to open a connection path through the Firewall Serious Security Risk! External (Internet) Perimeter Firewall Internal (Corporate LAN) E-Mail Server The Standard E-mail Configuration

  11. The BorderWare Mail Gateway • Protects E-mail servers • Provides added value facilities to maximise return on investment in E-mail Services • Provides Unified Mailbox with future plans for integration with Wireless Services • Includes S-Core secure operating system for maximum security and fast deployment

  12. Recommended configuration for maximum security Alternate configuration Perimeter Firewall Mail Gateway E-Mail Server Deploying The Mail Gateway Perimeter Firewall Mail Gateway E-Mail Server

  13. Store and Forward Relay • Mail Gateway’s security derives from a store and forward relay • No direct connections through the Gateway • Inbound and outbound delivery is a two stage process

  14.  Store and Forward Relay • Inbound message received by Gateway • Message stored in mail queue Perimeter Firewall Mail Gateway • Securely delivered to protected mail server E-Mail Server • No inbound or outbound connections permitted through gateway

  15. Mail routing for multiple servers Controlling E-mail relay Controlling unsolicited E-mail Controlling Mail Attachments Anti-virus controls Secure Remote access to e-mail Mail Gateway Processing and Protecting E-mail

  16. Mail Gateway provides a central point for controlling distribution of mail Optional mapping to internal addresses Mail Routing fred.smith@org.com info@org.com engineering@org.com Remote Location Mail Gateway Groupwise Server Exchange Server Notes Server fred@sales.org.com

  17. Most Mail Servers will accept mail for any domain and attempt to deliver it This facility abused by sender’s of unsolicited e-mail (Spam) The Dangers of Mail Relay From: spammer To: 1,000 addresses Subject: Get Rich Quick 1,000 Messages Out Perimeter Firewall One Message In E-Mail Server

  18. Dangers of Mail Relay • ORBS (Open Relay Behaviour Modification system) black list of “open relays” • If your site is listed many servers will reject all mail • Affects legitimate mail and Spam

  19. Defending against Mail Relay • BorderWare Mail Gateway accepts only mail for local domains • Passes all the ORBS tests (http://www.orbs.org)

  20. Problems with unsolicited E-mail • Your organisation can become a target for Spam • Unwanted e-mail: • Wastes employee time • Wastes network bandwidth • Can fill mailboxes, preventing delivery of legitimate messages • Is irritating!

  21. Defending Against Spam • BorderWare Mail Gateway stops Spam by • Using the Real-Time Black Lists (http://maps.vix.com) to reject Spam • Customised Filters From: OnlineCasino@kxxk-8.fsnet.co.uk To: OnlineCasino@kxxk-8.fsnet.co.uk Subject: [x] Play Free With Our Casino Sign-up Bonus

  22. Problems with Mail Attachments • Viruses and Trojan Horses • the I Love You Virus was propagated as an attachment • Breach of confidentiality • Accidental or deliberate mailing of confidential information

  23. Controlling Mail Attachments • BorderWare Mail Gateway Filters on name • “*.vbs” blocks all Visual Basic Scripts (would block Love Virus) • Choice of actions on matched messages • Strip attachment, log, discard message, send e-mail alert

  24. Anti-Virus Controls • Mail Gateway supports Trend’s Interscan Virus Wall technology as an additional cost option • Scans all mail and attachments for • Viruses, Macro Viruses, Trojan Horses • Messages cleaned, logged, or rejected

  25. Remote Access to E-mail • Growing need as E-mail becomes primary method of communication • Access required from: • Branch Offices • Home Workers • Travelling employees

  26. E-mail re-directed to external 3rd Party Server Users access that server Confidential information stored on 3rd party system Internet 3rd Party Mail Server for Remote Access Remote E-mail Access Hotmail Perimeter Firewall E-Mail Server

  27. BorderPost™ brings flexibility of hotmail to corporate mail servers Works with internal servers and Mail Gateway hosted mailboxes High level of security No storage of messages on 3rd party systems No need for Separate VPN Mail Gateway Solution Authenticated, Encrypted, Browser access Mail Gateway Groupwise Server Exchange Server Notes Server

  28. Positioning the Mail Gateway • Designed to provide • Protection for E-mail Server(s) • Secured Mail Delivery service • Virus screening • Unsolicited E-mail Controls • Secure Remote Access • Some content filtering • Focus on E-mail Security

  29. E-Mail Security Products -- Positioning Audit and Archive Remote Access Server Security E-mail VPN Content Filter Virus Checks SPAM Control Mail Routing BorderWare Mail Gateway BorderWare Mail Gateway E-mail Control E-mail Security Tumbleweed (WSS) Sendmail Consus MailGuard

  30. Mail Gateway Throughput • High throughput essential for corporate mail server applications • Mail Gateway benchmarked at over 1,000,000 messages per day • Server hardware: Intel ISP 1100, P III 750 Mhz, 128 Mbytes RAM • Benchmark described in “Mail Gateway Performance Tests”

  31. Mail Gateway Throughput • Servers: • Low, Pentium Pro 200 Mhz, 32 Mbytes RAM • Medium, P II 450 Mhz, 64 Mbytes RAM • High, P III 750 Mhz, 128 Mbytes RAM

  32. BorderWare Mail Gateway Summary • Complete Easy to manage e-mail security solution • Runs on S-Core Secure Operating System • Unified Mailbox for remote access with future extension to wireless access

More Related