1 / 17

Information security in real business firewall security with special emphasis on smtp

Information security in real business firewall security with special emphasis on smtp. FROM RICHARD RODRIGUES JOHN ANIMALU FELIX SHULMAN THE HONORARY MEMBERS OF THE Intercontinental Group. Topics to Cover. Problem summary Current methods to combat spam: Pros and Cons Proposed methods

kinsey
Download Presentation

Information security in real business firewall security with special emphasis on smtp

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Information security in real businessfirewall security with special emphasis on smtp FROM RICHARD RODRIGUES JOHN ANIMALU FELIX SHULMAN THE HONORARY MEMBERS OF THE Intercontinental Group

  2. Topics to Cover • Problem summary • Current methods to combat spam: Pros and Cons • Proposed methods • Barracuda & Outsourced solutions • Choice criteria & Comparison • The solution • Problems addressed, challenges and resolution • Questions

  3. Problem summary • A lot of spam being handled inside the network • Malware through zip files. • Quarantined zip files resulted in reduced productivity for staff and internal IT staff • Mail cannot be queued if email server is down

  4. Current method used to combat spam:Pros and Cons • Installing Symantec Mail Security for Microsoft Exchange on Exchange 2003 Server • Symantec Mail Gateway on Web Server to protect back-end Linux Mail Server • Pros: Reduced spam and malware • Cons: Costly solution – 2 separate solutions for our Email environment • Malware from zip files • Quarantined zip files and manually sent to end users. • This resulted in decreased productivity for staff and Network Team

  5. Proposed methods • Barracuda Spam Filter • Outsourced solutions • Postini • Microsoft Exchange Hosted Services • Spamstopshere

  6. Barracuda • A hardware spam filter normally placed behind your firewall to block spam • Pros: A better solution than Symantec. • It is hardware based so limited spam gets to the mail server because quarantined spam is stored on the Barracuda. • Can be used for multiple Exchange servers. Symantec is a 1-1 solution • Cons: • Spam is still filtered inside the network • 90% of email is spam! • Requires a lot of administration from Network team.

  7. Outsourced Solutions • Minimal spam gets to your mail server • Zip files can be scanned and rejected if infected • Unified solution instead of 2 solutions for Exchange and Linux mail servers • Inbound and Outbound filtering • Reduced work from Internal IT staff • Peace of mind • Very costly compared to Barracuda

  8. Choice criteria • Evaluated 4 products: Barracuda, Postini, Spamstopshere and Microsoft Exchange Hosted Services. • Leveraging existing solution in remote office • Cost and ease of use • Interoperability with different mail servers • Integration with Active Directory • Checking false positives • Free trial and Technical Support availability

  9. Comparison

  10. Comparison

  11. Comparison

  12. The Solution • Selected Spamstopshere for the following reasons: • Leveraging existing solution in remote office • One solution for all our email platforms: SBS, Exchange 2003 and Linux • Lower TCO

  13. Spamstopshere • How does it work? • Clustered front-end mail servers that filter your email • Blocked categories selected by countries known to be spam senders eg China, Nigeria • Back-end servers that forward filtered email to your firewall en route to your mail server • Since they specialize in spam filtering, most spammers are known by them. False positives are 1 in 1000 emails. • Restrict allowed traffic to back-end servers and block everything else

  14. Problems addressed • Zip files were delivered directly to end users. • IT can concentrate on revenue generating projects than managing spam • Tremendous spam reduction. It stays outside our network. • Unified solution for our 3 different email platforms.

  15. Challenges • Probability that the estimated 0.001% false positive email could be an important one. • Outsourced websites and survey sites hosted by vendors that need to use our mail server to relay email • Bounces from aol.com for outbound email • Some spam sent from legitimate senders thereby passing through the smart host.

  16. Resolution • Upgraded to Enterprise Edition in order to have quarantine of all emails • In 2 months of use, 0 calls have been received concerning false positives • Explicitly grant access to the specific websites and survey sites that need to use our mail server. • Possibly implement outbound filtering • End user education

  17. QUESTIONS/CLOSING • Questions?? • Thanks for listening!!

More Related