200 likes | 215 Views
Learn about Commtouch's global network infrastructure, unique cloud architecture, and innovative security technologies to protect against spam, phishing, malware, and other online threats. Explore the company's evolution, market requirements, and advanced data center security measures.
E N D
Commtouch:Cloud-based Internet Security Tim Johnson - Director, Strategic Alliances Ian Hess - Technical Account Manager September 2010
Agenda • Who We Are • What We Do • How it Works • Cloud Architecture & Security • Q&A
Foundations • Cloud-based security services leader • Award-winning Internet security technology • Global delivery & service platform • Unique business model • Focus on OEM partners and Service Providers • Partner-centric support organization • Solid financial foundation • Est. 1991, Public (NASDAQ: CTCH) • Profitable and growing
Selected Customers and OEM Partners Security & Network Vendors Service Providers
Messaging Security, Web Security & Antivirus Services Anti-spam Protect against spam & phishing outbreaks in real-time 2002 Zero Hour Virus Outbreak Protection Block email-borne malware outbreaks in real time 2004 GlobalView Mail Reputation Block unwanted email traffic at the network perimeter 2006 GlobalView URL Filtering Comprehensive coverage, accuracy and real-time security 2008 Outbound Spam Protection Block and identify outbound spam & spammers 2010 Command Antivirus Protect against malware threats 2010 Industry Standard Plugins
2Q10 Email Threats by the numbers • 82% of all emails are spam • 179 Billion spam messages per day • Pharmacy spam 62% of all spam • 307,000 zombies lit up per day • 1800 variants of Mal/Bredo virus • 1.3 Sextillion ways to spell \/ l @ g r /-\ everincreasingflow ofSPAM
Virus Attacks Aren’t Letting Up Zero hour virus outbreaks – last 90 days
Spam Maxims Spam is only economical in large volumes Single endpoint or rule-based systems cannot detect spam and viruses quickly or accurately enough A cloud-based solution with global view of internet email can solve the problem
Commtouch’s GlobalView Network Infrastructure • 5 Carrier grade data centers: US (3), Europe, Asia • Operational for over 12 years • Multiple collection nodes distributed worldwide • Collection of billions of Internet transactions daily • Across diversified segments & geographies • RPD™ technology, multiple analysis engines and 3rd party sources Collection & Analysis • Unified service platform for Internet security applications • Servicing OEM vendors & service providers • Protecting hundreds of millions of users worldwide Service platform
Commtouch Technology Overview Global collection of Internet traffic & data Real-time analysis Queries by endpoints Resolution; Query results build locally relevant DB Real-time traffic Web data sources Security Alliance Malware samples Email Analysis Recurrent Pattern Detection URL analysis Multiple engines Malware analysis Multiple engines OEM partner & Service Provider Endpoints
Commtouch Technology Overview: Messaging Malware patterns IP Addresses 取/m取 Spam/ phishing patterns URLs 三最機是般 • Patented RPD™ • Distribution and structure pattern correlation • Real time detection of global outbreaks
Commtouch Technology Overview: Web Spam/ phishing URLs Userqueries Open trafficcollectors Threat research 3rd party Security Alliance data URL dynamics,popularity & reputation Analysis Engines • User-behavior driven URL filtering cloud database • Multiple sources and analysis engines for broadest coverage and highest accuracy • Zero-hour Web threat protection • More than 100M sites in 64 categories including 8 security categories 12
Commtouch Architecture Detail ZeroHour
Data Center Nuts and Bolts • 5 Operated by Commtouch, 4 co-operated by Commtouch • North America, Europe, Asia • Colo with Tier 1 DC providers • They provide building, physical security, connectivity, power & cooling • Host our equipment in our own cage • We own network equipment, firewalls, etc. • Complete physical redundancy • Multi-peering with different local ISPs • Managed remotely • Highly scalable • 2 months to spin up from A to Z
Datacenter Security • Hosted in dedicated cage • Hand scan/Iris scan access • DC provides physical security protocols • Who has access • Who can request/make changes • Who can receive shipments, etc. • We manage technical security • Communications to DC from Ops is encrypted and via private VPN • Access, change, etc.
Technology Nuts and Bolts • Connectivity • Local engine/client • Checks local cache first • Contacts DC if not found locally • Variable TTL in cache • Client chooses ‘best’ DC to work with • 100% up time to clients for 8 years
Technology Security • Protocols • Proprietary protocol over HTTP • 100% proprietary servers • Service requires authentication • We manage keys and can disable key/service • Partners have optional 2nd level key management • No successful attacks on DCs or clients