1 / 61

SurfControl E-mail Filter (E-mail & Product Overview)

Learn about SurfControl E-mail Filter, a closed relay host that protects your network. Understand the basics of e-mail and the protocols involved. Discover the importance of DNS records and MIME types. Find out the system requirements for using SurfControl E-mail Filter.

sherrik
Download Presentation

SurfControl E-mail Filter (E-mail & Product Overview)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SurfControl E-mail Filter(E-mail & Product Overview)

  2. E-mail Basics

  3. How Does E-mail Work?

  4. Help? • MTA/Relay Hosts • E-mail Protocols • SMTP • POP3 • MAPI/RPC • IMAP • DNS • MX Records • MIME Type • LDAP

  5. Mail Transfer Agents (MTAs) Exchange Server SurfControl E-mail Filter Relay Host SurfControl E-mail Filter Lotus/ Domino Server Sender’s Network Recipient’s Network E-mail delivery relies upon MTAs. There are two types of MTAs: • E-mail servers • Relay Hosts

  6. MTAs Continuted • The main difference between an e-mail server and a relay host is that e-mail servers have mailboxes and most relay hosts do not. However, an e-mail server can act as a relay host. There are two types of relay hosts, open and closed. • open: allows any and all mail into a network. An open relay host can compromise network security. • closed: only allows e-mail destined for, or originating from, the protected domain through the relay. A closed relay protects a network. SurfControl E-mail Filter is a closed relay. • Using a relay hosts allows you to have more control over routing within a domain.

  7. Protocols RPC What ARE you talking about?! MAPI IMAP4 POP3

  8. Protocols • Protocols are just like language or accents even, that two people are loaded with so that they can communicate • For example, if somebody wants to speak in French to you, you have to be able to understand and speak French also • It’s the same with Computers. If machines want to exchange e-mail (or anything else for that matter) they need to do it in a language that they both understand • Just like people, one machine can speak more than one language, and so can communicate with many different machines

  9. Imagine ordering a takeaway • Two people in a house speaking in their own language, that they both understand English English English Chinese You Beg Chinese Sit! Woof Woof

  10. Protocols • Two people in a house speaking in their own language, that they both understand • Two dogs in another room talking their own language • Note that there is also a more basic language (protocol) being used between the people and the dogs English English English Chinese You Dog begs “Sit!” Chinese Woof Woof

  11. Protocols • SMTP is the standard (equivalent to the “common language”) for e-mail delivery over the web • SurfControl E-mail Filter is interested only in the SMTP protocol

  12. Ports SMTP HTTP 98.6 88.6 25 80 • Each protocol has it’s own assigned port number, just like a radio station has an assigned frequency • Also, just like a Radio station, a protocol isn’t tied to one port/frequency – it can swap • And just like a radio frequency, a port needs to have a machine at the other end of the transmission that is able to listen to it

  13. SurfControl PLC Riverside Mountbatten Way Congleton Cheshire CW12 1DY SurfControl PLC Riverside Mountbatten Way Congleton Cheshire CW12 1DY SurfControl PLC Riverside Mountbatten Way Congleton Cheshire CW12 1DY Rob Smith SurfControl PLC Riverside Mountbatten Way Congleton Cheshire CW12 1DY Ports Rob Smith Andy Jones Which employee it for? Who needs it? Wasted time in getting it through Chris Bailey Not Feasible Individual connections/postmen? Add a reference Add a name Add a port number The port number tells the receiving server which service/program the communication is for, without having to know what is in it

  14. DNS Records (Domain Name Server) Local Root .com Yahoo DNS DNS DNS DNS • You type http://maps.yahoo.com into IE • The local DNS Server manages queries to Root DNS, COM DNS and Yahoo DNS and returns an IP address to your PC • http://maps.yahoo.com appears in your browser maps.yahoo.com .com? Reply yahoo? Reply maps? Reply Reply

  15. MX (Mail eXchange) Records • You send an e-mail to training@surfcontrol.com • Your MTA queries the DNS Server for MX Records • The DNS Server returns the IP address of the e-mail server • The MTA delivers the e-mail Q MX: surfcontrol.com R: MX 212.150.43.14 DNS

  16. E-Mail Structure - MIME • Envelope: contains two SMTP commands (MAIL and RCPT). MAIL identifies the sender; RCPT identifies the recipient. • Header: contains additional information about the e-mail included by the email client (such as Date or Message-ID). • Body: contains the text of the e-mail and any attachments (MIME - Multi-Purpose Internet Mail Extensions) MIME allows files to be attached to e-mails, and tell the receiving server how to open them. • Just the same as a real mail/letters in construction!

  17. Minimum Spec for E-mail Filter • Processor Intel Pentium III; 600 MHz or higher • How fast it can push things through • Memory 512 Mbytes RAM; 1024 Mbytes strongly recommended • For making the product more efficient – e.g. Rules storage • OS Windows 2000 Server (SP3) or Windows Advanced Server (SP3) or Windows Server 2003 • Why not XP? Lorry Vs Lamborghini – designed to manage larger loads • DNS Internal or external DNS configured • So it can send mail out • Disk space 5 Gbytes free • Storage on the machine for isolated mail and the product itself

  18. So, How Does E-mail Work? SMTP 25 SMTP 25 MX MTA (Relay Host) DNS SMTP 25 POP3 110 MTA (Relay Host)

  19. SurfControl E-mail Filter

  20. SurfControl E-mail Filter • Recognizes and blocks inbound & outbound traffic • Provides blended threat protection as a continuously updated service • Recognizes confidential and restricted e-mail content • Provides virus defense • Set and enforce policy rules • Flexible deployment options • Software or Appliance

  21. Why is Comprehensive E-mail Filtering the Right Solution? • An incomplete solution is a gap waiting to be exploited • Anti-spam focused point solutions don’t cover blended threats, outbound security threats, or confidential data protection • With today’s evolving risks a solution must be comprehensive to adapt to tomorrow’s threats • Dynamic filtering is the only real-world answer

  22. How SurfControl SMTP E-mail Filter Works: Inbound and Outbound protection/filtering

  23. Services Isolate Delay Discard MX or Relay Host Work Out In

  24. The Goal of E-mail Filtering • Security protection from: • spam • phishing attacks • malicious URL links in e-mails • spyware protection • Better management of e-mail and network resources. • Better enforcement of policies • Better legal protection – compliance, harassment lawsuits • Stronger business profitability

  25. Blended Threat Protection - Adaptive Threat Intelligence- Network Connection Security

  26. Adaptive Threat Intelligence • Dynamic Threat Databases • Anti-Virus Agent • Anti-Spam Agent • Digital Fingerprints • Heuristics • Lexi-Rules • Real-time Threat Technologies • Virtual Learning Agent • Virtual Image Agent • Global Threat Experts

  27. ATI Delivers Security Layers to All Products

  28. Powerful Spam & Phishing Protection • Spam Digital Fingerprints • Categorized by content for precise threat protection • Heuristics Engine • - Thousands of e-mail rules to accurately detect phishing & spam attacks. Filters them according to the sensitivity you choose. • LexiRules • Lexical scanning for blended threat attacks Digital Fingerprints

  29. Heuristic Analysis • Comprehensive pattern match analysis • Regular expression lexical rules • Extensive, thousands of rule parameters using Heuristics engine

  30. Web Threat & Spyware Protection - Integrated Internet Threat Database - Unique protection from spyware, phishing, and malicious URL links - Unprecedented protection from harmful websites passed through e-mail Only SurfControl brings customers the unique power of our industry leading Internet Threat database in e-mail filtering!!! Means: Better protection coverage than any competitor

  31. More Blended Threat Layers! • Directory Harvest Attack ProtectionStops bandwidth consuming mail bomb attacks • Spoof Detection • Detects spammers masking their identity • HTML Parser • Removes hidden HTML code used by spammers to bypass detection • HTML Stripper • Strips out active HTML components - like scripts-and more

  32. Anti-Virus Agent Anti-virus scanning at the e-mail gateway Total protection from the many e-mail risks. Offers complete virus cleansing, scanning, blocking and all typical AV benefits. Powered by McAfee

  33. Why Our Threat Analysis is Unique • Most Internet Filtering Experience (c.1995) • Worldwide Perspective (14 offices) • International Cultural Understanding • Global Threat Detection & Analysis (24/7) • AI Technologies and Human Review • Early Warning on Emerging Threats (“1sts”) • Integration of all Internet protection processes in one experienced and united team aContinuous aIntegrated aAdaptive

  34. Customized Content Filtering - Confidential Data Protection- Compliance Layer- Offensive/Harassing E-mail Mgmt- Customer Specific E-mail Filtering Needs

  35. Pre Built Dictionaries & Language Packs • Provide the reference points for filtering. • 160+ pre-populated category dictionaries of content: 10 languages & 16 categories. • Turnkey protection from key threat categories: Hate Speech, Offensive, Gambling, Finance, Healthcare, etc • Language Packs enable multi national organizations to deploy quick protection: • English, Dutch, French, German, Spanish, German, Italian, Japanese, Chinese Traditional, Chinese Simplified, Portuguese

  36. Precise Lexical Scanning with advanced Boolean E-mail Filter’s LexiMatch LexiMatch Settings(Pluto) NEAR ($35 Million) OR (ABC, Inc) NEAR (Buyout Price) NOT (Jupiter) OR (Saturn) OR (Galaxy)

  37. Statistical Probabilities Dictionary Thresholds Pluto 50 Category-specific words, with numerical weighting for each Customizable weightings Set Threshold sensitivity Message statistics calculate categorization probability + $35 million 25 + 50 ABC, Inc + Buyout Price 10 Message Total 135 Threshold 100

  38. Virtual Learning Agent Detects spam with pre-trained categories Can learn your proprietary e-mails and protect confidential information from accidental or malicious leakage. Protects against losses and lawsuits.

  39. Virtual Image Agent Filters explicit adult images from e-mail. Uses intelligent scanning technology. Classifies images based on customer standards. Protects against harassment lawsuits.

  40. How does Virtual Image Agent work? Uses more than 22,000 different algorithms. Differentiates between adult material and harmless photos. Isolates suspect content for evaluation. Enforces policy without affecting performance.

  41. Customizable Policy Administration, Monitoring, Reporting

  42. Policy Administration Easy-to-use Rules Administrator. Customer can create and implement own rules. Customer can set and reset rule criteria. Rules can be applied to groups or individuals.

  43. Triggered Policy Options • SurfControl offers the choice – • No review with Automatic Queue Management • Admin review (at server or remotely) • Employee review (with End User Spam Management) • For employee review, suggest only for SEF’s probability based features • ASA accuracy shouldn’t require employee review • ASA is biggest net to catch the most attacks

  44. Recommendations & Positioning • No review with Automatic Queue Management • Enables time for request to be made of missing e-mail; otherwise, message is deleted after lapsed timeframe • No Admin or employee resource burden • Admin Review (at server or remotely) • Designated Manager or Admin can review isolate folders with assigned privileges • Eliminates employee productivity loss, bandwidth consumption, and potential legal liabilities posed by Adult spam • Employee review (at the desktop) • Allows employee to manage review of their own false positives

  45. Message Administrator • Review of isolated messages; automatically delete or release isolated e-mails for hands off administration • Remote Message Administrator and password protected isolate folders allows e-mail content review by designated managers • Analyze and take action on isolated e-mails from the desk or while on the road

  46. Real-Time Monitor Monitor activity and behavior, any time, from anywhere. View e-mail usage trends and summaries. Identify and correct network and server bottlenecks. Color-coded for instant feedback.

  47. Comprehensive Reporting Data in a format you can use. Schedule reports to automatically run and be delivered to your In Box when you want them Trail of evidence for persistent offenders.

  48. Remote Management & Delegated Administration Administer multiple sites from one server Secure access and administration Password protected

  49. Corporate Disclaimers Protect your corporate liability by inserting disclaimers in email messages Include sales promotional details or press announcements to your corporate mail

  50. Flexible Notification Options Notification options allow you to copy the Admin, sender, recipient, or an appropriate manager Insert notification shortcuts related to the triggered email – example $S inserts the sender info

More Related