Presentation is loading. Please wait.

Presentation is loading. Please wait.

IronPort & Web Gateway Security Solutions

Similar presentations

Presentation on theme: "IronPort & Web Gateway Security Solutions"— Presentation transcript:

1 IronPort Email & Web Gateway Security Solutions
PROTECTING OVER 300 MILLION BOXES WORLDWIDE Frederic Benichou Director, South Europe, Middle-East & Africa IronPort Systems

2 IronPort Consolidates the Email Perimeter
Before IronPort IronPort Security Appliance After IronPort Internet Users Groupware Firewall Internet Firewall MTAs Anti-Spam Anti-Virus Policy Management Mail Routing Groupware Users

3 IronPort: Industry Leadership
Global Leadership Founded in 2000, based in San Bruno, CA 35 offices in 25 countries Approx 380 people Analyst Leadership Recognized as leader by Gartner, Meta, IDC, Forrester, Bloor Customer Leadership About 3000 customers in 75 countries 8 of the 12 largest ISPs 20%+ of the largest Enterprises (Global 2000) 300+ millions mail boxes protected US Armed Forces & Government Technology Leadership First with custom, high performance MTA First with Reputation Filtering (SenderBase) First with Virus Outbreak Filters

4 Sample customers in France
10,000 bal 1,000 bal Cipa MACSF Comexpo SNC Gestor

5 Case Study: Société Générale

6 Multi-Layered Security Preventive + Reactive = Defense in Depth
Traditional security is REACTIVE - E.g., content filtering for spam - E.g., virus scanning based on known signatures - These methods require that the threat has been seen before, and the filter gets updated with that information REACTIVE filter are not enough because: - You need this because threats are changing so fast, reactive services don’t always move fast enough - the load on the infrastructure requires that you do high- performance filtering BEFORE the CPU intensive content filtering PREVENTIVE filters provide much faster response times and higher performance Best approach is a cocktail of the two Higher accuracy of REACTIVE filters allows definitive actions (like deleting the message The question now is how is IronPort able to create these Preventive Filters? Immediate Reaction to Threats Extremely High Performance Coarse Outer Layer Blocks or Rate Limits Adapts Over Time Computationally Intensive Fine-grained Inner Layer Delete or Quarantine

7 SenderBase® / Threat Operations Center
TOC Team of security experts • Global volume data • Message composition data • Spam traps, complaints • Blacklists, whitelists • Compromised host lists • Open proxy lists • Offline data (F500, ISP, NSP, govt.)… Sender Reputation Score 90+ Parameters Détaillons un peu tout d’abord Senderbase. SenderBase collecte des informations provenant de plus de 25% du trafic et Internet mondial. Ces informations sont stockées selon un certain nombre de paramètres, et permettent de donner des notes de réputation aux émetteurs d’ s comme aux sites Web. SenderBase reçoit des contributions de plus de réseaux à travers le monde. Ces informations génèrent ensuite des règles de sécurité automatiques, règles vérifiées par nos experts analystes du Threat Operations Center, validées ou modifiées puis envoyées aux boîtiers IronPort installés chez nos clients. Web Reputation Score • URL blacklists and whitelists • HTML Content Data • Domain Registrar Information • Compromised Host Lists • Network Owners • Known Threats URLs • Web Site History… 45+ Parameters

8 IronPort : Integrated Secured Gateways
Security  C Series Web Security  S Series Security Management  M Series

9 IronPort Email Security Appliances
High Performance Security Appliances Stopping Spam, Viruses and Other Threats, Enforcing Policies, and Reducing Admin Costs for Enterprises and Service Providers IronPort X1000 IronPort C10 IronPort C300/C600

10 IronPort Architecture for Multi-Layered Email Security

11 AsyncOS™ Unmatched Scalability and Security
MANAGEMENT TOOLS DEFENSE AGAINST SPAMs DEFENSE AGAINST VIRUS CONTENT PROCESSING AUTHENTICATION ASYNCOS™ MTA PLATFORM AsyncOS scalable and secure OS optimized for messaging Identity Protection secures enterprise identity Standards-based Integration replaces legacy systems with ease

12 AsyncOS™ Revolutionary MTA Platform
Traditional Gateways And Other Appliances IronPort Security Appliance 200 Incoming/Outgoing Connections Low Performance/ DoS Potential 10,000 Incoming/Outgoing Connections High Performance/ Sure Delivery Single Queue For all Destinations Queue Backup Delays All Mail Per-Destination Queues Fault-Tolerance and Custom Control

13 AsyncOS™ Advanced Email Identity Protection
Directory Harvest Attack Prevention Virtual Gateway Technology Intelligent Bounce Handling Protects Against: Theft of your user database by spammers Unique Advantage: Integrates with SenderBase™ to track global attacks Protects Against: Inadvertent blockage of your corporate mail Unique Advantage: Provides up to 256 unique IP addresses per appliance Protects Against: Blacklisting of your IPs from intentional NDRs Unique Advantage: Distinct IPs for NDRs, In-conversation recipient checking

14 AsyncOS™ Standards Based Integration
LDAP Integrates with all standard LDAP servers including Active Directory™ Carrier-class client and cache on-box DNS High performance client resolves millions of record per hour Configure separate DNS servers per domain Advanced Networking 802.1Q VLAN Tagging for network security NIC failover for redundancy Loopback interfaces for load balancer integration Essential Mail Operations Alias, masquerade, and routing tables Powerful header operations Store tables on box or in LDAP directory

15 Best of Breed, Multi-layer Spam Defense

16 Good, Bad, and “Grey” or Unknown Email
IronPort Reputation Filters Stop 80% of Hostile Mail at the Door…. • Known good is delivered • Suspicious (ex. Score = -4 to -1): limit the rate & pass thru Anti-Spam filter Reputation Filtering Anti-Spam Engine Incoming Mail Good, Bad, and “Grey” or Unknown • Known bad (ex. Score = -10 to -4): connection rejected Senderbase IronPort uses identity & reputation to apply policy Sophisticated response to sophisticated threats

17 A wide sample of parameters, for a reliable assessment of Reputation
Good Reputation Only Sending to Valid Recipients Good Sending History Reverse DNS Works Average Reputation SenderBase tracks over 90 factors about a sender, 10x more than other vendors. We get a complete view of who is sending you . Because of the different factors we track from so many data sources, IronPort Reputation Filters has the highest accuracy of any reputation system. Just a single negative factor will not necessarily result in an extremely poor score- it needs to be correlated with other negative factors. For example, somebody could be blacklisted, but Based on real-time analysis, IronPort can determine the relative weight of different anomalies- rather than continuing to rely on factors for which spammers may have developed counter-measures Volume Spike Blacklisted System Tolerant of Anomalies Poor Reputation

18 Positive & Negative Reputation
Graphical representation of SBRS groups Shows the customer that we are a comprehensive system- it’s not just about bad senders, but the full continuum. Very few of our competitors actually assign scores to senders – they just renames their blacklists and whitelists reputation filters. Fire and forget- once they set up their policy, they don’t have to continually update an RBL (or worry about FPs- this is a strong benefit for SMBs)

19 Customer case – Marseille-Nice Universities 30,000+ users
Universités Numériques Région PACA

20 IronPort Reputation Filters Dell Case Study
Dell’s challenge: Dell currently receives 26M messages per day Only 1.5M are legitimate messages 68 existing gateways running Spam Assassin were not accurate IronPort solution: Reputation filters block over 19M messages per day 5.5M messages per day scanned by Symantec Brightmail Replaced 68 servers with 8 IronPort C60s Accuracy of spam filtering increased 10x Servers consolidated by 70% Operating costs reduced as much as 75% “IronPort has increased the quality and reliability of our network operations, while reducing our costs.” -- Tim Helmsetetter Manager, Global Collaborative Systems Engineering and Service Management, Dell Corporation Walkthrough the Dell case study.

21 IronPort Anti-Spam™: High Performance, No Administration
Leading Efficacy CASE (Content Adaptive Scanning Engine) optimized for blended threats Multiple sources Industry leading throughput Virtually Zero False Positives Approx 1 in 1 million No administrative burden Install and walk away Automatic filter updates, no tuning required System adapts to new threats without manual tweaking of rules Score How? Structural Analysis What? Content Analysis Where? Web Reputation Who? Reputation IronPort CASE™

22 IronPort’s Context Adaptive Scanning Engine (CASE)
Anti-Spam Competitive Solutions What? Message Content What content is included in this message? How? Message Structure How was this message constructed? Who? Reputation Who is sending you this message? Where? Web Reputation Where does the call to action take you?

23 New types of spam More difficult to detect
URL is not that of Red Cross URL 100% legitimate content Passage from a text book

24 Recent trends in Spam Average Daily Spam Volume (billions msgs) +110%
% Spam with an Embedded Image +421%

25 Image-based spams techniques
« Polka dots » make every message appear unique to signature-based anti-spam filters images broke down in sub-parts and then reassembled IronPort has unique techniques to detect these spams, including: « MPR »: Multidimensional Pattern Recognition

26 LabTests results: Catch Rate Results
Spam catch rate is measured as the number of spam messages caught, divided by the total number of spam messages received. Over a one month test period ending on October 19th, IronPort Anti-Spam caught an average of 97.1% of spam, compared to 93.7% for Symantec Brightmail. This means that an average end-user with Symantec Brightmail would have received approximately twice as much spam in their inbox (6.7%) compared to IronPort Anti-Spam (2.9%). These statistics were calculated based on a random sample of spam messages received by “spamtrap” accounts managed by IronPort. Symantec Brightmail’s catch rate was also closely correlated with the amount of image spam received. As the graph illustrates, Symantec Brightmail’s capture rate (the red line) fell significantly in early October as the percentage of spam with embedded images (the yellow line) increased.

27 Termination of IP-Symc partnership
Letter sent by IronPort to customers on Friday, Oct. 19 Almost all customers migrated to IPAS by now for quality reasons In Q3: 6% BM attach rate ; 91% IPAS attach rate IPAS technical superiority, as confirmed by the tests conducted by independent lab: « LabTests »

28 The IronPort Spam Quarantine (ISQ) and the M-Series appliance
No helpdesk calls Self-service end-user spam quarantine Web UI, Digest , Advanced Search Authenticate users with LDAP, AD, or IMAP/POP Automatic disk space management Flexible deployment On-box or centralized quarantine with IronPort M-Series appliance In the end though, a spam quarantine is a crutch for a poor spam engine. IronPort’s accuracy is such that most customers stop using the quarantine after only a couple of weeks.

29 Best of Breed, Multi-layer Virus Defense
MANAGEMENT TOOLS ANTI-VIRUS DEFENSE ANTI-SPAM DEFENSE PREVENTIVE CONTENT PROCESSING AUTHENTICATION REACTIVE PLATEFORME ASYNCOS™ MTA IronPort’s Virus Outbreak Filters stop outbreaks 14 hours ahead of signatures Sophos AntiVirus signature based solution with industry leading accuracy

30 Today’s Anti-Virus Solutions Inadequate
Millions of infections occur during this period. Anti-Virus Signature Release Timeline Capture Virus Sample Issue Customer Alert Analyze Virus Sample Release Signature Update Signature ~10,700 new viruses, worms & trojans Generic signatures don’t always work. See booklet « The New Anti-Virus Formula » by John Dickinson:

31 How Virus Outbreak Filters Work IronPort Threat Operations Center (TOC)
Continuous monitoring & analysis Real-time & historical data visualization Automated alerts Human verification The IronPort gateway downloads the updated rules from the TOC every 5 minutes,… …and puts the concerned messages in the Quarantine (queue in the MTA) Manager, Threat Operations Center INSIDE THE TOC Expert team of skilled analysts Staffed 24 x 7 x 365 32 languages spoken Documented & verified processes State-of-the-art tools & techniques

32 How Virus Outbreak Filters Work Dynamic Quarantine In Action
Messages Scanned & Deleted T = 0 zip (exe) files T = 5 mins -zip (exe) files -Size 50 to 55 KB. T = 10 mins zip (exe) files Size 50 to 55KB “Price” in the name file T = 8 hours Release messages if signature update is in place Additionally with 2.0 we have introduced the notion of Dynamic Quarantining: IronPort’s unique Dynamic Quarantine allows Outbreak Filters to immediately quarantine viral messages based on limited information. Only Outbreak Filters continuously re-scans and re-evaluates quarantined messages based on the latest, increasingly fine-grained rules, resulting in a minimal cost of coarse filtering or misclassifications. Other solutions hold messages for up to days, prior to releasing the message to its intended recipient. This example walks you through the lifecycle of a typical outbreak in a 2.0 solution: Initially at time T=0, a message could be quarantined due to an Adaptive Rule or an Outbreak Rule that is coarse. As time goes on and the outbreak progresses and more information is available to the TOC to issue granular rules, messages that no longer meet the criteria get released automatically. By doing this and also by publishing finer grained rules that target file size, file type, filenames, message URLs and a lot more, we have addressed a significant concern of several customers about quarantining benign messages. Also, we can now publish an AV signature rule that will release messages automatically before the expiration time, if the AV vendor claims that there is an updated signature in place to address that outbreak.

33 The Virus Outbreak Filters advantage
Virus Name Date IronPort Protection Starts** First Anti-virus Signature Available** Outbreak Filter Lead Time Looksky.G 1/6/06 2:32 PM 2:12 AM (two days later) 35:40 hours Nyxem-D (Kama Sutra) 1/16/06 2:36 PM 3:22 PM 1:27 hours Sober-Z 11/21/05 8:07 PM 12:45 AM (the next day) 4:38 hours Mabutu-A 11/17/05 12:58 AM 1:24 PM 12:26 hours Zotob.C 8/16/05 1:56 AM 4:47 AM 2:51 hours Sober-N 5/5/05 3:58 PM 5:19 PM 1:21 hours MyTob.G 3/24/05 11:30 PM 12:58 PM (the next day) 13:28 hours Multiple Bagle variants 2/27/05 10:39 AM 4:22 AM (2 days later!) 41:43 hours Mydoom.BB 2/15/05 6:08 PM 10:54 PM (the next day) 28:46 hours Wurmark-D 1/10/05 10:02 AM 6:09 AM (the next day) 20:05 hours Medium additional protection time……………….. 14 hours Out of a total of blocked attacks……………………175 outbreaks * Feb 2005 –January **GMT

34 Virus Outbreak Filters recent results: eWEEK Review: September, 2006
VOF blocked 100% of the new virus outbreaks in the past 5 months Review Overview 5 month test by eWEEK, large independent, weekly IT magazine 1217 virus positive s stopped before AV signatures were available 48 separate virus variants blocked 0 false positives reported Viral Messages Stopped: By Month Viral Messages Stopped: By Variant Review Quotes “We never saw a false positive” “(Virus Outbreak Filters) effectively blocked messages containing viruses for which signatures didn't already exist” - Mike Caton, Technical Writer

35 IronPort Content Scanning Inbound/Outbound Message Filtering for Compliance
MANAGEMENT TOOLS SPAM DEFENSE VIRUS DEFENSE CONTENT PROCESSING AUTHENTICATION ASYNCOS™ MTA PLATFORM Content filtering Compliance (e.g. SOX) Digital Rights Management – information leakage prevention Rules per user groups Encryption: IronPort acquires PostX

36 PostX: One Platform, Three Solutions
“Pull” PostX WebSafe Webmail 1 PostX Secure Secure Desktop Messaging PostX Envelope Offline, Registered and signed PostX SecureDocument Statements, Invoices, etc. 2 PostX MessageCentre Integrated Customer Service Communication 3 PostX S/MIME or PostX OpenPGP Certificate based mail “Push” PostX Messaging Application Platform

37 Email Authentication MANAGEMENT TOOLS
DEFENSE AGAINST SPAMs DEFENSE AGAINST VIRUS CONTENT PROCESSING AUTHENTICATION ASYNCOS™ MTA PLATFORM • DomainKey Signing – Protection of Corporate Identity • IronPort Bounce Verification – protection against bounce redirection attacks • Directory Harvest Attack Prevention

38 IronPort DomainKeys Protects domain identity and protects against phishing
Internet ISPs private public DNS DomainKeys: The domain owner (typically the team running the gateway) uses the IronPort Security Appliance to automatically generate a public/private key pair to use for signing all outgoing messages. The public key is published in DNS, and the private key is stored on the IronPort appliance. When each is sent by a specified end-user within the domain, the IronPort appliance automatically uses the stored private key to generate a digital signature of the message. This signature is then pre-pended as a header to the , and the is sent on to the target recipient's mail server. Ensures the proper identity of the source domain More than 200 million mail boxes use DomainKeys Easy deployment (private key & DNS-based public key)

39 IronPort Bounce Verification™ Protects against bounce-message attacks
BV Internet BV + All outgoing messages are stamped. Legitimate bounce messages coming back are recognized by this stamp Transparent and autonomous Deuxième fonctionnalité d’authentification du boitier : IronPort Bounce Verification. Le boîtier va estampiller tous les s sortants, ce qui lui permettra ensuite de savoir si, lorsqu’un message d’erreur est envoyé en retour, le message original provient bien d’un utilisateur de l’entreprise. Si un message d’erreur qui se présente n’a pas ce tampon IronPort, le boitier en déduira qu’il provient d’une attaque de redirection de message d’erreur et il sera rejeté. Ainsi vous êtes certains que les messages d’erreur réels sont bien délivrés à vos utilisateurs, mais que les messages d’erreur redirigés suite à une attaque spam ne viennent pas polluer votre messagerie. Cette fonctionnalité est incluse en standard dans le boitier C, et fonctionne de façon autonome, sans besoin d’autre technologie.

40 Management tools Reduction in admin costs
DEFENSE AGAINST SPAMs DEFENSE AGAINST VIRUS CONTENT PROCESSING AUTHENTICATION ASYNCOS™ MTA PLATFORM Security Manager for unified policy management Centralized Management manage units around the world Mail Flow Monitor real time reporting Mail Flow Central centralized reporting and tracking

41 Categories: by Domain, Username, or LDAP
IronPort Security Manager Single view of policies for the entire organization Categories: by Domain, Username, or LDAP Allow all media files Quarantine executables IT Mark and Deliver Spam Delete Executables SALES Archive all mail Virus Outbreak Filters disabled for .doc files LEGAL “ Security Manager serves as a single, versatile dashboard to manage all the services on the appliance.” -- PC Magazine 2/22/05

42 IronPort Centralized Management
Log in anywhere, control everywhere Interface assures configuration consistency Apply changes to a machine, group, or cluster Test on single system, “promote” to cluster SJ1 Machine SJ2 Machine D1 Machine D2 Machine T1 Machine T2 Machine SJ3 Machine D3 Machine T3 Machine San Jose Group Dublin Group Tokyo Group IRONPORT CLUSTER

43 Mail Flow Monitor


45 Customer case – Comverse 6,000 users

46 Example of protection at Danone
1 Attempted SMTP connections Ironport chez Groupe DANONE 2 Same origin ? Same IP? 3

47 Zooming on the specific domain
Informations from Reputation Filters and from SenderBase Ironport chez Groupe DANONE

48 Graphe Ironport chez Groupe DANONE
A single IP address tried to send 130,450 messages Administrator : check case to blacklist the IP Graphe 1 2 Ironport chez Groupe DANONE

49 Reduction in admin costs at Danone
Administration Administration is reduced to alert monitoring and update follow-up Fast Tracking to search for any message Ironport chez Groupe DANONE

50 Example of Tracking Result
Ironport chez Groupe DANONE

51 IronPort : Integrated Secured Gateways
Security  C Series Web Security  S Series Security Management  M Series

52 Malware: exploding phenomenon
Number of spyware (in thousands) Growth in Keyloggers Total Reported Parlons aussi d’une sous-catégorie dangereuse du spyware, les keyloggers ou enregistreurs de touches clavier. Ceux-ci sont capables d’enregistrer en arrière plan toutes les frappes clavier. Ils sont mêmes capables aujourd’hui d’enregistrer des captures d’écran, afijn par exemple de déjouer les protections mise en place par les banques en ligne. Citer exemple du clavier à chiffres proposé par certaines banques avec les chiffres changeant d’endroit. Source : State Of Spyware Report, 2006 Source: iDefense Labs, November 2005 Spywares, Keyloggers, Chevaux de Troie, Botnets & Zombies, etc. 65% growth in 2005 vs. 2004 Cost of a malware : 150$+ per PC per year + commercial risk + legal responsability

53 IronPort S Series: Web protection at 3 levels
Blocks access to infected sites Web Filters content against Spyware La Série S permet à nos clients une protection à 3 niveaux (les citer) Filtre le Malware Prevents « phone-home » calls to hosts outside

54 Architecture for a multi-layer Web security
MANAGEMENT TOOLS IronPort Web Reputation Filters IronPort Anti-Malware System IronPort L4 Traffic Monitor IronPort Policy Filters Captures IronPort’s view of Starts with Extends Highlight management tools Powerful platform designed for anti-malware Combined application and network layer scanning capabilities We need to do complete content inspection We need to look at all the network ports and identify infected clients and stop malware that is trying to bypass Full range of apps IronPort AsyncOS Web Security Platform

55 1. Blocks access to infected sites: Web Reputation
Premier niveau de protection : la Série S va vous permettre de bloquer l’accès des utilisateurs aux sites infectés. Comme sur la série C le boitier inclus les Web Reputation Filters qui vont permettre de bloquer l’accès des utilisateurs aux sites infectés. Lorsque la note de réputation dus ite est comprise par exemple entre -10 et -5, le site peut être immédiatement bloqué. Au dessus de 5 il va être autorisé, et il vous est possible de définir par exemple qu’entre -5 et +5 le flux subira un filtre complémentaire. Début 2007, la série S inclura également une solution complémentaire de filtrage d’URL, qui vous permettra à la fois de compléter votre protection grâce à une deuxième couche de sécurité, et aussi de pouvoir gérer vos accès Internet à partir des différentes catégories (voyages, pornographie, etc.). Blocks connection infected sites phishing etc. Anti-Malware scanning Allows connection (“good” sites)

56 2. Filters malicious content: IronPort Anti-Malware System
Anti-malware engine “DVS Engine”, supporting multiple verdict engines Webroot others High accuracy level Very high performance for scanning on the fly (content streaming) Zero administration VERDICT ENGINE 1 VERDICT ENGINE 2 IRONPORT DVS™ ENGINE 2ème niveau de protection : la série S va effectuer un filtrage anti-malware. Les flux provenant de sites dont la réputation est suspicieuse sans être trop mauvaise peuvent ainsi être contrôlés plus finement véritablrment en mode streaming en les confrontant à un moteur d’analyse anti-malware. Ce moteur permet une analyse complète du contenu du flux et contient à ce jour une base de signatures anti-malware parmi les meilleures du marché. Cette base de signatures vous permet de bloquer en temps réel les principales catégories de malware actuelles. VERDICT ENGINE N REPUTATION-BASED VERDICT CACHING

57 3. Detects & Blocks communications to outsite host servers: L4 monitor
Detects any spyware or keylogger activity to an outsite host (“phone home”) On any of the 65,535 ports Working around port 80 2 modes: “monitor only or “monitor & block” Internet X X Firewall Port 80 Enfin 3ème niveau de protection Web : la série S va bloquer les communications des malware vers leurs serveurs externes. Ainsi elle va bloquer les envois de données des spyware et keyloggers vers l’extérieur, les communication des zombies avec leur “pirate maitre”, et les téléchargements des chevaux de Troie. Plus généralement la série S va bloquer les codes malveillants cherchant à contourner le port 80. IronPort S-Series PROXY L4 TRAFFIC MONITOR X X

58 IronPort : Integrated Secured Gateways
Security  C Series Web Security  S Series Security Management  M Series

59 IronPort M Series : management for C and S Series
La Série M d’IronPort vous permet notamment de centraliser la quarantaine de spam au niveau de votre entreprise, lorsque vous avez plusieurs boîtiers C, et vous permettra dès le 1er trimestre 2007 de centraliser le reporting des série C et S sur un même boitier. Centralized Spam Quarantine Centralized statistics / reporting / tracking for C and S Series

Questions - Answers DO NOT BELIEVE OUR WORD… CHECK IT OUT BY YOURSELF !! Free evaluation in production Be informed of all new virus alerts by registering on: For all information: Maintenant avant de terminer, j’ai une dernière chose à vous dire : ne me croyez surtout pas sur parole, et vérifiez ce que je viens de vous présenter. Concernant la sécurité de votre messagerie, testez notre série C en situation réelle sur votre réseau durant trente jours. Vous aurez accès aux vraies fonctionnalités du boitier et au support technique IronPort. Vous pourrez ainsi évaluer l’efficacité de cette série dans vos conditions de production réelles. Concernant la sécurité Web, demandez à votre intégrateur traditionnel un audit de la sécurité Web de votre organisation, qui peut être également réalisé par la mise en place d’un boîtier série S au sein de votre système d’information en mode monitoring uniquement, sans aucun blocage. Enfin vous pouvez recevoir des informations sur les principales alertes virales et sur les temps de livraison de signatures anti-virus par les principaux éditeurs du marché sur la page Web Pour toute information je vous ai laissé mon . Nous pouvons maintenant prendre des questions sur les sujets présentés aujourd’hui. Merci à tous

61 The IronPort advantage
New generation MTA Performance, robustness, intelligence, easy integration to architecture Multi-layer Anti-Spam Protection “Reputation Filters”: 70% of traffic blocked before entering the network Content-level AS : efficient; no False Positive; zero administration; efficient against image-based spams; advanced Web Reputation concept Preventive Protection against viruses On average 14 hours additional protection ahead of AV Dramatic decrease in administration costs Administrative costs typically divided by 10 Market leadership and continued innovation

Download ppt "IronPort & Web Gateway Security Solutions"

Similar presentations

Ads by Google