Symantec Expert Forum Messeging Management

Symantec Expert Forum Email Messeging Management
Symantec Mail Security 8000 Series Appliances 2005 Symantec Corporation, All Rights Reserved

Symantec Mail Security 8300 series Appliances
2005 Symantec Corporation, All Rights Reserved

Agenda Problemática del Spam Protección de la mensajería
Características del SMS 8300 Preguntas 3 – 2005 Symantec Corporation, All Rights Reserved

Problemas de las empresas
Grandes cantidades de SPAM Se necesita mayor infraestructura de correo Ataques vía Spam (i.e. ataques combinados, phishing) Afecta a usuarios y administradores Los ataques por afectan al negocio Virus, worms, directory harvest attacks, DoS attacks Coste de la gestión de la infraestructura de IT 4 – 2005 Symantec Corporation, All Rights Reserved

Evolución de los ataques
5 – 2005 Symantec Corporation, All Rights Reserved

Symantec Mail Security
Symantec, the global leader in information security, is the only vendor that offers best-of-breed security at the network, gateway, and server, with multiple deployment options for all organizations SMS - Symantec Mail Security SBAS - Symantec Brightmail AntiSpam 6 – 2005 Symantec Corporation, All Rights Reserved

No todo es correo electronico
SMS 8160 SMS Hosted Reduccion de datos 1 SMS for SMTP SMS 8300 IM Manager Proteccion Gateway 2 SMS for MS Exchange SMS for Domino IMlogic IM Manager Proteccion Interna del correo y IM 3 Enterprise Vault (EV) Retenccion de datos 4 EV Compliance Accelerator y Discovery Accelerator Descubrimiento y recuperacion 5 IM and MTA Gateways remains accessible by IT, legal and compliance officers Microsoft Exchange IBM Lotus Domino Enterprise Vault Server Internet Vault Store Unlike vendors who can address just parts of the problem, Symantec is strongly positioned to meet organizations’ present and future Enterprise Messaging Management needs. This slide summarizes the breadth of Symantec’s enterprise messaging management solutions. They are unique in their ability to reduce the risk to messaging systems and data, and to ensure uptime and performance of both systems and users, while satisfying regulatory and corporate policy requirements. First (moving from left to right), Symantec has a unique capability to reduce spam at the outer edge in the Symantec Mail Security 8160 appliance. It dynamically and reliably identifies spam senders and applies "traffic-shaping" to the those connections, which makes it difficult, even painful, for spammers to send spam to a protected environment. The result is an 80% reduction in spam, as spammers stop transmitting spam to your environment. Second, at the SMTP or internet gateway, we have our Symantec Mail Security solutions that offer integrated antivirus, antispam and content filtering technologies with rapid response virus and spam definitions to maintain very high detection rates with very high accuracy and reliability. At this layer, we also help organizations secure their instant messaging gateways, as well as manage and enforce IM policies in the organizations. These capabilities are delivered by the market leading Symantec IMLogic Manager. Third, Symantec Mail Security for Microsoft Exchange and Domino tightly integrate into their respective environments, and provide high-performance virus scanning and content filtering on a real-time, scheduled and on-demand basis to ensure that internal traffic is free of unwanted content. Fourth, Enterprise Vault is our archiving capability that automatically moves older off of the message store and manages the lifecycle of information from "cradle to grave", based on corporate policy. Fifth, to help companies meet legal or regulatory requirements, Enterprise Vault Compliance Accelerator and Discovery Accelerator enable Legal, HR, and Compliance Officers to collaborate and review potentially incriminating or problematic content. What you see here represents just the beginning as we execute on our goal of comprehensive Enterprise Messaging Management: An integrated suite of components, from a single vendor, supported around the globe. SMTP and IM Traffic Spam Retention (Regulation-dependent) Spam Quarantine SMS = Symantec Mail Security 7 – 2005 Symantec Corporation, All Rights Reserved

Novedades - 8300 Appliance Rapida implemantacion Beneficio Beneficio
Securidad – Spam y Virus Filtrado de contenidos y Compliance Rapida implemantacion Gateway Spam Protection Protección contra Day Zero Virus y Antiphishing Spyware/Adware verdicts Escaneo de contenedores y zips 50 plantillas de políticas pre configuradas 60 diccionarios reconfigurados 37 búsquedas con “regular expressions” preconfiguradas True file typing Servicio de cifrado de Integración en LDAP existentes Administración centralizada Gestión de incidentes Archivado automático In addition to integrating features from other Mail Security products, Symantec Mail Security 8300 Appliance Series also delivers key new capabilities. We’ll cover these in detail in just a minute, but at the high level, we’ve added more in-depth threat defenses, include day zero virus protection. We’ve also introduced new content filtering capabilities to simplify policy enforcement and regulatory compliance, and we’ve beefed up the administration capabilities to deliver more visibility and control. Premium Content Management is an optional add-on that integrates powerful data scanning capabilities with pre-configured templates that ensure is handled within appropriate guidlines. Key capabilities include: Three premium system patterns with advanced lexical analysis that perform additional checking and validation beyond regular expression definitions to reduce false positives. Available patterns include credit card numbers, social security numbers, and IP addresses. Fifty pre-built premium templates which enable companies to build and add their specific actions and group policies to quickly address the most common compliance regulations and data privacy best practices. The included templates are: Thirty-seven pre-built regular expressions used to search for protected data such as Beneficio Beneficio Beneficio Ayuda a conseguir los requerimientos legales/internos Incrementa la eficiencia del departamenteo de IT Bloquear y neutralizarlos ultimos ataques via 8 – 2005 Symantec Corporation, All Rights Reserved

Ataques “Zero-Day” New threats are also exploiting software vulnerabilities more quickly. Until recently, it took about six months from the time a software vulnerability was first announced until threats began to appear that exploited that vulnerability (Slammer followed this pattern). This gave businesses plenty of time to review the vulnerability, prioritize the impact, and test and deploy the correct patches. Today, this window is quickly shrinking. On August 11, 2003, the Blaster worm exploited the Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability only 27 days after it was announced on July 16th. In June 2004, the Sasser worm exploited a new vulnerability only 18 days after it was announced. Very soon, we expect to see “zero-day” threats that actually exploit vulnerabilities before they are announced and before countermeasures and threat signatures can be developed. This potential gap between the time a zero-day threat is released and the time effective countermeasures can be made available could translate into serious problems and costs for businesses around the world. Many of today’s threats are also able to propagate with bewildering speed. Code Red doubled its infection rate every 37 minutes. Slammer doubled its rate every 8.5 seconds—and infected 90% of the world’s unprotected servers in an alarming 10 minutes. These fast-spreading threats require security analysts to identify and analyze threats immediately—and make decisions quickly. We’re fast approaching a state where we will have little or no reaction time against new threats. Therefore we need to focus on proactive security instead of reactive response. NOTE: This graph shows (a) the evolution of computer virus/worm threats with respect to their speed of replication (blue line) and (b) the evolution of antivirus technology with respect to the speed of response (red line). The horizontal axis is measured in years, from 1990 to The vertical axis actually shows two different sets of times (both have the same time scale as indicated on the left-axis). The left vertical axis (blue text), shows how long it takes for a malicious threat to reach “contagion” status, where it has infected a critical number of the vulnerable machines. The right vertical axis shows how long it takes to provide a signature for a malicious threat. The “area under the curve” represents the cost to corporations and customers due to down-time, infection, and data theft/loss. As threats spread more quickly, this cost is only growing. 9 – 2005 Symantec Corporation, All Rights Reserved

Symantec Mail Security 8300 Series
2005 Symantec Corporation, All Rights Reserved

Scanner El Scanner incluye: MTA que procesa correo entrante y saliente
Motor de filtrado que escanea los mensajes Motor de políticas que realiza acciones basándose en la configuración del administrador The Scanner is the piece that is responsible for inbound and outbound filtering. It includes an integrated relay MTA that process inbound mail and outbound mail. It also delivers mail to the groupware server. The Scanner also has a comprehensive filtering engine. The engine is comprised of source or IP connection checks, antispam filtering using Brightmail technology, award-winning Symantec AntiVirus protection, content compliance checks and more. The scanner is also responsible for implementing any of the policies that the administrator sets up. For example, an organization might want to add a annotation tag line to all outgoing mail from the Sales group. 12 – 2005 Symantec Corporation, All Rights Reserved

MTA Integrada Responsable de Basado en Postfix
Procesar correo de entrada Procesar correo de salida Mandar a los servidores de correo Basado en Postfix Mayor control sobre la sesión de correo Herramientas de gestión y monitorización Mostrar estado de la colas de entrada, salida y distribución Tomar la acciones necesarias (Liberar, borrar, etc) As I mentioned the Scanner also includes an MTA that handles inbound and outbound SMTP traffic. It’s based on Postfix, the leading open source MTA known for its performance, security, and flexibility. With the integrated MTA, we have much more control over the mail session. This extends our capabilities for filtering and gives us rich options for message modification. We can also reject and defer connections based on the source connection. We’ll talk about how the benefits in terms of volume reduction when look at the powerful Firewall. The product does include all the key MTA management tools you’ll need to stop, start, monitor and flush mail queues. In addition to the Scanner, another key piece of the architecture is the Control Center. 13 – 2005 Symantec Corporation, All Rights Reserved

Tecnología antispam multicapa
No hay una tecnología perfecta en anti-spam Técnicas diferentes sirven para distinto tipos de spam In terms of on-site filtering, there really is no silver-bullet antispam technology. The only way to catch spam, without blocking legitimate mail, is to employ a combination of techniques. For the 8200 Series , this includes filters created and managed by Symantec, as well as administrator-based controls. In all, Symantec offers over 20 different antispam filtering techniques to provide the most accurate and effective antispam protection. Let’s take a quick look at some of the key technologies. 14 – 2005 Symantec Corporation, All Rights Reserved

Email Firewall: primera linea de defensa
Para ataques a nivel de conexion IP Personalizable Listas blancas y negras Opción de configuración de RBL Múltiples acciones Change (SPF) to (SPF and Sender ID) Directory harvest attacks Alto volumen de spam y ataques de virus IPs que continuamente mandan SPAM It makes no sense to spend the time and processing resources to accept, open up, and filter a message if we are sure that it’s coming from a know spam sender or a malicious source. The Firewall is a collection of technologies that help Symantec Mail Security 8300 Appliance Series determine whether an incoming message originates from an abusive sender. If so, the Firewall can take action to stop all messages from this person, as far out in perimeter as possible. The immediate benefit is a substantial reduction in volume. And, because the scanning engine doesn’t need to process as much unnecessary mail, the Firewall also saves resources and capacity. On the bottom of the slide, you can see some of the threats that are handled by the Firewall. Each of those red arrows represent IP connections from senders who are attempting to connect to the system. Spam senders or blocked senders – This can include suspected spammers identified by symantec’s sender reputation service. Directory harvest – This is the practice of attempting to steal or “harvest” addresses from an server, typically with the intent to later send spam. This type of attack creates tremendous loads on the server which affects performance Open proxies - open proxies refer to computers that have been compromised by a virus or -borne worm. These proxies used to turn the computer into a spam relay from which spammers can send spam. Legitimate senders can proceed on through the firewall process. As you can see, the Firewall serves as a powerful “gatekeeper,” ensuring that certain mail doesn’t breach the gateway in the first place. 15 – 2005 Symantec Corporation, All Rights Reserved

Proteccion contra codigo malicioso
Award-winning Symantec Antivirus Firmas de Symantec Response Opción de heurística para nuevos ataques Diferenciación de Mass-mailer worms Motor rapido y fiable Symantec is the worldwide leader in antivirus with over 100 million users. The core technology includes signature and heuristic based scanning for detecting known and unknown viruses. The heuristics technology (known as Bloodhound) detects virus-like behavior, to identify and repair unknown viruses. You can adjust heuristics settings for more or less aggressive identification of viruses. The technology can detect up to 90 percent of new macro viruses and up to 80 percent of new and unknown executable file viruses, including malicious mobile code. The mass mailing cleanup feature addresses the aftermath from mass mailing worms. These worms often leave hundreds of unnecessary sender notifications and other unnecessary s in their wake. Instead of just deleting the infected attachment, Symantec Mail Security 8300 Appliance Series automatically removes not only the mass-mailing worm but also these associated spawned s that serve no valuable purpose. Symantec AntiVirus features multi-threaded fast scan capabilities for faster detection and repair of file attachments in SMTP traffic. Symantec AntiVirus has received 23 virus bulletin 100% awards and is the most consistently certified virus protection in the industry. And, unlike many competitors, Symantec AntiVirus updates virus definitions and scan engines without having to redeploy the software or restart services. Thus, there is no interruption in virus scanning to get new definition. 23 Virus Bulletin 100% awards Sistema de escaneo Multi-threaded scanning para mejorar el rendimiento Mismo motor que los otros productos de Symantec 16 – 2005 Symantec Corporation, All Rights Reserved

Filtrado de contenidos
Build Custom Scanning Regular Expression Scans Keyword Scans Scans attachments and ZIPs Detects true file type Leverage 50+ Keyword Dictionaries Drug, Treatment and Disease Financial Terms Munitions & Arms Trafficing Regulations Meeting Compliance and Governance Needs Regulatory Compliance Acceptable Use Network Security Customer and Data Confidential Data UK Regulatory Compliance Data Filtering Included Word / Phrase Filtering Premium Content Control* Included Content Scanning The enhancements for version include: Better scanning: the updated engine regular expression, keyword scanning, and dictionary scanning. To support more advanced content analysis and to reduce false positives, administrators can specify the number of keywords in a dictionary that must be present to trigger a match. Deeper scanning: in addition to the message body, administrators can now scan for keyword matches inside attachments and within ZIP files. This deeper level of inspection ensures that important content does not escape detection because it is embedded in a container. Smarter scanning (True file typing). Instead of relying on the provided extension or MIME type of an attachment, SMS 8300 Appliance Series determines the true file type of an attachment by analyzing its structure and signature. The robust scanning engine recognizes over 300 word processing, spreadsheet and presentation file formats, enabling administrators to check content in the most information sources possible. This includes .doc, .xls, .ppt, executables, and more. This ability prevents malicious senders from attempting to bypass attachment filters by renaming a malicious attachment extension (for example, .exe) to a more commonly used extension (for example, .doc). Premium Content Control Module (requires additional purchase) The Premium Content Control Module is a subscription based add-on that extends the power of the standard content filtering and compliance tools. A PCC subscription provides an expanded set of pre-built policy templates, dictionaries, and patterns. The PCC module provide companies with a set of tools that can be used to demonstrate internal controls to support internal data security policies and best practices, as well as external -related regulations. The available pre-built resources include: Three premium system patterns with advanced lexical analysis that perform additional checking and validation beyond regular expression definitions to reduce false positives. Available patterns include credit card numbers, social security numbers, and IP addresses. Fifty pre-built premium templates which enable companies to build and add their specific actions and group policies to quickly address the most common compliance regulations and data privacy best practices. The included templates are: Example Template Names (numbers) Regulatory Compliance (15) HIPAA (including PHI) Gramm-Leach-Bliley Sarbanes-OxleyState Data Privacy Acceptable Use (12) Gambling Media Files Competitor Communications ResumesNetwork Security (3) Network Diagrams Hackers Customer and Data Protection(12) Customer Data Canadian SSN Confidential Data Protection (11) Confidential Docs Source Code UK Regulatory Compliance (3) Human Rights Act 1998 Caldecott Report, 1997 Over sixty pre-built dictionaries containing keywords and keyphrases that support the pre-built policy templates including Drug, Treatment and Disease keywords for HIPAA financial terms for SOX and NASD/NYSE Rules Munitions and Specially Designated Nationals List for International Traffic in Arms Regulations and Office of Foreign Assets Control policies Thirty-seven pre-built regular expressions used to search for protected data such as US Social Security Numbers UK Passport Numbers Drivers License Numbers ABA Routing Numbers. Information Filtering 17 – 2005 Symantec Corporation, All Rights Reserved * Optional Premium Content Control Module

Facilidad en la búsqueda de información sobre correos procesados
1 Busqueda ith multiple criteria Sender Recipient Asunto etc. Estado del mensaje 2 Hora en que fue procesado Sender Recipient Asunto del mensaje Resultado (spam, virus, blocked sender, etc) Acción realizada Symantec Mail Security 8300 Appliance Series offers a graphical message auditing interface that Symantec said allows administrators to perform advanced tracking across multiple scanners in their network. messages can be queried using the system by subject, date and time range, envelope information or IP address. 3 Informacion detallada para forensics 18 – 2005 Symantec Corporation, All Rights Reserved

Políticas de grupo Group policies refer to the ability to treat different sets of users in different ways. For example, assume that the legal department needs to maintain all spam messages forever—they can’t delete the messages. In this case, the administrator could define a default policy for everyone in the company, such as: delete spam and quarantine suspected spam. But for the legal team, administrators would set the system to quarantine both spam and suspect spam. Likewise, the support group might need even more specialized handling of mail. Most organizations will not have hundreds of different policies. Most will define a default group policy that works for the vast majority of their users, then specify outlying cases as necessary. 19 – 2005 Symantec Corporation, All Rights Reserved

Cuarentena basada en Web
Almacena spam y otros mensajes filtrados de manera centralizada Ganar visibilidad sobre el problema del spam Da confianza a los usuarios Puede ser configurada para que solo tenga acceso el Administrador Quarantine is an optional storage area for messages filtered by the 8200 Series. For administrators, Quarantine is a good way to get visibility into the type of spam targeting the organization. For users, viewing the volumes of caught spam in a central quarantine shows your users the success of your filtering measures. It will also reassure them no legitimate mail is never caught. As they become familiar with the 8200 series’ accuracy, they will become confident that legitimate mail is rarely, if ever, quarantined. You can set up Quarantine so that it is only accessible to administrators. 20 – 2005 Symantec Corporation, All Rights Reserved

Administración basada en Web
In the 8200 Series, administrators have access to an powerful Web-based interface. This interface is called the Control Center. The Control Center lets administrators manage, configure, and administer all Scanners in your environment from one central location, using a Web browser. This slide shows the overview page of the Control Center. This is the summary dashboard that an administrator will likely see when he or she first logs on in the Control Center. From this page, administrators can view the system status, see a graph showing the percentage of mail that is spam, and view other data points. The Control Center also provides an easy way to view consolidated device status and logs, as well as statistics and reports. 21 – 2005 Symantec Corporation, All Rights Reserved

Reportes detallados 55 reportes diferentes, mas reportes personalizados Reportes programados enviados por Comprehensive reporting let administrators quickly see what's happening in their environment and what the mail flow and filtering rates look like. This slide shows an example of a typical report—the Mail Overview report—that includes data points for all mail categories, including spam, virus, suspected spam, viruses, and others. The 8200 Series features over 50 reports, which you can customize to meet your needs. You can also schedule reports and have them ed to specific users. 22 – 2005 Symantec Corporation, All Rights Reserved

Actualización de Software
Comprueba si hay nuevas actualizaciones Cuando sea necesario se pueden instalar con un solo click (todos los componentes) Se utiliza una conexión segura The 8200 Series features a software update feature. The software update feature lets you easily: • Check for available updates. You can view the current system software version and, if available, request software updates. • Update in one step. Instead of updating the components such as the operating system, supporting software, drivers, and other components one by one, the Symantec Mail Security Series update process enables complete system upgrades in one easy step. No administrator intervention is required after starting the update. • Minimize downtime. Updates and enhancements are quickly and securely downloaded over a secure network connection. Once the appliance is rebooted, it is ready filter mail This feature provides an easy way to stay current with operating system, MTA, and supporting software levels. The single-click update process ensures that you are always running the safest system possible, mitigating the risk of exploitable security flaws. 23 – 2005 Symantec Corporation, All Rights Reserved

Posicionamiento Symantec Brightmail
Detecta Spam Eficazmente Con “Zero Administration” Dispone de la Red más grande de detección de Spam. Arsenal más completo con 20 Tecnologías de filtrado y detección de Spam Bloqueo de Mensajes en idiomas diferentes al Inglés Protección contra Phishing y spamming. Menor Porcentaje de FP de la Industria: menos de 1 en un Millón Porcentajes medidos diariamente en más de 300 Millones de usuarios. Posibles falsos positivos analizados y corregidos por BrightMail Eliminación segura de Spam sin tener que revisarlo Sin Carga Administrativa No es necesario Configurar o Afinar el Producto Protección contra nuevos ataques de spam y virus 24/7/365 Actualizaciones cada 5-10 minutos: automáticas, seguras y a tiempo Administración global de servidores. Beneficios Salve recursos y ancho de Banda, Devolviendo la productividad a sus empleados Beneficios Nunca pierda información vital por un mal filtrado de spam Beneficios El personal de se podrá concentrar en proyectos estratégicos y no en la administración del filtro Spam. 24 – 2005 Symantec Corporation, All Rights Reserved

Gartner’s Magic Quadrant for E-Mail Security
Security Boundary incluye... Antispam Antivirus Intrusion prevention de entrada y salida The foundation of Enterprise Messaging management—and the reason we’re here today—is . Symantec is the recognized leader in Security, both in terms of market share and in the eyes of analysts such as Gartner. The original magic quadrant was published in the first quarter of 2004 and was focused on a much smaller customer problem - antispam filtering. This new magic quadrant covers a much wider (and more valuable) customer problem - boundary security. boundary security includes antispam, antivirus and intrusion prevention of both inbound and outbound threats. Within this larger market, we were able to increase our distance from competitors by improving both our ability to execute and our completeness of vision. How did we improve our vision? By delivering an incredible number of new products and making significant improvements to existing products. We now have the most complete portfolio of products for enterprises worried about their boundary. The Symantec Mail Security 8100 appliance, an updated version of the revolutionary TurnTide technology The Symantec Mail Security 8300 appliance, a complete security appliance based on the Brightmail technology Symantec Premium AntiSpam for Symantec's existing products (SMTP, Domino and Exchange) Symantec Hosted Mail Security, our first offering that requires no onsite hardware or software Source: Magic Quadrant for Security Boundary, Sept 2006 25 – 2005 Symantec Corporation, All Rights Reserved

Symantec™ Global Intelligence Network
4 Symantec SOCs 74 Paises monitorizados + Sensores Registradosen Paises + + 8 Symantec Security Response Centers >6.200 Dispositivos Gestionados + 120 Millones de sistemas + 30% del correo del mundo + Advanced Honeypot Network 200,000 malware submissions per month Millions of security alerts per month Millions of threat reports per month Hundreds of MSS customers Redwood City, CA Santa Monica, CA Calgary, Canada San Francisco, CA Dublin, Ireland Pune, India Taipei, Taiwan Tokyo, Japan Twyford, England Munich, Germany Alexandria, VA Sydney, Australia Six key international locations Santa Monica, Calif. (Response headquarters) American Fork, Utah Sydney, Australia Calgary, Canada Dublin, Ireland Tokyo, Japan Worldwide sensor network from DeepSight 180 countries >20,000 sensors AV submissions from 120,000,000 customers This is a powerful slide as it illustrates how Symantec offers the most complete information on threats from around the world to the media. It’s a great visual of how strong Symantec’s information and expertise it. You should be sure to explain what “18,000 sensors in 180 countries” exactly means and how we can watch what is happening around the Internet. You may also want to add that Symantec’s Managed Security Services also adds another view of the Internet. Global technical support Springfield, Oregon Toronto, Canada 26 – 2005 Symantec Corporation, All Rights Reserved

Diferentes modelos Model 8380 8360 8340/8240 8320/8320 1,000 Users +
Customer segment 1,000 Users + 100-1,000 Users Under 100 Users Form factor 2U 1U Tower PC RAM/Storage 4GB / 4x146 GB 1.5GB / 2x80 GB 1GB / 1x80 GB Raid Raid 10 Raid 1 None The Symantec Mail Security 8300 features two models, designed to accommodate varying license and performance needs. Both models support the same level of security protection, including volume management, antispam, antivirus, content filtering, and message integrity. And both models feature compact, rack-mounted, 1U Intel-based server appliances. The 8260 is designed for larger organizations, with over 1,000 users. The 8260 expands on the standard RAID1 disk storage to include other availability features such as redundant power supplies and fans. Antispam, Antivirus, Content Filtering, & Message Integrity Delivered Across all Platforms 29 – 2005 Symantec Corporation, All Rights Reserved

Ejemplo de implementación

Symantec Líder del Mercado de Almacenamiento
Storage Management Respaldos y Restauración Software de Almacenamiento Almacenamiento Gestión VERITAS has strong leadership in all the above areas and is number #1 in their respective markets Protección 32 – 2005 Symantec Corporation, All Rights Reserved

Archivado Gestión Almacenamiento Pero faltaba algo… Protección
Archiving was however the missing piece. VERITAS launched DLM to try to break into this market around data lifecycle management with limited sales. Enterprise Vault from KVS was the market leading solution in unstructured content archiving and management and a natural fit for VERITAS. Protección 33 – 2005 Symantec Corporation, All Rights Reserved

Gartner 2005 Momentum in E-Mail Active-Archiving Market
Symantec es la única que aparece en el cuadrante de liderazgo The Magic Quadrant is copyrighted April 2005 (fill in date of publication) by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. Source: Magic Quadrant for Active-Archiving Market, 2005; Carolyn DiCenzo & Kenneth Chin; April 21, 2005 34 – 2005 Symantec Corporation, All Rights Reserved

Gartner 2006 Magic Quadrant for E-mail Active Archiving
This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Symantec.The Magic Quadrant is copyrighted April 2006 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. STRATEGIC PLANNING ASSUMPTION Gartner states,"By 2010, 50 percent of the archiving implementations will use the archive created for compliance and/or discovery to improve management through message stubbing (0.7 probability).“ This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Symantec.The Magic Quadrant is copyrighted April 2006 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. Source: Magic Quadrant for Active-Archiving Market, 2006; Carolyn DiCenzo & Kenneth Chin; May 12, 2006 35 – 2005 Symantec Corporation, All Rights Reserved

El Correo Electrónico está en Compromiso con el cumplimiento
Los administradores de correo electrónico tienen que cumplir con los SLA Implementación de cuotas de buzones Minimización de los servidores Exchange Reducción del tiempo de backup Minimización del tiempo de recuperación Los usuarios del correo electrónico tienen que hacer su trabajo El es una herramienta crítica en el trabajo diario para los usuarios Su intención es de no borrar correo El buzón de correo es un almacenamiento personal de conocimiento Los PSTs proliferan en el almacenamiento compartido y local Conformidad Legal / RH tienen que producir información ¡Pánico ante el incumplimiento! Caso en la parte del PST del usuario q arrastra el mail a su PST local antes de hacer el backup / “GOLDEN LETTERS” 36 – 2005 Symantec Corporation, All Rights Reserved

Symantec Enterprise Vault
Servidor de Ficheros NT4,W2K+ Servidor Exchange Servicios SharePoint Servidor Enterprise Vault Vault Stores 37 – 2005 Symantec Corporation, All Rights Reserved

Gestión de Archivado y Ciclo de Vida del Dato
Indexación y Gestión Automática de Datos para la Conformidad y Necesidades de Negocio Migración, Archivo Reduce espacio de almac. Reduce espacio de almac. Storage capacity growth between 2003 and from 376 PB to PB caused by regulations Government regulations and industry segment best practices force organizations to ensure that data is not changed, “lost” or deleted. This leaves IT departments three options. One, keep everything forever, continually buying and supporting more hardware. Two, delete data risking content loss and legal ramifications. Both these paths can lead to trouble when the money is not available for more hardware or when the authorities are asking for deleted data. A third option is to employ software that automates the processes of indexing content, tracking activity, moving data to appropriate media, storing data efficiently, finding and retrieving selected data, and removing data when it is no longer needed. Automating these processes ensures their accuracy and repeatability, enabling organizations to easily document and adhere to their procedures. The ability to index and search for specific content extends valuable functionality to users, administrators and auditors and simplifies the legal discovery process. Almacenamiento Online Archivo de datos Discos temporales (opcional) Cintas y CD grabables Reubicación de los datos conforme cambie de valor 38 – 2005 Symantec Corporation, All Rights Reserved

Cómo Funciona Enterprise Vault
Primary Data Store Transfer Secondary Data Store Links Search Analyze Retrieve Disclose Secure Rationalize Categorize Retain Index Audit Future Proof Share Expire Use this so we can explain how we interact with Storage 39 – 2005 Symantec Corporation, All Rights Reserved

Funcionamiento de Producto: Arquitectura
Clients Sources Apps Outlook Web Access SharePoint 2003 SDK Outlook Offline Vault Search Archive Explorer Supervision E-Discovery SDK Exchange Mailboxes, Journals Public Folders, PSTs Enterprise Vault Store/Retain/Expire Index/Search/Future-Proof View/Restore Compress/Migrate Audit/Administer Categorization/Filtering File System SharePoint 2003 Domino Journaling Summary of the main sources of information to be stored in Vault along with the main clients – note that file system archiving is a mid-2003 deliverable Adding SPS and applications using archive API as sources and MS Search as indexer. Archive Store Secondary Store SMTP Capture Targets SDK SDK 40 – 2005 Symantec Corporation, All Rights Reserved

Ejemplo de Entorno PST Files PST Files My Documents
Please see the narrated presentation for an example of this section. Please also note that this section would be ideal for a chalk and talk and is not tied to PowerPoint My Documents 42 – 2005 Symantec Corporation, All Rights Reserved

Ejemplo de Entorno PST Files PST Files My Documents
Please see the narrated presentation for an example of this section. Please also note that this section would be ideal for a chalk and talk and is not tied to PowerPoint My Documents 43 – 2005 Symantec Corporation, All Rights Reserved

Enterprise Vault para Exchange: Implementación
Nada que instalar en el servidor Exchange Soporte total de OWA y migración PST El mismo archivo que FSA y SPS Ficheros PST Ficheros PST Mis Documentos 44 – 2005 Symantec Corporation, All Rights Reserved

Políticas de Archivado Flexibles
Next demo steps: Select the Mailbox Rules Tab Explain the logic in this screen, starting from the bottom and working your way up. We will now look at where the mailbox archiving rules are managed. It is best to start explaining this screen from the bottom-up. In other words, there are 3 main archiving methods: message age, proximity to the Exchange mailbox limit, and message size. The “Young Items” setting overrides the settings below. In the screenshot above, no messages of any size will be archived between delivery and 2 weeks in age. Between 2 weeks and 2 months, only messages that are larger than 1024KB will be archived. All remaining messages will be archived 2 months after delivery. Note that archiving logic is based on the “Received Date” field in the Exchange message object. 45 – 2005 Symantec Corporation, All Rights Reserved

Configuración del Archivo

Enterprise Vault para Exchange: Acceso de usuarios
Los punteros en el buzón de facilitan el acceso transparente para el usuario Los punteros universales facilitan el acceso de otros programas que no sean Outlook La búsqueda está facilitada por palabras clave, en Outlook o en una aplicación separada El Archive Explorer (AE) permite la búsqueda y vista jerárquica igual que Outlook El AE está disponible como un plug-in de Outlook of vía Web 47 – 2005 Symantec Corporation, All Rights Reserved

Enterprise Vault para Exchange: Acceso de los usuarios remotos
El cliente remoto más habitual es OWA y está totalmente soportado por Enterprise Vault También existe soporte total para Exchange en modo ‘offline’ Offline Vault ofrece un acceso transparente a la información archivada sin estar conectado a NINGUNA red Offline Vault almacena los datos de los ficheros OST antes de ser archivados—reduciendo el tráfico en la red Offline Vault puede sincronizarse con servidores Exchange Offline Vault Exchange Fichero OST Offline Vault 48 – 2005 Symantec Corporation, All Rights Reserved

Experiencia de Usuario Final de Enterprise Vault

Screenshot: Outlook Web Access Shortcut

Ejemplo de Entorno Web Record Manager

PST Migration – 3 Step Process
Alert Locate Search remote registries & file systems Determine ownership Alert Collect in temporary storage location Collect Migrate Schedule ingestion Determine post-migration policy: Delete PST Leave PST Access: Exchange shortcuts Archive Explorer 54 – 2005 Symantec Corporation, All Rights Reserved

Informes de Utilización de Enterprise Vault

Archivo del Sistema de Ficheros: Interacción con el Usuario
Enlaces – punteros integrados Usados con Windows FS (Windows Storage Server) Transparente para los usuarios y aplicaciones La modificación de contenido da como resultado un nuevo ítem Modelo opción “borrar es borrar” (borrar puntero, y archivado) Enlaces Internet - punteros Puede utilizar cualquier dispositivo de almacenamiento No requiere instalación de componentes en el servidor de ficheros Acceso transparente o mediante un clic sobre el enlace (dependiendo de la aplicación) La versión modificada debe almacenarse explícitamente Archive Explorer 56 – 2005 Symantec Corporation, All Rights Reserved

Advanced File System Archiving
How It Works: All features in Basic File System Archiving plus… Full content indexing Web-based search tool & Archive Explorer End-user recover of deleted files Priced per user Benefits: All benefits in Basic File System Archiving plus… Easier search for file system info Reduced burden on IT with ability for end-users to recover deleted files Support legal discovery (e.g., Discovery Accelerator) on files 57 – 2005 Symantec Corporation, All Rights Reserved

Políticas de Archivado Automático

SharePoint Portal Server Archiving
How It Works: Archive older versions of SharePoint Portal Server (SPS) documents (Note: requires SPS versioning) Archived documents retrieved from an “Archived Versions” link or embedded search interface Can handle SPS “pruning” to ensure all versions are archived One EV server / multiple SPS servers Benefits: Integrated archiving, management, and search/usage of documents Item-level restore for SPS docs Enable legal discovery for SPS docs Reduced storage costs and improved scalability of versioned SPS sites 59 – 2005 Symantec Corporation, All Rights Reserved

Integración con NetBackup : Reducción de TCO
Primary Storage Enterprise Vault 6 NetBackup Migrator Disk Archive NetBackup Media Server 5.1+ Tape Library Initially for 6 SP1 we will “see” the NBU media server as a storage device just as we do with Windows servers, EMC Centera, NetApp SnapLock, and IBM DR550. This allows customers to have the opportunity of a tape integration as a secondary storage target for added data security. There is a NBU + EV Best Practices guide that PS is using to work with deployments. 60 – 2005 Symantec Corporation, All Rights Reserved

Enterprise Vault soporta
Sistemas de ficheros Exchange 5.5, Exchange 2000, Exchange 2003 SharePoint 2001, SharePoint 2003 Outlook 97 – Outlook 2003 Outlook Web Access (OWA) Clientes offline Migración PST automático Sin distinción del almacenamiento puede usar SAN, NAS, CAS, DAS etc. Sin distinción de software de backup toda la información archivada se almacena en dispositivos de ficheros estándar 61 – 2005 Symantec Corporation, All Rights Reserved

Customer Challenges Gestión de Buzones Retención & eDiscovery
“Nuestra política de retención de papel no es la misma que la de documentación electrónica” Gestión de Buzones “Estoy demasiado ocupado como para tener que pensar en mi limite de 50MB” “Acabo de perder mi PST con años de trabajo” “Mis usuarios me piden constantemente restaurar correos perdidos” “No encuentro un documento del año pasado, así que empiezo a hacerlo de nuevo” Retención & eDiscovery “Mi Dpto Legal necesita auditar el proceso de correo” Necesito migrar a Exchange 2003 “Necesito recuperar rápido correos y ficheros para un juicio” “Los docs & PSTs se acceden rara vez pero los respaldamos una y otra vez” “Necesito gestionar el Ciclo de Vida de la Información” “Necesito Reducir el tamaño de Exchange” “Estoy cansado de comprar 1TB de almacenamiento al año” “Necesito retener correo y cumplir con leyes como SOX, SEC & NASD” Enterprise Vault is a content management solution to a variety of business and technical problems. In short it combines functionality, information and process to deliver a solution targeted as specific issues and in turn delivers cost justified business value. Optimización de Almacenamiento Cumplimiento Legal 62 – 2005 Symantec Corporation, All Rights Reserved

& PREGUNTAS RESPUESTAS

Symantec Expert Forum Messeging Management

Similar presentations

Presentation on theme: "Symantec Expert Forum Messeging Management"— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

Symantec Expert Forum Messeging Management

Similar presentations

Presentation on theme: "Symantec Expert Forum Messeging Management"— Presentation transcript:

Similar presentations

About project

Feedback