Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lisa Farmer, Cedo Vicente, Eric Ahlm

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Lisa Farmer, Cedo Vicente, Eric Ahlm"— Presentation transcript:

1 Lisa Farmer, Cedo Vicente, Eric Ahlm
Messaging Security MULTI-LAYER DEFENSE. BEST-OF-BREED OPTIONS. 09/16/08 Lisa Farmer, Cedo Vicente, Eric Ahlm

2 IronPort Gateway Security Products
Internet Internet IronPort SenderBase BLOCK Incoming Threats APPLICATION-SPECIFIC SECURITY GATEWAYS Security Appliance WEB Security Appliance Talk about the C-, S-, M- and IEA DISCUSS SENDERBASE AND THAT MUCH OF THIS DATA IS PULLED FROM OUR MASSIVE VIEW INTO INTERNET TRAFFIC PROTECT Corporate Assets Data Loss Prevention Users Web Security | Security | Security Management | Encryption

3 IronPort Email Security Appliance
IronPort Consolidates the Network Perimeter For Security, Reliability and Lower Maintenance Before IronPort After IronPort Internet Internet Firewall Firewall Encryption Platform DLP Scanner DLP Policy Manager MTA Anti-Spam Anti-Virus Policy Enforcement Mail Routing IronPort Security Appliance One of our IronPort’s key selling points has been that we consolidate the network perimeter. This provides a dramatic reduction in total costs of ownership. Only one vendor to manage, fewer servers to manage and a more integrated secure system for doing the day-to-day tasks that are required of an admin. On this slide, you can see that we have included our encryption platform as well as the DLP platforms. These are both aspects of technology that have been incorporated into our security appliance. They allow customers to further see the benefits of what our technology can provide on a single integrated appliance. Groupware Groupware Users Users

4 Spam Trends Summary In 2007 attackers tested new techniques
Spam outbreaks happening faster/ higher-velocity Have spammers settled on URL spam? Worldwide Spam Trends Image spam down, attachment spam UP, URL spam way up URL spam up across the board, may settle on this as most effective delivery Rapid-onset attacks more common using spam botnets as spam engine PDF, XLS, MP3 attachments undergo wide-scale testing URL spam is actually social engineering attack because user must click the link.

5 Data Loss Prevention Multi-Faceted Problem
Regulatory Compliance HIPAA, GLBA, PCI, SOX Regulations Scan for sensitive information and block infractions Secure business partner communication Acceptable Use Block offensive content Enforce messaging policy (attachment size, etc) Add legal disclaimers to outgoing mails Intellectual Property Protection Block messages containing confidential data Prevent communications with competitor Note to speaker: Data loss is a multi-faceted problem. We have broken it up into three areas: The first of which is regulatory compliance. This is the area that will probably resonate with customers the most, HIPPA, Sarbanes Oxley, GLBA, PCI, these are all pretty well known regulations that customers, depending upon which vertical they are in, have to comply with. Next is acceptable use. Acceptable use defines what mail behavior is allowed in a specific company. Each company has different policies ranging from blocking offensive content, enforcing message size limitations or adding disclaimers to outgoing mail. Lastly, intellectual property protection. This gives customers the ability to identify confidential data and to prevent it or encrypt it on its way of the network. This quote from IDC pretty much says it all that, has become the de facto filing system for most everyone who uses a computer. Therefore it is even more critical than ever to protect the outbound flow of messages that are sensitive in nature. “ has become the de facto filing system for nearly all corporate information, making it even more critical to protect the outbound flow of messages.” ─ Brian Burke, Security Products Research Manager, IDC

6 IronPort PXE: Receiving a Message Seamless End-User Experience
1. Open Attachment 2. Enter password 3. View message Where the previous slide focuses on what the administrator would have to go through to send a message, this slide deals with what the end-user experiences when they receive a message. First, the receive a message that has an html attachment. If this is the first time a user is being asked to register their credentials, they will be directed to a sight where they create an account and establish a password. That password will be used to open this and all other secure s sent from the company. It effectively looks like this. They would enter in their credentials and log-in a password at the Cisco registered envelope service. After that occurs a key is downloaded to that user and it allows them to render that html attachment in the clear, meaning decrypt it in a browser. Again, this is very powerful because it is agnostic to whatever the end-user is using. It does not require any pre-established communication model. You can send it to someone who is using a different product, someone who is using an ISP solution or whatever it is, they can use it and be able to read and respond to secure mail.

7 CISCO REGISTERED ENVELOPE SERVICE
IronPort PXE: Sending a Message Instant Deployment, Zero Management Costs CISCO REGISTERED ENVELOPE SERVICE To explain how PXE works, we have broken up the description into two sections. The first is sending a message. The thing you want to convey here is that customers can instantly deploy PXE with a simple feature key, no additional management overhead. An that is detected is as being required to have encryption would automatically be enrolled into the key management system, which is provided via Cisco registered envelope service hosted at IronPort. Then that message is pushed to the end-user and that end-user would retrieve the key from the Cisco registered envelope service and render that message in their browser. This provides for a host of center controls, because the fact that that message’s key is stored in host fashion. The sender can log-in to the registered envelope service and deal with tracking, secure, reply, recall and so on. And what makes this really powerful is the fact that we, meaning IronPort, never actually store that message. All we are doing is storing the key, making it a high-performance, high-secure model for managing secure . Automated user enrollment and account creation User authentication and key delivery Message Tracking Secure Reply NEVER stores message → highest security

8 Gartner Magic Quadrant for Email Security Boundaries, 2008*
Analysis of IronPort Security: Cisco/IronPort is the market share leader with strong growth rates. Spam detection rates for IronPort are excellent, with very low false-positive rates. SenderBase has expanded to include Web URL reputation. The local connection management policy is very granular. encryption (via the Cisco/PostX envelope functionality) is provided in the security appliance. Scalability and stability are prime differentiators. IronPort has a large percentage of very large enterprise customers. Full report available at: Please note: 1. We CAN use the MQ in presentations given in-person to customers, etc...but NOT to mass distributed electronic presentation-style communication. (for example, do not blast out to your entire contact list.) 2. In the presentation, we CAN use only the "grid" portion of the MQ. BUT, if an customer asks for the corresponding "note", we are obliged to provide it. 3. We can post this to our internal website, but must include warnings about external distribution. 4. In order to use the MQ on external marketing pieces and our website, we need to seek need prior approval from Gartner and agree to pay the associated fees. *Full report available on request.

9 Next Generation Secure Web Gateway
Internet Firewall Users Before IronPort Web Proxy & Caching Anti-Spyware Anti-Virus Anti-Phishing URL Filtering Policy Management After IronPort Internet Firewall IronPort S-Series (Note to speaker: At the outset you want to establish the powerful foundation the product has with a scalable and extensible platform. Also, highlight the C-Series as a case study for how well that approach has worked.) The IronPort S-Series is a highly differentiated product: It provides functionality that our key competitors lack Nobody else has taken as comprehensive a view of what is required and put all of that together to deliver an industry-leading Web security solution And that is why, even though an enterprise might be running a Bluecoat or Net Cache—they will evaluate the IronPort S-Series. This is corroborated by the interest to date from Aurora Health, Geico and others. (Note to speaker: When introducing the product highlight the fact that) The S-Series has been designed ground up to stop Web-based malware And it does that faster and more accurately than any other solution on the market in a single, integrated appliance. Our approach is similar to the approach we took with the IronPort C-Series, our security appliance. Build a high performance, enterprise scale platform, and Combine that with a powerful multi-layer, best-of-breed anti-malware defense that includes Network traffic inspection across all ports Web Reputation Filters Complete content inspection of all HTTP Port 80 traffic using multiple verdict engines And corporate-specific acceptable use policies, including the URL filtering And wrap that with powerful management and reporting support Users

10 Integrated L4 Traffic Monitor Wire Speed Network Layer Scanning for Malware
Scans all 65,535 ports at wire speed Detects rogue phone home activity Catches malware that attempts to bypass Port 80 TCP Headers & Packets Users Network Layer Analysis L4 Traffic Monitor AsyncOS for Web Internet

11

Download ppt "Lisa Farmer, Cedo Vicente, Eric Ahlm"

Similar presentations

A l a d d i n. c o m eSafe 6 FR2 Product Overview.

A l a d d i n. c o m eSafe 6 FR2 Product Overview.
1 Proofpoint, Inc. Proprietary and Confidential ©2010 Proofpoint Protection/Privacy Offering Proofpoint Privacy Accurately detect ePHI in e-mails Integrated.

1 Proofpoint, Inc. Proprietary and Confidential ©2010 Proofpoint Protection/Privacy Offering Proofpoint Privacy Accurately detect ePHI in s Integrated.
Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.

Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.

Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
1 Panda GateDefender Performa Your First Line of Defense Product Presentation Name 2008.

1 Panda GateDefender Performa Your First Line of Defense Product Presentation Name 2008.
Security Firewall Firewall design principle. Firewall Characteristics.

Security Firewall Firewall design principle. Firewall Characteristics.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Barracuda Web Application Firewall

Barracuda Web Application Firewall
© 2009 WatchGuard Technologies WatchGuard XCS Extensible Content Security Superior Security with Lowest TCO.

© 2009 WatchGuard Technologies WatchGuard XCS Extensible Content Security Superior Security with Lowest TCO.
Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.

Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
What is SpamSniper? SpamSniper is the leading email security solution which locates in front of mail server to perform mail proxy, virus firewall and filter.

What is SpamSniper? SpamSniper is the leading security solution which locates in front of mail server to perform mail proxy, virus firewall and filter.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey

Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
© Copyright 2005. MX Logic, Inc. All rights reserved. 1 Strictly Confidential MX LOGIC CORPORATE OVERVIEW MARCH 2005.

© Copyright MX Logic, Inc. All rights reserved. 1 Strictly Confidential MX LOGIC CORPORATE OVERVIEW MARCH 2005.
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

Similar presentations

Ads by Google