lisa farmer, cedo vicente, eric ahlm 09/16/08 multi-layer defense. best-of-breed options. messaging...

Lisa Farmer, Cedo Vicente, Eric Ahlm

09/16/08

MULTI-LAYER DEFENSE.

BEST-OF-BREED OPTIONS.

Messaging Security

IronPort Gateway Security Products

Web Security | Email Security | Security Management | Encryption

EMAILSecurity Appliance

WEBSecurity Appliance

IronPortSenderBase

APPLICATION-SPECIFICSECURITY GATEWAYS

Users

BLOCK Incoming Threats

PROTECT Corporate AssetsData Loss Prevention

InternetInternet

IronPort Consolidates theNetwork Perimeter For Security, Reliability and Lower Maintenance

After IronPort

Groupware

Firewall

IronPort Email Security Appliance

Internet

Before IronPort

Anti-Spam

Anti-Virus

Policy Enforcement

Mail Routing

Internet

Firewall

Groupware

Users

Encryption PlatformMTA

DLP Scanner

DLP Policy Manager

Users

Spam Trends Summary

• In 2007 attackers tested new techniques• Spam outbreaks happening faster/ higher-velocity• Have spammers settled on URL spam?

Worldwide Spam Trends

• Regulatory Compliance– HIPAA, GLBA, PCI, SOX Regulations– Scan for sensitive information and block infractions– Secure business partner communication

• Acceptable Use– Block offensive content– Enforce messaging policy (attachment size, etc)– Add legal disclaimers to outgoing mails

• Intellectual Property Protection– Block messages containing confidential data– Prevent email communications with competitor

Data Loss PreventionMulti-Faceted Problem

“Email has become the de facto filing system for nearly all corporate information, making it even more critical to protect the outbound flow of messages.”

─ Brian Burke, Security Products Research Manager, IDC

IronPort PXE: Receiving a MessageSeamless End-User Experience

3. View message

2. Enter password1. Open Attachment

IronPort PXE: Sending a MessageInstant Deployment, Zero Management Costs

• Automated user enrollment and account creation• User authentication and key delivery• Message Tracking• Secure Reply• NEVER stores email message → highest security

CISCO REGISTERED ENVELOPE SERVICE

*Full report available on request.

Gartner Magic Quadrantfor Email Security Boundaries, 2008*

Analysis of IronPort Email Security:

• Cisco/IronPort is the market share leader with strong growth rates.

• Spam detection rates for IronPort are excellent, with very low false-positive rates.

• SenderBase has expanded to include Web URL reputation. The local connection management policy is very granular.

• Email encryption (via the Cisco/PostX envelope functionality) is provided in the email security appliance.

• Scalability and stability are prime differentiators. IronPort has a large percentage of very large enterprise customers.

Users

Firewall

Next Generation Secure Web Gateway

Internet

After IronPort

IronPort S-Series

Internet

Firewall

Users

Before IronPort

Web Proxy & Caching

Anti-Spyware

Anti-Virus

Anti-Phishing

URL Filtering

Policy Management

Integrated L4 Traffic MonitorWire Speed Network Layer Scanning for Malware

• Scans all 65,535 ports at wire speed

• Detects rogue phone home activity

• Catches malware that attempts to bypass Port 80

Users

Network Layer Analysis

AsyncOS for WebAsyncOS for Web

L4 Traffic MonitorL4 Traffic Monitor

110111110011100100100101110011001010111011001000011010011001110010000

110111110011100100100101110011001010111011001000011010011001110010000

TCP Headers & PacketsTCP Headers & Packets

Internet