commtouch: cloud-based internet security tim johnson - director, strategic alliances
DESCRIPTION
Commtouch: Cloud-based Internet Security Tim Johnson - Director, Strategic Alliances Ian Hess - Technical Account Manager September 2010. Agenda. Who We Are What We Do How it Works Cloud Architecture & Security Q&A. Foundations. Cloud-based security services leader - PowerPoint PPT PresentationTRANSCRIPT
1
Commtouch:Cloud-based Internet Security
Tim Johnson - Director, Strategic AlliancesIan Hess - Technical Account ManagerSeptember 2010
Agenda
2
Who We Are
What We Do
How it Works
Cloud Architecture & Security
Q&A
Foundations
3
Cloud-based security services leader
• Award-winning Internet security technology
• Global delivery & service platform
Unique business model
• Focus on OEM partners and Service Providers
• Partner-centric support organization
Solid financial foundation
• Est. 1991, Public (NASDAQ: CTCH)
• Profitable and growing
Security & Network Vendors
Selected Customers and OEM Partners
4
Service Providers
Messaging Security, Web Security & Antivirus Services
5
Outbound Spam ProtectionBlock and identify outbound spam & spammers
GlobalView Mail ReputationBlock unwanted email traffic at the network perimeter
GlobalView URL FilteringComprehensive coverage, accuracy and real-time security
Zero Hour Virus Outbreak ProtectionBlock email-borne malware outbreaks in real time
Anti-spamProtect against spam & phishing outbreaks in real-time
Industry Standard Plugins
2002
2004
2006
2008
2010
2010Command AntivirusProtect against malware threats
2Q10 Email Threats by the numbers
• 82% of all emails are spam
• 179 Billion spam messages per day
• Pharmacy spam 62% of all spam
• 307,000 zombies lit up per day
• 1800 variants of Mal/Bredo virus
• 1.3 Sextillion ways to spell \/ l @ g r /-\
Virus Attacks Aren’t Letting Up
7
Zero hour virus outbreaks – last 90 days
Spam Maxims
8
A cloud-based solution with global view of internet email cansolve the problem
Spam is only economical in large volumes
Single endpoint or rule-based systems cannot detect spam and viruses quickly or accurately enough
Cloud Security Market Requirements
9
Messaging Web Antivirus
Real-timeSpam, phishing and virus outbreak detection
Zero-Hour detection of Web threats and new sites
Zero-Hour malware detection via multi-layered approach
False positives
Near zero Near zero Near zero
Global solution
Language agnostic detection
Worldwide, relevant coverage of URLs
Worldwide sample feed and updates
AccuracyTypically 99%+ spam detection
Industry’s highest accuracy, with unparalleled Web 2.0 granularity
Certified by Checkmark, ICSA Labs and Virus Bulletin
ScalableAutomatic engines servicing hundreds of millions of users worldwide
Cloud-based architecture servicing hundreds of millions of users worldwide
Implementations from desktop to carrier-grade
Commtouch’s GlobalView Network
10
Service platform
Unified service platform for Internet security applications Servicing OEM vendors & service providers Protecting hundreds of millions of users worldwide
Collection & Analysis
Collection of billions of Internet transactions daily Across diversified segments & geographies RPD™ technology, multiple analysis engines and 3rd
party sources
Infrastructure
5 Carrier grade data centers: US (3), Europe, Asia Operational for over 12 years Multiple collection nodes distributed worldwide
Commtouch Technology Overview
11
Queries by endpoints
Global collection of Internet traffic & data
Real-time analysis
Real-time traffic
Web data sources
Security Alliance
Malware samples
Email AnalysisRecurrent Pattern
Detection
URL analysisMultiple engines
Resolution; Query results build locally relevant DB
OEM partner & Service Provider
Endpoints
Malware analysisMultiple engines
Commtouch Technology Overview: Messaging
12
三最機是般
取 /m取
IPAddresses
Malwarepatterns
URLsSpam/
phishing patterns
Patented RPD™
Distribution and structure pattern correlation
Real time detection of global outbreaks
Commtouch Technology Overview: Web
13
User-behavior driven URL filtering cloud database
Multiple sources and analysis engines for broadest coverage and highest accuracy
Zero-hour Web threat protection
More than 100M sites in 64 categories including 8 security categories
Threat research
3rd party Security
Alliance data
Open trafficcollectors
URL dynamics,popularity & reputation
Userqueries
Spam/ phishing
URLs
AnalysisEngines
ZeroHour
Commtouch Architecture Detail
15
Data Center Nuts and Bolts
16
5 Operated by Commtouch, 4 co-operated by Commtouch
• North America, Europe, Asia
• Colo with Tier 1 DC providers
They provide building, physical security, connectivity, power & cooling
Host our equipment in our own cage
• We own network equipment, firewalls, etc.
Complete physical redundancy
• Multi-peering with different local ISPs
• Managed remotely
• Highly scalable
2 months to spin up from A to Z
Datacenter Security
17
Hosted in dedicated cage
• Hand scan/Iris scan access
DC provides physical security protocols
• Who has access
• Who can request/make changes
• Who can receive shipments, etc.
We manage technical security
• Communications to DC from Ops is encrypted and via private VPN
• Access, change, etc.
Technology Nuts and Bolts
18
Connectivity
• Local engine/client
Checks local cache first
Contacts DC if not found locally
Variable TTL in cache
• Client chooses ‘best’ DC to work with
• 100% up time to clients for 8 years
Technology Security
19
Protocols
• Proprietary protocol over HTTP
• 100% proprietary servers
Service requires authentication We manage keys and can disable key/service
Partners have optional 2nd level key management
No successful attacks on DCs or clients
Questions?
20
Thank You
21