lisa farmer, cedo vicente, eric ahlm 09/16/08 multi-layer defense. best-of-breed options. messaging...
Post on 15-Jan-2016
213 views
TRANSCRIPT
Lisa Farmer, Cedo Vicente, Eric Ahlm
09/16/08
MULTI-LAYER DEFENSE.
BEST-OF-BREED OPTIONS.
Messaging Security
IronPort Gateway Security Products
Web Security | Email Security | Security Management | Encryption
EMAILSecurity Appliance
WEBSecurity Appliance
IronPortSenderBase
APPLICATION-SPECIFICSECURITY GATEWAYS
Users
BLOCK Incoming Threats
PROTECT Corporate AssetsData Loss Prevention
InternetInternet
IronPort Consolidates theNetwork Perimeter For Security, Reliability and Lower Maintenance
After IronPort
Groupware
Firewall
IronPort Email Security Appliance
Internet
Before IronPort
Anti-Spam
Anti-Virus
Policy Enforcement
Mail Routing
Internet
Firewall
Groupware
Users
Encryption PlatformMTA
DLP Scanner
DLP Policy Manager
Users
Spam Trends Summary
• In 2007 attackers tested new techniques• Spam outbreaks happening faster/ higher-velocity• Have spammers settled on URL spam?
Worldwide Spam Trends
• Regulatory Compliance– HIPAA, GLBA, PCI, SOX Regulations– Scan for sensitive information and block infractions– Secure business partner communication
• Acceptable Use– Block offensive content– Enforce messaging policy (attachment size, etc)– Add legal disclaimers to outgoing mails
• Intellectual Property Protection– Block messages containing confidential data– Prevent email communications with competitor
Data Loss PreventionMulti-Faceted Problem
“Email has become the de facto filing system for nearly all corporate information, making it even more critical to protect the outbound flow of messages.”
─ Brian Burke, Security Products Research Manager, IDC
IronPort PXE: Receiving a MessageSeamless End-User Experience
3. View message
2. Enter password1. Open Attachment
IronPort PXE: Sending a MessageInstant Deployment, Zero Management Costs
• Automated user enrollment and account creation• User authentication and key delivery• Message Tracking• Secure Reply• NEVER stores email message → highest security
CISCO REGISTERED ENVELOPE SERVICE
*Full report available on request.
Gartner Magic Quadrantfor Email Security Boundaries, 2008*
Analysis of IronPort Email Security:
• Cisco/IronPort is the market share leader with strong growth rates.
• Spam detection rates for IronPort are excellent, with very low false-positive rates.
• SenderBase has expanded to include Web URL reputation. The local connection management policy is very granular.
• Email encryption (via the Cisco/PostX envelope functionality) is provided in the email security appliance.
• Scalability and stability are prime differentiators. IronPort has a large percentage of very large enterprise customers.
Users
Firewall
Next Generation Secure Web Gateway
Internet
After IronPort
IronPort S-Series
Internet
Firewall
Users
Before IronPort
Web Proxy & Caching
Anti-Spyware
Anti-Virus
Anti-Phishing
URL Filtering
Policy Management
Integrated L4 Traffic MonitorWire Speed Network Layer Scanning for Malware
• Scans all 65,535 ports at wire speed
• Detects rogue phone home activity
• Catches malware that attempts to bypass Port 80
Users
Network Layer Analysis
AsyncOS for WebAsyncOS for Web
L4 Traffic MonitorL4 Traffic Monitor
110111110011100100100101110011001010111011001000011010011001110010000
110111110011100100100101110011001010111011001000011010011001110010000
TCP Headers & PacketsTCP Headers & Packets
Internet