white paper meeting email security head on: dell’s secure ......the messaging environment grows...
TRANSCRIPT
W H I T E P AP E R
M e e t i n g E m a i l S e c u r i t y H e a d O n : D e l l ' s S e c u r e E x c h a n g e S e r v i c e s Sponsored by: Dell
Charles J. Kolodgy January 2007
I D C O P I N I O N
The messaging environment grows more complex each day. The enterprise is swamped with unwanted email, malicious code, spyware, employee breaches of confidence, and the ever-changing kaleidoscope of removable media devices entering and exiting the environment. IT departments require a way to lock and secure their messaging systems from all of these threats. Secure email management is an excellent way for an enterprise to reestablish control over their environment. By implementing secure messaging systems, enterprises can begin to:
! Stop spam and viruses before they even reach the firewall.
! Protect critical mailboxes from unauthorized access by utilizing the perimeter network and two-tier messaging server architecture.
! Prepare for disaster recovery and provide proof of regulatory compliance through a well-designed storage, archiving, and backup system.
! Gain efficiencies in the process and handling of email that can reduce network and processing bottlenecks.
All of these advantages, plus many others may be achieved with a secure messaging system such as Dell's Secure Exchange Solution, including pre-integrated and thoroughly tested equipment from Microsoft and Symantec.
M E T H O D O L O G Y
The opinions and quantitative data provided in this white paper on secure email management stem from IDC's ongoing research in spam, spyware, viruses and outbound content compliance, web filtering, and secure content. These sources of information include ongoing surveys, interviews with vendors providing these services and products, and system integrators and value-added resellers that provide these products to end users. IDC's forecast models are based on historical indicators of vendor performance and prevailing market trends being observed.
Glo
bal H
eadq
uarte
rs: 5
Spe
en S
treet
Fra
min
gham
, MA
0170
1 U
SA
P.
508.
872.
8200
F
.508
.935
.401
5
ww
w.id
c.co
m
2 #205004 ©2007 IDC
I N T H I S W H I T E P AP E R
This white paper provides a discussion on the importance of email management, security, and control across the enterprise. The focus of this paper is to help executives and decision makers understand how they might best protect their company from the onslaught of email threats posed by viruses, spam, and spyware while dealing with complications inherent in compliance regulations. We conclude with a discussion of Dell's Secure Exchange Solution for securing email systems to reduce the strain on large and small businesses.
S I T U AT I O N O V E R V I E W
IT security has never been more important, but it is increasingly difficult for enterprises to stay one step ahead of new attacks, new complexities, new regulations, and new demands on their systems. Protecting the enterprise from electronic threats must happen throughout the network, but email systems are the center of much of the action. Viruses, spam, and spyware are brought, albeit not solely, through email. Confidential information is released through email. New regulations, while not focusing specifically on email systems, increasingly impact decisions on email and email policies. This requires enterprises to secure and harden their messaging systems as much as possible.
N e t w o r k T h r e a t s : S p a m , S p y w a r e , a n d V i r u s e s , O h M y !
IDC has done extensive research on what electronic threats are most problematic for the enterprise. Our research shows viruses and worms remain the most serious threat with the greatest impact to the enterprise. New viruses and worms are released each day and IT struggles to stay in step with each new attack before it does significant damage. These days, viruses and worms will bring other threats with them, such as spyware, that can log keystrokes or collect personal information and report back to a wayward location. By using the viral nature of malicious code, many criminals have been able to propagate their real payloads much faster than ever before. If virus infections are now measured in terms of hours and minutes instead of weeks and days, then they become hugely valuable tools to the criminal looking to install some errant piece of code onto an unsuspecting user's computer, creating a zombie spam machine or stealing personal and private information. Spyware, regardless of delivery, has become both a security and system management nightmare. IDC believes almost three-quarters of corporate computers are infected with some spyware. The purveyors of spyware are mostly motivated by financial gain. When installed these hidden programs sit quietly collecting data from personal information about individuals, to confidential corporate secrets. While most experiences with spyware are often limited to the annoyance of dealing with pop-up advertisements, there is the potential for real serious damage to the victim's machine. By logging keystrokes, snooping on email, and scanning files on the hard drive, for instance, spyware represents a very serious breach of data protection. As a result of such a breach, identity theft, data corruption, and theft of corporate secrets become possible.
©2007 IDC #205004 3
In addition, spam still plagues the enterprises. Spammers are increasingly more sophisticated with their use of different languages, keywords, address spoofing, and even multibyte characters such as Korean or Japanese to fool antispam engines into allowing them through. IDC has seen the spam phoenix rising again as it climbs back up the ladder of significant annoyances to the IT department. Spam's resurgence is attributed to several significant factors: the increase in phishing, the sheer volume of spam released, the rise in spam sent out through bot networks powered by zombie PCs, and the use of spam to deliver viruses and other malicious code.
Despite all of the inbound threats, enterprises are also more worried than ever about outbound threats. Whether the intent is mistaken or deliberate, the organization has to protect itself from employees sending out confidential information or data that the enterprise is responsible for protecting or just doesn't want distributed. While enterprises have always been concerned about the leaking of confidential corporate data, the introduction of new legislation with criminal repercussions for transgressions has increased the sensitivity to ensuring that data breaches simply do not happen.
As enterprises struggle to manage these threats to their organization they must implement security levels at every possible juncture. One significant place to implement security is throughout the messaging system itself. By utilizing an integrated and adaptable approach to email security, an enterprise can bolster its protection from the email-bound threats to its organization.
I n t e g r a t e d E m a i l S e c u r i t y : D e f e n d i n g Y o u r S y s t e m s f r o m T h r e a t s
Threats to the enterprise do not only come from email. Now, they come from USB drives, Web pages, PDAs, and more. Yet despite the vulnerabilities presented by devices and sophisticated Web applications designed to do harm, email remains at the center of the struggle vexing the IT department for many reasons:
! Expanding mailboxes. As users learn that it is important to keep record of everything, as file sizes grow from a few kilobytes to many megabytes (or more) in size, and as email continues to grow as the dominant form of communication in business, mailbox size is spinning out of control, making management of the messaging environment evermore difficult.
! Front-end security. As email application deployments grow in size to meet the needs of their enterprises, often two-tier architecture is used: a front-end server, which receives, sorts and routes email, and back-end servers, which store and provide the user interface to mailboxes. As the complexity of the messaging architecture grows, it becomes increasingly important to provide security on both the front-end and the back-end servers.
! Compliance requirements. The introduction of Sarbanes-Oxley, HIPAA, GLBA, PCI, and other regulations requires IT departments to carefully and thoroughly implement security, archiving, and backup programs for email. It's a significant challenge with very real deadlines, driving IT departments, in many cases, to expand and upgrade their environments to ensure timely compliance.
4 #205004 ©2007 IDC
! Backup and recovery. Email is a mission-critical application, yet many enterprises have yet to install a robust backup and recovery system for their email application. Backup/recovery strategies are challenging to architect, time consuming to implement properly, and expensive to boot. However, they are critical to continued operations of any business using email.
In the face of so many pain points as well as security threats, the enterprise must take action to alleviate the stress. Strong email management as well as deploying archive capabilities can go a long way toward solving many of the pain points listed above, including, and perhaps especially, for meeting regulatory obligations.
While there are many different options and combinations to provide email management and security, Dell Enterprise Systems in conjunction with Microsoft and Symantec has developed a holistic, secure messaging environment helping the enterprise address many of its messaging pain points and concerns. The next part of this paper will focus on Dell's Secure Exchange Architecture as an example of how messaging security and management can help the enterprise address its pain points.
D e l l S e c u r e E x c h a n g e : A d d r e s s i n g P a i n f u l P o i n t s
As many vendors are doing, Dell along with its partners Microsoft and Symantec is working to make it easier for the enterprise to address its messaging pain points. Dell's answer is Dell Secure Exchange Solution. This solution includes a reference architecture as well as strong participation from Dell's partners Microsoft and Symantec to develop a holistic solution allowing the enterprise flexibility in deployment and execution.
Dell's reference architecture (see Figure 1) is the backbone of its secure message strategy for enterprises. Dell's architecture illustrates a multilayered approach enabling enterprises to pick the appropriate tools for their needs. All the components are validated to ensure interoperability, so enterprises know integration requirements will be minimal during deployment.
©2007 IDC #205004 5
F I G U R E 1
D e l l S e c u r e E x c h a n g e R e f e r en c e A r c h i t e c t u r e
Source: Dell and IDC, 2007
C o m p o n e n t s o f D e l l ' s S e c u r e E x c h a n g e A r c h i t e c t u r e
Perimeter Network: Traffic, Content, and the ISA Server
For enterprises large enough to deploy one, the perimeter network is the first place any traffic will make contact with the enterprise. Including the firewall, the perimeter serves to buffer the traffic from the internal desktops, servers, and users and to put a frontline barrier between them and external threats. IDC believes that there were over 23 billion spam messages in 2004, and that number will continue to grow to 42 billion in 2008 (see Figure 2). Due to the sheer volume of the traffic coming into the enterprise as it grows, it may make sense to deploy traffic shaping and content filtering to assist in the control and elimination of unwanted and unsafe email. Symantec provides the Mail Security 8160 appliance for traffic shaping. Built on Dell's PowerEdge 1850 server, it is an appliance providing routing, inspecting incoming SMTP in real time, and providing a mechanism for reducing the amount of spam coming into the internal network. This device learns about senders over time and shapes the incoming traffic based on the reputation of the sender, thus automating the process of removing unwanted email from the traffic stream.
6 #205004 ©2007 IDC
F I G U R E 2
N u m b e r o f S pa m S en t A n n u a l l y , 2 0 0 4 a n d 2 0 0 9
05
101520253035404550
2004 2009
(Billi
ons)
Source: IDC, 2007
Depending on the size of the organization, a content filter may be able to do the job of filtering and shaping. The content filter can provide both filtering of incoming email as well as outbound to ensure that the organization is not perceived as a source of inappropriate or malicious content. Products such as the Symantec Mail Security appliances running Symantec Brightmail Antispam are solutions that include an integrated "virus and spam signature update mechanism" so that the latest antivirus updates are automatic. Symantec Mail Security appliances are built onto Dell's advanced PowerEdge servers. This family of appliances is well suited to handle enterprise performance standards by being able to support more than 1,000 users while providing necessary antispam, antivirus, content filtering, email firewall, and quarantine, practically a complete perimeter network in a box. One last piece of equipment for messaging security in the perimeter network should make sure unauthorized clients and users cannot reach and breach the enterprise mail servers. Not defending against this possibility leaves significant holes in the enterprise's secure messaging strategy. By utilizing a product such as Microsoft's Internet Security and Accelerations (ISA) server, the enterprise can securely control the access external users have to mail services. Accounts using MAPI, POP3, IMAP4, and clients such as Outlook and Outlook Web are managed by the ISA and routed to the appropriate Exchange server on the internal network. By acting as a proxy to the Exchange servers, the ISA adds an extra layer of protection and filtering to the Exchange servers. The added advantage of using an ISA is that the front-end Exchange server can be moved out of the perimeter network and placed on the internal network, allowing for yet another level of protection for the overall messaging system.
©2007 IDC #205004 7
Exchange Front- and Back-End Servers: High Availability and Security
Microsoft Exchange Server 2003 supports the use of front- and back-end servers. The front-end server processes requests and traffic, routes them to the back-end server, which then processes them to the correct mailbox. In general, it is a good practice to place the front-end server behind the internal firewall for added protection since it may very well handle the traffic to more than one back-end server.
Exchange Front-End Servers: Addit iona l Process ing Power
The Exchange front-end server needs specific hardware requirements, and the dual-socket Dell PowerEdge 2950 fits that bill supremely. The server comes with 4GB of memory, up to two dual-core Xeon processors, and up to 32GB of fully buffered memory. Because front-end servers require more CPU and memory requirements to perform their needed functions, the server selection should be carefully thought out. The front-end Exchange servers provide the following benefits:
! Single namespace. Enables all users to access their mailbox using a single consistent name, even if the mailbox is moved to a different server or if new servers are adding to the infrastructure. It also allows Outlook Web access, POP3, or IMAP4 clients to access their mailbox using the same URL.
! Offload processing. By offloading some of the processing tasks typically performed by the back-end server, the front-end server improves the performance of the overall messaging system. These tasks may include encryption/decryption, as well as processing incoming and outgoing email.
! Strengthened security. The front-end server provides a single point of access for all incoming traffic and requests. It provides an additional layer of security for mailboxes because it does not store user information. It can also authenticate requests before proxying them to the back-end server and eliminates the need to open RPC ports from the perimeter to the internal network.
! Scalability. Since the front-end server provides a single name space, the enterprise can increase or decrease the number of back-end servers without disrupting the users.
Exchange Back-End Servers: Managing Mai lboxes
The Exchange back-end server is the heart of the Exchange messaging system, and the performance of this system depends largely on selecting the appropriate hardware for the job. Hardware sizing and mailbox design are critical in ensuring a stable and scalable mail system that will not be overwhelmed by traffic and usage. Sizing the server for the job is a complex task that should be carefully considered. The Dell PowerEdge 2950 makes an excellent selection for the back-end server as it does for the front-end. For a medium-size enterprise of 2,000 users, it provides ample processing power, while including network and disk expansion options. Larger enterprises may simply add more back-end servers to their environment as needed.
8 #205004 ©2007 IDC
There are many tools available to help the selection of the right equipment for the job, and listed below are a few of guidelines to be considered when making such an important decision.
! Processor resources. While a back-end Exchange server is not very processor intensive, it is important to ensure that there is enough processor availability for other applications such as anti-virus or anti-spam also running on the machine. A rule of thumb is that if processor capacity is running consistently greater than 60�70%, then the resources are over utilized and should be upgraded.
! Disk resources. Microsoft Exchange Server is a very I/O-intensive application. All user activity requires changes to the Exchange database, which then in turn calls for I/O activity to disk. The disk subsystems need to be robust, and the enterprise should think carefully about the total I/O demands on the system, not simply the space required for supporting mailboxes. It is highly recommended that the enterprise review and examine the use of disk-attached storage (DAS) or storage area network (SAN) systems as options for addressing their overall disk needs.
! Memory resources. Exchange server requires 4GB of memory; no more, no less. Any more than 4GB produces inefficiencies as much as less than 4GB would.
! Network resources. The Exchange servers and clients access Active Directory when logging into the network, creating mailboxes, or accessing server-based address lists. All of this creates significant traffic between servers, and it is important to scale network resources sufficiently so as not to degrade performance.
Because back-end servers host such critical and often sensitive data, the security on these machines has become paramount. Even with strong perimeter security in place, the mailbox servers still require protection from spam and viruses that may enter the network through other sources such as USB drives, Web mail, or other removable media storage devices. Therefore, Symantec provides Mail Security (SMS for Exchange) to help protect the back-end server from unwanted threats. Administrators are able to inspect content in real time as email is being committed to and accessed from the Exchange server.
In addition to protecting the back-end servers from threats, the sensitivity and criticalness of the data should also be protected from an availability perspective. Availability can be addressed through clustering the back-end Exchange servers, so that if one goes down, another can pick up responsibility for it. Microsoft's Cluster Servers (MSCS) are part of the Secure Exchange Reference Architecture, and they are designed to reduce the exposure of back-end servers being a single point of failure for the enterprise. Utilizing high-availability clustering also requires shared storage as every node in the cluster needs access to the Exchange data.
©2007 IDC #205004 9
Storage Network, Tape, and Disk Solutions
Storage, backup, and recovery from disasters and mishaps ceased being a "nice to have" a long time ago. The enterprise must be able to protect themselves from data loss as well as account for how data is stored and protected. In Dell's Secure Exchange reference architecture, the recommended method of storage is with SANs. Dell chose SANs because the fabric utilized is Fibre Channel and, with the new 4GB architecture, there is generally enough bandwidth to support the most I/O-intensive applications. As previously mentioned, Exchange is very I/O intensive, the storage may potentially become a bottleneck. It is recommended to use a larger number of smaller drives to help improve the performance of the system.
In addition to intelligently designing the storage of the email system, disaster recovery methods should be incorporated as well. The first line of defense is to back up critical information using either tape or disk. Dell's Secure Exchange Reference architecture recommends using a SAN-based backup model; however, it is flexible enough to support other backup methods that meet the specific needs of an enterprise. Once the hardware and software components of the messaging system are installed and configured correctly, then a backup strategy should be developed to ensure the protection of mission-critical data and information.
Microsoft Exchange is capable of supporting full, differential, incremental, and mirror backups. A wise backup choice is to use a combination of full, differential, and incremental methods to ensure as much of the data is protected as often as possible. Mirror backups are not really used for data backups, per se. Rather the mirrored backup is used to make a pure copy of the data without disrupting any incremental or differential backups already in place.
Services by Dell: The Intelligence One-Stop Shop
Tying all of the pieces of their Secure Exchange Architecture together, Dell has implemented Exchange Services to help enterprises establish a robust solution to protect their networks and systems. Dell's customer-focused approach to implementing messaging security will help the enterprises optimize the technologies they have as well as increasing efficiencies and reducing business risk. Dell's services extend from assessment, design, and implementation all the way to continuing support services.
! Exchange Migration. Before beginning an Exchange upgrade or migration from another platform, Dell assesses your organization's current infrastructure to identify potential ROI as well as barriers that might impede a successful migration. This assessment can also identify ways to simplify your environment, reduce costs, and improve performance, scalability, and availability. Once an accurate assessment is complete, Dell will architect a scalable infrastructure and design specific configurations. Finally, the new design will be validated and implemented with minimum end-user disruption.
! Exchange Security. The security of your email system is crucial in today's business environment. Dell services can assess, design, and implement a solution that provides high-performance, integrated email protection against virus threats and spam.
10 #205004 ©2007 IDC
This service deploys Symantec Mail Security software on Exchange 2003 servers and/or installs a Symantec Mail Security appliance. Dell will provide the following:
# Development of customer design
# Installation
# Configuration
# Tuning
# Knowledge transfer and documentation
! Exchange Vault and Mailbox Management. Dell's experienced service professionals support the customer every step of the way to assess, design, and implement a robust archiving solution. Enterprise Vault software provides a flexible archiving framework to enable the discovery of content held within email, file system, and collaborative environments � while helping to reduce storage costs and simplifying management.
This service installs Symantec Enterprise Vault software on Exchange 2003 servers. The service will enable the following capabilities:
# Analyze Customer's Exchange archiving requirements
# Map the requirements to Vault policy and configuration settings
# Install the software and configure the services for optimum performance
# Configure the Vault settings to adhere to site-defined policies
# Tune the Enterprise Vault for Customer's infrastructure and topology
# Provide knowledge transfer while onsite to Customer's technical staff regarding system administration tasks
! Exchange Backup and Recovery. Dell utilizes proven methodologies and best practices to provide comprehensive backup and recovery solutions in a timely manner, even in the most complex datacenter. Their consultants work to understand business objectives for designs that are flexible enough to adapt to the existing environment and engineered to help ensure:
# Processing can resume as quickly as possible after a server, application, storage device, software, site failure or operational error
# Data can be copied or moved where and when your business needs it
# Regulatory and business policy record retention requirements are met by your organization
©2007 IDC #205004 11
This service installs Symantec Backup Exec software used to backup Exchange 2003 servers. The service will provide the following:
# Design
# Planning
# Implementation and testing
# Product awareness
# Project closeout
! Remote Advisory Services for Exchange. Provides remote configuration assistance for many common tasks such as remote maintenance and software configuration, optimization, and "how-to" questions. This service covers only those tasks that can be performed remotely and does not include any physical hardware or software installation.
! Enterprise Support Services. Provides customers with robust, flexible support for their server and storage systems. These state-of-the-art services ensure your IT systems consistently achieve their performance potential. Dell's specialist support teams work with customers to eliminate problems before they happen, prepare in advance for any elevated IT demands, and provide the fastest and most complete approach to problem resolution. The innovative service technologies and processes can enable a new level of performance management and continuous improvement.
# Platinum Plus Enterprise Support. Dell's most comprehensive level of support, which combines rapid response and resolution for critical issues with customized account planning and reporting to proactively improve uptime. This level of support is appropriate for servers that are being used in datacenters and mission-critical environments.
# Gold Enterprise Support. Provides 24 x 7 rapid response and resolution of critical issues, including escalation management and onsite emergency dispatch procedures to quickly restore operations. This level of support is appropriate for servers that are being used for email systems, database applications, and virtualization.
Intelligent Solution
Dell's Secure Messaging Reference Architecture provides the hardware, software, and services that enterprises require to have a robust, secure, and productive messaging architecture. However, in many cases, it is difficult for IT executives to get a handle on what products and services need to deploy to maximize their business messaging infrastructure. Dell addresses the question of "What do I need" with a Web-based tool � Dell Exchange Advisor Tool. The tool steps the IT executive or administrator through a series of questions, starting with what activity (including security, archiving & compliance, backup, collaboration, and others) is being addressed and drills down into specifics on number of users, storage requirements,
12 #205004 ©2007 IDC
and price/performance. With these user specifications, the tool analyzes and outputs an Exchange configuration that best meets the customer's needs. By using the tool, the customer will easily be provided with a total solution for their environment.
Why Microsoft & Symantec?
Of all the vendors available, why did Dell choose Microsoft and Symantec to build its Secure Messaging Reference Architecture? In both cases, the vendors are leading providers of software and appliances. Microsoft is the largest provider of packaged applications software and Symantec is the largest security software vendor. In addition to being the largest antivirus vendor, Symantec also leads the antispam software market. By working in collaboration with Microsoft and Symantec, the trio created a tightly integrated suite of products proven to seamlessly interact well with one another while addressing the most critical pain points surrounding secure messaging. This enables enterprises to quickly and efficiently ramp up their systems to protect and secure their messaging environments.
F U T U R E O U T L O O K
IDC sees the future for the security of email systems only growing more complex. Crackers and criminals will continue to assault the resources of the enterprise looking for something to steal. They will use any method they can conceive to get under the defenses of the enterprise and to then take what is not theirs. The attacks well known today will likely continue to be well known, even when the bad guys create new and more sophisticated ways of getting at what does not belong to them. The window of time between the creation of one new threat and the next is getting smaller and smaller by the day. IT departments need every advantage and every defense possible to stay one step ahead of the bad guys.
Enterprises now need to protect themselves from all sides � not just from external threats of crackers and criminals, but also from punitive regulations, which hold the corporation and its employees accountable for protection of data and information. Additionally inside threats, whether intentional or not, are an increasing problem for the enterprise as technology has made it so simple to leak information out to inappropriate recipients through email, devices, Web applications, IM clients, and more.
It is increasingly more important for every aspect of the enterprise's network to be hardened in someway against the onslaught of threats it must face each day. When the enterprise deploys something like Dell's Secure Exchange Solution, it increases its chances of keeping the threats out.
A D D I T I O N AL D A T A C O M M U N I C A T I O N S C H A N N E L S
Dell's Secure Exchange Solution addresses email messaging, yet there is still a need for security and management of other methods of sharing data and information, such as PDAs, client and Web-based instant messaging, cell phones, MP3 players, and more. The challenge of dealing with all these different forms of media, applications,
©2007 IDC #205004 13
and devices, designed to easily transfer information from person to person, will continue to cause consternation and rising costs for the enterprise IT department. IDC expects that cost and complexity of managing wayward information will continue to rise long before it stabilizes.
While Dell has made an excellent start in working with both Symantec and Microsoft in addressing many of the concerns of enterprise email, they will need to focus on delivering the next step of solutions for addressing the needs of the enterprise to secure all forms of messaging. There are partners Dell can work with, including Symantec and Microsoft, that are also looking at improving the whole messaging channel.
C O N C L U S I O N
The messaging environment grows more difficult to manage and protect each day. The onslaught of spam, spyware, malicious code, viruses, internal breach of confidence, portable devices, and more continues to grow at a pace just faster than what the defenders and protectors of the network can reach.
Enterprises need solutions from vendors like Dell, Microsoft, and Symantec. It is crucial that vendors cooperate to provide enterprises with the most comprehensive solutions for securing their networks and, more specifically, their messaging environments.
Once an enterprise has deployed such a system, it should provide reduced threat risk and system complexity. The internal organization will benefit from a more efficient system allowing for flexibility in addition and subtraction of mailboxes, as well as in the architecture itself. All the while, the system maintains the tight integration that comes only from three vendors who have worked closely together to provide very efficient systems targeted at solving all the most crucial pain points of the enterprise.
If the enterprise chooses to engage directly with Dell, then it has access to a single point of contact and accountability for all vendors' products as well as the services needed for installation and integration with existing systems. The pre-integrated and thoroughly tested solution offers predictable implementations that yield fast time to deployment.
Once such a system is deployed and if all aspects of the architecture are deployed as recommended, the enterprise should notice a significant difference in the reduction of both unwanted emails and threats, and should also see a small boost in performance and efficiency.
14 #205004 ©2007 IDC
C o p y r i g h t N o t i c e
External Publication of IDC Information and Data � Any IDC information that is to be used in advertising, press releases, or promotional materials requires prior written approval from the appropriate IDC Vice President or Country Manager. A draft of the proposed document should accompany any such request. IDC reserves the right to deny approval of external usage for any reason.
Copyright 2007 IDC. Reproduction without written permission is completely forbidden.