Barracuda Spam Firewall Product Launch - PowerPoint PPT Presentation

1 / 21
About This Presentation
Title:

Barracuda Spam Firewall Product Launch

Description:

Pro: most proactive anti-spam technique. Con: Troubleshooting is usually a nightmare! ... Controversial Anti-Spam Techniques. Graylisting. Pro: Very effective ... – PowerPoint PPT presentation

Number of Views:159
Avg rating:3.0/5.0
Slides: 22
Provided by: dea7
Category:

less

Transcript and Presenter's Notes

Title: Barracuda Spam Firewall Product Launch


1

Build Your Own Spam Firewall Using Postfix
SpamAssassin Zach Levow, vp engineering April
20, 2005 / SecureIT
2
Agenda
  • Introduction to Barracuda Networks (10 Min)
  • Building a security appliance using open source
    technologies (10 Min)
  • Anti-Spam technologies (40 Min)
  • System considerations (10 Min)
  • Q/A

3
Company Background
  • Mission
  • Deliver easy to use and cost effective solutions
    for protecting email servers
  • Founded December 2002
  • Research and development since 2001
  • Barracuda Spam Firewall Launch October 2003
  • Barracuda Spyware Firewall Launch April 2005
  • Headquarters in Cupertino, California
  • Offices in Europe (UK), China (Shanghai), Canada,
    Australia, India, Pakistan, United Arab Emirates
    (Dubai), and USA
  • 100 employees worldwide
  • Experienced management development team
  • Privately Funded
  • Profitable
  • Market Leader
  • 14,000 customers worldwide

4
Barracuda Spam Firewall
  • Comprehensive email protection
  • Blocks spam and virus
  • Integrated hardware and software solution
  • Ease of use
  • Plug-and-play
  • No changes needed to email servers
  • Enterprise Features
  • Reliable and Robust
  • Aggressively Priced
  • No per user licensing fees
  • Market leading anti-spam appliance

Launched Oct. 13, 2003
5
Barracuda Spam Firewall - Outbound Edition
  • Comprehensive MTA
  • Includes Barracuda Spam Firewall Features
  • Easy to use and Configure (web interface)
  • Secure
  • Reporting and logging
  • Stops Virus Proliferation
  • Enforces Corporate Regulatory Policies
  • Foul language and security
  • HIPAA, Sarbanes-Oxley
  • Prevents Spamming Open Relay Function

Launched Jan. 17, 2005
6
Barracuda Spyware Firewall Features
  • Gateway appliance
  • Powerful, easy to use install
  • Intuitive user interface
  • Affordable
  • Prices starting at 1,999
  • Available in five models
  • Spyware Firewall 210 (1,999)
  • Spyware Firewall 310 (3,299)
  • Spyware Firewall 410 (5,999)
  • Inline hardware appliance
  • Complete scalability for growing organizations

7
Customers
8
Cardinal Rules of Spam Filtering
  • No false positives!
  • A false positive where the sender is not notified
    is even worse
  • Reject rather than bounce
  • Dont assume everyones mail looks like yours

9
Open Source Technical Issues
  • Immature products One size does not fit all
  • Mature products Bloated codebase hard to
    maintain
  • Security issues
  • Pro an active community will find and fix
    security issues.
  • Con an active community will introduce security
    flaws.
  • Con publishing your source does expose you to
    more exploits. Hackers go for the lowest common
    denominator.
  • Chroot, chroot, chroot its always worth it.

10
Open Source Business Issues
  • Giving back to the community
  • Many changes arent for everyone
  • Extra time to polish changes for contribution
  • Separating proprietary technology
  • Configuration files are yours
  • Absolutely no linking if you dont want to share.

11
Anti-spam Technologies
  • Intent Analysis
  • Open alternative SURBL Bill Stearns URL
    Blacklist
  • Real-time query performance issues
  • RBLs
  • Spamhaus only list with minimal false positives
  • SpamAssassin
  • Rules Updates
  • SPF
  • Rate Control/Throttling
  • Virus scanning
  • Several fairly good open source solutions
  • No one solution catches all
  • Combine them

12
Anti-Spam Technologies (Cont.)
  • Bayesian
  • International Charsets
  • IBMs ICU library very efficient
  • Token Chaining Crucial
  • Per-user Bayes very important
  • Noise reduction very helpful
  • Pro most proactive anti-spam technique
  • Con Troubleshooting is usually a nightmare!
  • Make user classification easy

13
Controversial Anti-Spam Techniques
  • Graylisting
  • Pro Very effective at blocking spam
  • Con Potentially delays all messages from new
    senders by several hours
  • Con Spammers know how to defeat it, but most
    dont yet
  • Tarpitting
  • Pro effective at slowing down dictionary attacks
  • Con Will bury a busy system if a process or
    thread is required per connection.
  • Challenge-response
  • Increases internet chatter
  • Unless linked to outbound SMTP, can lead to
    Deadlock

14
DNS MX Records
  • Example MX record
  • barracudanetworks.com MX preference 10, mail
    exchanger barracuda2.barracudanetworks.com
  • barracudanetworks.com MX preference 10, mail
    exchanger barracuda.barracudanetworks.com
  • SMTP is great to load-balancing/failover
  • Put as many systems as you like at the same
    Preference and all known clients will
    round-robin until they find an available system
  • DONT LEAVE YOUR MAIL SERVER AS A BACKUP MX FOR
    YOUR SPAM FILTER!! Spammers will attack it
    directly

15
Phishing
  • No link should ever say that it is HTTPS in a
    message and then actually link to a non-HTTPS
    page
  • Relatively small list of known scams fairly
    easy to keep up with if you have a good sample of
    email. It is worth the effort.

16
Quarantine
  • Effective tool for reducing False Positives
    while increasing catch rate.
  • Best if integrated with directory services so
    that a user with multiple email addresses only
    has one quarantine box.
  • No perfect open-source solution
  • Need web interface
  • Should send daily digest

17
Per-User Settings
  • Major reduction in administration if users can
    update personal allow/block lists, passphrases,
    etc.
  • Again, best when integrated with directory
    services.
  • User interface issues.

18
System Considerations
  • Databases
  • Most open source databases are great for
    low-volume, general purpose applications.
  • In high load situations they all break down
    specialized databases become necessary.
  • High-availability
  • Syncing of configurations (meta-data)
  • Syncing of quarantine information (data)

19
System Considerations (Cont.)
  • Hard drives
  • Typical drives will last 6-12 months under a
    constant and steady mail load.
  • Use Raid
  • Turn off write cache (hdparm)
  • Filesystems
  • Use Journaling Filesystem
  • Ext3 slow, but robust
  • XFS/ReiserFS faster, but less robust
  • Mount with synchronous I/O (sync)

20
Fighting Spam Can Be Effective
  • False positives are not acceptable or necessary.
  • Keep your spam rules and virus definitions up to
    date.
  • Reduce your administration load and false
    positives/negatives by giving control to your
    users through personal settings and quarantine.

21
Q/A
Write a Comment
User Comments (0)
About PowerShow.com