???????? ???????????? ??????????? ????? IronPort

About This Presentation

Title:

???????? ???????????? ??????????? ????? IronPort

Description:

'??? ???? ???????, ??? ???????????? IronPort-? ???????? ?????? ... 1. 'Polka dots' 2. 'Slice & Dice' ?????????? ?????? ??? ?? ??????: mschneider_at_ironport.com ... – PowerPoint PPT presentation

Number of Views:180

Avg rating:3.0/5.0

Slides: 52

Provided by: syste3

Category:

more less

Transcript and Presenter's Notes

Title: ???????? ???????????? ??????????? ????? IronPort

1
???????? ???????????? ??????????? ????? IronPort

???????? ????? 350 ????????? ???????? ?????? ??
???? ????

Mirko Schneider, Channel Manager Eastern Europe
Russia, IronPort Systems
??? ???? ???????, ??? ???????????? IronPort-?
???????? ?????? ???????? ?? ???, ??????? ?
?????????? ? 2003-?? ???? ??? ?????? ???????!
???????? ??? ????? ??????????, ??????????? ?????,
????? ?????? ????? ?? ???????. (????????
????????? ?? ?? ? ??????? 2006-?? ????)
2
??? ????? IronPort?

??????? ????????? ??????????? ????? (Hotmail,
ListBot,Yahoo) ? 2000
???? ????????? ????? ??????? ? ?????? ????????
????
???????? ??????????, Silicon Valley
?????????
General Motors, Chevron-Texaco, NTT, Menlo
Ventures, Allegis Capital
?????? 90 ??? ????????
500 ??????????? ?????, 45 ? ??????
???????? ?????? 2005 70??? USD, 2006 125???
USD
? ??????? ? ?????? 2006 ????

3
??????? ???????CISCO ?????? IronPort
4
The Principles of Industry Leadership

????????????? ?????
12 ?? 15 ????? ??????? ???????????
38 ?? 100 ????? ??????? ???????? (Fortune 100)
600 ????????? ? 25 ?????, ?????????? ???????? ?
75 ????? ????
??????????????? ?????
?????? ?????????????????? ? ??????-???????????????
? MTA (Mail Transfer Agent)
?????? ?? ????? ? ?????????????? ?????????
?????? ?? ????? ? Virus Outbreak Filters (??????
??? ??????????? ??????? ????????????)

5
????????? ????? ?? ??????????
?????????? ????????? ?? ???????????? ????????
?????? (2006) ???????? Gartner RAS Core
Research ???? ?? ??????? ???????? ???? ?????,
?????? ?? ?????? mschneider_at_ironport.com
6
IronPort ??? ???????!

After PostX acquisition Nov 06
Regard this acquisition as a positive
enhancement that improves IronPort's competitive
position...
However, consider switching to IronPort at the
next technology "refresh" to reduce
administration overhead and costs...
After CISCO announcement Jan 07
Place Cisco/IronPort at the top of your
shortlists...

7
IronPort Gateway Security Products
Internet
IronPortSenderBase
EMAIL Security Appliance
WEB Security Appliance
Security MANAGEMENT Appliance
8
?????????? ???????????? ??????????? ????? IronPort

?????????????????????? ?????????? ????????????
??????????? ?????, ?????????? ?? ?????, ??????? ?
??????????? ????????? ???????? ??? ?????

IronPort X1000
IronPort C10/100
IronPort C300/C600
9
IronPort ?????????? ??? ????????? ? ???????????
??????
?? IronPort
????? IronPort
Internet
Internet
?????????? MTA
??????????
???????? ????????? ?????????? ????????? ??????????
??? ?????
?????????? ???????????? ??????????? ?????
IronPort
????????? ??
????????? ??
????????????
????????????
10
??????????? IronPort ??? ??????????????
???????????? ??????????? ?????
??????????? ??????????
?????? ?? ?????
???????????? ????????
?????? ?? ???????
???????-???????
???-????????? ASYNCOS
11
IronPort AsyncOS Unmatched Scalability and
Security
??????????? ??????????
?????? ?? ?????
???????????? ????????
?????? ?? ???????
???????-???????
???-????????? ASYNCOS
AsyncOS scalable and secure OS optimized for
messaging Advanced Email Controls protect
reputation and downstream systems
Standards-based Integration replaces legacy
systems with ease
12
AsyncOS ????????????? ????????? MTA
???????????? ????? ??????????? ????? ? ??????
??????????
?????????? ???????????? ??????????? ????? IronPort
13
Advanced Email Controls?????? ?? IronPort
?????????? Virtual Gateway
Destination Controls
163.24.127.3
????? ?????????
Bounces

?????? ????? ?????????
?????? ???? ??????????? ????? ????? ??????
IP-??????
????????????? ?????????? ?? IronPort

?????? ?? ???? ???????-???????
???????????? ????????? ????? ????????????? ?????
?????????? (per destination)
???????????? TLS ????????????? ????? ??????????
(per destination)

14
Multi-layer Spam DefenseBest of Breed
??????????? ??????????
?????? ?? ?????
???????????? ????????
?????? ?? ???????
???????-???????
???-????????? ASYNCOS
IronPorts Reputation Filters ??????? ????
?????? IronPort Anti-Spam ???????? ?? ????????
??????? ????? ????, phishing, fraud
15
????? ????? ????? ??????
16
Image Spam Explodes
Spam with an Embedded Image
421

17
Spam Gets Sneakier Image Spam!
1. Polka dots
2. Slice Dice
18

???????????????? ??? ?? ??????
mschneider_at_ironport.com

19
?????????????? ???????????? ????????????
?????????? ?????????? ??????
????????????????
??????????????

????????? ?? 80 ????? ????? ?? ?????!
??????????? ????????? ?????? ???????????????????
?????? ??????? ??????? ???? ??????????
?????????????? ????????
?????????????? ???????? ? ???????
????????????????? ?????????????? ??????????
???? ???????? ??? ??????????? ? ????????
20
???? IronPort SenderBase?????? ? ????? ???????
??????? ?????????
?????????? ?????????? ????????? ? ??? ???????
?????????? ??????
???? ???????? ???????? ?????????
IronPort
CipherTrust
80
50
BorderWare
40
IronPort
McAfee, Symantec, Sophos, CA, F-Secure, ...
120,000
????????????? ????
IronPort
CipherTrust
4,000
BorderWare
8,000
????????? ?? ?????? ?? ????? ???????
13 hours
120 000 ?????5 000 000 000 ???????? ? ????150
??????????25 ???????
6/2005 6/2006. 175 outbreaks identified.
Calculated as publicly published signatures from
the listed vendors.
Source www.ciphertrust.com and
www.borderware.com, August 6, 2006
21
SenderBase ?????? ????? ????????
?????????
?????????????? ????? ? ???????? ???????
?????? ? ??????? ??????? ??? ????? ?????? ?
????????? ????????? ?????????? ?????? ??????
URL ?????? ??????????????????? ??????
Web-????? ?????? ? ????? ?????? IP
?????????????? ??????
??????? ?????? ?????? ??? ??????? ????????????
?????????SenderBase?? -10 ?? 10
?????? ??????/ ?????????????????????????
??????SenderBase
22

IronPort Reputation Filters ????????????? 80
????????????? ????? ?? ?? ???????
????????? ??????? ????????????
?????????????? ?????????????? ? ???????? ?
??????????? ??????????
?????????? ?? ?????????
????????????????
???????? ????? ???????, ??????, ? ????????
??????????? ?????
????????? ?????? ?????????/???????????

IronPort ?????????? ????????? ??? ??????????
????????
?????????? ????? ?????????? ???????

23
????? ? ???????? ?????????????? ?????????
???????????

??????? ?????? ??? ?????? ?????? ? ????? ??????
? ?????? ????????? ???????
???????????????? ???????? ???????????
??????????????

24
IronPort Reputation Filters ??????? ?????? Dell

?????? Dell
Dell ???????? 26 ????????? ????????? ? ????
?????? 1,5 ???????? ?????????? ?????????
68 ???????????? ??????, ?? ??????? ??????? Spam
Assassin ?? ???????? ?????????
??????? IronPort
??????? ????????? ????????? ????? 19 ?????????
????????? ? ????
5,5 ???????? ????????? ? ???? ???????????
8 IronPort C60 ???????? 68 ????????
???????? ?????????? ????? ??????????? ? 10 ???
???????? ?????????? ?? 70
???????????????? ??????? ??????????? ?? 75

IronPort hasincreased thequality
andreliability ofour networkoperations,whiler
educing ourcosts. -- Tim HelmsetetterManager,
GlobalCollaborative SystemsEngineering
andService Management,DELL CORPORATION
25
?????????????? ???????????? ????????????
?????????? ?????????? ??????
????????????????
??????????????

??????????? ????????? ?????? ???????????????????
?????? ??????? ??????? ???? ??????????
?????????????? ????????
?????????????? ???????? ? ???????
????????????????? ?????????????? ??????????
???? ???????? ??? ??????????? ? ????????
26
??? ??????? ????????
??? ??????????
URL
27
IronPort AntiSpam????????? ?????????? ??????
Effectiveness
TODAY
???? ?????????? ?????? ??? ???????? ? ????
??????? ???? ????????? ?????? ??? ??????????
?????????? ???? ????????? ????? ??? ????????
??? ??? ??????? ????? ????????? Web ???? ??
????????, ??????? ?? ???????
Time

???? ?????????? ??????? ????????????
????????????? ??????? ??????? ??????
?????? ? ?????? ???????? ??????? ??? ?????????

28
???? IronPort SenderBase?????? ? ????? ???????
??????? ?????????
?????????? ?????????? web- ? email-???????
????? 100 000 ????? ????? 45 ?????????? ??? ???
???????
29
Web Reputation Data Makes the Difference
Parameters
URL Blacklists URL Whitelists URL
Categorization Data HTML Content Data URL
Behavior Global Volume Data Domain Registrar
Information Dynamic IP Addresses Compromised
Host Lists Web Crawler Data Network Owners
Known Threats URLs Offline data (F500,
G2000) Web Site History
THREAT PREVENTION IN REALTIME
Web ReputationScores (WBRS) -10 to 10
SenderBase Data
Data Analysis/ Security Modeling
30
IronPort Anti-Spam Press Reviews
2007 Technology of the Year Best Anti-Spam Jan
2007 Competitors tested Symantec, Microsoft,
Mirapoint, ProofPoint
Anti-Spam Bake-Off Winner Dec 2006 Competitors
tested CipherTrust, Borderware, Sophos,
SonicWall
The superiority of IronPort . . . seems
abundantly clear We did not have to rescue a
single legitimate message (IronPort) is the
absolute must from this test
easy setup excellent spam filtering no
tuning necessary the fewest false positives of
any solution tested
31
???????, ???????????????????? ?? ???????
??????????? ??????????
?????? ?? ?????
???????????? ????????
?????? ?? ???????
???????-???????
???-????????? ASYNCOS
IronPorts Virus Outbreak Filters ??????????
????? ?? 14 ????? ?? ????????? ???????? Sophos
AntiVirus ?????????? ?? ?????????? ??????? ?
???????????? ?????????
32
IronPort Outbreak Filters ???????? ????????
??????? ???????
33
IronPort SenderBase NetworkFirst, Biggest, Best
Reputation System
Global Email and Web Traffic Monitoring
??? ?????????? ????? ???????

Over 100,000 contributing networks
Over 20M IP addresses tracked globally
View into over 25 of email traffic
Over 110 parameters tracked

34
??? ???????? Virus Outbreak Filters ????????????
???????? ? ????????
????????????????????? ?????????

T 0
zip (exe)

T 5 ?????
-zip (exe)- ?? 50 ?? 55 ?????

T 10 ?????
zip (exe)
?? 50 ?? 55 K????
? ???????? Price

T 8 ?????
??????????????????,???? ???????????????????
????????

???????????? ?????? (VOF)
?????????? ?????? (Sophos)
35
????????????? IronPort Outbreak Filters
?????????? ????? 100 ????????? ???????, ? ???????
13 ????? ??????
Virus Name Date Virus Description Lead Time (hhmm)
Kukudro-A 6/27/06 Virus that spreads via zipped word document. 338
Feebs.AG 6/21/06 Arrives as an email attachment claiming to be sent via "Protected E-Mail service. 1746
Troj/Stinx-W 6/15/06 IRC backdoor Trojan. 1112
Yabe.G 5/16/06 Trojan that attempts to download further malicious code. 1309
Bagle-GT 4/21/06 Installs backdoor and communicates via HTTP, thus bypassing firewall filters. 1828
Mytob-HJ 4/19/06 Turns off anti-virus applications of infected PC to avoid detection. 3257
Nyxem-D (Kama Sutra) 1/16/06 Deletes most documents on third day of every month. 127
Looksky.G 1/6/06 Installs keystroke loggers onto infected PCs. 3540
Average lead timeover 13
hours Outbreaks blocked 175
outbreaks Total incremental protection.over
94 days
June 2005 July 2006. Calculated as publicly
published signatures from the following vendors
Sophos, Trend Micro, Computer Associates,
F-Secure, Symantec and McAfee. If signature time
is not available, first publicly published alert
time is used.
36
IronPort Outbreak Filters ProtectG2000 Company
From MyDoom.BB
MyDoom VariantMyDoom.BB (February 15, 2005)
G2000 Company Protected By IronPorts Virus
Outbreak Filters
IronPort Threat Level Raised to 3 And Protection
Starts 1808 GMT
First Anti-virus Signature Published 2254 GMT
(Next Day)
28 hours 46 minutes
6503 files quarantined
100
200
300
400
500
600
700
800
900
1000
1100
1200
1300
1400
1700
1800
1900
2000
2100
2200
2300
2400
2000
2100
2200
2300
2400
February 15, 2005
February 16, 2005
Note All times shown are in GMT
65K saved _at_ 200/desktop, 5 infected
37
IronPort Content Scanning??????????
????????/????????? ????????? ??? ????????????
???????????
??????????? ??????????
?????? ?? ?????
???????????? ????????
?????? ?? ???????
???????-???????
???-????????? ASYNCOS
Flexible Policy Engine from Blocking
Attachments to Enforcing Regulatory Compliance
Compliance Solutions and Encryption keep
communications private and secure
38
???????????? ?????????? ?????????????????????????
? ?????????? ???? ????????? ? ???????? ?????

Graphical Representation of Per-Recipient
Policies
LDAP Integration Reduces Need for Repetitive
Modifications
Customizable Notification Templates
Robust Conditions and Actions

39
Email AuthenticationSuperior Security and
Identity Protection
??????????? ??????????
?????? ?? ?????
???????????? ????????
?????? ?? ???????
???????-???????
???-????????? ASYNCOS
DomainKey Signing - establishes and protects
your identity on the Internet IronPort Bounce
Verification protects from misdirected bounce
attacks Directory Harvest Attack Prevention
blocks attempts to steal email directory
information
40
Hot news Teaming Up To Fix Email
41
IronPort Acquires PostXGlobal Reach And
Innovative Technology
The Dominant Force in Global Email and Web
Security
Combined with the leader in Email Encryption

1 Worlds Largest Bank
1 F500 Largest Insurance Company
1 Worlds Largest Credit Card Company
60 employees

8/10 of the worlds largest ISPs
42/100 of the worlds largest corporations
25 of the Worlds Email Traffic
450 employees

42
Encryption References
43
IronPort Bounce Verification ??????? ??? 9
????????? - ? ?????? ???????? ???????
Incoming Gateway
Zombies
joe1_at_enterprise.com,jane88_at_enterprise.com billing
_at_yourcompany.com
Recipients Sender
yourcompany.com
Outgoing Gateway
Millions of Misdirected Bounces
More than 55 of F500s have experienced
disruption of service or a total denial of
service due to misdirected bounces
Source IronPort Threat Operations
Center, INTERNET EMAIL TRAFFIC EMERGENCY SPAM
BOUNCE MESSAGES ARE COMPROMISING NETWORKS,
April 2006.
44
IronPort Bounce VerificationProtects Against
Misdirected Bounce Attacks

All Outgoing Mail Stamped Allowing Legitimate
Bounces to be Identified on Return
Transparent to End Users, No Industry Adoption
Required
Eliminates Help Desk Calls and End User Confusion
Another IronPort Technical First"

45
?????????? ??? ?????????? ????????
??????????? ??????????
?????? ?? ?????
???????????? ????????
?????? ?? ???????
???????-???????
???-????????? ASYNCOS
Email Security Manager - ??? ????????????????
?????????? ?????????? ???????????????? ??????????
- ?????????? ???????? ?? ????? ???? Mail Flow
Monitor - ?????????? ? ?????? ?????????
??????? Mail Flow Central - ????????????????
?????????? ? ???????????? ?????
46
IronPort Email Security Manager????? ?????? ??
???????? ??? ???? ???????????
????????? ?? ??????, ????? ????????????, ??? LDAP

?????????? ??? ?????-?????
???????? ? ???????? ??????????? ?????

????????? ? ??????????? ????
????????
??????????? ?????

SALES

??????????? ??? ?????
????????? Virus Outbreak Filters ??? ?????? .doc

LEGAL
Email Security Manager serves as a
single,versatile dashboard to manage all
theservices on the appliance. -- PC Magazine
2/22/05
47
???????????????? ?????????? IronPort

????????????? ??? ??????, ????????????? ?????
????????? ???????????? ???????????????
????????????
?????????? ????????? ??? ?????, ????? ???
?????????
?????????? ?? ????? ???????, ????? ?????????? ??
???????

SJ1 Machine
SJ2 Machine
D1 Machine
D2 Machine
T1 Machine
T2 Machine
SJ3 Machine
D3 Machine
T3 Machine
?????? ?????
?????? ??????
?????? ????
??????? IRONPORT
48
IronPort Email Security Monitor??????
?????????? ? ???????? ???????
Integrated Real-TimeGraphical Reports
CSV Export
Scheduled Delivery
Search by Domain
Email Security Monitor
49
System Monitoring???????? ?????????? ?
???????????? ???????
Alert Center