Cloudmark and Openwave Messaging Anti-Abuse

1
Cloudmark and Openwave Messaging Anti-Abuse

• Name
• Date

2
Cloudmark Company overview
Technology leadership Headquarters Founded
Products Email statistics Subscribers
protected Customers Strategic partners
Anti-spam, anti-phishing and anti-virus San
Francisco, CA, USA 2001 Desktop, Server, Gateway
and Data Services Processes over 1 billion
messages per day Over 100 million
mailboxes Service providers (fixed-line
mobile), small to large enterprises and
consumers Openwave, Sendmail, Bizanga, PayPal,
CommuniGate Systems and Secure Computing Over
160 countries Ignition Partners, FT Ventures,
Sumitomo Corp
International presence Investors
3
Industry leaders chose Cloudmark
SERVICE PROVIDERS
FINANCIAL
TEXT
TEXT
TEXT
TECHNOLOGY
EDUCATION
GOVERNMENT
HEALTH
MEDIA
4
Rising cost of spam/phishing for service providers

• Increased network storage costs
• Decreased customer satisfaction
• Spam cited as one of top reasons for subscriber
  churn (Ferris Research)
• Phishing threats target ISP credentials posing a
  security threat
• Fixed-line spam
• Costs U.S. European service providers 500M /
  year (Ferris Research)
• Mobile spam
• Some service providers charge a toll to both
  sender and recipient
• Costs end users 3 cents per message to download
  an unsolicited text message (Ferris Research)

Ferris Research, Anti-Spam for Businesses and
ISPs Market Size 2003-2008
5
Openwave Cloudmark Solutions

• Complete protection against messaging abuse
• Spam
• Phishing
• Viruses First line of defense against e-mail
  borne viruses
• Anti-Spam and Anti-Phishing solutions can be
  licensed separately
• Value Added Services Cloudmark Network Feedback
  System - Management reporting tool demonstrates
  filtering effectiveness
• Mail Store Clean-Up Service Unique solution to
  clear spam out of existing storage infrastructure
  (can be licensed separately and frees up approx.
  15 of storage).
• Always beat the competition on effectiveness,
  accuracy, performance and cost savings

6
Cloudmark Overview
7
Cloudmark Collaborative Security Network

• Zero-hour response real-time protection from all
  messaging threats
• Blocks attacks between 20 seconds to 3 minutes
• Cloudmarks community of users vote in real time
  on the latest threats
• Worlds largest spam and phishing database
• Up to 1 Billion reports per day
• Feedback from 1.7 million Cloudmark Desktop
  customers, over 350,000 Vipuls Razor
  installations and millions of enterprise ISP
  users
• Advanced fingerprinting algorithms
• Precise identification of emails, users vote on
  messages reliably
• Goal identify all messages in an attack with a
  single fingerprint
• Trust Evaluation System (TeS)
• Tracks reputation of each reporter ensuring data
  integrity and accuracy
• Determines when to mark a fingerprint as spam,
  phishing, virus or other

8
Cloudmark Authority E-mail protection

• Cloudmarks gateway anti-abuse product for
  service providers
• Cloudmark Authority Engine extensions service for
  Openwave Email Mx
• Cloudmark Anti Abuse extensions service for
  Openwave Edge Gx
• Cloudmark Network Classifier
• High performance classification engine designed
  for service provider scalability
• Uses five fingerprinting algorithms and an in
  memory cache of known bad fingerprints kept up to
  date with the Cloudmark Service every minute
• Tight integration into the Openwave messaging
  system
• Runs on extensions server, configured through
  config.db and LDAP
• Per class of service or system wide filtering
• High message throughput with low resource
  utilization
• Double the throughput of competing filters with
  lower CPU utilization
• Allows for reduction in infrastructure and costs

9
Zero-hour response
Aggregate feedback from millions of users
Trust Evaluation System
Real-time content reputation
Automated DataAnalysis
Threat Detection Spam, Phishing, Viruses, Spyware
Response
10
(No Transcript)
11
(No Transcript)
12
(No Transcript)
13
Cloudmark versus traditional approaches
Cloudmark Approach
BlockAttack
Threat Detection Real-time feedback from
millions of users trusted honeypots

• Highly optimized fingerprints
• Automatic analysis updates

Zero hour response Highest accuracy No
admin. intervention Low TCO
Traditional Approach
Attack??
Deploy new rules/lists
Test rules
Analysis of new threat
Write new rules
Threat Detection Honeypots
- Hours/days delay before protection -
administration intensive - outdated data
14
Anti-Spam, Anti-Phishing Protection for
fixed-line and mobile environments

• Industry-leading accuracy
• Equally effective on both email and mobile spam
  messages
• Proprietary fingerprinting algorithms allow
  extreme precision on small messages with
  unintelligible content
• Real-time feedback from millions of users
• Industry-leading throughput
• 5 fingerprinting algorithms enable rapid
  processing of abuse
• Competitive offerings process thousands of rules
• Algorithms compute fingerprints on messages and
  match against local cache
• Fingerprint updates automatically downloaded from
  Cloudmark Service
• Deployed with major service providers worldwide
• Integrates at SMTP MTA or at SMTP to SMS gateway
• Mobile-to-mobile filtering
• SDK available for SMSC and MMSC integration

15
Effective Defense against Phishing

• Cloudmark Solutions
• Broad collection of phishing reports
• Automated real-time response to attacks
• Dynamic reputation system
• Reputation data adjusts dynamically without
  manual intervention
• Advanced fingerprint algorithms

• Characteristics of Phishing Attacks
• Targeted
• Attack specific groups based on harvested data
• Transient
• Attacks are short-lived (a few hours)
• Dynamic
• Phishing sites move across many compromised hosts
• Coordinated and organized
• Increasingly sophisticated micro economy has
  emerged
• Costly

TEXT
TEXT
TEXT
TEXT
16
Protection from advanced threats

• Phishing
• Phishing is more advanced than spam targeted,
  transient, organized
• Cloudmarks community enables the real-time
  response necessary to stop phishing before it
  costs users and degrades corporate brands
• After testing several leading solutions, PayPal
  chose Cloudmark to protect their 50M customers
  from phishing
• Viruses
• Modern day worm email viruses can attack millions
  of users in minutes
• Cloudmark provides the zero-hour protection to
  augment existing AV protectionfilling the hole
  when new viruses begin propagating
• Recent Kama Sutra Blocked first by Cloudmark
  within minutes. Legacy AV vendors took one day to
  provide fix!!
• Future threats and delivery vehicles
• Threats moving to new delivery vehicles SMS,
  MMS, VoIP, IM, Blogs, Web,

17
Results of 3 recent case studies

• A large mobile operator (50M subscribers)
  realized
• 14.7 increase in filtered message rates for spam
  and phishing
• 300 reduction in false positives and even
  greater reduction in false criticals
• 87.5 filtration of viruses/worms
• A broadband provider realized
• 14 increase in total filtered messages rate
• 21 improvement in spam filtering accuracy
• 475 reduction in false positives
• 10-15 reduction in CPU utilization
• Significant OPEX and CAPEX cost savings over
  existing solution
• A large cable MSO (2M subscribers) realized
• 15 increase in filtered messages rate
• Significant reduction in false positives (1/20th
  FP and 1/50th FC)

Filtered messages rate of messages marked
spam / total of messages scannedSpam filtering
accuracy of spam message caught / of spam
messages scanned
False PositivesLegitimate newsletter archive
summary emails Forwarded personal jokes or other
chain messages Refers to the recipient by name
False Criticals Person to person
email Important message,often business-related
or personal in nature
18
Value Added Services
19
Cloudmark / Openwave Mail Store Clean Up Service

• Designed to measure and eliminate spam and
  phishing messages stored in the mail store
• Professional service will scan messages on MSS
  for old spam missed by existing filter and never
  deleted by user
• Multiple Options available
• Messages can be deleted, moved or other action
  based on service providers policy
• Different policies for which users to scan for
  can be implemented (All users, only inactive
  users, other?)
• Different policies for which messages to scan for
  can be implemented (Only unread, only messages in
  certain folders?)
• Reduces storage, system administration data
  processing costs
• Typically reduces volume of messages by approx
  70 and storage space by 15

20
Cloudmark Network Feedback System Reporting

• Reports for service provider
• Immediate view of system accuracy
• Every piece of feedback is used and tracked
• Email subscription search features
• Reports for user
• Webmail integration
• Show users value provider is giving
• Users gain sense of community value their
  contribution

21
Client solutions for service providers

• Cloudmark Desktop
• Microsoft Outlook or Outlook Express toolbar
• Out of the box spam and phishing protection
• Easier feedback mechanism for POP users
• Cloudmark Anti-Fraud Toolbar
• Microsoft Internet Explorer toolbar
• Blocks phishing and pharming attacks
• Cloudmark Desktop SDK
• Integrate Cloudmark anti-abuse and reporting
  technology into existing applications
• Business models
• Revenue sharing
• Bulk licensing
• White labeling

22
Summary
23
Key benefits for service providers

• Zero-hour response to messaging threats
• Fastest possible response 20 seconds to 3
  minutes
• High performance
• High msg/sec rate
• Lower CPU utilization than competing solutions
• Industry-leading accuracy
• Cloudmark solutions consistently rank as the most
  accurate
• Draws on data collected from real users in real
  time
• Easily integrated into existing network
  infrastructure
• Can be deployed at internal MTA, Edge and
  SMSC/MMSC
• Higher end-user satisfaction
• Participates in the solution, feeling enabled to
  fight back
• Less spam in Inbox
• Protected from phishing scams
• First line protection from viruses

24
Business value to service providers

• Lowest TCO
• Reduced infrastructure costs
• Significant storage and network resource
  reduction
• Lowest CPU utilization (less computing power)
• Easy to maintain
• Automatic updates
• No rules and lists
• Reduced customer support calls and costs
• Real-time feedback improves customer satisfaction
• Less strain on customer service
• Significant storage savings from cleaning up
  current mail store
• Revenue generator
• Cloudmark Desktop Anti-Fraud Toolbar
  distribution (can be branded)
• Attractive revenue-sharing programs

25
(No Transcript)