Symantec Brightmail AntiSpam 6'0 - PowerPoint PPT Presentation

1 / 57
About This Presentation
Title:

Symantec Brightmail AntiSpam 6'0

Description:

senders or resolve false positives? Do you have visibility into new spam trends? ... Look for: 1 in 1 million false positives. 14. Catch the Most Spam ... – PowerPoint PPT presentation

Number of Views:104
Avg rating:3.0/5.0
Slides: 58
Provided by: christop254
Category:

less

Transcript and Presenter's Notes

Title: Symantec Brightmail AntiSpam 6'0


1
Symantec Brightmail Anti-Spam 6.0
  • Product Overview Presentation
  • 08. März 2005

Christoph Kugler Territory Account
Manager christoph_kugler_at_symantec.com
2
Agenda
  • The Growing Spam Problem
  • Symantec Mail Security
  • SBAS Product Features
  • Architecture, Deployment, Sizing
  • Filtering Technologies
  • Brightmail Scanner
  • Brightmail Control Center
  • Folder Agents
  • Brightmail Plug-in for Outlook
  • Symantec Mail Security 8200 Series
  • Summary Why is Brightmail the best

3
The Growing Spam Problem
4
Who am I?
  • Name Laura Betterly
  • Age 41
  • Single, mother, 2 kids
  • Annual salary 300000
  • Owner of Data Resource Consulting Inc.
  • Job Title Spam Queen

5
Merkmale von Spam
  • Wird meistens an eine grosse Anzahl Benutzer
    gesendet
  • Empfänger weiss nicht wer der Sender ist
  • Empfänger hat es nie angefordert
  • Schwierig bzw. Unmöglich es abzubestellen

Wenn Sie es nicht erhalten, Würden Sie es
vermissen??
6
Spam Continues to Grow and Evolve
7
Symantec Mail Security
8
Symantec Mail Security
9
Symantec Mail Security Product Family
10
Symantec Brightmail Anti-Spam 6.0Product Features
11
Leadership
  • Brightmail is the worldwide leader in anti-spam
    technology, providing anti-spam software at the
    Internet gateway

Protects over
Messages Filtered
100 billion in June 2004 15 of global Internet
traffic Nearest competitor 6 billion
messages 1 global traffic
325 million mailboxes 25 of global
mailboxes 2,000 businesses 9 of top 12 U.S. ISPs
Nearest competitor 6 billion messages 1
global traffic
12
Zero Administration
  • Why low administration matters?
  • Do you have time to write rules, whitelist
    senders or resolve false positives?
  • Do you have visibility into new spam trends?
  • Do you want to be an expert at fighting spam?
  • Can you provide 24x7 spam fighting capability?
  • Largest hidden cost of an anti-spam solution

Look for Zero Administration
13
Lowest False Positives
  • BAS has the industrys lowest false positive rate
  • Brightmail is 99.9999 accurate (1 in 1 million)
  • 10x fewer then the closest competitor
  • Why are we the lowest?
  • Brightmail will NOT introduce a technology
    without accuracy
  • Competitors taking quickest approach to
    effectiveness

Look for 1 in 1 million false positives
14
Catch the Most Spam
  • Multiple technologies for complete spam defense
  • There is no silver bullet anti-spam technology
  • Different filters effective against different
    types of spam
  • With multi-layer solutions spammers must avoid
    each layer
  • Innovation global coverage
  • Need to constantly innovate to stay ahead of
    spammers
  • Ability to filter foreign language spam
    effectively

Look for 95 Catch Rate
15
Symantec Brightmail Anti-Spam Customers
Enterprise
Service Provider
16
Product Review and Industry Analyst Validation
"A benchmark in the field 95 to 96 percent
effective Easy to install and maintain
Brightmail Anti-Spam's false-positive score
speaks for itselfBrightmail Anti Spam is the
best answer we know of.

Brightmail caught the highest of spam and had
the lowest false-positive rate of any of the
products tested. a real "set and forget"
system.
Brightmail, the leading provider of AntiSpam
software, achieves a 1-message-in-1-million false
positive rate. Yankee Group 2004
Positioned in the Leaders Quadrant - Magic
Quadrant for Enterprise Spam Filtering - Gartner
Research, 2004
17
Info World Article Review
18
(No Transcript)
19
Architecture, Deployment, Sizing

20
What is Brightmail 6.0 (BAS)?
  • Not an MTA
  • Integrates with industry standard MTAs
  • Centralised Management / Reporting
  • Not a Content Filtering engine (Attachments)
  • Has AV scanning capabilities
  • Multiple Operating Systems supported
  • Deployed anywhere within your messaging topology

21
Key Features
Flexible Spam Handling Modify subject line or
header Delete Forward to email address for
review Administrator Quarantine Per-User
Quarantines Web-based quarantine Groupware
quarantines - Exchange and
Domino Customized Mail Policies Group
Policies Adjustable spam thresholds Per User
Spam Control Allow/Block lists Language
preference Submissions
Powerful Administration Web-based Control
Center Global management of multiple servers
Centralized granular reporting Assignable
administrator privileges Alerts Flexible
Architecture Multiple LDAP integrations
Multiple MTA integrations Content Filtering
Block Lists Allow Lists Custom Filters
Editor Complete Threat Protection Anti-Virus
Optional module
22
High-level Architecture
Customer Site
Symantec Operations
23
Spam Analysis and Operations the BLOC
24
Flexible Deployment
  • Install components on one or many machines
  • Deploy where you want (gateway, relay, or mailbox
    server)
  • Choose Quarantine option (Web-based or email
    client-based)
  • Incorporate end-user tools and features with
    Outlook Plug-in

25
Scalability
  • Brightmail Anti-Spam scalability proof points
  • On a single CPU
  • Linux server, handles around 25 messages/sec
  • e.g. 25 x 3600 9000 messages/hour
  • 9000 x 9 81000 messages / business day
  • Additional performance through more CPUs or more
    servers at no additional cost (BAS is licensed
    per user)

26
Filtering Technologies

27
Defending Against Spam a Multi-layered Approach
28
Points to Remember
  • Technology
  • Custom Rules
  • Regular Expression (Header Body)
  • Reputation Service
  • Hashing (Body URLs)
  • URL Filtering
  • Heuristics
  • Language Support
  • Chinese
  • Dutch
  • English
  • French
  • German
  • Italian
  • Japanese
  • Korean
  • Portuguese
  • Russian
  • Spanish

29
Brightmail Scanner

30
What is the Brightmail Scanner?
  • The Brightmail Scanner is one of the key software
    components that powers Brightmail Anti-Spam

What it Does
What it Includes
  • Communicates with your MTA (doesnt replace it)
  • Receives updated filters from the BLOC
  • Examines incoming messages for spam, viruses,
    email threats, and special content
  • Produces a verdict for a message
  • Server component that filters mail and returns
    verdict
  • Filtering engine
  • Conduit component that manages statistics and
    updated filters
  • Client component that integrates with MTA
    (optional)

31
Secure Filter Transmission
Each Scanner retrieves its own filters
Polls for new filters every minute
  • New filters are
  • Downloaded via HTTPS
  • Available every 10 minutes

32
Platform and Mail Server Support
MTA Support
Version
Platform
Microsoft IIS SMTP Exchange 2000 Exchange 2003
Windows 2000 Server Windows Server 2003
Windows
Sendmail 8.12 Sendmail Switch 3.1 Exim Postfix
2.1.3 QMail Sun Messaging Server 5.2/6.0
Solaris 8 Solaris 9
Solaris
Sendmail 8.12
Enterprise Linux ES 3.0 Enterprise Linux AS 3.0
Linux (Red Hat)
Sendmail 8.12
Linux 9.1
Linux (SuSe)
Other MTAs, including Exchange 5.5 and Domino,
can be supported in a relay configuration. To
enable this support, Brightmail Anti-Spam is
installed on an upstream machine with the IIS
SMTP Service relaying filtered mail to the target
MTA.
33
Control Center

34
Brightmail Control Center
  • Web-based interface for
  • Centralized management
  • Push settings out
  • Pull logging back
  • Web quarantine
  • Administrator interface
  • End user interface
  • Monitoring
  • Summary dashboard
  • Per-machine status
  • Logs
  • Statistics and reports

35
Brightmail Control Center Settings
Create list of blocked senders
Create list of allowed senders
Adjust threshold for filtering aggressiveness
Choose reputation filters to employ
Enable language identification features
Set up antivirus filtering
Create custom content filters
Set up group policies
Add admins with specific privileges
Work with consolidated reports
View consolidated and individual logs
Set up alert triggers
Change LDAP settings
Set up and view Web Quarantine
Migrate settings from previous releases
Identify external mail servers
Work with Brightmail Scanners
36
Spam Scoring
  • Each spam message given a score
  • Messages over 90 are given spam verdict
  • Administrators can turn on/off suspect spam
    threshold
  • Administrators can define lower end of suspect
    spam
  • In policies, administrators can set different
    actions for spam and suspect spam

37
Detailed Reporting
  • Multiple reporting categories
  • Processed, spam, suspected spam, allowed/blocked
    messages, and viruses
  • Reporting by multiple criteria
  • Recipient
  • Sender
  • Recipient Domain
  • Sender Domain
  • IP Connection etc.
  • Benefits
  • 19 reports available
  • Report viewer in Control Center
  • Generate as needed or pre-set intervals
  • Export to multiple formats

38
Group Policies
39
Group Policies
Multiple Types of Members
Six Email Categories
Six Verdicts
  • All email domains
  • Sub domains
  • Individual users
  • Wildcard Support
  • Spam
  • Suspect Spam
  • Blocked Sender
  • Allowed Sender
  • Virus
  • Worm
  • Delete
  • Mark up message subject
  • Mark up message header
  • Forward to an email address
  • Save to disk
  • Deliver normally

40
Control Center Security
  • Communication
  • HTTPS between Scanner and Control Center
  • HTTPS between administrator, end users, Control
    Center (Optional)
  • Administrator Privileges
  • Support for multiple administrators
  • Different privileges for different
    administrators (Some access only quarantine,
    others can change server settings)
  • End User Authentication Via LDAP to
  • Active Directory
  • Exchange 5.5
  • SunOne

41
LDAP Capabilities and Features
  • Alias Expansion
  • Quarantine automatically resolves all aliases and
    delivers messages to the quarantine account for
    the underlying email address.
  • Quarantine can access LDAP directories such as
  • Active Directory (Exchange 2000 and Exchange
    2003)
  • Exchange 5.5
  • Sun ONE Directory Server
  • Customisable LDAP attributes
  • Fully-configurable LDAP query settings and
    attributes to match your LDAP schema.

42
System Alerts
  • Immediate notification when certain operating
    conditions arise
  • Sends email alerts to administrators or other
    parties
  • Applicable conditions
  • A Brightmail component is not responding or
    working
  • Anti-spam filters are older than a specified time
  • Anti-virus filters are older than a specified
    time
  • Brightmail Quarantine is low on disk space.

43
Enhanced Web-based Quarantine
Benefits
  • Spam stored centrally at gateway not passed
    through network
  • End users notified daily/weekly about new spam
  • Centralized message purging after x days
  • Can release quarantined messages to user(s)
    inbox
  • End users can access quarantine at any time
  • Search functionality for both administrators and
    end-users

44
Sample Quarantine Screenshots
45
Folder Agents

46
Exchange Spam Folder Agent
  • Quarantine that lives in Exchange
  • End users can access from their mail client
  • Appears as a mail folder
  • Software installed on each Exchange server
  • Creates a Spam folder for each user
  • Administrator defines number of days to hold
    spam before deleting

47
Domino Agent
  • Creates a Spam folder for each user in the
    system
  • Administrator can set how many days before
    deleting spam
  • Message Submission
  • Single click submission of missed spam false
    positives to Brightmail
  • Missed spam ? Probe Network
  • Potential false positive ? Reviewed by a BLOC
    Technician

48
Brightmail Plug-in for Outlook

49
Brightmail Plug-in for Outlook
  • Provide powerful spam management tools for your
    users
  • Empower users to take control of their inboxes
  • Single click submissions of misidentified messages

50
Symantec Mail Security 8200 Series
51
High-level Overview
The most accurate email security appliance
powered by the award-winning, industry-leading
Brightmail AntiSpam technology from Symantec, the
global leader in Information Security
Under testing, subject to change
52
Appliance Platform Highlights
  • Symantec Branded Product (no overt reference to
    OEM)
  • Based on OEM Hardware from Dell
  • High Performance Intel CPUs
  • High Quality Field Failure rates lt 1
  • High Resiliency Built in Redundant Parts
  • Enterprise Class Support
  • Standard HW warranty Next Biz Day ONSITE
    repair
  • Platinum support includes Same Day ONSITE repair
  • Quick Lead-times
  • Symantec can order product at any time
  • Manufactured on 8-12 Day Lead-Times
  • Compliant to Ship World-wide at FCS

Where available some small European countries
and rural areas are excluded
53
Key Features
  • Appliance Form Factor
  • Hardware
  • Hardened Operating System
  • Hardened Mail Relay
  • TLS Encryption
  • Filtering Engine
  • Brightmail AntiSpam
  • Symantec AntiVirus
  • Email FirewallTurnTide Traffic Shaping
  • Email FirewallAutomated Defenses
  • Email FirewallReputation Lists
  • Content FilteringAttachment Mgmt
  • Content FilteringDictionaries
  • Content FilteringAnnotations
  • Content FilteringCustom Rule Editor
  • SPF
  • System Management
  • Web-based Administration
  • Global Management
  • Multiple Administrator Roles
  • Automatic Rule Updates
  • 55 Reports (35 New)
  • Software Update Mechanism
  • Mail Management
  • Group Policies
  • Outbound Policies
  • LDAP Group Policies
  • 16 Actions (8 New)
  • Compound Actions
  • End User PreferencesBlock/allow list
  • End User PreferencesLanguage
  • Administrator End User Quarantine

Denotes new feature
54
Architecture
55
SummaryWhy is Brightmail the best

56
Why is Brightmail the Best
  • The most complete e-mail security technology
  • Has the most complete arsenal of anti-spam
    technology
  • Heuristics, URL Rules, Source filters, Signatures
    etc.
  • Symantec AV
  • The most extensive anti-spam operations center
  • Anti-spam filters updated every 10 minutes
  • BLOC is unmatched for detecting spam and rule
    distribution
  • Complete manageability with hands off capability
  • Flexible spam management control
  • Powerful global management console
  • Integrated anti-virus and content filtering
    technology

57
Thank YouKostenloser 30 Tage Download unter
http//emea.symantec.com/brightmail
Write a Comment
User Comments (0)
About PowerShow.com