Extend your IBM Lotus Notes and Lotus Domino security to fight...
2 downloads
95 Views
5MB Size
Security capabilities To support your business objectives
IBM Lotus Protector for Mail Security 2.5. Empower users and extend your IBM Lotus Notes and Lotus Domino security features
Give users complete control over content sent to them — right within the familiar IBM Lotus Notes inbox In the age of a distributed workforce, virtual teams, road warriors
and content control have become necessary to protect your
and corporate globalization, e-mail is more indispensable than
company, enabling you to comply with stringent regulatory
ever. In fact, employee productivity and customer satisfaction
requirements and minimize the potential loss of productivity.
rely on it. Protecting your messaging infrastructure is vital to
Ironically, your current antispam technology probably takes more
your day-to-day operations.
time and costs more money than necessary, requiring that you dedicate resources to identify and remove spam and forcing your
Internet connections exponentially increase the power of e-mail.
IT staff to waste valuable time recovering valid e-mail that gets
Unfortunately, they also expose users to myriad threats, creat-
unintentionally blocked. In the struggle to increase productivity
ing potential business risks. In today’s world, spam prevention
and stretch limited resources, you now have a better choice.
2
Empower your users, right from their inbox
Highly effective, proven protection
Seamlessly integrated with your IBM Lotus Notes and Lotus ®
The Lotus Protector for Mail Security software appliance is proven
®
Domino® platform, the IBM Lotus Protector for Mail Security 2.5
to be highly efficient at protecting against external threats—while
software appliance gives your organization comprehensive con-
minimizing the potential blocking of nonthreatening e-mail or the
trol over Internet e-mail. It does more than just efficiently block the
draining of server resources. Precise and powerful, the Lotus
spam, malware, phishing attacks and other threats targeting your
Protector for Mail Security software appliance has been certified
users— it’s also the first and only network spam filter that doesn’t
by the independent ICSA Labs to be a leader in spam control,
require users to access a separate tool to manage who can and
blocking over 99 percent of known spam with extremely low,
cannot send them e-mail. Via a simple click from their Lotus
industry-leading false-positive results.1 And being a Lotus Notes
Notes 8.5.1 inbox, users gain control over which content they
and Domino family product, it’s designed to be easy to imple-
want or don’t want to receive. Users can also independently
ment and own, with the same flexible deployment options and low
view spam and blocked messages without IT intervention. This
cost of ownership as those of your critical messaging platform.
helps eliminate the need for IT staff to spend valuable time and resources in situations where, for example, an external vendor might claim to have sent an e-mail that users haven’t received in their inboxes. Your users can quickly validate for themselves whether the e-mail was blocked or whether it was simply never sent in the first place. The result is an increased level of productivity for users, as well as an optimization of your administrative resources.
3
Helps stamp out spam
Examine and knock out suspicious mail in real time
Spam continues to find its way to inboxes daily, sometimes
The Lotus Protector for Mail Security software appliance stops
outnumbering legitimate e-mail. The fight against spam
spam at the network edge, so your Lotus Domino server is free
can negatively impact productivity and can strain network
to focus on core routing and collaboration tasks. Employing
and server capacities, affecting your end users as well as
innovative zero-level analysis (ZLA) technology from IBM, the
your system administrators.
software appliance is capable of identifying spam in real time, as e-mail comes into your network. Because it can identify spam as it traverses the network boundary, ZLA can often drop spam within the first 10 or 20 percent of the message. This optimizes
Internet
throughput of the system without any loss of efficacy, because all messages that aren’t blocked are still fully analyzed by powerful content analysis modules in the Lotus Protector for Mail Security
SMTP connection
software appliance. The result for your organization is enhanced protection, without slowing down your key collaboration systems.
Predata spam filters Dynamic host reputation filtering SMTP connection filters Domain name server blacklist (DNSBL) settings Recipient verification, SMTP level
Continuous protection updates
Spam
The Lotus Protector for Mail Security software appliance can be quickly configured to block spam using either default or custom content filtering policies. Content filtering innovation is
Message transfer Zero level analysis
provided by the IBM Internet Security Systems (ISS) X-Force ® Spam
research and development team. The X-Force team routinely monitors new spam techniques and distribution methods. The Lotus Protector for Mail Security software appliance checks with
Dedicated spam analysis modules Spam fingerprint Spam signature database Structure analysis Embedded URL analysis Spam heuristics
DNSBL analysis Bayesian classifiers Flow analysis Spam keyword Phishing analysis
IBM as frequently as every 15 minutes for updates that include new spam signatures and potentially dangerous URLs. As a
Spam
result, Lotus Protector for Mail Security technology helps you keep ahead of the latest spam trends. E-mail origination analysis The Lotus Protector for Mail Security software appliance
Legitimate e-mail
includes dynamic host reputation filtering technology that helps stop spam before it ever reaches your system. Leveraging sophisticated IBM research that identifies where spam is likely to originate, this technology complements the ZLA module by Figure 1. The Lotus Protector for Mail Security software appliance filters out spam before it even reaches your network, helping save valuable bandwidth.
analyzing the source IP address of incoming e-mail, making a mathematical judgment about whether or not the source of the e-mail is reliable. When e-mail is deemed to be coming from an unreliable source, the connection is dropped before the e-mail is delivered. Like the innovative ZLA technology, reputation filtering can help reduce the system load associated with managing spam, freeing the content analysis modules to apply their multilayered filtering approach and achieving unrivaled efficacy against threats.
4
Spam collectors
Global Data Center
Spam Learn
Who
When
Sender/recipient Sales Logistics Mr. Schmitt
Time frame All the time 9 a.m. to 5 p.m. 8 p.m. to 5 a.m.
Rule Your business
Global filter database
Continuous updates
Analysis modules
Action
Sensors Confidential MP3/JPG Pornography
Responses Block Allow Send to
Figure 2. The Lotus Protector for Mail Security software appliance receives updates from the IBM ISS Global Data Center eight times per day to help you respond to changing spam tactics and threats.
Figure 3. You can develop spam filtering rules that fit your organization’s policies and tailor those rules to specific users.
Ninety-five billion identified spam sources — and growing At the IBM ISS Global Data Center, IBM maintains a security
Rules configuration helps improve ease of use, lessening the burden on administrative staff
database containing more than 95 billion evaluated Web pages
Granular policy control includes simple rules-based policy
and relevant spam signatures to date. IBM operates spam col-
creation — enabling you to take action based on factors such as
lectors worldwide using e-mail accounts known as “honey pots,”
who, what and when — and more than 10 different customizable
which receive millions of confirmed spam e-mails every day.
action types, such as modifications and notifications. Policies
Data gathered from these messages is fed into the Global Data
can be applied globally, by user group or by individual user, so
Center, increasing the efficiency of spam filtering.
changes made in the Lotus Domino Directory database flow automatically to the associated content control policies. Plus,
More than just spam prevention — comprehensive inbound and outbound content control
the Lotus Protector for Mail Security software appliance supports lightweight directory access protocol (LDAP), including
Lotus Protector for Mail Security technology analysis modules
Lotus Domino and Microsoft® Active Directory technologies.
work for outbound as well as inbound e-mail, enabling you to define policies or tailor modules to help meet legal and regulatory compliance for data. Messages can also be scanned for offensive words, customizable keywords and attachment types — and specialized analysis capabilities help prevent sensitive information such as Social Security and credit card numbers from leaving your network. In addition, the phishing module provides a separate, multithreaded analysis technique to protect your employees against e-mail messages that target their personal information.
5
Helps keep you ahead of threats
Many spammers direct spam at a particular domain simply by
Beyond spam control, the Lotus Protector for Mail Security
guessing at user names or naming conventions. Recipient veri-
software appliance is equipped with advanced protection
fication technology helps minimize the effects of this practice
technologies to provide security features that are ahead of
by confirming that the specific user name to which each e-mail
the threat. With the award-winning IBM Proventia ® Network
is addressed actually exists — before accepting the message.
Intrusion Prevention System (IPS) engine and IBM Virtual
Any message that is addressed to an unknown recipient is
Patch technology, the application supports the vital security
rejected before the connection is accepted, helping save valu-
features necessary in today’s IT environments.
able bandwidth.
An extra level of protection between your company and external contacts
The queuing mechanism is designed to provide multiple levels
Support for the transport layer security (TLS) protocol enables
application has two predefined thresholds for its unchecked
you to automatically encrypt e-mails between your company and
queue, which begins to grow during a denial-of-service attack.
trusted partners and suppliers. By establishing mutual public cer-
When the total number of messages in the unchecked queue
tificates on your server, you can make sure that communication
reaches the first threshold, the application begins throttling new
between your company and these organizations is protected. The
simple mail transfer protocol (SMTP) connections based on a
message transport agent at the edge of your network automati-
predefined period of time. When the number of messages in the
cally encrypts e-mails to and from such organizations—providing
unchecked queue reaches the second threshold, all new SMTP
a seamless user experience.
connections are answered with a “temporarily not available”
®
of protection against spam-based denial-of-service attacks. The
message and asked to try again later, based on SMTP standard
Defense against zero-day attacks
protocols. Typical spam bots can’t handle this type of rejection
Lotus Protector for Mail Security software appliance recipient veri-
and will fail at this point, whereas valid SMTP servers will try
fication technology and its queuing mechanism help protect your
again after a predefined period of time.
mail server from zero-day attacks, including denial-of-service and directory harvest attacks. And a special Lotus Domino integration
Real-time, multilayered antivirus protection
keys off of “short name” fields, so even the powerful and flexible
The Lotus Protector for Mail Security software appliance includes
Lotus Domino addressing translation system is supported.
a remote malware detection and zero-hour virus prevention service, which is automatically distributed to your application via continuous signature updates to the filter database. In addition, behavioral genotype and signature antivirus technologies take action against suspicious code even before a virus signature is available. This technology analyzes both incoming and outgoing e-mail in parallel with the application’s antispam features.
6
All Lotus Protector offerings are designed to easily integrate with your existing Lotus Domino user and security frameworks, presenting a seamless experience for users — and simplifying overall administration for you. Intelligent management options for ease of use
A unified platform to address your security challenges
The Lotus Protector for Mail Security software appliance provides
Create a unified platform to mitigate your security challenges. Find
a number of intelligent management options that can be tailored
out more about how the Lotus Protector for Mail Security software
to your organization’s unique network environment. It includes:
appliance can help resolve messaging security headaches and improve your security posture against tomorrow’s threats, as part
• A stand-alone, security-rich, Web-based local management
of the dynamic Lotus Protector platform. Designed specifically for
interface. The interface provides easy access to security and
the Lotus Domino environment, the application tightly integrates
antispam policies.
with the Lotus Domino platform, simplifying administration of your
• Standard or customized reports. Standard, centralized
messaging environment.
reports provide valuable insights, such as identifying which spammers present the biggest challenge to the messaging
System requirements focused on flexibility
infrastructure. You can also create customized reports for additional flexibility.
Lotus Protector for Mail Security software appliance is available
• Clustering for centralized management.2 Because a
as a per-user software license with flexible deployment options.
separate management console isn’t required, you can easily
It’s packaged as a software appliance model, with an integrated
manage multiple servers through one appliance. In fact, Lotus
Linux® operating system and the application software. It’s certified
Protector for Mail Security technology provides access to all
to run on high-quality, cost-effective IBM System x® hardware
quarantined messages and tracking information through the
or VMware systems. Unlike some competitive offerings that
appliance you designate as the central appliance, regardless
require proprietary hardware systems, the Lotus Protector for
of where the traffic initially entered the network.
Mail Security software appliance puts you in control, allowing you to choose the off-the-shelf hardware that perfectly meets your throughput requirements — and your budget. And because it’s a per-user license, you can deploy as many server instances as necessary, without additional Lotus Protector for Mail Security costs. For full, detailed system requirements, please visit: ibm.com/software/lotus/products/protector/mailsecurity/ systemrequirements.html
7
© Copyright IBM Corporation 2009 Lotus Software IBM Software Group One Rogers Street Cambridge, MA 02142 U.S.A.
Accelerate the time to value of your software investment IBM Software Services for Lotus and select IBM Business Partners can help you better understand your technology options and how to leverage Lotus collaboration solutions to potentially lower your IT total cost of ownership and increase your organization’s productivity. Find out more about the technical consulting, training and Software Accelerated Value Program services available to help you accelerate your success with IBM technology. For more information, go to: ibm.com/software/lotus/services
For more information To access a no-cost, 90-day-trial edition of the Lotus Protector for Mail Security 2.5 software appliance or to get more information, contact your IBM sales representative or visit: ibm.com/software/lotus/products/protector/mailsecurity
Produced in the United States of America December 2009 All Rights Reserved IBM, the IBM logo, ibm.com, Lotus, Domino, Lotus Notes, and Notes are registered trademarks of International Business Machines Corporation in the United States, other countries or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™ ), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Microsoft is a trademark of Microsoft Corporation in the United States, other countries, or both. Other company, product, or service names may be trademarks or service marks of others. References in this publication to IBM products or services do not imply that IBM intends to make them available in all countries in which IBM operates. The information contained in this documentation is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained in this documentation, it is provided “as is” without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this documentation or any other documentation. Nothing contained in this documentation is intended to, nor shall have the effect of, creating any warranties or representations from IBM (or its suppliers or licensors), or altering the terms and conditions of the applicable license agreement governing the use of IBM software. IBM customers are responsible for ensuring their own compliance with legal requirements. It is the customer’s sole responsibility to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer’s business and any actions the customer may need to take to comply with such laws. 1 These statements represent current IBM plans and directions, which are subject to change without notice. 2 Available only in the MS3004LP. Clustering does not imply high availability.
LOB14005-USEN-02