Extend your IBM Lotus Notes and Lotus Domino security to fight

Extend your IBM Lotus Notes and Lotus Domino security to fight...

2 downloads 24 Views 5MB Size

Security capabilities To support your business objectives

IBM Lotus Protector for Mail Security 2.5. Empower users and extend your IBM Lotus Notes and Lotus Domino security features

Give users complete control over content sent to them — right within the familiar IBM Lotus Notes inbox In the age of a distributed workforce, virtual teams, road warriors

and content control have become necessary to protect your

and corporate globalization, e-mail is more indispensable than

company, enabling you to comply with stringent regulatory

ever. In fact, employee productivity and customer satisfaction

requirements and minimize the potential loss of productivity.

rely on it. Protecting your messaging infrastructure is vital to

Ironically, your current antispam technology probably takes more

your day-to-day operations.

time and costs more money than necessary, requiring that you dedicate resources to identify and remove spam and forcing your

Internet connections exponentially increase the power of e-mail.

IT staff to waste valuable time recovering valid e-mail that gets

Unfortunately, they also expose users to myriad threats, creat-

unintentionally blocked. In the struggle to increase productivity

ing potential business risks. In today’s world, spam prevention

and stretch limited resources, you now have a better choice.


Empower your users, right from their inbox

Highly effective, proven protection

Seamlessly integrated with your IBM Lotus Notes and Lotus ®

The Lotus Protector for Mail Security software appliance is proven


Domino® platform, the IBM Lotus Protector for Mail Security 2.5

to be highly efficient at protecting against external threats—while

software appliance gives your organization comprehensive con-

minimizing the potential blocking of nonthreatening e-mail or the

trol over Internet e-mail. It does more than just efficiently block the

draining of server resources. Precise and powerful, the Lotus

spam, malware, phishing attacks and other threats targeting your

Protector for Mail Security software appliance has been certified

users— it’s also the first and only network spam filter that doesn’t

by the independent ICSA Labs to be a leader in spam control,

require users to access a separate tool to manage who can and

blocking over 99 percent of known spam with extremely low,

cannot send them e-mail. Via a simple click from their Lotus

industry-leading false-positive results.1 And being a Lotus Notes

Notes 8.5.1 inbox, users gain control over which content they

and Domino family product, it’s designed to be easy to imple-

want or don’t want to receive. Users can also independently

ment and own, with the same flexible deployment options and low

view spam and blocked messages without IT intervention. This

cost of ownership as those of your critical messaging platform.

helps eliminate the need for IT staff to spend valuable time and resources in situations where, for example, an external vendor might claim to have sent an e-mail that users haven’t received in their inboxes. Your users can quickly validate for themselves whether the e-mail was blocked or whether it was simply never sent in the first place. The result is an increased level of productivity for users, as well as an optimization of your administrative resources.


Helps stamp out spam

Examine and knock out suspicious mail in real time

Spam continues to find its way to inboxes daily, sometimes

The Lotus Protector for Mail Security software appliance stops

outnumbering legitimate e-mail. The fight against spam

spam at the network edge, so your Lotus Domino server is free

can negatively impact productivity and can strain network

to focus on core routing and collaboration tasks. Employing

and server capacities, affecting your end users as well as

innovative zero-level analysis (ZLA) technology from IBM, the

your system administrators.

software appliance is capable of identifying spam in real time, as e-mail comes into your network. Because it can identify spam as it traverses the network boundary, ZLA can often drop spam within the first 10 or 20 percent of the message. This optimizes


throughput of the system without any loss of efficacy, because all messages that aren’t blocked are still fully analyzed by powerful content analysis modules in the Lotus Protector for Mail Security

SMTP connection

software appliance. The result for your organization is enhanced protection, without slowing down your key collaboration systems.

Predata spam filters Dynamic host reputation filtering SMTP connection filters Domain name server blacklist (DNSBL) settings Recipient verification, SMTP level

Continuous protection updates


The Lotus Protector for Mail Security software appliance can be quickly configured to block spam using either default or custom content filtering policies. Content filtering innovation is

Message transfer Zero level analysis

provided by the IBM Internet Security Systems (ISS) X-Force ® Spam

research and development team. The X-Force team routinely monitors new spam techniques and distribution methods. The Lotus Protector for Mail Security software appliance checks with

Dedicated spam analysis modules Spam fingerprint Spam signature database Structure analysis Embedded URL analysis Spam heuristics

DNSBL analysis Bayesian classifiers Flow analysis Spam keyword Phishing analysis

IBM as frequently as every 15 minutes for updates that include new spam signatures and potentially dangerous URLs. As a


result, Lotus Protector for Mail Security technology helps you keep ahead of the latest spam trends. E-mail origination analysis The Lotus Protector for Mail Security software appliance

Legitimate e-mail

includes dynamic host reputation filtering technology that helps stop spam before it ever reaches your system. Leveraging sophisticated IBM research that identifies where spam is likely to originate, this technology complements the ZLA module by Figure 1. The Lotus Protector for Mail Security software appliance filters out spam before it even reaches your network, helping save valuable bandwidth.

analyzing the source IP address of incoming e-mail, making a mathematical judgment about whether or not the source of the e-mail is reliable. When e-mail is deemed to be coming from an unreliable source, the connection is dropped before the e-mail is delivered. Like the innovative ZLA technology, reputation filtering can help reduce the system load associated with managing spam, freeing the content analysis modules to apply their multilayered filtering approach and achieving unrivaled efficacy against threats.


Spam collectors

Global Data Center

Spam Learn



Sender/recipient Sales Logistics Mr. Schmitt

Time frame All the time 9 a.m. to 5 p.m. 8 p.m. to 5 a.m.

Rule Your business

Global filter database

Continuous updates

Analysis modules


Sensors Confidential MP3/JPG Pornography

Responses Block Allow Send to

Figure 2. The Lotus Protector for Mail Security software appliance receives updates from the IBM ISS Global Data Center eight times per day to help you respond to changing spam tactics and threats.

Figure 3. You can develop spam filtering rules that fit your organization’s policies and tailor those rules to specific users.

Ninety-five billion identified spam sources — and growing At the IBM ISS Global Data Center, IBM maintains a security

Rules configuration helps improve ease of use, lessening the burden on administrative staff

database containing more than 95 billion evaluated Web pages

Granular policy control includes simple rules-based policy

and relevant spam signatures to date. IBM operates spam col-

creation — enabling you to take action based on factors such as

lectors worldwide using e-mail accounts known as “honey pots,”

who, what and when — and more than 10 different customizable

which receive millions of confirmed spam e-mails every day.

action types, such as modifications and notifications. Policies

Data gathered from these messages is fed into the Global Data

can be applied globally, by user group or by individual user, so

Center, increasing the efficiency of spam filtering.

changes made in the Lotus Domino Directory database flow automatically to the associated content control policies. Plus,

More than just spam prevention — comprehensive inbound and outbound content control

the Lotus Protector for Mail Security software appliance supports lightweight directory access protocol (LDAP), including

Lotus Protector for Mail Security technology analysis modules

Lotus Domino and Microsoft® Active Directory technologies.

work for outbound as well as inbound e-mail, enabling you to define policies or tailor modules to help meet legal and regulatory compliance for data. Messages can also be scanned for offensive words, customizable keywords and attachment types — and specialized analysis capabilities help prevent sensitive information such as Social Security and credit card numbers from leaving your network. In addition, the phishing module provides a separate, multithreaded analysis technique to protect your employees against e-mail messages that target their personal information.


Helps keep you ahead of threats

Many spammers direct spam at a particular domain simply by

Beyond spam control, the Lotus Protector for Mail Security

guessing at user names or naming conventions. Recipient veri-

software appliance is equipped with advanced protection

fication technology helps minimize the effects of this practice

technologies to provide security features that are ahead of

by confirming that the specific user name to which each e-mail

the threat. With the award-winning IBM Proventia ® Network

is addressed actually exists — before accepting the message.

Intrusion Prevention System (IPS) engine and IBM Virtual

Any message that is addressed to an unknown recipient is

Patch technology, the application supports the vital security

rejected before the connection is accepted, helping save valu-

features necessary in today’s IT environments.

able bandwidth.

An extra level of protection between your company and external contacts

The queuing mechanism is designed to provide multiple levels

Support for the transport layer security (TLS) protocol enables

application has two predefined thresholds for its unchecked

you to automatically encrypt e-mails between your company and

queue, which begins to grow during a denial-of-service attack.

trusted partners and suppliers. By establishing mutual public cer-

When the total number of messages in the unchecked queue

tificates on your server, you can make sure that communication

reaches the first threshold, the application begins throttling new

between your company and these organizations is protected. The

simple mail transfer protocol (SMTP) connections based on a

message transport agent at the edge of your network automati-

predefined period of time. When the number of messages in the

cally encrypts e-mails to and from such organizations—providing

unchecked queue reaches the second threshold, all new SMTP

a seamless user experience.

connections are answered with a “temporarily not available”


of protection against spam-based denial-of-service attacks. The

message and asked to try again later, based on SMTP standard

Defense against zero-day attacks

protocols. Typical spam bots can’t handle this type of rejection

Lotus Protector for Mail Security software appliance recipient veri-

and will fail at this point, whereas valid SMTP servers will try

fication technology and its queuing mechanism help protect your

again after a predefined period of time.

mail server from zero-day attacks, including denial-of-service and directory harvest attacks. And a special Lotus Domino integration

Real-time, multilayered antivirus protection

keys off of “short name” fields, so even the powerful and flexible

The Lotus Protector for Mail Security software appliance includes

Lotus Domino addressing translation system is supported.

a remote malware detection and zero-hour virus prevention service, which is automatically distributed to your application via continuous signature updates to the filter database. In addition, behavioral genotype and signature antivirus technologies take action against suspicious code even before a virus signature is available. This technology analyzes both incoming and outgoing e-mail in parallel with the application’s antispam features.


All Lotus Protector offerings are designed to easily integrate with your existing Lotus Domino user and security frameworks, presenting a seamless experience for users — and simplifying overall administration for you. Intelligent management options for ease of use

A unified platform to address your security challenges

The Lotus Protector for Mail Security software appliance provides

Create a unified platform to mitigate your security challenges. Find

a number of intelligent management options that can be tailored

out more about how the Lotus Protector for Mail Security software

to your organization’s unique network environment. It includes:

appliance can help resolve messaging security headaches and improve your security posture against tomorrow’s threats, as part

• A stand-alone, security-rich, Web-based local management

of the dynamic Lotus Protector platform. Designed specifically for

interface. The interface provides easy access to security and

the Lotus Domino environment, the application tightly integrates

antispam policies.

with the Lotus Domino platform, simplifying administration of your

• Standard or customized reports. Standard, centralized

messaging environment.

reports provide valuable insights, such as identifying which spammers present the biggest challenge to the messaging

System requirements focused on flexibility

infrastructure. You can also create customized reports for additional flexibility.

Lotus Protector for Mail Security software appliance is available

• Clustering for centralized management.2 Because a

as a per-user software license with flexible deployment options.

separate management console isn’t required, you can easily

It’s packaged as a software appliance model, with an integrated

manage multiple servers through one appliance. In fact, Lotus

Linux® operating system and the application software. It’s certified

Protector for Mail Security technology provides access to all

to run on high-quality, cost-effective IBM System x® hardware

quarantined messages and tracking information through the

or VMware systems. Unlike some competitive offerings that

appliance you designate as the central appliance, regardless

require proprietary hardware systems, the Lotus Protector for

of where the traffic initially entered the network.

Mail Security software appliance puts you in control, allowing you to choose the off-the-shelf hardware that perfectly meets your throughput requirements — and your budget. And because it’s a per-user license, you can deploy as many server instances as necessary, without additional Lotus Protector for Mail Security costs. For full, detailed system requirements, please visit: ibm.com/software/lotus/products/protector/mailsecurity/ systemrequirements.html


© Copyright IBM Corporation 2009 Lotus Software IBM Software Group One Rogers Street Cambridge, MA 02142 U.S.A.

Accelerate the time to value of your software investment IBM Software Services for Lotus and select IBM Business Partners can help you better understand your technology options and how to leverage Lotus collaboration solutions to potentially lower your IT total cost of ownership and increase your organization’s productivity. Find out more about the technical consulting, training and Software Accelerated Value Program services available to help you accelerate your success with IBM technology. For more information, go to: ibm.com/software/lotus/services

For more information To access a no-cost, 90-day-trial edition of the Lotus Protector for Mail Security 2.5 software appliance or to get more information, contact your IBM sales representative or visit: ibm.com/software/lotus/products/protector/mailsecurity

Produced in the United States of America December 2009 All Rights Reserved IBM, the IBM logo, ibm.com, Lotus, Domino, Lotus Notes, and Notes are registered trademarks of International Business Machines Corporation in the United States, other countries or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™ ), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Microsoft is a trademark of Microsoft Corporation in the United States, other countries, or both. Other company, product, or service names may be trademarks or service marks of others. References in this publication to IBM products or services do not imply that IBM intends to make them available in all countries in which IBM operates. The information contained in this documentation is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained in this documentation, it is provided “as is” without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this documentation or any other documentation. Nothing contained in this documentation is intended to, nor shall have the effect of, creating any warranties or representations from IBM (or its suppliers or licensors), or altering the terms and conditions of the applicable license agreement governing the use of IBM software. IBM customers are responsible for ensuring their own compliance with legal requirements. It is the customer’s sole responsibility to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer’s business and any actions the customer may need to take to comply with such laws. 1 These statements represent current IBM plans and directions, which are subject to change without notice. 2 Available only in the MS3004LP. Clustering does not imply high availability.