Printer Friendly
The Free Library
14,716,216 articles and books
Member login
User name  
Password 
 
Join us Forgot password?

Secure edge messaging appliances with embedded LDAP maximize email protection.


Jun 11, 2007 at 04:36 PM

It's no wonder that email is such a big thorn in IT's side. Mail volume doubles every six to nine months; an astonishing a·ston·ish  
tr.v. as·ton·ished, as·ton·ish·ing, as·ton·ish·es
To fill with sudden wonder or amazement. See Synonyms at surprise.  80-90 percent of it unwanted and/or abusive. Four hundred and fifty new viruses attack companies every month. Eighty-five percent of abusive mail is sent by a zombie computer This article is about computers that have been compromised by malware. For other meanings, see Zombie (disambiguation).

A zombie computer (often abbreviated zombie , with 500,000 new zombies Zombies

Companies that continue to operate even though they are insolvent. Also known as living dead.

Notes:
It's advisable to avoid investing in zombies at all costs their life expectancies are highly unpredictable.  launched daily according to according to
prep.
1. As stated or indicated by; on the authority of: according to historians.

2. In keeping with: according to instructions.

3.  Commtouch. Directory Harvest Attacks A method spammers use to obtain valid e-mail addresses. Random names are generated and sent out to valid domains. If an undeliverable message does not return, the name is assumed to be genuine.  (DHAs), meanwhile, are increasing by as much as 30 percent annually. Not surprisingly, managing email and email security is getting more complex and more costly. Or is it?

The typical organization uses messaging software that runs on dedicated servers. In companies that use anti-virus and anti-spam software, IT managers often spend hours or days trying to get email server See mail server.  and email security software to work together. Upgrades are incremental and expensive and can cause server-to-server and other incompatibilities that disrupt email service See Internet e-mail service. . To continue protecting the growing message volume, companies must add new servers regularly in a virtually endless cycle of budget-and-build.

More importantly perhaps, standalone email security taxes bandwidth and does not provide adequate protection. Typically, email security is architected as a separate layer in front of the messaging firewall. While this method simplifies deployment, it often requires additional connections through the firewall, which can burden the messaging infrastructure with unanticipated load and vulnerabilities. In this architecture, recipient validation and per-recipient policy enforcement requires reaching through the firewall to directly query the corporate directory. Thus a breach in email security would leave organizations vulnerable to theft of user IDs and passwords and even HR and financial data.

Every surge in email traffic from spam or virus attacks places load demands on the corporate firewall and corporate directory. This in turn causes a loss in quality of service of the corporate network and mission-critical applications that depend on the corporate directory. In the worst case, if the directory is not sized to handle email traffic spikes, a spam attack could halt user access to valuable internal applications such as a CRM (Customer Relationship Management) An integrated information system that is used to plan, schedule and control the presales and postsales activities in an organization.  program.

To maintain quality of service, companies must continually add capacity to the corporate directory, firewall and other network components to accommodate the ever-increasing volume of spam. Or they can find an alternative architecture.

[FIGURE 1 OMITTED]

Integrated Protection at the Edge

According to IDC ("Messaging Solutions with 'Baked In' Security Delivers for IT and Messaging Users"), appliances that integrate messaging and security make better sense. A secure appliance is inexpensive, requires minimal administration, and blocks up to 80 percent of unwanted email at the firewall, reserving network bandwidth for email you do want. All essential messaging and security features are combined in a single box-from antivirus and anti-spam protection to integrated LDAP (Lightweight Directory Access Protocol) A protocol used to access a directory listing. LDAP support is implemented in Web browsers and e-mail programs, which can query an LDAP-compliant directory.  for recipient verification at the edge, to reputation filtering and user policy controls. Finally, appliance system upgrades can be made locally without removing the appliance, with no risk of incompatibility because security and messaging features reside on one platform.

Reputation filters add another layer of protection. Most reputation filters are a global one-size-fits-all, allowing for little or no customization to bar unwanted traffic from entering the network. But many organizations find these static filters impractical. Flexible reputation filters, on the other hand, not only take into account the sender's reputation, but also the recipient's level of sensitivity to missing a legitimate message that may have come from a sender with a bad reputation.

Flexible-reputation filters based on SMTP (Simple Mail Transfer Protocol) The standard e-mail protocol on the Internet and part of the TCP/IP protocol suite, as defined by IETF RFC 2821. SMTP defines the message format and the message transfer agent (MTA), which stores and forwards the mail.  etiquette and RFC (Request For Comments) A document that describes the specifications for a recommended technology. Although the word "request" is in the title, if the specification is ratified, it becomes a standards document.  compliance are uniquely effective at blocking zombies and other sources of spam because they can block new abusers with no reputation history. It also provides a clear path for legitimate senders.

Spammers and hackers will continue finding new, more devious ways to use email to wreak wreak  
tr.v. wreaked, wreak·ing, wreaks
1. To inflict (vengeance or punishment) upon a person.

2. To express or gratify (anger, malevolence, or resentment); vent.

3.  havoc on corporations. A secure messaging appliance with an embedded LDAP server and flexible reputation filters at the network edge is our best defense.

Mike Dodson is the director of security strategy for Mirapoint. To access the IDC whitepaper, "Messaging Solutions with 'Baked In' Security Delivers for IT and Messaging Users," visit Mirapoint's Web site at http://www.mirapoint.com/idc.
COPYRIGHT 2007 West World Productions, Inc.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2007, Gale Group. All rights reserved.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Author:Dodson, Mike
Publication:Computer Technology Review
Date:Mar 22, 2007
Words:684
Previous Article:What is SCSI-based protection information and why should you care?
Next Article:An effective SME disaster recovery strategy for branch offices.
Topics:



Related Articles
A VIEW FROM THE TOP COME ON UP - FOR MAKING THE SCENE THESE VENUES SET THE BAR VERY HIGH.(LA.COM)
Media temple finds a way to keep web traffic flowing: hosting company's interlocked servers deal with 'spikes.'.(INTERNET)
Calendar.(Data Bank)(Calendar)
Bankruptcies.(Data Bank)
An overview of continuous data protection.
Alleviating high storage costs while complying with e-Discovery laws.
eDiscovery for structured data.(Electronic discovery)
Achieving PCI compliance with storage security systems.
Managing data at the edge: taming the 'wild frontier' of remote or branch office data.
A safer mobile email.(NOTABLE)

Terms of use | Copyright © 2009 Farlex, Inc. | Feedback | For webmasters | Submit articles