Securing E-mail
description
Transcript of Securing E-mail
![Page 1: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/1.jpg)
TM
Securing E-mail
The BorderWare Mail Gateway
![Page 2: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/2.jpg)
TM
Confusion over E-mail Security
“I don’t know why we got hit, ….we have a Firewall”
Quote from a well-known Far East Financial Institution in the wake of the I Love You Virus
![Page 3: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/3.jpg)
TM
Hacker launched Anna bug 'as a warning'
A young Dutchman confessed yesterday to having engineered the Anna Kournikova computer virus that brought chaos to millions of machines around the world this week, saying he believed that the Russian tennis star deserved the extra attention.
![Page 4: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/4.jpg)
TM
Problems with Standard Firewall Configuration
• Internal Mail Server is open to:– Break-ins and denial
of service attacks– Mail flooding– Mail relay abuse– Virus and Trojan
Horse Attacks– Spam E-mail
• Standard Firewalls do not provide:– Protection for
internal mail server(s)
– Mail routing capability
– Secure Remote access to e-mail
![Page 5: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/5.jpg)
TM
S.A.F.E.R. Security Bulletin 10123.EXP.1.10
TITLE : Buffer overflow in Lotus Domino SMTP Server DATE : January 23, 2001 NATURE : Remote execution of code, Denial-of-Service AFFECTED : Lotus Notes/Domino 5 (up to and including 5.05)
![Page 6: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/6.jpg)
TM
Simple Mail Transport Protocol, the root of the problem
• SMTP, defined in 1983 as the Internet Mail Transport Protocol
• RFC 821
• Based on an “open” and “co-operative” model
![Page 7: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/7.jpg)
TM
Implementing SMTP
Inputs
Local Mailboxes,Other SMTPServers
AddressProcessing (aliases etc)
Local
Internet(SMTP)
Usenet(UUCP)
Delivery
Outputs
![Page 8: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/8.jpg)
TM
Implementing SMTP
• SMTP’s Architecture and design philosophy has lead to implementations that lack:– Privacy and security for Mail Transport– Authentication of sender/recipient– Message authenticity checks– Relay controls
![Page 9: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/9.jpg)
TM
Limitations of Most Firewalls
• Firewalls are defensive
• Work by keeping unauthorised and Hostile users out of protected network
• The “perfect Firewall” is incompatible with a working E-mail Service
Perimeter Firewall
External(Internet)
Internal(Corporate LAN)
Controlled Access Outbound
No Access Inbound
![Page 10: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/10.jpg)
TM
The Standard E-mail Configuration
• Most Firewalls provide no real facilities for E-mail
• Forced to open a connection path through the Firewall
• Serious Security Risk!
Perimeter Firewall
External(Internet)
Internal(Corporate LAN)
E-MailServer
![Page 11: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/11.jpg)
TM
The BorderWare Mail Gateway
• Protects E-mail servers • Provides added value facilities to
maximise return on investment in E-mail Services
• Provides Unified Mailbox with future plans for integration with Wireless Services
• Includes S-Core secure operating system for maximum security and fast deployment
![Page 12: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/12.jpg)
TM
Deploying The Mail Gateway
• Recommended configuration for maximum security
• Alternate configuration
Perimeter Firewall
E-MailServer
Mail Gateway
Perimeter Firewall
E-MailServer
Mail Gateway
![Page 13: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/13.jpg)
TM
Store and Forward Relay
• Mail Gateway’s security derives from a store and forward relay
• No direct connections through the Gateway
• Inbound and outbound delivery is a two stage process
![Page 14: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/14.jpg)
TM
Store and Forward Relay
Perimeter Firewall
E-MailServer
Mail Gateway
• No inbound or outbound connections permitted through gateway
• Message stored in mail queue
• Securely delivered to protected mail server
• Inbound message received by Gateway
![Page 15: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/15.jpg)
TM
Mail Gateway Processing and Protecting E-mail
• Mail routing for multiple servers
• Controlling E-mail relay
• Controlling unsolicited E-mail
• Controlling Mail Attachments
• Anti-virus controls• Secure Remote
access to e-mail
![Page 16: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/16.jpg)
TM
Mail Routing
• Mail Gateway provides a central point for controlling distribution of mail
• Optional mapping to internal addresses
ExchangeServer
Mail Gateway
GroupwiseServer
NotesServer
Remote Location
![Page 17: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/17.jpg)
TM
The Dangers of Mail Relay
• Most Mail Servers will accept mail for any domain and attempt to deliver it
• This facility abused by sender’s of unsolicited e-mail (Spam)
Perimeter Firewall
E-MailServer
From: spammerTo: 1,000 addressesSubject: Get Rich Quick
1,000 MessagesOut
One Message In
![Page 18: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/18.jpg)
TM
Dangers of Mail Relay
• ORBS (Open Relay Behaviour Modification system) black list of “open relays”
• If your site is listed many servers will reject all mail
• Affects legitimate mail and Spam
![Page 19: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/19.jpg)
TM
Defending against Mail Relay
• BorderWare Mail Gateway accepts only mail for local domains
• Passes all the ORBS tests (http://www.orbs.org)
![Page 20: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/20.jpg)
TM
Problems with unsolicited E-mail
• Your organisation can become a target for Spam
• Unwanted e-mail:– Wastes employee time– Wastes network bandwidth– Can fill mailboxes, preventing delivery of
legitimate messages– Is irritating!
![Page 21: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/21.jpg)
TM
Defending Against Spam
• BorderWare Mail Gateway stops Spam by– Using the Real-Time Black Lists (
http://maps.vix.com) to reject Spam– Customised Filters
From: [email protected]: [email protected]: [x] Play Free With Our Casino Sign-up Bonus
![Page 22: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/22.jpg)
TM
Problems with Mail Attachments
• Viruses and Trojan Horses– the I Love You Virus was propagated as an
attachment
• Breach of confidentiality– Accidental or deliberate mailing of
confidential information
![Page 23: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/23.jpg)
TM
Controlling Mail Attachments
• BorderWare Mail Gateway Filters on name
• “*.vbs” blocks all Visual Basic Scripts (would block Love Virus)
• Choice of actions on matched messages– Strip attachment, log, discard message,
send e-mail alert
![Page 24: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/24.jpg)
TM
Anti-Virus Controls
• Mail Gateway supports Trend’s Interscan Virus Wall technology as an additional cost option
• Scans all mail and attachments for– Viruses, Macro Viruses, Trojan Horses– Messages cleaned, logged, or rejected
![Page 25: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/25.jpg)
TM
Remote Access to E-mail
• Growing need as E-mail becomes primary method of communication
• Access required from:– Branch Offices– Home Workers– Travelling employees
![Page 26: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/26.jpg)
TM
3rd Party Mail Server for Remote Access
• E-mail re-directed to external 3rd Party Server
• Users access that server
• Confidential information stored on 3rd party system
Perimeter Firewall
E-MailServer
Internet
HotmailRemote E-mailAccess
![Page 27: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/27.jpg)
TM
Mail Gateway Solution
• BorderPost™ brings flexibility of hotmail to corporate mail servers
• Works with internal servers and Mail Gateway hosted mailboxes
• High level of security• No storage of messages on
3rd party systems• No need for Separate VPN
ExchangeServer
Mail Gateway
GroupwiseServer
NotesServer
Authenticated,Encrypted, Browser access
![Page 28: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/28.jpg)
TM
![Page 29: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/29.jpg)
TM
Positioning the Mail Gateway
• Designed to provide– Protection for E-mail Server(s)– Secured Mail Delivery service– Virus screening– Unsolicited E-mail Controls– Secure Remote Access– Some content filtering
• Focus on E-mail Security
![Page 30: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/30.jpg)
TM
E-Mail Security Products -- Positioning
Audit and
Archive
E-mailVPN
ContentFilter
VirusChecks
SPAMControl
ServerSecurity
MailRouting
RemoteAccess
BorderWare Mail Gateway
Tumbleweed (WSS)
Sendmail
Consus
MailGuard
E-m
ail S
ecur
ity
E-m
ail C
ontr
ol
BorderWare Mail Gateway
![Page 31: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/31.jpg)
TM
Mail Gateway Throughput
• High throughput essential for corporate mail server applications
• Mail Gateway benchmarked at over 1,000,000 messages per day– Server hardware: Intel ISP 1100, P III 750
Mhz, 128 Mbytes RAM– Benchmark described in “Mail Gateway
Performance Tests”
![Page 32: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/32.jpg)
TM
Mail Gateway Throughput
0.00
200,000.00
400,000.00
600,000.00
800,000.00
1,000,000.00
1,200,000.00
Low Medium High
Server Spec
Mes
sag
es/D
ay
Servers:Low, Pentium Pro 200 Mhz, 32 Mbytes RAMMedium, P II 450 Mhz, 64 Mbytes RAMHigh, P III 750 Mhz, 128 Mbytes RAM
![Page 33: Securing E-mail](https://reader036.fdocuments.in/reader036/viewer/2022081519/568144a2550346895db1650f/html5/thumbnails/33.jpg)
TM
BorderWare Mail Gateway Summary
• Complete Easy to manage e-mail security solution
• Runs on S-Core Secure Operating System
• Unified Mailbox for remote access with future extension to wireless access