Panda Cloud Email Protection



Similar documents
European developer & provider ensuring data protection User console: Simile Fingerprint Filter Policies and content filtering rules

eprism Security Appliance 6.0 Intercept Anti-Spam Quick Start Guide

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

Deploying Layered Security. What is Layered Security?

PANDA CLOUD PROTECTION / Administrator s Manual / 1

anomaly, thus reported to our central servers.

Eiteasy s Enterprise Filter

V1.4. Spambrella Continuity SaaS. August 2

Why Spamhaus is Your Best Approach to Fighting Spam

Comprehensive Filtering: Barracuda Spam Firewall Safeguards Legitimate

Deployment Guides. Help Documentation

PineApp Anti IP Blacklisting

Precis Overview - The Threat

Quick Start Policy Patrol Mail Security 10

COMBATING SPAM. Best Practices OVERVIEW. White Paper. March 2007

Cisco Cloud Security Interoperability with Microsoft Office 365

How ISP ihouseweb Inc eradicated spam with SpamTitan

ContentCatcher. Voyant Strategies. Best Practice for Gateway Security and Enterprise-class Spam Filtering

PANDA CLOUD PROTECTION User Manual 1

Intercept Anti-Spam Quick Start Guide

English Translation of SecurityGateway for Exchange/SMTP Servers

Collax Mail Server. Howto. This howto describes the setup of a Collax server as mail server.

Mailwall Remote Features Tour Datasheet

Solutions IT Ltd Virus and Antispam filtering solutions

AntiSpam QuickStart Guide

Purchase College Barracuda Anti-Spam Firewall User s Guide

Anti Spam Best Practices

Quick Heal Exchange Protection 4.0

The Leading Security Suites

Trend Micro Hosted Security Stop Spam. Save Time.

isheriff CLOUD SECURITY

GFI Product Manual. Administration and Configuration Manual

Quarantined Messages 5 What are quarantined messages? 5 What username and password do I use to access my quarantined messages? 5

How does the Excalibur Technology SPAM & Virus Protection System work?

FILTERING FAQ

Comprehensive Filtering. Whitepaper

Mail Services. Easy-to-manage Internet mail solutions featuring best-in-class open source technologies. Features

GFI Product Comparison. GFI MailEssentials vs Barracuda Spam Firewall

Administrator Quick Start Guide

Quick Start Policy Patrol Spam Filter 9

How To Protect Your From Spam On A Barracuda Spam And Virus Firewall

What makes Panda Cloud Protection different? Is it secure? How messages are classified... 5

SonicWALL Security Quick Start Guide. Version 4.6

ModusMail Software Instructions.

Collateral Damage. Consequences of Spam and Virus Filtering for the System. Peter Eisentraut 22C3. credativ GmbH.

USER S MANUAL Cloud Firewall Cloud & Web Security

SPAM FILTER Service Data Sheet

System Compatibility. Enhancements. Operating Systems. Hardware Requirements. Security

Features and benefits guide for partners and their customers

Cloud & Web Security. Administrator Quick Start Guide

BUILT FOR YOU. Contents. Cloudmore Exchange

Barracuda Spam Firewall

Technical Note. FORTIMAIL Configuration For Enterprise Deployment. Rev 2.1

Trend Micro Hosted Security Stop Spam. Save Time.

Office 365 Exchange Online Protection Administration Guide

Barracuda Security Service

Avira Managed Security AMES FAQ.

What is a Mail Gateway?... 1 Mail Gateway Setup Peering... 3 Domain Forwarding... 4 External Address Verification... 4

Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

Security. Help Documentation

Quick Start Policy Patrol Mail Security 9

Trend Micro Hosted Security. Best Practice Guide

XGENPLUS SECURITY FEATURES...

Anti-Phishing Best Practices for ISPs and Mailbox Providers

Domains Help Documentation This document was auto-created from web content and is subject to change at any time. Copyright (c) 2016 SmarterTools Inc.

ESET Mail Security 4. User Guide. for Microsoft Exchange Server. Microsoft Windows 2000 / 2003 / 2008

Anti Spam Best Practices

AVG AntiVirus. How does this benefit you?

Cloud Services. Anti-Spam. Admin Guide

Installing GFI MailEssentials

Commtouch RPD Technology. Network Based Protection Against -Borne Threats

FortiMail Filtering Course 221-v2.0. Course Overview. Course Objectives

PART D NETWORK SERVICES

Do you need to... Do you need to...

AntiSpam. Administrator Guide and Spam Manager Deployment Guide

Green House Data Spam Firewall Administrator Guide

eprism Security Suite

Barracuda Security Service User Guide

SPAMfighter Mail Gateway

SPAMfighter SMTP Anti Spam Server

Data Sheet: Messaging Security Symantec Brightmail Gateway Award-winning messaging security for inbound protection and outbound control

Symantec Protection Suite Add-On for Hosted and Web Security

When Reputation is Not Enough: Barracuda Spam & Virus Firewall Predictive Sender Profiling

When Reputation is Not Enough. Barracuda Security Gateway s Predictive Sender Profiling. White Paper

Migration Project Plan for Cisco Cloud Security

Transcription:

Panda Cloud Email Protection 1. Introduction a) What is spam? Spam is the term used to describe unsolicited messages or messages sent from unknown senders. They are usually sent in large (even massive) quantities and used with advertising aims, negatively affecting recipients in a number of ways. b) Social and economic impact of spam on businesses The analysis of the consequences of spam on organizations is based on its effects. In many cases, these effects are analyzed in purely qualitative and not economic terms. Thus, spam wastes people s time, damages reputations, takes up bandwidth and storage space, causes service outage, etc. As for its economic impact, it is worth noting the absence of reliable information or studies with reliable figures. Calculating the economic losses caused by spam is not an easy task, due to the many variables involved. The economic impact on companies from time wasted deleting spam and the employee opportunity costs will vary greatly depending on the relevant wages, productivity, hierarchical dependencies, etc., and will lead to different estimates. c) Anti spam policies The spam problem is the result of a conflict of interest. On one hand, spammers are looking to profit from a highly economical and effective, although ethically questionable, advertising scheme. On the other, end users have to sift through a mountain of junk mail every day, wasting very valuable time. The problem will disappear when the spam business ceases to be as profitable as it is today or it doesn t have so negative effects on companies and individuals. However, none of these things seem likely to happen in the near future. Nevertheless, there are certain measures that can help mitigate the problem: Preventive measures: Aimed at preventing spam at its source to completely eradicate it. This can be done in two ways: educating users or enforcing anti spam laws. Reactive measures: Aimed at identifying spam messages once they enter email servers. These measures solve the problem only partially, as there still is resource, process and memory consumption. Proactive measures: Aimed at preventing spam from spreading. They try to identify spammers instead of spam messages. These techniques are generally highly effective, although they involve continuous monitoring and intervention from system administrators to not miss any information. The most common techniques include reputation lists, fingerprinting, grey listing, etc. Finally, you must determine the number of affected workers. This will include those who use a computer and email in their work. As can be seen, the wide variety of factors involved determines that all calculations of the economic impact of spam on organizations are based on estimates and statistical predictions. Most studies conclude that the economic impact of spam is mostly due to: Staff productivity loss due to time spent handling junk mail. Investment in new technology infrastructures to increase the existing bandwidth, storage and backup capabilities. Investment in skilled technicians. Investment in anti spam tools (and their updates). Loss of important information d) Threats and solutions At corporate and social level One of the major concerns is botnets and corporate information leaks. Is it really so easy for an attacker to hack into someone else s bank account? Almost everyone knows someone who has been a victim of phishing, but public confidence in banking institutions hasn t been affected. Banks employ expert information security personnel and invest heavily in security measures, but user education continues to be the best weapon to fight phishing and online scams.

In addition to this, attackers are increasingly employing zombie computers both personal and corporate to access and steal information, for example in industrial espionage attacks. At technical level Malware infections that can render the email system useless. Resource consumption: Companies require more powerful computers and more bandwidth to manage email messages. Security compromises: Spam is used to spread malware and launch different types of attacks on systems, users and institutions. Interoperability errors: Using non standard solutions to fight spam can have a negative impact on the email service, interrupting user communication just as spam would. 2. Panda Cloud Email Protection: Your email firewall a) Email security solution Over 95 percent of the emails received by companies every day contain spam or malware. Spam is not only a distraction, it reduces productivity, that s why businesses need to be able to manage it and keep it under control. The challenge for IT departments is essentially to ensure maximum availability, while providing complete protection against all types of threats: spam, viruses, phishing, etc. Our cloud based security solution not only detects and blocks these threats, but it also filters out all types of dangerous files such as worms, Trojans, dialers, jokes, etc. b) Dynamic multilayer system that combines different filters and protection mechanisms Our monitoring and control laboratory is continuously testing and fine tuning our filters to keep email free of security threats and ensure maximum performance at all times. Our goal is to provide administrators and users with the best email filtering system, eliminating the frustrating and stressful time they have to spend deleting spam messages from their inbox. We use sophisticated proprietary technologies (predictive analytics) as well as improved standard technologies (RBLs, Bayesian networks, whitelists and blacklists, grey listing, etc.), instantly deployed to our customers networks. In addition, we work with some of the best anti spam technology providers in the world, ensuring maximum effectiveness at all times. Through the combination of the most advanced technologies on the market, Panda Security reduces the traffic load on customers email servers, eliminating spam and malware so that the end server only has to process legitimate email, which in many cases totals less than 5 percent of all messages received. c) Global control, management and administration Offering maximum availability for corporate mailboxes and protecting them against threats in their environment is the goal of our security solutions. The solution can be controlled and monitored through different administration consoles available to different types of user profiles (company administrator, domain administrator). End users can be granted access to certain aspects of the configuration, and to their respective valid email and spam folders, through the Web and through a small Notifier application installed on their own computers. All of these administration consoles are accessed securely (via SSL), and email is sent and received automatically using TLS where supported by source and target servers. d) Dashboard and extensive reporting The dashboard provides a dynamic view of system status and filtering activity for various timeframes. The graphs show, intuitively, the total volume of processed emails and identified threats, sub divided into message categories and malware types, respectively. In addition, summary tables are presented with numerical data for both incoming and outgoing mail. The information displayed is as follows: Inbound and outbound email traffic. Quantity and type of messages received for different timeframes (last 30 days, today and last hour). Subscription status (license start date, license expiration date, number of licenses available and consumed).

This version incorporates a reporting engine, available for company and domain administrators, which provides filtering information for both incoming and outgoing mail. Administrators can schedule the sending of different reports, and set a number of parameters for each report type, including: List of domains on which information should be generated Type of traffic (incoming or outgoing) Filtering categories Frequency (daily, weekly or monthly) Types of graphs Recipients to whom the report will be sent Enable/disable reports for sending 3. Technologies Internal labs Internal laboratory that is constantly monitoring the evolution of spam to keep corporate mailboxes protected from the threats of junk mail. Our laboratory is continually investigating malware attacks to implement the necessary technical improvements in our filters. Intelligence database updating Proactive system with dynamic updates that update spam filters in real time. Predictive analytics Panda Cloud Email Protection s proprietary technologies will turn your email into a safe, easily managed tool FULLY protected against all kinds of external threats. Its multi layered filters ensure maximum efficiency (100 percent spam free mail in Guaranteed mode), neutralizing most spam messages and processing only valid emails. 4. Filtering and SDA Architecture a) Filtering technology The following diagram illustrates the general architecture of the current filtering system:

Spam filtering Whitelists and blacklists Unlike other filtering systems, Panda Security can apply IP whitelists and blacklists before any other filters. This ensures that customers receive emails from specific servers despite these servers may have been listed as having bad reputation. These lists can be enforced at different levels. The most restrictive one is applied at IP level by the company administrator from their Web console. In this case, any IP address listed in a blacklist or whitelist will be rejected or accepted regardless of other connection filters. IP reputation. The second filtering layer corresponds to IP reputation and RBLs. This technology categorizes and filters incoming email based on the reputation of the source server. This system can detect between 80 to 95 percent of spam. This not only drastically reduces the amount of spam, but also does it as efficiently as possibly by closing the connection with the spammer before email is received. Spammers detect that their mail is being rejected and bear this in mind in the future when trying to target weakly protected domains. To eliminate false positives, Panda Cloud Email Protection will not reject any message that does not appear, at least, in two of the six RBLs consulted. If the message does appear in at least two RBLs, it will be marked as spam. Domain or address whitelists/blacklists Company and domain administrators, as well as users themselves from their own consoles, can enter trusted addresses and domains to prevent valid mail from being filtered (false positives). Trusted lists Trusted lists are compiled automatically with the valid email addresses of the messages received by users. These lists are personal and are generated through a Panda algorithm. They help prevent false positives without users having to intervene at any moment. From the control panel, users can consult and edit the lists at both domain and individual user level. Antivirus filtering Virus scanning is applied to all emails that enter the system, regardless of whether they are considered valid or spam. At present, Panda Cloud Email Protection applies its default antivirus, although it is possible to perform multilayered filtering with other antivirus programs if requested on contracting the solution. The antivirus is constantly updated automatically. But it is possible to disable it from the Web administration console for all domains or only for some of them. SPF The Sender Policy Framework (SPF) ensures that the servers from which Panda Cloud Email Protection receives email are authorized to send email to certain domains. This technique, which is applied by default to all email, prevents email sender spoofing. SPF must be configured correctly in the source servers and verified prior to activation by our technicians to avoid false positives. If an SPF record is configured on the sender s DNS server and the sending mail servers IP address does not exist in the corresponding SPF record, the message will be immediately rejected. Sender domain validation This validation checks the existence of MX records in the sender domains. If they do not exist, they cannot receive email and therefore should not be able to send it either. This test is designed to remove spam sent from non existent domains. Recipient validation This checks the existence of the recipient to eliminate spam sent to non existent accounts. This check will be made depending on the SMTP user authentication method or against LDAP. Greylisting Emails are categorized according to the probability of them being valid. If the score they receive does not ensure that the source is legitimate, greylisting can be applied, which involves sending a temporary error to

the source server. If the server is sending spam, it will not normally repeat the attempt, whereas if the email is valid, the server is obliged (if it is properly configured) to retry after a certain amount of time. This is an initial test which is applied by default to filtering under certain connection conditions. Delay Emails are scored according to the probability of them being valid. When the score they receive does not allow confirmation that the email is valid, a delay can be applied in the connection with the sender server. If it is a spam server, it will not want to waste time and the connection will be shut down in order to try with other servers. Rules engine The content filters for inbound and outbound email apply the policies configured by the administrator either globally or by domain. These filters are a collection of rules made up of multiple conditions and the relevant actions. The following fields are available to define filtering rules: To, From, Subject, Body, Attachment, CCO, Maximum number of recipients, even the receipt dates of emails. As for the available actions, it is possible to remove attachments from emails, mark emails as Spam or Valid, move an email to the Deleted Items folder, and forward or send a copy of an email to another recipient. In the event of selecting MIME attachment, the engine will determine the MIME type of the attachment. Keep in mind that the "Remove attachments" option will modify the email content, and this can affect those signed using PGP or X.509, making them non valid. b) Scalable & Distributed Architecture (SDA) Panda Cloud Email Protection s fully scalable and distributed architecture allows its different components to be distributed across different layers, which can be installed on different physical or virtual machines or even deployed with high availability to data centers in different parts of the world. 5. Filtering modes Automatic filtering OpenSource technologies are used, including Bayesian filters, DNS tests and queries to external databases. More than 600 rules are applied to ensure maximum efficacy. Through a proprietary technique, the system's rules and tests are adjusted continuously to ensure optimum performance, adapting to the specific needs of users, maximizing the efficiency of the anti spam system and preventing false positives. It does this without requiring intervention from users. Some of the checks that the system makes are: Header inspection The headers contain important information about messages. Message analysis The title and body of the message are read by SpamAssassin, looking for keywords or structures typical of spam. Bayesian/probabilistic analysis Once the initial detection rules are defined, a probabilistic analysis is performed to identify similarities between inbound messages and those previously detected as spam. Mail signatures/hash lists Given that spam is normally sent to thousands of people at the same time, the structure of each message is identical, producing a unique hash. SpamAssassin consults hash lists of known spam messages. Guaranteed Filter Mode

This filter mode checks the existence of the sender in the recipient's whitelist, immediately delivering mail if the check is positive. Otherwise, a mail is sent to the sender explaining that the anti spam system of the recipient requires verification. There is a link in the email for the sender to validate the message. Once the sender has validated the email, it is delivered and the sender is added to the whitelist. Should the sender not validate the mail, the recipient may validate it manually. Panda Security follows the RFC 3834 guidelines to avoid generating collateral spam. Quarantine Messages that have not been rejected but have been classified as spam will be directly sent to the quarantine directory, where the user will be able to perform various actions on them (delete, whitelist, retrieve, etc.) through the administration console. The quarantine can also be used to store server notifications (NDR, NDN, DSN ) or emails received from a distribution list. This can be configured individually by each user. Users can receive an email notification with the contents of the quarantine daily or weekly, depending on the administrator s configuration settings. Outbound filtering Panda Cloud Email Protection applies content and antivirus filters to not only inbound emails but also outbound emails. There is also the possibility to configure the maximum number of recipients that are allowed on messages, through the Web based administration console available to company administrators, domain administrators and end users. In addition, Panda Cloud Email Protection adds a signature to all outgoing emails sent through the system. This footprint makes it possible to easily recognize all messages that pass through Panda Cloud Email Protection. 6. Installation options Panda Cloud Email Protection s fully scalable and distributed architecture allows its different components to be distributed across different layers, which can be installed on different physical or virtual machines or even deployed with high availability to data centers in different parts of the world. Below is a description of the installation options available to customers with basic or average traffic and availability needs. The solution is the same in all cases, and can be adapted to all types of companies or needs, regardless of the criticality of the environment. Panda Cloud Email Protection acts as an external filter between the recipient (PC, PDA, BlackBerry or mobile phone) and the email sender. It receives and filters messages before they reach the end user, letting clean mail through regardless of the location in which the mail will be received (at home, in the office, etc.). Valid email is sent to the protected mail server, whereas junk mail is kept in our data center, available for online consultation and retrieval as required by users. The multi layer filter ensures maximum effectiveness, achieving 100 percent protection with the Guaranteed Filter mode. First, a connection filter is used to eliminate the majority of spam messages based on their source. After passing through the first layer of scanning, emails are then screened through our multi layer antivirus system. Finally, those messages which have not been rejected nor directly considered valid will be subject to content filtering by means of DNS queries and Bayesian networks under the supervision of a dedicated team. The same filter is applied to outbound email, stopping any attacks from inside the company.

a) Cloud model Panda Cloud Email Protection is a security solution that enables administrators to protect corporate email effectively, allowing agile administration even in critical environments. The SaaS model provides companies a series of advantages, optimizing resources and reducing costs. No need for a dedicated platform. Outsourced management. Easily scalable. No need to purchase additional hardware. Mail relay: Messages are kept four up to 4 days in the event of email delivery problems with the customer's servers. Email backup. Delivered email is stored for 10 days, while spam is stored for 15 days. Administration, management and control at administrator and user levels. Complete accessibility via webmail: Email remains safe and accessible at all times. Different protection levels: automatic and guaranteed filtering. Multi domain protection. Filtering is performed on Panda Security s servers, instead of on users' servers, PCs or mobile devices. Complete mobility. Optimized bandwidth usage thanks to spam neutralization. 24x7x365 monitoring and support with a Service Level Agreement (SLA) that guarantees service continuity. 100 percent mail availability. b) Cloud model for MSPs: The cloud model is particularly suited for ISPs and customers who manage large data volumes. The product is installed on several physical or virtual layers (frontend and backend), balancing the filtering workload among filters. This architecture provides high scalability. Free trial Users can easily evaluate Panda Cloud Email Protection for free before purchasing it. To take a free trial of Panda Cloud Email Protection, users simply have to enter some basic information in an online registration form and they will have a personal account with full access to the solution. Users will be able to test all of the features of Panda Cloud Email Protection, as well as accessing full reports to see how the solution protects their email. There is no obligation to subscribe and no payment required. Request your free trial at www.pandasecurity.com

About Panda Security Founded in 1990, Panda Security is the world s leading provider of cloud based security solutions, with products available in more than 23 languages and millions of users located in 195 countries around the world. Panda Security was the first IT security company to harness the power of cloud computing with its Collective Intelligence technology. This innovative security model can automatically analyze and classify thousands of new malware samples every day, guaranteeing corporate customers and home users the most effective protection against Internet threats with minimum impact on system performance. Panda Security has 56 offices throughout the globe with US headquarters in Florida and European headquarters in Spain. Panda Security s Company Profile is available at: http://press.pandasecurity.com. Contact Panda Security For more information, contact us at: www.pandasecurity.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information