"It is impossible for ideas to compete in the marketplace if no forum for
� their presentation is provided or available." �������� �Thomas Mann, 1896

PROTECTING ENTERPRISE MESSAGING SYSTEMS
From Spam, Viruses, and Other Threats

Contributed by FrontBridge Technologies, Inc.

�

�

Introduction

This white paper explores the threats to business email and considers the various methods for protecting enterprise messaging systems. Businesses that do not sufficiently protect their networks and email systems are confronted with the fallout from uncontrolled content - such as unsolicited email (Spam) and malicious code and viruses - flowing into and out of their corporate networks via email.

There are several options for managing the threats that Spam, viruses, and network-based attacks pose to enterprise messaging systems, including:

• Self-managed: developing and maintaining a home-grown Spam and anti-virus solution

• Premise-based: installing on-site hardware and software systems to thwart email threats

• Fully managed: perimeter-based Spam and virus protection from a trusted third-party

Most of these options have disadvantages and shortcomings. Self-managed efforts cannot effectively protect critical email infrastructure components and do not easily scale to handle increasing volumes of Spam. Premise-based solutions require dedicated hardware and software and ongoing IT resources to operate and maintain, making them a costly alternative. Fully managed offerings are the most flexible as long as the service provider has an enterprise focus and can guarantee service availability.

FrontBridge provides truly effective enterprise message management with unmatched Spam filtering and virus blocking capabilities. No other provider offers an uptime guarantee of 99.999 percent, validated by 100 percent historical uptime. With this unique combination of performance and reliability, FrontBridge’s services surpass home grown solutions and premise-based options in efficacy and cost effectiveness.

Electronic mail is a convenient and indispensable tool that enhances productivity by allowing businesses and enterprises to effortlessly communicate internally and with external audiences around the world. However, without proper protections, email can bring harm to an enterprise, its network and email infrastructure.

Consider these scenarios:

• Email-borne viruses can destroy vital company data and incapacitate network and desktop computers, knocking a company’s workforce out of commission for several hours or days.

• Spam can reduce employee productivity, needlessly consume network bandwidth and storage space, and negatively impact a company’s bottom line.

• A denial of service attack on a company’s email servers can cripple a network by causing thousands of emails from customers, partners, suppliers, and other important business associates to bounce.

• Email sent from a company - whether deliberately or unintentional - containing confidential information and sensitive data can put trade secrets in the hands of competitors as well as open an organization to litigation and regulatory scrutiny.

FrontBridge offers a superior solution that protects businesses from the fallout of these scenarios in the most cost-effective and reliable solution available to enterprises.

Business Communication in the Digital Age

It is essential for an enterprise to communicate with its customers, partners, suppliers, and its myriad of groups and associates that comprise the organization. In the digital age, the methods of business communication are numerous. With Internet connectivity becoming ubiquitous in the 1990s, electronic mail has become the preferred and, for many organizations, the most commonly used method of communication.

Email has become such an integral part of daily business life, many cannot fathom functioning in their jobs without it. It is estimated that nearly 31 billion email messages are sent daily, with estimates of email traffic growth to 60 billion messages daily by 2006. (“We’ve Got Mail,” Computerworld, Sept. 27, 2002)

Combine the reliance on email for business communication with the importance of maintaining open and effective communication channels, and one begins to understand the importance of enterprise message management. Just as business communication is vital to the health and sustainability of an enterprise, maintaining a reliable and secure infrastructure to support that communication is equally as important.

�

�

It is estimated that nearly 31 billion email messages are sent daily, with estimates of email traffic growth to 60 billion messages daily by 2006.

��

Threats to Corporate Email

Historically, email systems were largely neglected by security administrators. But as email usage has grown and email has become a mission-critical business application, attention to these systems has become more crucial. “Email is the biggest single threat to business existence if not managed effectively.” (“Security - Today and Tomorrow,” Database and Network Journal, Oct.10, 2002) Effective enterprise message management requires attention to a number of threats and vulnerabilities, including:

• Email server attacks. Internet attacks of all types are on the rise, and email servers are an enticing target. Like Web servers, email servers are not completely protected by corporate firewalls. Email servers connect directly to each other over the Internet using well-known ports. Such connections require firewalls to allow traffic from anywhere on the Internet to specific ports on the corporate email server. This openness provides ample opportunity for attack.

Various vulnerabilities can allow an attacker to crash an email server, block all mail delivery, and gain complete control over the server. Protecting against these threats has become increasingly more difficult. Email systems are distributed and more complex, software patches for discovered vulnerabilities are not always immediately available, and the window for patching is often very small. For these reasons, many companies are forced to go completely off-line until the vulnerabilities can be corrected.

• Viruses and malicious code. Viruses, worms, and Trojan applications that enter a company via email attachments have the ability to disrupt communications, destroy data, and attach themselves to outbound email that is then sent to customers, business partners or suppliers.

Email-borne viruses spread at an astonishing rate, and rapid response is critical to successfully protecting a network. According to anti-virus provider Sophos, viruses like BadTrans, Kournikova and the “ILoveYou” virus can spread at more than 100 copies per minute within an enterprise.

• Spam infiltration. Unsolicited email, or Spam, has proliferated — clogging mailboxes and reducing productivity in enterprises around the world. Today, Spam accounts for nearly 40 percent of email traffic. Some corporate mail servers now waste more than 50 percent of their processing capacity on Spam. (“Spam Nearly at the Tipping Point,” Government Computer News, Sept. 16, 2002)� The FrontBridge network has witnessed a 1600 percent increase in Spam volume in the past two years. Because Spam is inexpensive to create and easy to distribute widely, mass marketers will continue to use this mode of communication and Spam volumes will continue to balloon.�

Today, Spam accounts for nearly 40 percent of email traffic. Some corporate mail servers now waste more than 50 percent of their processing capacity on Spam.� Computerworld - Sept. 27, 2002

Calculating the Cost

Calculating the cost of Spam to organizations can be difficult given the intangibles. Organizations such as Ferris Research estimate an average employee spends at least 15 hours per year dealing with Spam. (“The Bottom Line on Spam,” Enterprise, Mar. 18, 2002) Multiply the time wasted on Spam by an employee’s wages and extrapolate that number across an organization and one begins to see the organizational cost of lost productivity alone. Opportunity cost as well as wasted bandwidth and storage further compound the overall price of Spam.

Policy compliance.�

As email becomes a more common method of business communication, corporate policies and rules are required to help control the flow of information into and out of an organization. These rules help protect proprietary data, trade secrets, and other confidential information. Additionally, national and local governments have imposed laws and regulations to protect sensitive information.

In the United States, the Gramm-Leach-Bliley Act, SEC Rule 17a, NASD Rules 3010 and 3110, and the Health Insurance Portability and Accountability Act (HIPAA) all regulate security, privacy, and non-disclosure for various forms of communication, including email. For example, NASD rule 3110 requires companies in the investment banking and securities business to monitor all email communications for compliance.

Policies and rules governing inbound content are also needed to prevent illegal, offensive, and other unwanted content from entering the corporate network. Content rules can also provide an additional line of defense for blocking viruses and malicious content, such as rules to block all attachments with a Visual Basic (.vbs) file extension.

Email Protection Services

Today, there are a variety of solutions available to enhance enterprise message management and provide protection from Spam, viruses, and inappropriate content. The solutions break down into two, distinct categories:

• Premise-based solutions. Premise-based solutions operate “on the premises” of an enterprise and are typically software add-ons that run on email servers and desktops. These solutions are usually installed, deployed and maintained by a company’s IT staff.

• Perimeter-based solutions. Perimeter email security provides protection outside of the corporate network, typically via one or more geographically-dispersed data centers. With this method, all email is filtered and screened for unwanted content before it reaches company email servers.

While both premise- and perimeter-based email protection solutions have advantages and disadvantages, premise-based solutions have some distinct shortcomings. These disadvantages include:

• Email servers are vulnerable to external attack. Regardless of which premise-based solutions are installed, premise-based solutions can never scale sufficiently to prevent disabling denial-of-service attacks.

• Premise-based solutions create a single point of failure for email infrastructure. Adding more hardware to the infrastructure simply increases the chance of a failure that will disrupt the reliable flow of email. Systems can be made redundant and highly-available, but only at a very high cost.

• Slower to update virus definitions. Email-borne viruses are notoriously fast moving, affording little time to update desktop and gateway anti-virus systems to ensure corporate networks and systems are protected. Perimeter services typically have faster response times and more frequent virus definition update cycles, outflanking the defenses of premise solutions.

• Maintenance and support expenses. Premise-based solutions have an inherent cost for installation, deployment, training, maintenance, and support that is not incurred with perimeter-based services. IT resources must be dedicated to installing server and desktop software, localizing Spam filters, updating virus definitions, patching software, and supporting users. With limited IT resources, the opportunity cost for delayed and deferred projects must also be considered.

• Scalability issues. As a company grows and its email traffic increases, scalability issues to accommodate the growth surface. Premise-based solutions require additional hardware, software, and bandwidth to support additional users and email traffic. Additionally, premise-based solutions have difficulty scaling to accommodate thousands of users spread across multiple locations of an enterprise.

The FrontBridge Approach

Provides perimeter-based email protection and message management services to enterprises worldwide. FrontBridge helps companies manage the inbound and outbound flow of email passing through their network gateways by providing a protective bridge between the Internet and corporate networks. FrontBridge’s services also protect networks and corporate email systems from attack by malicious code and viruses, inundation by unwanted Spam, and assaults on email servers.

FrontBridge’s services provide comprehensive enterprise message management capabilities, including:

• Policy Enforcement - FrontBridge can block inbound and outbound messages with certain attributes before they can enter or exit the corporate email system. This service can block email by: attachment name/type; file size; number of recipients; domain; email address; and words and phrases.

• Disaster Recovery - If an email server becomes unavailable, FrontBridge ensures no email is lost or bounced. Once service is restored, all stored mail is automatically forwarded in a “flow controlled” fashion. In cases of extended downtime, email can be rerouted to another server, or made available through a Web-based interface.

• Spam Filtering - FrontBridge’s proprietary, multi-layer Spam technology ensures that unsolicited email is automatically filtered before it enters a corporate messaging system, disrupting employee productivity, and burdening your messaging infrastructure. All messages are run through three layers of advanced Spam filtering technologies: blacklisting, fingerprinting and rules-based scoring.

• Virus Scanning - The FrontBridge solution provides the most complete anti-virus service available. Unlike premise-based solutions that may update daily, FrontBridge’s API-level integration of virus engines from Sophos, Symantec, and Trend Micro update virus definitions every 10 minutes, enabling the service to identify and block viruses before they reach corporate firewall or servers.

• Mail Server Protection - FrontBridge masks an enterprise’s IP address and hides corporate SMTP servers behind the FrontBridge network, protecting them from Internet-based attacks.

• Outbound Services - The FrontBridge Outbound Relay service provides reliable, virus-scanned delivery of your messages while protecting your identity on the Internet.

Most service providers rely upon one or two data centers to share their load and provide emergency backup. FrontBridge runs a nationwide network of seven data centers that operate in a truly distributed fashion to provide an unmatched level of availability and reliability. The following diagram illustrates the FrontBridge distributed network architecture and how the network provides unmatched reliability.

The FrontBridge Distributed Architecture

• Your email MX record points to the FrontBridge network.

• The FrontBridge network DNS servers return an IP address for the nearest data center based on location and availability.

• Email received at one of our data centers passes appropriate layer seven health checks.

• “Clean” email is delivered to you. The FrontBridge process typically takes less than one second to complete. �

�

FrontBridge offers unique strengths and advantages that premise-based solutions and other perimeter-based services cannot match, including:

• Reliability - FrontBridge guarantees 99.999 percent uptime. To ensure this, FrontBridge uses seven geographically-distributed data centers with fault-tolerant, redundant and load-balanced servers. FrontBridge has never experienced downtime; no other provider can make this claim.

• Security - FrontBridge customers’ email servers are never exposed to the Internet. Customer mail servers only accept connections from FrontBridge’s data center servers, ensuring that no attacker can exploit a known vulnerability in the mail server’s operating system or email application.

• Corporate-grade filters - FrontBridge understands that business email is critical, and incorrectly identifying legitimate email as Spam can be more detrimental to a company than Spam itself. FrontBridge always errs on the side of caution to ensure users do not lose email. Other vendors aggressively advertise “eliminating the most Spam,” but they unfortunately have high false positive rates. FrontBridge’s false positive rate is less than 1 in 250,000 messages. Without question, FrontBridge has the lowest false positive rate in the industry.

• Dedicated, expert staff - Providing around-the-clock protection requires constant monitoring and updates. The FrontBridge operations team ensures that Spam filters are continuously updated while anti-virus signatures are updated, tested and deployed every ten minutes - 24 hours per day.

• Flexible and customizable - FrontBridge offers multiple options for configuring and customizing Spam filtering, virus scanning, attachment blocking, and policy enforcement.

• Easy to implement - FrontBridge allows enterprises to avoid the headache of software deployment and management for email protection. There is no hardware to provision, no software to buy, install or configure, and no expensive training required for IT staff. Plus, FrontBridge’s services are delivered upstream from the corporate network, before email ever reaches corporate servers. With a simple configuration change, companies can begin using FrontBridge services and be up and running in less than an hour.

Conclusion

Reliable corporate email systems are mission critical, and protecting them requires the same level of infrastructure, expertise, scalability and reliability as a company’s other mission critical applications.

Self-managed, premise-based solutions are not cost effective, cannot effectively protect critical email infrastructure components and do not easily scale. Most service providers are not enterprise-focused and cannot effectively scale or guarantee uptime.

FrontBridge’s seven data centers, routed through Tier 1 backbones, guarantee that an enterprise’s servers are safe from attack, corporate email policies are enforced, messages are always delivered, and email is delivered virus- and Spam-free. That is the quintessential benefit of enterprise message management.

Quotes:

“Email is the biggest single threat to business existence if not managed effectively.”���
Database and Network Journal, �Oct.10, 2002

“...an average employee spends at least 15 hours per year dealing with Spam.”

�

�

Click Here for The Business Forum Library of White Papers��
�

---

Search Our Site

Search the ENTIRE Business Forum site.�Search includes the Business
Forum Library, The Business Forum Journal and the Calendar Pages.

---

Disclaimer

The Business Forum, its Officers, partners, and all other
parties with which it deals, or is associated with, accept
absolutely no responsibility whatsoever, nor any liability,
for what is published on this web site.��� Please refer to:

legal description

Home��� Calendar��� The�Business�Forum�Journal���� Features��� Concept��� History
Library�� � Formats��� Guest�Testimonials��� Client�Testimonials��� Experts��� Search
News�Wire���� Join��� Why�Sponsor���� Tell-A-Friend���� Contact The Business Forum

�

�