K7 Mail Security
FOR
M
ICROSOFTE
XCHANGES
ERVERSThe Exchange environment is an important entry point by which a threat or security risk can enter into a network. K7 Mail Security is a complete and customizable solution that scans e-mails that passes through the Microsoft Exchange server. Mail Security protects your Exchange server from the following:
• Threats (such as viruses/malware, worms, Trojans, and DoS attacks) • Security risks (such as adware, spyware and greyware)
• Unwanted email messages (spam) • Unwanted content (Content Filtering)
• Unwanted file attachments (Attachment Filtering)
K7 Mail Security also lets you manage the protection of one or more Exchange servers from a single web console and it sends timely alerts and notifications to administrators whenever significant system events or outbreak activities occurred.
F
EATURES AVAILABLE IN
K7
M
AIL
S
ECURITY
S
UPPORT FORM
ULTIPLER
OLESK7 Mail Security supports Exchange Server on the following roles: Edge Transport
Hub Transport Mailbox
W
EBB
ASEDA
DMINC
ONSOLEK7 Mail Security can be accessed and controlled through the centralized web-based management console and it is accessible through any modern web browser from any computer on the network. You can use SSL to access remote servers through a secure product console.
A
UTOMATICV
IRUSS
CAN Transport level and store level scanning.
Microsoft Virus Scanning API to scan messages at a low-level in the Exchange store. Quickly scan messages using multi-threaded scanning.
Default and customized action against viruses/malware, Trojans, worms, spyware/grayware. File type recognition to detect falsely labeled files.
C
ONTENTF
ILTERINGWhen content filter finds a word that matches a keyword it can take action to prevent the undesirable content from being delivered to Exchange clients.
A
TTACHMENTF
ILTERINGBlocks named attachments or attachments by true file type, file extension, or file name.
S
PAMF
ILTERINGK7 Mail Security actively scans and detects spam messages and takes action against them.
Q
UARANTINEN
OTIFICATIONSK7 Mail Security automatically sends email notifications when it does the following:
Detects and takes action against a virus or other threat detected in an email message Blocks an infected attachment
Detects suspicious URLs
Filters out undesirable content from an email message Detects virus/malware outbreak conditions
R
EPORTS&
L
OGSMail Security provides extensive report and data logs on threats, security risks, violations and spams. You can also save, send or print these reports.
A
UTOMATICU
PDATESK7 Mail Security periodically updates automatically over the internet whenever new program components are available and also virus definitions are released from K7 Computing virus lab.
To view the version of K7 Mail Security and virus definitions click the About link from the product console
U
SING THE
P
RODUCT
C
ONSOLE
K7 Mail Security can be accessed and controlled through the centralized web-based management console and it is accessible through any modern web browser from any computer on the network. The web console is password protected which is ensuring only authorized administrators can modify K7 Mail Security settings.
To view the Web console from a remote server:
1. Launch a supported browser and type the URL:
http://<server IP>:7070/k7exchangems/static/index.htm OR
https://<server IP>:7443/k7exchangems/static/index.htm
Where "server IP" is the IP address of the server on which you installed K7 Mail Security Note: By default, HTTP uses port 7070 and HTTPS uses port 7443.
2. Type your user name and password.
D
ASHBOARD
Dashboard is the main console where the administrator can have the easy and quick glimpse of the K7 messaging security status such as Threat Detection, Attachments Filtered, Content Messages Filtered, Spam mails Detected, Activity Summary, License information, etc. If anything is shown as unusual in the dashboard status then Administrator can quickly navigate to the problem by clicking on the corresponding issue link on the widget which will show the detailed report of the status.
The Antivirus page displays information about the real time scan status on Exchange server. It shows Enabled / Disabled status of real time antivirus scanning for incoming and outgoing email messages. You can configure K7 Mail Security to scan specific types and targets, as shown below.
To protect your Exchange environment, K7 Mail Security always scans both incoming and outgoing messages and their attached files for security risks. Whenever any threat detection happens, K7 Mail Security automatically takes action against the detection according to your configurations. You can also configure to send notifications when it takes actions against security risks.
N
OTIFICATIONS
You can configure K7 Mail Security to send a notification by email when K7 Mail Security takes action against detected security risks and undesirable content during security risk scans, attachment blocking, or content filtering. The notifications can be sent to administrator, sender, recipient or other network security professional to expose the security risk of relevant messages. And the notification template can also be configured to display the customized subject, mail content and other fields.
A
TTACHMENT
F
ILTERING
Attachment blocking is an effective way to control virus/malware outbreaks and it prevents email messages containing suspicious attachments from being delivered to the Exchange Information Store. K7 Mail Security can block attachments according to the attachment type, attachment name, or attachment extension and then replace, quarantine, or delete all the messages that have attachments that match your configuration. You can enable or disable attachment filtering.
Many viruses/malware are closely associated with certain types of files such as doc, exe, or dll.
By configuring K7 Mail Security to block email messages with certain file types, you can decrease the security risk to your Exchange servers from those types of files. Similarly, specific attacks are often associated with a specific file name.
As a best practice you can temporarily quarantine all high-risk file types or those with a specific name associated with a known virus/malware. Later, when you have time you can examine the quarantine folder and take action on detected files or you can release the email messages when you decide they are safe.
C
ONTENT
F
ILTERING
A
NTI
S
PAM
Spam is an unwanted junk email, triggered from some external sources which most often advertisement messages for a product or service. It wastes productivity, time, and network bandwidth. Spam is not only an annoyance to users and administrators; it is also a serious security concern. Spam can be used to deliver viruses, Trojan horses, and in phishing attempts. In addition, high volumes of spam can create denial-of-service conditions in which email servers are so overloaded that legitimate email and network traffic are unable to get through.
K7 Mail Security can detect if an incoming email message is spam with a high level of accuracy and also it provides continuous updates to the Antispam filters to ensure that your Exchange server has the most recent spam detection filters that are available. When a message is detected as spam you can drop or allow the email based on your preferred action.
Spam detection is only available when Mail Security is installed on Edge Transport or Hub Transport server roles.
H
OWK7
M
AILS
ECURITY DETECTS AND PROCESSES SPAMWhen Antispam option is enabled, K7 Mail Security stamps messages with a spam confidence level (SCL) value, Mail Security analyzes SMTP email messages for key characteristics of spam and it inscribes messages with a SCL value when the message meets an SCL threshold.
The SCL Junk E-mail Folder Threshold in Microsoft Exchange works with the SCL value that is stamped on an email message to determine the destination of the message. When the SCL value is not set, Exchange sends all messages with a SCL value to the user's Junk E-mail folder. When the message has a SCL value that is higher than the SCL Junk E-mail Folder Threshold, Exchange sends the message to the user's Junk E-mail folder. If the SCL value is lower than or equal to the SCL Junk E-mail Folder Threshold, the message is routed to the user's Inbox.
W
HITELISTS ANDB
LACKLISTS• Allowed Senders - You can add the list of sender email addresses that are permitted to bypass antispam scanning
• Allowed Recipients - You can add the list of recipient email addresses to which inbound emails are permitted to bypass antispam scanning