Security capabilities
To support your business objectives
IBM Lotus Protector for Mail Security 2.5.
Give users complete control over
content sent to them—right within
the familiar IBM Lotus Notes inbox
In the age of a distributed workforce, virtual teams, road warriors and corporate globalization, e-mail is more indispensable than ever. In fact, employee productivity and customer satisfaction rely on it. Protecting your messaging infrastructure is vital to your day-to-day operations.
Internet connections exponentially increase the power of e-mail. Unfortunately, they also expose users to myriad threats, creat-ing potential business risks. In today’s world, spam prevention
Empower your users, right from their inbox
Seamlessly integrated with your IBM Lotus Notes® and Lotus®
Domino® platform, the IBM Lotus Protector for Mail Security 2.5
software appliance gives your organization comprehensive con-trol over Internet e-mail. It does more than just efficiently block the spam, malware, phishing attacks and other threats targeting your users—it’s also the first and only network spam filter that doesn’t require users to access a separate tool to manage who can and cannot send them e-mail. Via a simple click from their Lotus Notes 8.5.1 inbox, users gain control over which content they want or don’t want to receive. Users can also independently view spam and blocked messages without IT intervention. This helps eliminate the need for IT staff to spend valuable time and resources in situations where, for example, an external vendor might claim to have sent an e-mail that users haven’t received in their inboxes. Your users can quickly validate for themselves whether the e-mail was blocked or whether it was simply never sent in the first place. The result is an increased level of productivity for users, as well as an optimization of your administrative resources.
Highly effective, proven protection
The Lotus Protector for Mail Security software appliance is proven to be highly efficient at protecting against external threats—while minimizing the potential blocking of nonthreatening e-mail or the draining of server resources. Precise and powerful, the Lotus Protector for Mail Security software appliance has been certified by the independent ICSA Labs to be a leader in spam control, blocking over 99 percent of known spam with extremely low, industry-leading false-positive results.1 And being a Lotus Notes
and Domino family product, it’s designed to be easy to imple-ment and own, with the same flexible deployimple-ment options and low cost of ownership as those of your critical messaging platform.
Helps stamp out spam
Spam continues to find its way to inboxes daily, sometimes outnumbering legitimate e-mail. The fight against spam can negatively impact productivity and can strain network and server capacities, affecting your end users as well as your system administrators.
Internet
SMTP connection
Legitimate e-mail
Predata spam filters
Dynamic host reputation filtering SMTP connection filters
Domain name server blacklist (DNSBL) settings Recipient verification, SMTP level
Dedicated spam analysis modules
Spam fingerprint Spam signature database
Structure analysis Embedded URL analysis
Spam heuristics
Message transfer
Zero level analysis
DNSBL analysis Bayesian classifiers Flow analysis Spam keyword Phishing analysis Spam Spam Spam
Figure 1. The Lotus Protector for Mail Security software appliance filters out spam before it even reaches your network, helping save valuable bandwidth.
Examine and knock out suspicious mail in real time
The Lotus Protector for Mail Security software appliance stops spam at the network edge, so your Lotus Domino server is free to focus on core routing and collaboration tasks. Employing innovative zero-level analysis (ZLA) technology from IBM, the software appliance is capable of identifying spam in real time, as e-mail comes into your network. Because it can identify spam as it traverses the network boundary, ZLA can often drop spam within the first 10 or 20 percent of the message. This optimizes throughput of the system without any loss of efficacy, because all messages that aren’t blocked are still fully analyzed by powerful content analysis modules in the Lotus Protector for Mail Security software appliance. The result for your organization is enhanced protection, without slowing down your key collaboration systems.
Continuous protection updates
The Lotus Protector for Mail Security software appliance can be quickly configured to block spam using either default or custom content filtering policies. Content filtering innovation is provided by the IBM Internet Security Systems (ISS) X-Force® research and development team. The X-Force team routinely monitors new spam techniques and distribution methods. The Lotus Protector for Mail Security software appliance checks with IBM as frequently as every 15 minutes for updates that include new spam signatures and potentially dangerous URLs. As a result, Lotus Protector for Mail Security technology helps you keep ahead of the latest spam trends.
E-mail origination analysis
Spam collectors Spam Learn Global filter database Your business Continuous updates Global Data Center
Figure 2. The Lotus Protector for Mail Security software appliance receives updates from the IBM ISS Global Data Center eight times per day to help you respond to changing spam tactics and threats.
Ninety-five billion identified spam sources — and growing
At the IBM ISS Global Data Center, IBM maintains a security database containing more than 95 billion evaluated Web pages and relevant spam signatures to date. IBM operates spam col-lectors worldwide using e-mail accounts known as “honey pots,” which receive millions of confirmed spam e-mails every day. Data gathered from these messages is fed into the Global Data Center, increasing the efficiency of spam filtering.
More than just spam prevention — comprehensive inbound and outbound content control
Lotus Protector for Mail Security technology analysis modules work for outbound as well as inbound e-mail, enabling you to define policies or tailor modules to help meet legal and regu-latory compliance for data. Messages can also be scanned for offensive words, customizable keywords and attachment types — and specialized analysis capabilities help prevent sensitive information such as Social Security and credit card numbers from leaving your network. In addition, the phishing module provides a separate, multithreaded analysis technique to protect your employees against e-mail messages that target their personal information.
Who Sender/recipient Sales Logistics Mr. Schmitt When Time frame All the time 9 a.m. to 5 p.m. 8 p.m. to 5 a.m. Analysis modules Sensors Confidential MP3/JPG Pornography Action Responses Block Allow Send to Rule
Figure 3. You can develop spam filtering rules that fit your organization’s policies and tailor those rules to specific users.
Rules configuration helps improve ease of use, lessening the burden on administrative staff
Granular policy control includes simple rules-based policy creation—enabling you to take action based on factors such as who, what and when—and more than 10 different customizable action types, such as modifications and notifications. Policies can be applied globally, by user group or by individual user, so changes made in the Lotus Domino Directory database flow automatically to the associated content control policies. Plus, the Lotus Protector for Mail Security software appliance sup-ports lightweight directory access protocol (LDAP), including Lotus Domino and Microsoft® Active Directory technologies.
Helps keep you ahead of threats
Beyond spam control, the Lotus Protector for Mail Security software appliance is equipped with advanced protection technologies to provide security features that are ahead of the threat. With the award-winning IBM Proventia® Network
Intrusion Prevention System (IPS) engine and IBM Virtual Patch® technology, the application supports the vital security
features necessary in today’s IT environments.
An extra level of protection between your company and external contacts
Support for the transport layer security (TLS) protocol enables you to automatically encrypt e-mails between your company and trusted partners and suppliers. By establishing mutual public cer-tificates on your server, you can make sure that communication between your company and these organizations is protected. The message transport agent at the edge of your network automati-cally encrypts e-mails to and from such organizations—providing a seamless user experience.
Defense against zero-day attacks
Lotus Protector for Mail Security software appliance recipient veri-fication technology and its queuing mechanism help protect your mail server from zero-day attacks, including denial-of-service and directory harvest attacks. And a special Lotus Domino integration keys off of “short name” fields, so even the powerful and flexible Lotus Domino addressing translation system is supported.
Many spammers direct spam at a particular domain simply by guessing at user names or naming conventions. Recipient veri-fication technology helps minimize the effects of this practice by confirming that the specific user name to which each e-mail is addressed actually exists — before accepting the message. Any message that is addressed to an unknown recipient is rejected before the connection is accepted, helping save valu-able bandwidth.
The queuing mechanism is designed to provide multiple levels of protection against spam-based denial-of-service attacks. The application has two predefined thresholds for its unchecked queue, which begins to grow during a denial-of-service attack. When the total number of messages in the unchecked queue reaches the first threshold, the application begins throttling new simple mail transfer protocol (SMTP) connections based on a predefined period of time. When the number of messages in the unchecked queue reaches the second threshold, all new SMTP connections are answered with a “temporarily not available” message and asked to try again later, based on SMTP standard protocols. Typical spam bots can’t handle this type of rejection and will fail at this point, whereas valid SMTP servers will try again after a predefined period of time.
Real-time, multilayered antivirus protection
All Lotus Protector offerings are designed to easily integrate with your
existing Lotus Domino user and security frameworks, presenting a seamless
experience for users—and simplifying overall administration for you.
7
Intelligent management options for
ease of use
The Lotus Protector for Mail Security software appliance provides a number of intelligent management options that can be tailored to your organization’s unique network environment. It includes:
A stand-alone, security-rich, Web-based local management •
interface. The interface provides easy access to security and antispam policies.
Standard or customized reports.
• Standard, centralized
reports provide valuable insights, such as identifying which spammers present the biggest challenge to the messaging infrastructure. You can also create customized reports for additional flexibility.
Clustering for centralized management.
• 2 Because a
separate management console isn’t required, you can easily manage multiple servers through one appliance. In fact, Lotus Protector for Mail Security technology provides access to all quarantined messages and tracking information through the appliance you designate as the central appliance, regardless of where the traffic initially entered the network.
A unified platform to address your
security challenges
Create a unified platform to mitigate your security challenges. Find out more about how the Lotus Protector for Mail Security software appliance can help resolve messaging security headaches and improve your security posture against tomorrow’s threats, as part of the dynamic Lotus Protector platform. Designed specifically for the Lotus Domino environment, the application tightly integrates with the Lotus Domino platform, simplifying administration of your messaging environment.
System requirements focused
on flexibility
Lotus Protector for Mail Security software appliance is available as a per-user software license with flexible deployment options. It’s packaged as a software appliance model, with an integrated Linux® operating system and the application software. It’s certified to run on high-quality, cost-effective IBM System x® hardware or VMware systems. Unlike some competitive offerings that require proprietary hardware systems, the Lotus Protector for Mail Security software appliance puts you in control, allowing you to choose the off-the-shelf hardware that perfectly meets your throughput requirements—and your budget. And because it’s a per-user license, you can deploy as many server instances as necessary, without additional Lotus Protector for Mail Security costs.
Accelerate the time to value of your
software investment
IBM Software Services for Lotus and select IBM Business Partners can help you better understand your technology options and how to leverage Lotus collaboration solutions to potentially lower your IT total cost of ownership and increase your organization’s productivity. Find out more about the technical consulting, train-ing and Software Accelerated Value Program services available to help you accelerate your success with IBM technology. For more information, go to:
ibm.com/software/lotus/services
For more information
To access a no-cost, 90-day-trial edition of the Lotus Protector for Mail Security 2.5 software appliance or to get more informa-tion, contact your IBM sales representative or visit:
ibm.com/software/lotus/products/protector/mailsecurity
© Copyright IBM Corporation 2009 Lotus Software
IBM Software Group One Rogers Street Cambridge, MA 02142 U.S.A.
Produced in the United States of America December 2009
All Rights Reserved
IBM, the IBM logo, ibm.com, Lotus, Domino, Lotus Notes, and Notes are registered trademarks of International Business Machines Corporation in the United States, other countries or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark sym-bol (® or ™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Microsoft is a trademark of Microsoft Corporation in the United States, other countries, or both. Other company, product, or service names may be trademarks or service marks of others.
References in this publication to IBM products or services do not imply that IBM intends to make them available in all countries in which IBM operates. The information contained in this documentation is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained in this documentation, it is provided “as is” without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this documentation or any other documentation. Nothing contained in this documenta-tion is intended to, nor shall have the effect of, creating any warranties or representations from IBM (or its sup-pliers or licensors), or altering the terms and conditions of the applicable license agreement governing the use of IBM software.
