• No results found

AN ARCHITECTURAL FRAMEWORK FOR ENTERPRISE SECURITY:

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "AN ARCHITECTURAL FRAMEWORK FOR ENTERPRISE SECURITY:"

Copied!
8
0
0

Loading.... (view fulltext now)

Download now ( 8 Page )

Full text

(1)

Email Security Limitations:

Architecting Solutions For An

Onslaught Of Threats

In just a few years, email has arguably become the most important business communication tool ever invented. Even with the phenomenal growth in phone networks, fax machines, delivery services and the Web, most people turn to email to keep in touch with business partners, set appointments, collaborate across distances and transmit vital documents. Email reaches nearly everywhere, is practically instantaneous, and can transport any kind of computer file—which is to say, virtually any textual, graphical or programming information conceivable.

This rapid adoption and universal acceptance have come with a price. Email has emerged as a primary vector for security threats

like spam, viruses, malware, phishing and denial-of-service attacks. From two-bit hackers and spammers to rogue employees and even professional crime syndicates, countless people are using email to disrupt business, perpetrate fraud, steal information and worse. The same qualities that make email so useful make it vulnerable to both unintentional and malicious abuse: it’s extraordinarily complex, it reaches virtually every networked computing device, and everyone absolutely depends on it.

Enterprises have responded to these constantly increasing threats through continuous updates and patches to their existing security products, as well as ongoing evaluation and purchase of new point products to manage new vulnerabilities. In other words, as email vulnerabilities become more complex and varied, so does the email security environment. It’s a rationale response, however, the problem with this approach is that enterprises have typically reacted to each threat as if it existed in a vacuum, rather than having addressed security issues through a unified, comprehensive email architecture.

AN ARCHITECTURAL FRAMEWORK FOR ENTERPRISE

EMAIL SECURITY:

Getting It Right Today, Getting Ready For Tomorrow.

INTRODUCTION

As email security becomes an ever-more demanding problem for complex, information-driven enterprises, IT departments continue to add and enhance point products that target individual threats. Over time, a growing assortment of point products becomes increasingly difficult and costly to manage. While well intentioned, these heterogeneous products place limits on filtering, policy enforcement, monitoring, reporting and virtually every other security function—leaving the enterprise at risk. This white paper examines the security limitations prevalent in today’s large-enterprise email networks. These networks represent serious security challenges due to their large messaging volumes, heterogeneous technologies, diverse geographical locations, complex regulatory demands, and specialized departmental and user needs. For senior managers of email and security networks, this paper will provide an overview of the security limitations that likely exist in their current environment. It also outlines the “next generation” architecture designed to fully leverage security throughout the network and keep email working no matter what the future holds.

(2)

Similarly, many point products on the market address security issues within specific logical functions and physical layers of a complex, multilayered network. Each of these point products can work well within its own sphere—but there are inherent limitations in creating a patchwork of solutions that sometimes overlap and sometimes don’t.

Synopsis

This white paper explores the security limitations prevalent in most enterprise email networks—and how they will inevitably weaken email security going forward.

We’ll explain how a next generation security

architecture addresses these limitations and provides a solid foundation for total email security, along with simplified manageability, for the long haul—no matter what the threat or how requirements may change in the future.

Unfortunately, with a patchwork security regime, there’s never an end in sight. There’s never a time when you can confidently say that today’s combination of security products is adequate to protect your business from tomorrow’s email threats. You never know when you’ll need to buy yet another email security tool. About the only thing you can predict is that each new product you add to the mix will make the job of managing email security that much

more complex.

Messaging and security managers need to think beyond deploying new technologies in a poorly integrated series to block each new threat. Instead, effective email security for the long term requires taking complete control of inbound and outbound email flow and content at the gateway and throughout the corporate network. It requires robust integration of resilience, recovery, risk-reduction and policy enforcement functions. It requires tying filters and policies to a sophisticated directory for user- and role-based enforcement. And it requires a simple, flexible way to manage all these complex elements.

In short, the next generation security architecture requires a new approach that stretches beyond the current limitations. It demands a coherent, adaptable foundation for all of the security functions you require today—and any you may need tomorrow.

• Fully-optimized infrastructure

• Comprehensive policy management

• Unified network management

• Adaptability to emerging technologies and standards For a detailed look at today and tomorrow’s email security challenges, and how to manage them, read on.

The Fully-optimized Infrastructure

��� ���

���� �������

��������� ����������

������ ��� ���������� �������

����������

������ ��� ���������� �������

������� ����������

����� ������� ���������

��

��

��

� �������� ��� ����������

���� ��������

�����

���������

��������� ����������

�������� �������� �������

������� ���������� ��� ���������

��������� ����������� ��� ���������

�� ����������

�������

���������� ��� �������������

���������� ��������� �����������������

��������� ���������� ��������

������ ������� ��������������

������� ����������

�������� �����

�������

��������

��

��

��

�������� ������� ������� � ������ ������� �����

���������� ���������

������� ����������

����������

������� �������

������������

�������� ������ ������ ������� ��������

��������� ������������ ����� ���������

����������

�������� ������ � ���� ����������

�������

������

������ ���������

The next generation security architecture enables: • A fully-optimized infrastructure

• Comprehensive policy management • Unified network management

(3)

WP_08.05_Arch | 3 / 8

Sendmail, Inc.

Next generation email security is built on an optimized

infrastructure, and the foundation is the mail transfer agent (MTA). One limitation commonly found in today’s enterprises is a routing infrastructure that is not properly architected to provide security while handling large email volumes at an acceptable

performance level.

A reliable routing infrastructure provides much more than high throughput; it needs robust support for processor-intensive activities like spam and virus scanning. This optimized infrastructure must be managed intelligently, minimizing the impact on system resources by controlling connections at the gateway and by applying filters in a way that maximizes the pass-through of good messages. To optimize the email infrastructure, companies must take a closer look at each of the following areas.

Is Your MTA Proven?

At the foundation of the email infrastructure is the MTA—a routing infrastructure specifically designed to deliver security, reliability and scalability. Today, many large enterprises with complex messaging requirements risk opening security gaps at the very foundation of their email networks by relying on an unproven/untested MTA. Selecting the right MTA can make or break the email system. The right MTA represents the difference between an overstated vendor claim and proven performance, the choice between first-generation and time-tested security, and the experience of downtime versus high availability.

The MTA is a building block of a resilient email routing network. To augment the power of the MTA, forward-thinking businesses are moving towards directory-driven routing. Access to the directory permits more intelligent routing decisions, such as using directory information to route mail to the proper mailstore. Appropriately designing networks to deliver resilience and scale is the cornerstone to any large enterprise email security system.

Can You Manage Your Connections?

Connection regulation delivers fast ROI payback as part of the next generation email architecture. This control regulates the type and amount of email traffic entering and leaving the email system. Administrators can specify various criteria for automatically monitoring connections at the email gateway and automatically

accepting or rejecting messages before they enter the network. A basic requirement for optimal connection regulation is the implementation of a central email directory.

Sophisticated, directory-based connection control eases the burden on network bandwidth and system performance by detecting traffic anomalies and eliminating a large percentage of threats before they reach the network. It also provides the ability to trace inbound and outbound traffic to specific network addresses—even to individual user addresses. That way, problems can be rooted out and eliminated before they can recur. Effective connection regulation can enable dramatic reductions in physical and human resources, representing significant ROI.

Without effective connection control, customers will unnecessarily expose their email networks to distributed denial of service attacks, directory harvesting exploits and ongoing volumes of unwanted email.

Do You Have A Centralized, Integrated

Messaging Directory?

As companies continue to grow through mergers, acquisitions and expanded global operations, the email infrastructure becomes more and more complex. Often, large and growing enterprises end up with multiple user information directories and routing databases.

Ideally, the email architecture should place user and routing information at the right place in the network to perform required functions without harming email and network performance—and without compromising the security of data within the directory. It should be possible to reject dictionary attacks within the DMZ between the Internet and the corporate network, but not expose the user directory to outside tampering. A highly scalable, high-performance central directory provides a solid foundation for establishing message routing, connection control, and policy creation across a widely distributed and diverse corporate network.

How Optimized Is Your Filtering?

won’t be passed

on to the intended recipient.

All filtering should occur in concert—rather than in a series of operations controlled by discrete applications—in order to optimize message-handling performance and to avoid false positives. Point product-based architectures that feature heterogeneous filtering

(4)

and policy enforcement rarely have a means of determining whether a particular message has already been vetted and cleared by previous products in the series. This can place a huge burden on filtering bandwidth, and even cause legitimate messages to be lost. This is even true of some gateway appliances. Although the various filtering components are packaged in one box, they still effectively operate as independent applications.

Further, optimized filtering should have the capacity to leverage any directory attribute to apply more granular precision to the process. Attributes such as email aliases, mailing lists, mail hosts, account numbers, usernames, department, security clearance, when applied to filtering can maximize the network performance.

How well are you filtering?

A company might use SMTPAUTH when accepting mail, requiring senders to verify their legitimacy by providing a login and password.

Messages sent in this way do not need to be scored for spam characteristics, and you would never want to risk quarantining such messages even if the spam score registered 100 percent.

But if the spam filter is unaware that the message has already been accepted using SMTPAUTH, it’s wasting resources by processing the message at all, and there’s a real risk that the authenticated message won’t be passed on to the intended recipient.

Are You Safe From More Than The Threat

Du Jour?

Virus-infected attachments have long been the number-one problem associated with email entering the corporate network. Today, productivity-robbing spam is causing just as much concern as it becomes ever more voluminous and offensive. Identity theft via phishing has also emerged as a serious new problem. Tomorrow, there will be something else to contend with—guaranteed. As each

new wave of threats approaches, the old threats hardly disappear. In fact, they only become more sophisticated.

The next generation security solution not only addresses every existing email threat, ingoing and outgoing; it is prepared for future threats and emerging standards such as Sender Identification and Domain Keys Identified Mail (DKIM).

A Common Policy-control

Framework

Most single-purpose products lack any ability to integrate with outside data sources, making it difficult or impossible to incorporate cross-system linkages into policy that can be managed coherently and evolved. As a result, policies tend to reflect “what can be done,” versus “what’s best for business.”

Add multiple user directories and routing databases to this mix and the complexity compounds. Unless these multiple repositories are synchronized and consolidated in a single, centralized database, it becomes difficult—if not impossible—to implement role-based policies for routing.

Even if you can create effective policies, revising those policies on an ongoing basis becomes an almost unthinkable management task—essentially crippling the enterprise’s ability to adapt to new security threats. The directory can provide much more than user information for efficient routing; it also serves as the foundation for effective policy management.

Another limitation that hinders effective policy-based filtering is the lack of a general-purpose, highly scalable quarantine for questionable messages. No automated email security system can provide 100 percent rejection of bad messages along with 100 percent pass-through of good messages. That means companies need an effective quarantine that provides useful options for human review.

How Flexible Is Your Policy Administration?

Different users have different needs and restrictions. One size-fits-all won’t do. Individual point products that may work well

(5)

WP_08.05_Arch | 5 / 8

Sendmail, Inc.

for a small business don’t necessarily provide the policy flexibility and granularity required by large enterprises. The system should enable a hierarchy of message handling-rules—from corporate-wide control, to the department and workgroup levels, to the individual user. It should be flexible enough to allow for policy and rule enforcement from the network perimeter to the user desktop. For example, regulations may require copies of emails from a stockbroker to be archived for a full year, while doing the same for non-broker emails would only clog up the system with

outdated information.

Truly flexible policy management allows you to easily create complex rule logic based on your specific business requirements, all from a centralized control point. Whether protecting your intellectual property in outgoing email, or enforcing complex regulatory compliance requirements, your policy management capability should easily adapt to your business workflow.

How Coordinated Is Your Filtering?

Coordinated filtering allows for easier as well as more elaborate and granular policy management, while at the same time simplifying management and administration. Your security architecture should allow you to create, rank and monitor multiple filters with a single set of policies created in a single place. In this scenario, the complexity of point products is trumped through common policy control.

Does Quarantine Dominate Your System Load?

In a large enterprise, messages passing through the system can number in the millions per day. The quarantine must be scalable to handle potentially hundreds of thousands of questionable messages. It must provide options for self-cleaning any messages older than a specified number of days—allowing administrators to “set it and forget it” except when there’s a specific question that needs to be investigated.

The quarantine must enable appropriate levels of review at different levels of the organization—from individual users checking their own spam quarantine, to administrators checking supervisory quarantines for regulatory compliance and to verify the effectiveness of spam and content policies.

Unified Management And Control

Over The Email Network

Companies are learning that each new security product adds another detached island of administration, making security management more difficult, error-prone and potentially susceptible to failure. Each product tends to be very narrowly focused and inflexible in its administrative capabilities, forcing IT to adapt to the software rather than adapting the software to

business requirements.

The next generation network provides administrators full control over all point products and key security components such as filtering and policy enforcement. At the same time, it offers the granularity to offload some security decisions to local users to improve efficiency and streamline network usage based on organizational roles and responsibilities.

How Much Control Do You Really Have?

Another may provide quarantine at the user’s desktop. And yet another

Companies need centralized control of rules for filtering incoming email and enforcing policies for outgoing email. The minor annoyances and major strategic threats that can be directed at the company’s main communication portal make this issue far too important to place in the hands of individual users. This includes policy-based virus and spam filtering—which many companies mistakenly entrust completely to end-users, putting the network at unacceptable risk.

Along with centralized control, the network needs to provide the option to offload security decisions, when appropriate, to specific users and groups. In many cases, some of the control needs to stay at the local level for the sake of efficiency, as well as to accommodate specialized departmental needs and expertise.

Can You Keep Up With Your Consoles?

Point products only provide a view of the specific security threats they’re designed to detect. Even with Web-based consoles, you’re faced with multiple windows—each with its own user interface. This can be a nightmare when it comes to training IT staff, and on a day-to-day basis it can lead to an unacceptable rate of management oversights and errors.

(6)

The next generation network completely manages email administration—both incoming and outgoing messages—from a single console. Controls and views are consistent from function to function, ensuring that staff training is simple, day-to-day use is intuitive, and user errors are minimal.

Is Monitoring And Administration Even Possible?

With multiple point products, there’s no practical way to view all aspects of message flow, filtering and policy application. There’s no easy way to view a complete audit trail to track down the source of problems. And there’s no simple procedure for correcting the problems that you do find.

Aggregated views and reports of message processing are a must-have. The history of a message’s routing and processing should all be visible so that administrators don’t have to take the time to piece it together manually. The system should automatically provide the complete audit trails needed for compliance with corporate and industry regulations.

When all three of these solutions are filtering messages in a series, how can you effectively monitor them to be sure the right decisions are being made at the right level? How do you know when a good message has fallen through the cracks?

Can You Minimize Physical, Linguistic And

Geographical Boundaries?

When you attempt to deploy and manage point products across an enterprise environment, management becomes even more problematic. With a physically distributed network, how do you aggregate functions logically across the network? How do you configure and manage remote server installations? How do you delegate control to selected regions and groups?

Each point product is likely to have its own method (if any) for dealing with these cross-enterprise issues, and management difficulties only multiply as the enterprise becomes larger, more distributed and more diverse. This creates several risks: delegating control to areas that shouldn’t have it; losing the ability to monitor traffic centrally; undermining your ability to document regulatory compliance; and even foregoing certain functions altogether.

Along with the requirement for centralized control, the next generation solution also allows you to easily configure and manage remote servers anywhere in your environment, as well as to delegate control to remote administrators in order to meet the needs of your diverse business.

Adaptability To New Threats And

Changing Requirements

The final architectural limitation we address is the difficulty or inability of email security products to easily adapt and incorporate third-party products for specialized functions. Even with a complete email security solution that meets current requirements, enterprises need the flexibility to add new products and collaborate with other enterprise applications in the future. Whether or not these products integrate easily and cost-effectively with the architecture can make a big difference in operations.

The next generation network doesn’t force all the decisions to be made in one place, for one purpose. It adapts to different security needs at different levels in the messaging network, in different places around the globe, with other enterprise applications, and at different times in the company’s future.

Sender Authentication

Sender authentication has the potential to substantially improve email security, but requires broad changes to recipient email processing—shifting from a “filter out bad mail” to a “filter in good mail” approach.

This will require new processing logic and policy rules sets to handle various authentication scenarios— hence the need for a much more adaptable, architectural solution.

(7)

WP_08.05_Arch | 7 / 8

Sendmail, Inc.

Are You Ready For The Next Big Thing?

Most security products are designed to grow and adapt only within their realm. Products that are not tied together in a comprehensive security architecture can’t incorporate new, critical technologies designed to change the very nature of email security. For example, Sender Authentication and Domain Keys Identified Mail (DKIM) are emerging technologies/standards that promise to significantly reduce malware, spam, phishing and other threats by accepting email only from certified, trusted senders.

This standard is similar to the use of certificates issued by trusted authorities in secure Web transactions. Many analysts believe that sender authentication will become a predominant method of securing business communications in the future—however, it will require some time for businesses to adopt the model and set up the trusted relationships needed to make it work. The next generation solution is ready to incorporate Sender Authentication and other emerging technologies when the enterprise itself is ready for them.

Have You Addressed Flexible Deployment

Options?

Many of today’s email security solutions are rigid by their very nature. These solutions are designed to be positioned at specific points in the messaging network. What looks like spam to one point product may be incomprehensible to another, and passed through. Or what looks like spam at one level of the organization may actually be valuable information to a specific department. There should be a menu of deployment options, including the ability to technically adapt to local needs—for example, encompassing both software and appliance email security solutions that can be deployed, as appropriate, to minimize administrative costs. The enterprise’s business requirements should define the solution’s physical architecture—rather than architectural limitations dictating how you do business.

Can It Work With My In-House Solution?

It’s wise to consider the complexity, risk and rate of change in the messaging and security arena before building an in-house solution. However, many companies have already built up their IT systems through a continuing series of in-house development and integration initiatives.

When a new email product and its accompanying security and policy requirements are added to the mix, these companies naturally follow the familiar path and attempt to perform their own integration. The problem with this scenario is that each integration project addresses only the immediate need, without adapting to tomorrow’s unknown changes. Down the road are still more, unknown development projects of increasing complexity. It’s like trying to hit a moving target.

As the enterprise adopts new security products and incorporates their policies, the architecture should be flexible enough to manage these new technologies under the same policy umbrella the company uses for email communications.

Encryption

According to a recent study by Osterman Research(1),

the vast majority of businesses surveyed indicated that secure communications/encryption capability is considered important for external communications. A key industry trend for the next several years is the movement to embed corporate policies and business rules within the network infrastructure—this will require a highly adaptable email platform.

(8)

Sendmail: Providing A Next

Generation Architecture For

The World’s Largest and Most

Complex Enterprises

The limitations we’ve addressed are not theoretical. They represent our company’s view based on over twenty years of email security experience with 4,500 customer sites and over 1,000 large-scale enterprise architecture implementations. During this time, we have fixed or replaced many competitive products, and we have seen many new products emerge.

In many cases, new companies in the messaging and security fields started out by creating proprietary virus-scanning technology which they are now trying to expand into a complete messaging solution. In some cases, companies have repurposed products to “fix” apparent threats that aren’t even remotely related to the original product purpose. Corporations need to consider these facts before they risk their messaging and security investments

on unproven and repurposed technology that could potentially destabilize their existing infrastructure.

Sendmail’s core mission is to provide a complete messaging and security architecture that addresses the limitations we’ve discussed and prepares the enterprise for the uncertainty of the future. By adopting an architectural approach today that’s designed to seamlessly incorporate tomorrow’s product upgrades, emerging standards and new technologies, companies can be ready for the future without facing a rip-and-replace scenario.

A patchwork of point products aimed at virus scanning, spam detection, policy enforcement and so on simply can’t evolve in an elegant fashion to incorporate new approaches. A well-architected approach from a forward-looking vendor is much more likely to be ready to take sender authentication, appliances, encryption and other new technologies into the mainstream.

Look to Sendmail for an architectural approach to email security— with a product roadmap engineered to provide a fully- optimized infrastructure, comprehensive policy management, unified network management and adaptability to emerging technologies

and standards.

The next generation email security architecture provides protection and control from the perimeter all the way to the mailbox. To deliver ROI, the network must intelligently manage the connection – decreasing scanning, processing, storage; and provide seamless integration with key corporate groupware and directory investments.

���

��� ���� ������� ��������� ���������� ������ ��� ���������� ������� ���������� ������ ��� ���������� ������� ������� ���������� ����� ������� ��������� ���������� ������ �������� ��������� ��������� ����������� �����

��

��

��

� �������� ��� ���������� ���� �������� ����� ��������� ��������� ���������� �������� �������� ������� ������� ���������� ��� ��������� ��������� ����������� ��� ��������� �� ���������� ������� ���������� ��� ������������� ���������� ��������� ������ ����������� ��������� ���������� �������� ������ ������� �������������� ������� ���������� �������� ����� ������� �������� ���������� ������

��

��

��

�������� ������� ������� � ������ ������� ����� ���������� ��������� ������� ���������� ���������� ������� ������� ��������� ��������� ������� ��������� ��������� ������ ������������ �������� ������ ������ ������� �������� ��������� ������������ ����� ��������� ���������� �������� ������ � ���� ���������� ������� ������ ������ ��������� ���� ���� ��� ��� ������

Sendmail, Inc. 6425 Christie Avenue, Emeryville, CA 94608 | 1–87–SENDMAIL (877–363–6245) | +1 510 594 5400 | [email protected] www.sendmail.com

References

Download now ( PDF - 8 Page - 284.40 KB )

Related documents

The Venerable Frame 5 Gas Turbine

• Compressor: Scaled up directly from the GE10 gas turbine with more than 100 units installed worldwide; 11 stages; 17:1 pressure ratio; IGVs and first- and second-stage stator

Embrace Airway Management Guideline

T-piece system (e.g. Tom-thumb, Neopuff) - These can be used to provide CPAP or positive pressure ventilation to neonates and are available on neonatal units and on all Embrace road

Executive Summary. National University Virtual High School. Ms. Nancy L Rohland-Heinrich, Administrator N. Torrey Pines Road LaJolla, CA 92037

Through the school’s annual planning process and embrace of a culture of self-reflection, assessment and commitment to continuous improvement, NUVHS continues to position itself as

Primed for action: The unique role of Greek life in bystander helping behaviors

intervention training video would impact incoming freshman students interested in Greek life, a population at high risk for sexual assault (Binder, 2001; Moynihan et al., 2011;

Transnational Corporations - Key Enablers Globalization

It is also agreed that in this process, the World Trade Organization (WTO), an organization ostensibly established to regulate world trade, has come to assume the role of

Exclusive: Classified report surfaces on NSA website

If you install the latest version of BIND, update it when security issues arise (as they are guarenteed to do), and log the BIND audit data, you will be well on your way to

ARTICLE IN PRESS. Deep-Sea Research II

A model sensitivity analysis constrained by a maximum acceptable error in tidal current could be used to prescribe associated density field requirements for assimilation..