Informazioni personali

Cerca nel blog

Translate

martedì 27 ottobre 2009

Invito al WebEx del 30 ottobre: NOVITA' DA CISCO_IRONPORT

Da: Maria Antonietta Vasi
Inviato: martedì 27 ottobre 2009 17:12
Oggetto: Invito al WebEx del 30 ottobre: NOVITA’ DA CISCO_IRONPORT
Priorità: Alta

Buonasera,

siamo lieti di invitarla a partecipare alla WebEx che si terrà venerdì 30 ottobre dalle ore 15.00 alle ore 16.00.

 

Di seguito troverà i relativi dettagli:

 

Agenda:

·         Novità dal listino  – nuove scontistiche

·         Web Usage Control: licensing, funzionalità e competition

·         Training di certificazione  – Perchè essere partner certificati Cisco/IronPort

·         Registration portal: come funziona e perchè è utile

·         Q&A

Panelist:
Edoardo Albizzati
Antonio Ieranò

Meeting Number: 201 556 257
Meeting Password: IronPort

——————————————————-
To join this meeting %JoinMeetingTitle4SmartPhone%
——————————————————-
1. Go to https://ciscosales.webex.com/ciscosales/j.php?J=201556257
2. Enter the meeting password: IronPort
3. Click “Join Now”.
4. Follow the instructions that appear on your screen.

 

——————————————————-
To join the teleconference only
——————————————————-
1. Dial into Cisco WebEx (view all Global Access Numbers at
http://cisco.com/en/US/about/doing_business/conferencing/index.html
2. Follow the prompts to enter the Meeting Number (listed above) or Access Code followed by the # sign.

IMPORTANT NOTICE: This WebEx service includes a feature that allows audio and any documents and other materials exchanged or viewed during the session to be recorded. By joining this session, you automatically consent to such recordings. If you do not consent to the recording, do not join the session.

http://www.webex.com
We’ve got to start meeting like this(TM)

 

Grazie e buona serata!

 

 

Maria Antonietta Vasi

Account Manager

 

EXCLUSIVE NETWORKS

 

E-mail : mavasi@exclusive-networks.com

Mobile: 0039 345 2452620

 

Strada 4 – Palazzo Q7

20089 Milanofiori – Rozzano (MI)

Tel : +39 02 36538520

Fax : +39 02 36538520

Groups Website : www.exclusive-networks.com

Skype: anto.vasi 

martedì 6 ottobre 2009

WSA, l’URL filtering diventa dinamico col Cisco IronPort Web Usage Controls

Con la nuova versione del sistema operativo AsyncOS 6.3 per web, Cisco-IronPort introduce un nuovo engine: Cisco IronPort Web Usage Controls.
Questo nuovo motore è la base su cui si svilupperanno nelle successive versioni i nuovi servizi di WSA.
Con la sua uscita al momento “Cisco IronPort Web Usage Controls” fornisce già un interessante upgrade al motore di compliance introducendo un servizio di URL filtering dinamico in grado di categorizzare “on the fly” i siti non categorizzati.
La componente che svolge questo lavoro è il “Dynamic Content Analysis engine” il cui scopo è, appunto, quello di fornire una categorizzazione per quelle componenti di traffico che non sono già categorizzate.
Ma “Cisco IronPort Web Usage Controls” non si limiterà solo a queste feature, in programma ci sono anche sviluppi in termini di Bandwith Management ed Application Controls.
Dal punto di vista della interfaccia dell’apparato, la struttura rimane essenzialmente la stessa, il nuovo servizio sostituisce, se attivato, il precedente motore di URL filtering, pur non mantenendo la compatibilità con le policy definite in precedenza in quanto la lista delle categorie differisce in quantità (62) e qualità.
stay tuned
🙂
A

giovedì 1 ottobre 2009

Symantec Brightmail Traffic Shaper Vs. IronPort Sender Base Reputation Filter

The question is simple: who’s better?

The answer is as well simple: the question is wrong. the two object could not be compared because address different needs and focus on different deploy.

let’s try to understand what we are talking about.

Symantec Brightmail Traffic Shaper is a Linux based appliance that is used to throttle the smtp traffic rejecting or limiting the connection coming from an external IP.

Basically the idea is to monitor the smtp traffic in order to understand if a source is clean or is sending spam.

to do this the previously called sms8160 unit has to understand if the source is good or not.

the way the traffic shaper do this is by learning the traffic for some time analyzing it with Brightmail antispam.

Basically the system work this way:

1) in learning mode the Traffic Shaper put a copy of the traffic under the Brightmail analysis, the engine is built in inside the appliance.

the brightmail analysis give back the result in terms how much % of spam that specific source is sending and put the result in a database.

2) after a while, when number of sources analyzed is big enough (usually 3-5 days) the traffic shaper start closing connection at TCP level to the spam sources, periodically send traffic samples to the brightmail engine in order to categorize the ip source’s quality.

Working this way the Symantec Brightmail Traffic Shaper is able to dynamically assign an ip into a policy for traffic shaping (that limits the number of connections at tcp level as well as the number of messages per smtp connection)

from a deploying point of view the appliance is a passthrought unit that does not change the IP of the sender, and it is not an MTA.

One important point about this unit is that the analysis is local and based only on brightmail outputs.

IronPort Sender Base Reputation Filter works in a completely different way.

Although apparently they do the same job SBRS score based on more than 150 parameters that analyze the source IP not only in terms of SPAM sent, but generally speaking, any harmful output coming out.

Another big difference is that source for SBRS score  is not a local analysis  but the internet itself with Senderbase sensors.

so while Symantec analysis is local IronPort analysis is on the internet, while Symantec analysis is focusing on Spam, SBRS analysis is focused on any illegitimate traffic.

Doing a external analysis permit to react in a quicker way to new  attack, but also require a constant connection with the external database (SBRS answers are given in realtime).

But the main difference is that SBRS  is one of the technologies offered with IronPort Email Security Appliance that is also an MTA, and not a transparent unit for itself.

The result is that those 2 services address different needs; the first is antispam focused and could be deployed where already exists an Antispam solutions that is not using a reputation filtering systems, the second is a component of an ALL in ONE solution for Email security and MTA.

Although they could be put together in a system, make not sense because the traffic shaping cut offered by the brightmail unit would have been offered as well from the Reputation filter engine on IronPort solution. The cost of the Traffic shaper appliances would be not justified from a technical point of view while would be more simple to add some Ironport appliances as front end to do the shaping…but considering they do a lot more and that the licensing is not dependent on the number of appliances would be a waste of resource.

On the other hand, in a situation where is mandatory to maintain the original MTA the traffic shaper from Brightmail, working in silent mode and not changing the IP packet structure, would be the natural and sound solution.