Ironport Overview Ru v11

IronPort
WHITE PAPER
IronPort
, , .
1.
2. AsyncOS
3.

4.
5. SenderBase ,
,
6.

7. IronPort Virus Outbreak Filters
8.

9. -,
-
10. ,
11.

( ) .
, , ,
,
.

, , ,
.

.
, 90
(, , ..)
, .

, ,
. ,
,
. ,
, ,
.
12.
IronPort
WHITE PAPER
IronPort
.
IronPortAsyncOS.
AsyncOS
, IronPort
, ,
Unix.
IronPort
, .
,
IronPort,
, .

.

IronPort .
AsyncOS

SenderBase
(Reputation Filtering)
Virus Outbreak Filters

-,
-,
,

ASYNCOS
,
Unix, , ,
.
IronPort
AsyncOS,
.

.

. ,
.
.
,
, Unix Windows,
,

IronPort
WHITE PAPER
,
.
,
. AsyncOS
IronPort ,
, MTA
IronPort 10 000
100 , .
,
IronPort .
,
/ .
, /.
/ AsyncOS .
/. AsyncOS
.
/,
, , .
/.
/
AsyncOS.
. ,
, -
.
- ,
.
,
- .
, .
,
.

IronPort
. IronPort
.
.
-.
(, Hotmail) ,
, groupware
.

.
IronPort

. - ,
.

IronPort
WHITE PAPER
.
, .
MTA IronPort
. :
(bounces),
.
.
,
, ,
.
, , ,
.
,

.
IronPort
groupware, .
IronPort ,
Virtual Gateway.
IP- .
, ,
IP-. Virtual Gateway
.
,
IP-,
, .

IP-, ,
.

. .
IronPort
-, . ,
- ( Hotmail)
, ,
, .
.
,
,
.

MTA IronPort
. ,
. ,
.
,
.
IronPort Good Neighbor

IronPort
WHITE PAPER
.
, IronPort
, .
IronPort DNS-,
. IP- MX
- MX
.

,
,
.
,
.

DoS- .

.
, .
(
) . IronPort Bounce Verification

(bounce attacks) . Bounce Verification

(SMTP Mail From:).
:
MAIL FROM: support@bigbank.com
Bounce Verification :
MAIL FROM: pvrs=support=3201EA1CF@bigbank.com
,
.
IronPort
,
.
Bounce Verification , ,
,
. IronPort Bounce
Verification , .
IronPort
DomainKeys. DomainKeys
,
PKI.
DNS . ,
, DNS- ,
IronPort
WHITE PAPER
.
, . , DKIM
From:.
,
.
IronPort LDAP.

LDAP, Microsoft Active Directory.
SMTP- (
), NDR (nondelivery report) .

. ,
( SMTP-
).
IronPort Directory
Harvest Attack Prevention (DHAP). DHAP
.

(, ),
,
NDR .
- (
IronPort ).

DHAP, .
DHAP IronPort
.
, DHAP
,
.
SENDERBASE , ,
SenderBase
Web-. SenderBase
IP-, .
, IP-,
, ,
, DNS,
, .
SenderBase 100 000
. 25
Web-. SenderBase
, ,
IronPort, . SenderBase 120-
.

IronPort
WHITE PAPER
SenderBase ,
reputation score (
) -10 +10.

.
, DHAP ,
.
,
, 247 IronPort Threat Operations Center (TOC),
SenderBase . TOC
,

. , SenderBase
,
SenderBase ,
.

IronPort
, DNS ( RBL).
IronPort
, (
). ,
, , ,
.
,
. ,

, ,
, . ,
1000 ,
, TLS.
( Web), ,
.
, .
IronPort .
, , -
, .
,
. IronPort
.
, . ,
, .

.

IronPort
WHITE PAPER
.
.
80 .
20 .
IronPort
. 80 ,
( )
.
,
hit and
run DoS.
IronPort
. IronPort
, ,
,
. ,
. ,
Microsoft Exchange IBM Lotus
Notes ,
.
IRONPORT VIRUS OUTBREAK FILTERS
,
,
, .
.
,
, ,
. ,
. 6 48 ,
.
.
,
,
. IronPort Threat Operations Center (TOC)
, ,
IP-,
,
, .
TOC ,
TOC.
IronPort,
.

.
, .

IronPort
WHITE PAPER
,
, ,
. IronPort Outbreak Filters
(
, ),
.
IronPort ,
.
.
IronPort Virus Outbreak Filters
, 16
,
, .
1. ,
2004- $130 000
( ICSA Labs 10th Annual Virus Prevalence Survey),
Virus Outbreak Filters.
1. IronPort Outbreak
Filters
.
VOF
Outbreak Filter
Zotob.C
16.08.2005
01:56
04:47
2 51
MyTob.G
16.08.2005
11:30
12:58 ( )
13 28
Sober.L
24.03.2005
16:10
18:23
2 13
Mydoom.BB
15.02.2005
18:08
22:54 ( )
28 46

IronPort ,
. if-then-else,
C, ,

. ,
if, IP- ,
, , ,
LDAP. ,
, , , ,
(bounce), .
, ,
(
LDAP) ,
.
,
,
.

IronPort
WHITE PAPER
. IronPort
HIPAA.
Sarbanes Oxley (SOX) SEC. IronPort
TLS (Transport Layer Security),
, .
IronPort
, PostX, PGP Sigaba.
GUI ( Web), , .
IronPort Email Security Manager.
Web-
, , ,
.
.
IronPort
(message splitting) ,
, ,
.
,
. Email Security Manager
.

IronPort ,
: ( )
.
IronPort ,
80 . IronPort
Reputation Filters
,
-
. 20 ,
.
IronPort Anti-Spam ,
.
, IronPort Context
Adaptive Scanning Engine (CASE) ,
:
,
,
.
CASE
,
. IronPort Web Reputation
web- . IronPort CASE
,
10
IronPort
WHITE PAPER
. IronPort
Anti-Spam , ,
.
,
, IronPort
IronPort Spam Quarantine. IronPort Spam Quarantine
,
Web- Email-.
,
,
.
IronPort Sophos,
IronPort
. Sophos anti-virus
IronPort Virus Outbreak Filters,
. IronPort Sophos

.
Sophos .
,
. IronPort
, LDAP
(, engineering) ,
(, sales) .
,
IronPort ,
, ,
IronPort.
Mail
Flow Monitor. Mail Flow Monitor
. Web- IronPort Mail Flow Monitor

.
.
,
, ,
(soft & hard bounces).
. Mail Flow Monitor
IP- MX , (up/down) ,
,

, .

. IronPort domain
debug, ,
SMTP-
11
IronPort
WHITE PAPER
.
. ,

, .
Mail Flow Monitor
,
, , .

, ,
IronPort SenderBase. ,
, , ,
. ,
,
, .
,
, Mail Flow Monitor.
,
Mail Flow Monitor, IronPort

Mail Flow Central.
SQL. Mail Flow Central
, ,
, .
,
,
, , ..
,

. Mail Flow Central ,
.
, Mail Flow Central
DMZ, DMZ
. IronPort Mail Flow Central
.
IronPort
, SMTP-.
SMTP-
.
XML. IronPort Systems
,

.

, ,
- ,
, .
12
IronPort
WHITE PAPER

.
,
.
, ,
.
, IP-,
.
XML
. ,
,
.
IronPort
.
IronPort
20 ,
.
,
IronPort, IronPort C100.
IronPort
,
,
. ,
75 .
,
IronPort , .
,
IronPort, .
IronPort Systems Web,

, Global 2000. IronPort
, ,
-.

Ironport Overview Ru v11

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ironport Overview Ru v11

Uploaded by

Copyright:

Available Formats

IronPort

IronPort Systems Web,

You might also like