Scribd Logo
Upload

Welcome to Scribd!

  • ESA Knowlage Sharing - Update (Autosaved)

    Uploaded by

    yared Berhanu
    27 views20 pages

    Original Title

    ESA Knowlage Sharing_Update [Autosaved]

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    27 views20 pages

    ESA Knowlage Sharing - Update (Autosaved)

    Uploaded by

    yared Berhanu

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 20

    Email Security Gateway Solution Overview

    Cybersecurity Technical Management/CSO

    April 2022
    DOCUMENT CONTROL
    Date Versio Prepared By Remark
    (DD/MM/YYYY) n
    25/04/2022 V 1.0 Derebe Tekeste Presented

    Cybersecurity Technical Management/CSO


    4 Email Security Protocols

    1 Introduction: Email Security 5 3Email Features

    2 Outline 6 Conclusion
    ESA Overview

    31. ESG Architecture 7 Recommendations

    Cybersecurity Technical Management/CSO


    INTRODUCTION: EMAIL SECURITY

     Business communication can be Global Cyber losses - $ • Organizations needs to protect


    done easily their emails messaging to decrease
     It is faster than any other forms of • Above 80% of cyber attack their revenue loss and increase
    communication occurred via email productivity
     87.8 Billion email successfully
    delivered in 2019/month • Cybercriminal to cost the world • Email security services
     It is also a common entry point for $10.5 Trillion dollar annually by are designed to protect company
    attackers the 2025 email accounts from undesired
     Many of today's attacks occur • Ransomware alone costs access and mishandling, and
    through email messages $20Bn in 2021 secure employee emails from
     Often used to spread
    deletion, viruses, and theft.
    malware, spam and phishing
    • eg. Cisco ESA, semantic,
    attacks
    Avanan, barracuda etc

    Cybersecurity Technical Management/CSO 1


    4/25/2022
    EMAIL SECURITY APPLIANCE OVERVIEW

    Main configuration performed like:


    Email Security Appliance components • Routing
     ESA – Email Security Appliance • Security Policy defined
     SMA – Security Management Appliance • Registering Domain Keys and domain
     AMP – Advanced Malware Protection profiling
     TG – Threat Grid

    ESA: is an an all-in-one appliance email


    security gateway product. It is designed to
    detect and block a wide variety of email-borne
    threats (other inbound and outbound email ),
    such as :
     malware
     spam
     phishing attempts.
     viruses etc

    4/25/2022 Cybersecurity Technical Management/CSO 2


    EMAIL SECURITY APPLIANCE OVERVIEW - SMA
    • Security Management Appliance - SMA

    • It integrates with different security


    appliances and summaries a report for:
     Manages total Incoming and outgoing
    email traffics via ESA appliances
     Message tracking KK
     Advanced phishing protection
     Used for message quarantine
     Disc/storage management

    LG
    MW

    Cybersecurity Technical Management/CSO 3


    4/25/2022
    EMAIL SECURITY APPLIANCE OVERVIEW - AMP

     File sandboxing - Analyzing behavior of unknown file


    Obtaining the reputation of known files
    Continuously evaluating new emerging threats
    Preventive suspicious files
     Protect across the attack continuum
    Cybersecurity Technical Management/CSO
     Before, during and after 4
    4/25/2022
    EMAIL SECURITY APPLIANCE OVERVIEW - TG
    • Threat Gid - Secure Malware Analytics
    • Understand and prioritize threats faster
    • Combines advanced sandboxing with threat
    intelligence into one unified solution to protect
    organizations from malware
    • Gain deep malware analysis
    • Speed up incident investigations
    • Get edge-to-endpoint integration

    4/25/2022
    Cybersecurity Technical Management/CSO 5
    EMAIL SECURITY ARCHITECTURE

    Cybersecurity Technical Management/CSO 6


    4/25/2022
    EMAIL SECURITY ARCHITECTURE
    10.180.80.38
    TG The only out going path to external
    domain is KK-ESA1 But Incoming
    10.180.80.37 emails via all KK & MW ESA
    AMP

    From Exchange server

    10.180.80.33 10.180.80.34 10.180.80.97 10.180.80.98 10.180.80.161 10.180.80.162


    ESA1 ESA2 SMA1 SMA2 ESA1 ESA2

    SMA1 - SMA2 SMA SMA

    10.180.80.35 10.180.80.36 10.180.80.99 10.180.80.163

    Leghar DC Internal Domain KK DC - Active External Domain MW DC - DR


    Cybersecurity Technical Management/CSO 7
    4/25/2022
    EMAIL SECURITY ARCHITECTURE

    Cybersecurity Technical Management/CSO 8


    4/25/2022
    ESG - KEY FEATURES

    Advanced Phishing Outbreak Filters


     Phishing detection capabilities Used in conjunction with Anti Virus and Anti
     Detects identity deception Spam in ESA to detect spam and viruses

    File Reputation Filtering and File Analysis Bounce Verification


    It is a process that allows Cisco ESA to tag outgoing
    messages so that when bounced email comes back to the
    Advanced Malware Protection protects against
    appliance, it can verify that the email was actually sent out
    zero-day and targeted file-based threats in email originally by Cisco ESA
    attachment  Spammers and hackers use fake bounced
    messages. for many malicious purposes.

    Email encryption
    • Uses robust technology - the most reliable email Managing Graymails/Bulk message
    encryption algorithms. • Messages that do not fit the definition of spam
     Two-step verification • Users subscribe on newspapers, newsletters,
    • Strong encryption mailing list subscriptions, social media
    • Secure Email Encryption Service gives senders notifications
    full control to terminate or recall emails
    9
    4/25/2022 Cybersecurity Technical Management/CSO
    ESG - KEY FEATURES CONT.’

    • Advanced Anti-Spam
     Spam – Bot Army infected machines
     More than 29% of all email message is spam in 2019
     Cisco Email Security make easy to stop spam from reaching our inbox. A multilayered
    defense combines an outer layer of filtering based on the reputation and validity of the
    sender and an inner layer of filtering that performs a deep analysis of the message.
     URL-Related Protections and Controls

    Cybersecurity Technical Management/CSO 10


    4/25/2022
    ESA - PROTOCOLS

    • SMTP:
     user SMTP process opens a TCP connection to a server SMTP process on a remote host and
    attempts to send mail across the connection.
     The server SMTP listens for a TCP connection on a well known port 25 (two processes
    execute a simple request/response dialogue, defined by the SMTP protocol )

    • SSL, TLS, and STARTTLS refer to standard protocols used to secure email transmissions. SSL
    (Secure Sockets Layer) and its successor, Transport Layer Security (TLS), provide a way to
    encrypt a communication channel between two computers over the Internet.

    Cybersecurity Technical Management/CSO 11


    4/25/2022
    SMTP PROTOCOLS

    Cybersecurity Technical Management/CSO 12


    4/25/2022
    RECOMMENDATION - ESG BEST PRACTICE
    • Best practices for email security keep users and their data secure and reduce the chances of
    cyber criminals breaching corporate networks.

     Train our Staff in Cybersecurity Awareness.


     Use a strong email password.
     Use two-factor authentication.
     Monitor your email habits.
     Be Aware of Phishing Emails.
     Don't open attachments without scanning them first.
     Never access emails from public WiFi.
     Change your password as often as possible.
     Be careful with the devices you use.
     Encrypt Email

    Cybersecurity Technical Management/CSO 13


    4/25/2022
    CONCLUSION

    • Secure Email Gateways offer benefits, such as:


     Helps to Improve spam and phishing protection

     Helps to Identify suspicious user behavior


     Helps to Maintain communication confidentiality

     Helps protect employee emails across multiple devices


     Helps meet compliance needs with email archiving and encryption

     Helps to Protection against zero-day threats


     It helps Real-time threat protection

     Stop ransomware attacks and other threats

    Cybersecurity Technical Management/CSO 14


    4/25/2022
    REFERENCE
    • Cybercrime To Cost The World $10.5 Trillion Annually By 2025 (cybersecurityventures.com)

    • Products
    - Cisco Secure Malware Analytics (formerly Threat Grid) : Cloud Subscription vs Integrated Lice
    nses Comparison
    – Cisco

    • Cisco Secure Email Encryption Service, Formerly Registered Envelope Service – Cisco

    Cybersecurity Technical Management/CSO 15


    4/25/2022
    Thank you

    Cybersecurity Technical Management/CSO


    4/25/2022
    • subscription

    08/10/2022 CCTV Video wall Project - Closure Report 20

    You might also like