UPDATES

Wizertech Informatics Pvt Ltd is An ISO 9001:2008 and ISO 14001:2004 certified IT Infrastructure Consultancy & System Integration company having presence all across India.

Home » SOLUTION » IP Infrastructure Solutions » Mailing & Web Security Solution

Mailing & Web Security Solution

Mailing Security Solution


Overview

Email has become the dominant form of business communication – rivaling, if not exceeding, the importance of voice networks. Indeed, email has had such an extraordinary impact that, like the fax and ATM, it’s hard to imagine life before its widespread adoption over the last decade. The very power of the medium has also attracted a disturbingly large and growing number of security threats – spam, fraud, viruses, regulatory violations and intellectual property theft.

The volume and sophistication of email security threats continues to grow at an unchecked pace. Most customers observe that as much as 90 percent of their incoming mail is invalid (spam, viruses, etc), and the total number of incoming messages is doubling every year, even if the number of employees stays constant. These email security threats are fueled by a powerful profit motive associated with spam, fraud and information theft. This creates resources that bring professional engineers into the business of developing new threats, further exacerbating the situation. As this cycle does not appear to have a natural equilibrium, threats are expected to continue to grow in volume and sophistication for the foreseeable future.

Defense Methodologies

  1. Email Authentication
  2. SenderBase – First, Largest, Best in Reputation
  3. Reputation Filtering and Flow Control
  4. Content Scanning and Compliance Capability
  5. Content-Based Anti-spam and Anti-virus
  6. Email Encryption
  7. Management, Monitoring and Reporting
  8. Centralized Management


Web Security


Overview

Internet users are under attack. Organized criminals methodically and invisibly exploit vulnerabilities in websites and browsers to infect computers, stealing valuable information (login credentials, credit card numbers, and intellectual property) and turning both corporate and consumer networks into unwilling participants in propagating spam and malware. Simply allowing a user to visit their favorite website, or clicking on a link from their top ten search results, is all it takes for the malware infection process to begin. More and more, malware writers are targeting legitimate, trusted, websites as the starting pointfor malware distribution. Both BusinessWeek.com and MSNBCsports.com had portions of their websites used for distributing malware. Although no threat is present on these websites today, users became infected simply by visiting trusted sites. Knowing these website are trusted by millions of users makes them easy targets for malware writers. The sophistication, innovation, and dynamic nature of these attacks often render traditional defenses useless. URL filtering and IP blacklisting are reactive and cannot adequately assess new or previously uncompromised sites in a timely fashion, while signature-based scanning solutions have trouble keeping up with the constant mutation of malware. A new approach is needed. Protecting users from today’s web-based threats requires a layered, holistic, and integrated approach that uses multiple advanced methodologies to assess each threat and type of network traffic Best defense as a community of users is to share information about threats in a real-time, automated way so that new attacks are quickly blocked and shut down the window of opportunity for criminals.

Threats

Legitimate Websites, Invisible Threats

Trusted, legitimate websites are the perfect vehicle for malware distribution. Unlike batistes, which are websites specifically designed to host malware, legitimate sites are well-known reputable sites, trusted by users. They often see high user volumes on a daily basis and, most of the time, they are allowed under corporate acceptable use policies (AUP), making them prime targets for online criminals looking to infect as many users as possible.

Methods

  1. Cross-site scripting (XSS)
  2. SQL injections
  3. Exploited iFrames
  4. Buffer overflows


Defense Methodologies

A Comprehensive Approach Using Network-Level Parameters to Determine Web Reputation through the following methods,

  1. Content-based behavioral analysis
  2. Presence of downloadable code
  3. Presence of long, obfuscated End-User License Agreements (EULAs)
  4. Global volume and changes in volume
  5. Network owner information
  6. History of a URL
  7. Age of a URL
  8. Presence on virus/spam/spyware/phishing/pharming blacklists
  9. Presence on virus/spam/spyware/phishing/pharming whitelists
  10. URLs that are typographical errors of popular domains
  11. Domain registrar information
  12. IP address information

Over the past decade, the threat landscape has changed dramatically. In the past, malware writers were looking for fame, not fortune; unfortunately that is no longer the case. Malware writers are now targeting users with the intent of obtaining their personal information. Items such as credit card numbers, passwords and bank account information are all being exploited for financial gain. As the motives behind malware have changed, so has the method of the attack. Attack origins were once somewhat predictable and less challenging to stop. But today’s malware threats are often times unknown and without precedent. Simply clicking on a search result or viewing a well-known website can be enough to infect a machine with malware.

Malware writers are creating more credible-looking websites themselves, while also increasingly distributing malware by cleverly compromising legitimate websites. These sites are trusted, or had never previously been known as offenders, traditional URL filtering won’t suffice to keep users from being compromised. Nor will malware scanning alone offer adequate protection when new malware has not yet been identified with a signature from security vendors. Allowing users to access valuable productivity resources on the Internet, while protecting them from constantly evolving web-based threats, requires a comprehensive, integrated approach. A solution that looks at more than just URL blacklists or whitelists, but checks every element of the webpage (rather than just the requested URL) from the initial HTML page to all subsequent data requests, considering each element on a webpage and its origins individually—including live data (such as JavaScript, ads and widgets), which may be fed from different domains.

Using this deep, broad collection of threat data on web, IPS, firewall and email traffic generated by combination of different technologies we can protect our all valuable data against increasing intelligent network threats.