ExchangeDefender Overview
ExchangeDefender is a transparent network service designed to secure your email before it can damage your servers and workstations. It enforces your company policies and government compliance requirements and provides reporting, business continuity and even email access and collaboration when your Internet access or mail server is unavailable.
Deployment
ExchangeDefender is a transparent stateless SMTP proxy. Jargon aside, it is a security network that processes email and only delivers the email you want to read down to your server. Every message going into or out of your mail infrastructure is scanned for dangerous content and the security policies you define are applied to it, along with any archiving or government compliance requirements. ExchangeDefender is a global network, spanning 2400 servers in over 14 data centers (Nov 2007) and is the fastest growing security network worldwide. Below is a brief overview of the implementation:
Mail for your domain is pointed to ExchangeDefender via MX records in your DNS. For outbound mail security, you use our outbound smarthost to route all outbound mail through our content protection network. Your mail server should only accept connections from ExchangeDefender and the authenticated users. For ultimate security, you can configure your firewall to only allow connections from our networks by enforcing IP restrictions.
ExchangeDefender is RFC compliant and works with Microsoft Exchange, Lotus Domino, Novell Groupwise, Sendmail, Postfix, Qmail, Imail, and any other SMTP mail server. The entire deployment can be done in just a few minutes.
Security Enforcement
The brain of ExchangeDefender is its policy server- the central collection of all security directives that tell individual nodes and firewalls what to do with dangerous content, how to archive email, how to provide business continuity and how to implement your policies. Once your email is received by ExchangeDefender, the policy server is contacted and asked what to do with the email. This is where we enforce the policies you established for your company- Should we scan it for viruses? If so, what do we do with infected messages? What about disinfected messages? With over a thousand possible settings and policy configurations, this is the core of our service:
Malware Scan - The first step in the ExchangeDefender process is a malware scan - this is where we determine if the message itself is valid and if any of the attachments are acceptable. If necessary, the message is disarmed and then forwarded to the virus scanners.
Virus Scan - ExchangeDefender uses up to six different virus scanning engines to determine if any of the attachments contain viruses. If we find a virus, we will comply with your policy (delete, disinfect, quarantine) or we can silently dispose of the message.
Spam Scan - Here we pass the message through thousands of tests to determine if it is a SPAM or a valid/clean email. Because of the number of anti-spam techniques used in this process, we average 98% spam identification with less than 0.000004% false positive ratio (legitimate messages treated as junk mail).
Content Scan - This is the most comprehensive portion of ExchangeDefender and the most flexible because it includes the ever evolving message intelligence part of the service. We can determine if messages contain adware or spyware, if they are "phishing" with fraudulent content, if they contain adult or foreign content not suitable for your users or if they are simply things you wish not to read.
As you can tell, ExchangeDefender is very flexible to give you the level of scrutiny you need to process your email. Instead of spending your time analyzing each message, you can establish rules for yourself, your department or your entire company and have them applied automatically and reliably.
Outbound Security
ExchangeDefender provides outbound content filtering as a core component of your email infrastructure. By routing all your outbound mail through ExchangeDefender outbound servers, you can restrict SMTP connections to your mail servers and offload virus and content scanning onto a server connection you can control. By scanning each message for virus content, we can keep you from blacklists and minimize the chance of your server being added to a blacklist.
ExchangeDefender can also implement outbound policies that screen outgoing messages for confidential content and allow you to block, quarantine or forward any suspicious information leaving your organization (accounting data, confidential contracts, etc).
Each outbound message also transparently creates a reverse trusted-sender entry (whitelist) for contacts you send mail to. Because you initiated the contact, the email address you sent mail to will be transparently added to your whitelist, and their reply will bypass many SPAM filters.
Policy Enforcement
ExchangeDefender automatically applies your security policy to each message it scans, and you have a friendly web interface to properly define it.
ExchangeDefender policy is very granular and easily configurable. You can establish a policy for the entire company, domain, server, department or even allow each user to customize how their mail should be handled. There are separate control panels for the administrators and users, all easily accessible from any device with web connectivity (https).
ExchangeDefender gives you easy access to all aspects of the service including:
- antivirus (delete, disinfect, quarantine, deliver);
- spam (delete, bounce, quarantine, archive, forward, deliver, flag);
- attachment rules (delete, quarantine, block, reject, deliver);
- spyware (delete, quarantine, deliver)
- malware (disarm, convert-to-text, quarantine)
- HIPAA compliance (archive, deliver & store, deliver, store & forward)
You could spend days configuring ExchangeDefender to reflect your entire corporate policy and keep up with every new threat. However, ExchangeDefender is delivered fully configured to provide optimum security, and we respond immediately to any emerging threats.
Message Delivery
ExchangeDefender delivers the mail you wish to read with minimum delay. Because the service is provided through massively scalable and redundant systems, we are able to process messages much faster than you could if you loaded all the software on a single system (as is usually the case with mail servers).
ExchangeDefender encrypts communication between mail servers and mail users whenever possible. All servers support SSL/TLS connections assuring that your mail does not get intercepted by TCP/IP sniffers.
ExchangeDefender operates as a distributed cloud service, with decentralized administration, policy enforcement and archive with business continuity. What that means is that our network, spanning 2400 servers and 14 data centers with over 100 Gbit of Internet bandwidth, has no single point of failure and can adapt to network outages, distributed denials of attack, mail floods and more.
Based on standards, ExchangeDefender internally implements the ETRN protocol to spool mail for your server in case of any network or server outage you may experience. The service is automatically enabled when ExchangeDefender cannot reach your server for any reason. ExchangeDefender bridgeheads attempt to contact your network every minute for the first 15 minutes of outage, after which the interval is increased to 15 minutes for up to seven (7) days.
ETRN can give you time to perform maintenance on your server or network without the risk of bouncing email. Once your network or server has recovered, ExchangeDefender will start to deliver messages to you in staggered mode. Each data center will only attempt several connections at a time to give your server the ability to dequeue all queued mail without being immediately flooded.
Furthermore, ExchangeDefender implements our own LiveArchive technology, providing you with a full, seamless and standalone email environment that your organization can continue to work from uninterrupted even if your Internet access or mail infrastructure becomes unavailable.
Business Continuity and LiveArchive
One of the most critical components of an external mail security solution is its reliability. You need something that will be far more reliable than your own mail infrastructure so, if you ever experience an outage, you have that extra layer of mail redundancy. ExchangeDefender meets and exceeds that requirement through our LiveArchive business continuity services.
LiveArchive is designed from the ground up as the core component of ExchangeDefender. It is a complete standalone email system with your users, your corporate identity and your passwords, running on a highly reliable, geo-redundant webmail system. The beauty of ExchangeDefender LiveArchive is that it is seamless. You will not even know it's there until you need it. When you do need it, you just need a web browser. Login to your account via the secure https connection, and your email address and password give you access to the past seven days of email with the ability to respond to, delete, forward and essentially continue working while your main server or Internet connection to the office is down.
Extension to LiveArchive is also available for regulatory compliance, with flexible storage allocation available at a cost effective price. Store the email for as long as your regulatory compliance requires it- in a secure, redundant storage network spanning multiple data centers.
Reporting & Accountability
ExchangeDefender is an extension of your email infrastrucuture. How do you know what happens with email that you send and receive? How do you troubleshoot the mail flow if there is a mysterious component between you and the sender/recipient? With ExchangeDefender we offer full insight into the activity on our network, giving you control and accountability over the entire process.
User SPAM Reports - Each user (and each email address) on the ExchangeDefender system can receive up to two daily reports generated at a time you specify and emailed directly to their inbox. These reports, daily and intraday, show your users which email was classified as SPAM and gives them an option to release the message into their inbox or release and add it to a whitelist so it can never be flagged as SPAM again. If access to quarantined email is critical, users have full 24/7 access to the SPAM quarantines via the web, containing the past seven days worth of junk mail.
Administrator Reports - Administrative access to email is critical, especially when there are problems that need to be troubleshot or for overall system performance. Administrators are emailed monthly reports indicating the performance of ExchangeDefender along with the full business key performance indicators. We also have the ability to provide this data at any time, on demand.
Service Provider Mail Log - Service Providers that rely on ExchangeDefender have full, centralized access to the accounts they service as well as a full mail log to inspect the mail activity on the ExchangeDefender network. See when the message arrived, how it was categorized, when it got delivered and more. It is your integrated message tracking center in the cloud. ExchangeDefender service providers further get granular access to the administrator and user control panels to assist the end user in getting the information they may need.
SPAM Czar - SPAM Czar is a special role in the ExchangeDefender system, built specifically for the email administrators who do not want their users to be bothered with the chore of junk mail management. SPAM Czar is a special administrator that has access to the entire system's SPAM bucket, allowing them to manage releases of false positives, whitelists and blacklists. This role brings further positive productivity benefits to your organization because it puts the management of the organization in the hands of the appropriate department instead of every single user.
ExchangeDefender offers multiple levels of integration and reporting with your existing infrastructure. In addition to providing flexible daily and intraday email reports, web console access, searchable logs and graphical KPI (key performance indicator) charts, ExchangeDefender integrates with multiple MSP platforms such as ConnectWise and Autotask, for inclusion in executive reports.
Tiered/Central Administration Model
ExchangeDefender is designed to be flexible and work the way you want to manage your mail infrastructure: It gives the users full control over the management of their ExchangeDefender feature set, but it also empowers Administrators and Service Providers to easily navigate back and forth through the system and assist the users or do all the work for them. Whatever your management policy is, ExchangeDefender fits perfectly. Empower your users. Restrict their access. Move through your accounts without multiple authentication. Delegate authority. Search mail logs. Provide detailed KPI graphs and performance charts.
ExchangeDefender's core value is time savings. We started the product to save time by eliminating SPAM. It has evolved into a product that saves management hours and puts the system control in the hands of those that your organization chooses.
