Lotus Domino provides robust email security capabilities including strong password authentication and encryption. As email threats like spam, phishing and malware have increased, comprising up to 90% of email traffic, integrated email security solutions are needed. IBM Lotus Protector extends Domino's security with antispam, antivirus, encryption, data loss prevention and other tools to protect against modern threats while maintaining Domino's access controls and policies. It offers deployment options including virtual appliances, dedicated hardware, and integration with existing Domino infrastructure.
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based ā¦Andris Soroka
Ā
World's #1 SIEM technology in GRC (Governance, Risk, Compliance). QRadar Risk Manager provides organizations with a pre-exploit solution that allows network security professionals to assess what risks exist during and after an attack, while also answering many "What if?" questions ahead of time, which can greatly improve operational efficiency and reduce network security risks.
The rising importance of Email has also made it the #1 vehicle for security breaches in the form of Spam , Virus, RansomWare etc. 88% of businesses experience data loss and
email is the main culprit
https://godmarc.io
Actively Block Phishing
Boost Email Deliverability
Get Visibility
DMARC, which stands for āDomain-based Message Authentication, Reporting & Conformanceā, is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding
linkage to the author (āFrom:ā) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor protection of the domain from fraudulent email.
At a high level, DMARC is designed to satisfy the following requirements:
Minimize false positives.
Provide robust authentication reporting.
Assert sender policy at receivers.
Reduce successful phishing delivery.
Work at Internet scale.
Minimize complexity.
It is important to note that DMARC builds upon both the DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF) specifications that are currently being developed within the IETF. DMARC is designed to replace
ADSP by adding support for:
Wildcarding or subdomain policies,
Non-existent subdomains,
Slow rollout (e.g. percent experiments)
SPF
Quarantining mail
La mayor parte de las brechas de datos son debidas al uso indebido de credenciales privilegiadas. Los invitamos a conocer el enfoque de CyberArk, en esta presentaciĆ³n de Carolina Bozza.
Carolina serĆ” una de los presentadores en nuestro evento "EL ATAQUE INTERNO", el prĆ³ximo 6 de mayo. El link de inscripciĆ³n es:
https://eventioz.com.ar/e/el-ataque-interno?utm_source=eventioz&utm_medium=emailtrans&utm_campaign=ez_invite_recipient&utm_content=button_cta&source=orevem
Los esperamos!!
Presentation on Zero Trust model, used for the Codecademy Manipal Chapter event. Covers basic information about the Zero trust model, implementation, and benefits.
Mechsoft technologies is a leading IT solution provider based in Dubai specializing in ERP implementation, Backup solutions and Cybersecurity solutions.
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based ā¦Andris Soroka
Ā
World's #1 SIEM technology in GRC (Governance, Risk, Compliance). QRadar Risk Manager provides organizations with a pre-exploit solution that allows network security professionals to assess what risks exist during and after an attack, while also answering many "What if?" questions ahead of time, which can greatly improve operational efficiency and reduce network security risks.
The rising importance of Email has also made it the #1 vehicle for security breaches in the form of Spam , Virus, RansomWare etc. 88% of businesses experience data loss and
email is the main culprit
https://godmarc.io
Actively Block Phishing
Boost Email Deliverability
Get Visibility
DMARC, which stands for āDomain-based Message Authentication, Reporting & Conformanceā, is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding
linkage to the author (āFrom:ā) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor protection of the domain from fraudulent email.
At a high level, DMARC is designed to satisfy the following requirements:
Minimize false positives.
Provide robust authentication reporting.
Assert sender policy at receivers.
Reduce successful phishing delivery.
Work at Internet scale.
Minimize complexity.
It is important to note that DMARC builds upon both the DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF) specifications that are currently being developed within the IETF. DMARC is designed to replace
ADSP by adding support for:
Wildcarding or subdomain policies,
Non-existent subdomains,
Slow rollout (e.g. percent experiments)
SPF
Quarantining mail
La mayor parte de las brechas de datos son debidas al uso indebido de credenciales privilegiadas. Los invitamos a conocer el enfoque de CyberArk, en esta presentaciĆ³n de Carolina Bozza.
Carolina serĆ” una de los presentadores en nuestro evento "EL ATAQUE INTERNO", el prĆ³ximo 6 de mayo. El link de inscripciĆ³n es:
https://eventioz.com.ar/e/el-ataque-interno?utm_source=eventioz&utm_medium=emailtrans&utm_campaign=ez_invite_recipient&utm_content=button_cta&source=orevem
Los esperamos!!
Presentation on Zero Trust model, used for the Codecademy Manipal Chapter event. Covers basic information about the Zero trust model, implementation, and benefits.
Mechsoft technologies is a leading IT solution provider based in Dubai specializing in ERP implementation, Backup solutions and Cybersecurity solutions.
FISMArts - Improving Retention of FISMA Guidance Details with Mnemosynedanphilpott
Ā
FISMA guidance is a large body of complex and technical knowledge. Not recalling the details can have serious impacts. The FISMArts project aims to make memorization of those details easier using spaced repetition based memorization software called Mnemosyne. This presentation introduces how this is done and how others can take advantage of the software.
Ā¬Ā¬Ā¬Ā¬Ā¬Ā¬Ā¬Ā¬Ā¬Ā¬Ā¬A crisis is a defining moment. How a leader reacts will determine if their career and leadership are destined for greatness like Rudy Giuliani or if your report card will be marked by failing grade like former BP CEO, Tony Hayward. Leadership in a crisis is as much about managing appearances and perceptions as it is the actual management of the crisis. In this dynamic, interactive session, author, crisis media trainer and coach, Jane Jordan-Meier will examine why appearances matter, why style matters as much as substance; and what strategies leaders can adopt in a crisis. Body language, dress, actions are all part of the crisis code of trust and even more so in the ever present, no deadline media world where an aberrant quote can go viral in an instant. In this presentation, Jane gives a report card on the performance of some of the worldās most famous leaders ā from the winners like Giuliani to Gov. Chris Christie, and New Zealandās Bob Parker to the fallen like Tony Hayward, disgraced cyclist, Lance Armstrong and Go Daddy CEO Bob Parsons.
Selleks, et julgeks andmed pilveteenusesse viia, peab esmalt teenusepakkujat usaldama. Mida on Microsoft Ƥra teinud selleks, et klientide usaldust vƵita? Kuidas hoida andmeid pilve-Exchangeāis ja pilve-SharePointis turvaliselt, jagada vƤlja krĆ¼pteeritult ning pƵhjalikult kontrollida sĆ¼steemide kasutajate volitusi.
SIA311 Better Together: Microsoft Exchange Server 2010 and Microsoft Forefron...Louis Gƶhl
Ā
Come learn how Forefront and Exchange Server 2010 work better together! This session covers how Forefront Protection 2010 for Exchange Server (FPE) and Forefront Online Protection for Exchange (FOPE) will facilitate protection of Microsoft Exchange Server 2010 from malware and unsolicited mail.
Cyberoam UTM appliances enables small offices to shift from plain firewall to comprehensive UTM protection with cost effective, which gives powerful security to protect your network from malware, spam, trojan, DoS, DDoS, Phishing, pharming and intrusions. Large organizations can implement uniform security and gain high visibility into remote and branch offices with centralized management and Layer 8 Identity-based security.
"Evolving Cybersecurity Strategies" - Threat protection and incident managmentDean Iacovelli
Ā
As the volume and sophistication of attacks has increased, it has become even more critical for organizations to be able to rapidly and accurately identify malicious attack vectors and payloads at time of delivery. This session will explore Microsoftās unique approach to dealing with this problem and also how we approach tracing and deconstructing a successful attack in order to prevent itsā next iteration.
How to create an event video using your mobile phone then share on your blog, on twitter and linked. Also using slideshare and youtube to hold the data for you. - easy.
Maximo licensing information and usage restrictions 11 March 2015Chris Sparshott
Ā
The following usage restrictions apply to all Maximo related products, and are in addition to the details outlined within each productās respective Licensing Information document.
SPSS Modeler 16 What's New!?
IBM SPSS Modeler is a comprehensive predictive analytics platform, designed to bring predictive intelligence to everyday business problems, enabling front-line employees or systems to make more effective decisions and improve outcomes. Modeler scales from desktop installations through to larger deployments that are integrated within operational systems and provides a range of advanced analytics including text analytics, entity analytics, social network analysis, automated modeling and data preparation in addition to decision management and optimization
IBM UrbanCode Deploy: Automates and manages the deployments of business applications made of many component pieces such as web services, databases, content, CICS and mobile apps. Through automation, costly errors and manual labor are drastically reduced. UrbanCode Deploy also eliminates a common bottleneck between agile development teams and slower operations groups thereby speeding time to market. UrbanCode Deploy excels at driving down cost and reducing risk.
IBM UrbanCode Deploy with Patterns: A leading edge offering that combines all the great capabilities of UrbanCode Deploy with additional capabilities for designing and deploying full-stack environments on cloud and updating configurations for existing cloud environments.
IBM UrbanCode Release: A robust collaborative release management tool that helps you handle the growing number and complexity of releases. You can plan, execute, and track a release through every stage of the delivery lifecycle.
IBM UrbanCode Build: An enterprise continuous integration server used for managing builds, build artifacts and the dependancies inherent with them. UrbanCode Build specializes in reducing errors and speeding handoffs through a managed self-service build infrastructure.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Ā
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
Ā
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Ā
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Ā
Clients donāt know what they donāt know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clientsā needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
Ā
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
Ā
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Ā
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
Ā
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. Whatās changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
Ā
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more āmechanicalā approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Ā
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Ā
Building better applications for business users with SAP Fiori.
ā¢ What is SAP Fiori and why it matters to you
ā¢ How a better user experience drives measurable business benefits
ā¢ How to get started with SAP Fiori today
ā¢ How SAP Fiori elements accelerates application development
ā¢ How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
ā¢ How SAP Fiori paves the way for using AI in SAP apps
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Ā
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
DevOps and Testing slides at DASA ConnectKari Kakkonen
Ā
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
This talk introduces the Lotus Protector security strategy, and features Protector for Mail Security, the first offering in the product delivery plan.
ā Donāt you wish everything was as secure as Notes?ā This hard-earned reputation for protecting customers and end users is what separates Lotus from other e-mail vendors. Today weāll be talking about Lotus Protector, a new family of security offering that extends this legendary security to the next layer, protecting against Internet-borne threats and securing sensitive or confidential information from loss via e-mail.
E-mail has proved to be a boon to communication and productivity, but also is a prime attack vector for those who would separate you from your assets ā whether monetary or confidential data. Spam, viruses, trojans, targeted attacks, and spyware infest the Internet. By many accounts, the vast majority of all traffic is garbage ā either garden variety spam or much more malicious content. It clogs up your bandwidth and systems and, if it gets through, it can impact your organizationās image inside and outside the firewall. Every day the sophistication and risk grows, as the bad guys increasingly seek to monetize the use of spam and malware, aided by worldwide networks of compromised servers and PCs that lower the effective cost of the activity to zero. Furthermore, companies face increasing risks that sensitive data can leak out via e-mail ā intentionally but more often inadvertently or carelessly ā creating competitive disadvantages, risks, and liabilities.
As this chart shows, the game of cat-and-mouse between criminals and security experts has created a fast-changing environment. IBM X-Force analysis shows several trends. Keyword spam was largely defeated, so image spam spiked until methods were devised to combat it. Recently itās simple URL-based spam, where the only goal is to get users to click on links that either present a detailed sales pitch or, more ominously, seek to plant ādrive-byā malware on their computers. Spam and phishing URLs are now engineered for short lifespans, so they can be used in the time before they are either detected by filters or taken down by their hosts.
The problem with all of these threats and risks is that they often require different tools and approaches to combat them. This leads to āsecurity clashā ā where multiple vendors and systems (āsilosā) create excessive effort to deploy, and tend to suppress the overall effectiveness because they often need to be dialed down to prevent conflict. As this chart illustrates, having integrated security means you can attack the problem with less time and effort, and far greater effectiveness.
The Lotus Protector security strategy is represented by this simple chart. In one sentence, we're launching products that protect against the whole set of security challenges facing collaboration customers today. These typically are driven by external threats (such as spam and viruses) and regulatory/legal pressures (such as content control). Our unique differentiator is that, while everyone else treats this as an SMTP problem, we're doing all of this exclusively from the perspective of a Notes/Domino customer. This gives us an opportunity to create a more integrated and fundamentally better experience for our customers, by weaving the security capabilities seamlessly into the user and administrator experience. There are several distinct solution types needed to secure ā even to deploy -- an SMTP e-mail system. Everyone needs a spam/virus filter, of course, as 90% plus of all e-mail traffic is now either spam, phishing, or malware. Not coincidentally, the first Lotus Protector product does just that, and itās what weāre talking about today. But there are other needs that must be addressed as well. Encryption is a perpetual challenge, because SMTP doesn't define that kind of security. Various standards approaches (S/MIME, TLS) are so problematic that they suffer from low ā often stalled -- deployment. At the same time, encryption is taken for granted by Notes users. Notes-to-Notes e-mail lets you apply security with a per-user or per-message setting, ensuring that the information is not intercepted or modified between sender and receiver. However, thatās only within the Domino system; regular Internet recipients are sent unencrypted (after a notification/warning to the sender). Our goal is to deliver an encryption system that extends Notes security, so it's a single experience for the user. Data Loss Prevention (sometimes called Data Leak Prevention), or DLP, is a growing area that we're also planning to address with Protector. With DLP, you can inspect content flowing between people, to ensure that no sensitive content leaves your organization, either intentionally or (as is most typical) inadvertently. You can log, warn, or block activities in real time. You get two big benefits: you gain visibility into where your sensitive data (confidential, personal, or regulated content) is going, and it trains your people to be careful about things. We're exploring this capability, again in the Protector Notes/Domino centric mode, as a product offering. Lastly, there's a bunch of categories that also fall into that bucket of "things you need to run a modern collaboration system," and we continue to actively investigate there. We have a number of initiatives to improve archiving and eDiscovery. We're exploring things like virtual private networking (VPN) and Web protection as well. These things will be discussed as and when they are announced, but will follow the Protector theme of great security technology, optimized for IBM and Lotus customers. That leads us to the integration opportunities, and we have two distinct categories: vertical and horizontal. Vertical integration is where all Protector products gain maximum integration with Notes/Domino so that everything fits seamlessly into the experience for the user and administrator. Horizontal integration is where Protector products are aware of each other, and keep from getting in each other's way. A great example of this is encryption; as you bring that into the equation you start inhibiting your ability to inspect content for security purposes. Lotus Protector products take care of this, basically by sharing the Notes/Domino security context.
From here on, weāre speaking specifically about Lotus Protector for Mail Security, the spam/virus filter product in the Lotus Protector family
This is the overview slide about that introduces people to what we are selling; it may be flipped/alternated with the next one. Lotus Protector for Mail Security is a software solution sold as an end user license. It is deployed as a network appliance (physical or virtual, weāll talk about that in a minute) that sits between your Domino Serverās SMTP interface and the wild wooly Internet, and filters all the bad stuff out before Domino has to deal with it. In reality, every SMTP server needs this and virtually every customer already has something, or else they would be drowning in spam. Our differentiation is weāre applying premium security technology, molded to satisfy the unique needs and requirements of Domino customers. The filtering software itself is high quality, 100% IBM-owned technology. The IBM Proventia product that shares the Protector engine is built upon Cobion, a long-time leader in multi-language spam filtering, that came to IBM in its Internet Security Systems (ISS) acquisition in 2006. The feature list will be covered in detail, but on this page we go through some of the competetively critical and/or differentiating capabilities of Protector for Mail security. Dynamic host reputation is our implementation of what is often called IP Reputation Filtering or IP Filtering. This assigns a likelihood of spam based on its origination IP, according to a dynamic reputation system that examines the rate and ratio of spam received. Multi-level message analysis is the heart of the system, where a set of different filters is applied to look for different types of threats. This is where a lot of the proprietary stuff comes in, because itās what makes the difference between 90-95% filter quality, or 98-99% like Protector does. Signature and behavioral virus is a ābelt and suspendersā approach to protect against both known and unknown threats. Our signature antivirus is powered by the premium quality Sophos engine (the only part of Protector for mail security that isnāt 100% IBM technology), while the behavioral antivirus applies many of the same techniques as our spam analysis to spot threats that are unknown to the signature antivirus database. Weāll talk about our massive URL database, but the idea is that all spam has to have a method to fulfill its goals, and that typically is a link to somewhere on the Web. Through our database of over 84 million known bad URLs (inappropriate/pornographic or infected with malware), we can eliminate much of the most dangerous content with one simple check. Protector for Mail Security supports end user management of their own whitelists (allow) and blacklists (block), as well as a hosted version of the userās quarantine. Thatās a powerful feature in itself, but weāre extending this capability to Notes, for seamless integration of network filtering and client UI. We talked about the integration, but again the real point here is that weāve narrowed our field of vision on behalf of our customer base, and given ourselves permission to see things from their point of view. Thus all the enhancements weāre making are toward delivering a product that extends and integrates what customer already do with Notes and Domino. Preemptive protection is a little different category of security, in this context. Whereas everything above is kind of looking out for all the bad stuff that bad people like to do, preemptive protection looks to stop things before they happen. So the rules/policy engine, which weāll discuss in depth in a few minutes, can be applied to both incoming and outgoing e-mail to block the transmission of common categories of sensitive information, and be infinitely tuned to block customized kinds of information, specific to an industry or organization. We call out the place this product holds in the IBM Proventia security product family, because it takes advantage of all the work done in ISS to harden that line of intrusion prevention systems (IPSs), firewall, etc. This protects Protector against attacks on the software from vectors other than SMTP.
This more graphically appealing slide gives us the opportunity to talk about the main messages for Protector for Mail Security. In the first box, our unique advantage is our position within the core Notes/Domino family. We work directly with the Lotus Westford architects and development teams. Weāre implementing numerous integration points in support of the Protector ideals around integration and targeted value. In the second box, we talk about how weāre delivering world class technology ā a sixth generation spam filtering technology -- that is 100% proprietary (in the good way) to IBM. The IBM Proventia technology, which has its roots in Cobion Softwareās advanced spam identification products, matches up very well for efficacy (quality of spam blocking) and throughput (volume of mail handled) against incumbent vendors who attack this, typically, from a security perspective. We look at it from an operational and e-mail perspective, which is closer to how Domino customers view it when we talk to them. Also in the second box, weāve earned ICSA Labs certification on spam filtering, which requires a 95% ātrapā rate for spam (Protector typically achieves 98%+), with a .001% āfalse positiveā rate (which we typically better as well). In the third box, we call out deployment flexibility as an important differentiator. Protector for Mail Security is sold as a per-user license, like Notes or Sametime or Quickr or Connections. And like many Lotus licenses, it includes all the server software you need, so it scales cost-effectively from one user to infinity. But ultimately this is an edge server application, because thatās where the spam is coming in. Here itās important to understand that Protector for Mail Security is different from other Lotus products in that itās a complete server solution, containing the (Linux) OS as well as the filter application, and is designed to run all by itself on a computer. In fact, in this model it serves as an āapplianceā due to that plugānāplay kind of design. Weāre one of a few vendors in the market who offer both software and hardware deployment licenses ā and we do it with the same per-user software license. Smaller organizations or branch offices can deploy the VMware version on standard x86 hardware, while larger organizations will order the specialized hardware version, which comes preloaded with the server software. Both contain the same filtering software, and can be mixed and matched ā e.g., hardware appliance in headquarters and VMware versions at branch offices.
This slide is included to facilitate a discussion of the different approaches available to Domino e-mail customers. Typically there are three ways to filter an SMTP stream: ā Cloudā Services ā The customer MX record is pointed to a SaaS data center, and only the cleaned stream is passed on to the customer network. Edge Appliances ā The SMTP stream is treated at the edge of the customer network, and only the cleaned stream is passed onto the Domino server. Server tasks ā Unfiltered SMTP flows directly to the Domino server, where a filter software program cleans it as the Domino server software sees it. The different approaches offer different benefits and tradeoffs. Cloud-based filtering can be done at a very low cost, and additionally they save lots of downstream bandwidth to the customerās network. Edge appliances tend to give a lot of control and customizability, and donāt require customers to trust their userās email to a third party. Server tasks can inspect both internal and Internet mail, which is necessary anyway, at least for virus filtering. Generally speaking the cloud/appliance options have the benefit of filtering SMTP threats before Domino has to deal with them, but are difficult to integrate with e-mail systems and other security functions. Server tasks can look at both internal and external traffic, but must accept all traffic (good and bad) and process it using the Dominoās serverās CPU ā which will affect scalability and throughput for mail processing. Edge appliances and Cloud option take the load off Domino but cannot scan internal mail and arenāt integrated with Notes and Domino. In addition, the Cloud option tends to allow more spam to pass or more good email (HAM) to be withheld without direct customer control. <click> The Protector for Mail Security appliance is solving those problems through enhanced integration with Domino and Notes, so customers gain the benefits of on-server filtering without the extra CPU load, and in-the-mailbox integration for end users.
The filter process applies several different types of protection against e-mail threats. First, the system itself recognizes a myriad of attack types and intrusion methods, to blocks threats that target the filter itself. Next, the system examines methods using traditional antivirus signatures from our antivirus partner Sophos, blocking over 1200 known malware attacks and variants A behavioral antivirus module applies analysis based on known attack designs, so that even unknown malware is blocked before it can infect your users Spam control ā the heart of the system, which weāll discuss next ā applies sophisticated and efficient filtering that is 98% or better effective, out of the box, with less than .001% false positives, or one in 100,000 messages. This is important because āoverblockingā of good messages is a direct revenue risk to an organization. Lastly, the rich customizable policy engine can prevent messages with preset content types (e,g. hate/inappropriate language, credit card numbers, customer confidential data) or custom keywords (e.g., project code names, industry terms) from getting through. Importantly, this function (like all filters) works on both outgoing and incoming messages, so you can apply policies to prevent information from leaving your environment as well as entering it.
Protector for mail security applies a granular and highly efficient content analysis against e-mails sent to your domain. First, a set of āpre-filtersā is applied that knocks out a large part of the bad e-mail ā 80% or more ā before your system even accepts it. First it checks that thereās actually a user at the recipient address, using LDAP lookups that are cached locally when found. Then it applies a custom āblackhole listā that filters known spammer addresses, without overblocking as many public lists are prone to do. Then it applies a proprietary dynamic reputation system, which grades the volumes of e-mail arriving from particular IP addresses or ranges, and blocks messages arriving from known IPs that have a high spam-to-ham (ham= āgood e-mailā) ratio. If the percentage of āhamā from those IPs increases, the system automatically adjusts to permit traffic. This dynamic aspect is particularly useful when a computer is taken over by a spammer and subsequently removed from service. These pre-filters are particularly useful in some countries (e.g. Germany) that have strict retention rules. Since the mail is never accepted, it doesnāt need to be stored, retained, backed up, etc. The next set of filters looks for things like known spam āsignaturesā (including āfuzzyā variants); classifications driven by a Bayesian ālearningā filter; structure analysis of words and phrases; flow control that measures traffic from different sources over time; heuristics that grade a messageās likelihood of being spam based on a set of content characteristics; āfingerprintingā (including images) against other known spam; logic that grades a messageās likelihood of being a āphishingā attack (to harvest personal information through fake versions of real Web sites such as Paypal); and a check against preset or custom keywords a customer has chosen to filter. The net result is a highly efficient filter system that works out of the box, without the training/tuning needed by many competitive products. Lastly, the system checks contained URLs against a database of over 7 billion known ābadā URLs/objects, and conducts a file analysis (including zipped files up to 100 levels deep) that, if necessary, quarantines the e-mail and sends the file attachment to the ISS lab in Kassel Germany for human analysis.
The heart of the system is a sophisticated and scientific approach to filtering driven by IBM X-Force research. IBM engineers and linguists constantly update the proprietary software behind the filters, with a global network of spam traps and Web crawlers combating new threats as they appear, for āzero-hourā protection. X-Force has built an unrivaled database of spam signatures, known ābadā URLs, and āphishingā attacks (both messages and URLs). This is the basis of the unrivaled āout of the boxā performance of Protector for Mail Security, and the āset it and forget itā performance it delivers.
Phishing attacks ebb and flow on the Internet. The Protector appliance can trap (default) or notify users of suspicious messages that try to trick them into revealing personal or sensitive information. With the growing sophistication of targeted attacks (āspear phishingā), the importance of this protection continues to grow. In āspear phishing,ā a customized attack is targeted at a specific user or group of users, often using publicly available information or data shared on social networks, to create authentic-looking and compelling attacks.
The policy editor in Lotus Protector is a high-value differentiator from other spam filter products. With a rich set of preconfigured policies, the system allows ācheckboxā filtering of specific categories of content (hate/inappropriate language, personal/confidential information, etc.), plus infinite customer customizations. The rule set acts against all the variables used by the core filter (sender/recipient/groups, time, content analysis, etc.) and allows a wide range of predefined dispositions (block, quarantine, delete, etc.). Since this works on outgoing as well as incoming mail, the organization can deploy anything from āstockā to infinitely fine-grained control over e-mail content, without any additional products or purchases.
Independent of core software costs, customers are able to choose from among an array of server deployment options. Since the server software is always included with the user licenses, itās up to the customer to decide how to deploy the server ā or even to adjust/change approach over time. The first two options are based on VMware deployment. In these instances, throughput is rated at about 12,000 e-mails per hour (including both good e-mail (āhamā) and unsolicited bulk e-mail (UBE ā a.k.a. āspamā). Customers with virtualization strategies can simply deploy Protector for Mail Security within their VMware framework, at no additional cost beyond meeting the hardware and VMware requirements listed For customers who want a new hardware-based solution ā particularly smaller or price-sensitive customers ā weāve identified an IBM xSeries machine that will run Protector for Mail Security well. This x3350 1U system offers good performance and IBM reliability at a competitive cost. Our roadmap calls for future versions of Protector to run natively (no VMware required) on specific xSeries machines; while there are no guarantees that it will prove possible, the x3350 is one of the target units. While it will always be a good VMware unit, native support is likely to only improve throughput/performance. For larger customers or those with heavy mail usage, the MS3004LP unit is a good choice. While more expensive than typical VMware machines or the x3350, the MS3004LP unit is designed for high throughput of approximately 36,000 e-mails per hour. Much of this performance is related to running Protector for Mail Security āon the metalā ā no VMware virtualization overhead ā but also simply being tuned to the hardware and drivers of this particular unit. It also offers redundancy (power suppies, fans etc.) and multiple disks employing RAID support. This gives the unit a reliability profile much greater than the commodity hardware option. MS3004LPs are also āclusterable,ā although itās important to realize that clustering is related more to administrative benefits (centralized spam processing/access) than the same term in the Domino world (high availability, failover).
Hereās a short list of information available to you on the IBM Lotus public Web site. Check Xtreme Leverage or PartnerWorld for Sales Kit links for additional internal information