In this example The sender could send a plaintext message to Mr Pink, Mr Red and Mr Yellow. The Gateway will be responsible for content scanning the message and then arranging encryption using the right method for each recipient. Mr Pink might be S/MIME, whereas Mr Red might prefer PGP and Mr Yellow might use password protected zip files. Not only can content be scanned as it leaves, but it can also be decrypted (when sent by Mr Purple) and delivered into Mr Blue in its original secured manner.
The Clearswift Gateway policies are created and managed in the “Policy” centre. There are a number of default Content Rules which have been created to perform a specific part of the policy, such as “Delete Virus”. These Content Rules can be amended or new ones created based on customer requirements. Content Rules are constructed using elements taken from Policy references, such as Lexical lists which contain lists of words to check for. These references can then be re-used in multiple separate Content Rules to save recreating them If you have the CLEARSWIFT SECURE Email Gateway and the CLEARSWIFT SECURE Web Gateway you can peer them together and share the Content Rules across both products. This allows you to define rules once that can apply to both of the Clearswift Gateway protocols. Content Rules are applied to Policy Routes which define the direction of communication. For example, in the CLEARSWIFT SECURE Email Gateway: “ *@mycompany.com” TO “Everyone”, or in the CLEARSWIFT SECURE Web Gateway it could be “Everyone” TO “Social Networking Sites” A company will define multiple Policy Routes to describe their communication rules. The ordering of routes is important as the list is evaluated from top to bottom to find the route that has the best match for the source and destination of the communication.
This slide demonstrates how we take a message and break it down into it’s constituent parts, to be able to provide target scans of the appropriate data.
Being able to track messages is vital for any SysAdmin. Even in customer configurations that deploys multiple systems, being to run a single command from 1 console that searches across all nodes is key in identifying what happened to email
Reports are now fundamental as organisations have to be able to justify their actions and also their efficiency. Reports can be generated immediately or scheduled. For customers who have multiple gateways the reports can be consolidated. Over 60 basic report templates exist and customers can modify these to create new views on the data stored on the system
RSS feed allows Clearswift to communicate information to customers without excessive emailing them Various counters and graphs give the SysAdmins a view of the current behaviour of the system. Indicators provide customers with a status of recent updates and service status
Over 60 different system alarms can be generated. Each alarm goes to the UI, but can also be sent to a specific Email address or SNMP server
A log maintains a history of where the SysAdmins have been on the product, but also records if someone is trying to breakin to the system.
Customers can choose how they deploy the product. At present 66% of customers are buying a “soft” option meaning that customers are deploying on either their own platforms or a virtual platform.
Clearswift can sell a choice of 2 servers, one being a low-end unit based on the Dell r200 (soon to be the r210) . This unit can process around 20k messages per hour. The high end server is a Dell r610, with much faster processors and resilient disks to generate a throughput of around 90k messages per hour
Unifying information security Clearswift is a security Software company that aims to simplify companies’ IT security to better protect businesses’ intellectual property and data. This in turn gives businesses the confidence to adopt web, email and collaboration technologies to ultimately allow the business to innovate and grow.
Clearswift’s security solutions are built around a core content inspection engine. Policy and reporting on content, threats and user activity are then applied to the communication channels. Today Clearswift SECURE solutions are available for web and email ensuring compliance across all digital communication channels.
Clearswift SECURE Mail Gateway Secure and resilient platform Packed Dell server, own hardware or on VMware/Hyper-V Optimisation of Linux OS tuned for Email gateway. Easy to install Up and running in under an hour. Pre-configured with Default ‘Standard’ Policy. Easy to use & manage 100% web-based GUI. Graphical ‘drill-down’ reporting. Automatic security software updates
Complete Email Gateway Protection MIMEsweeper content-aware policy engine True binary signature file identification. Lexical analysis/templates. Comprehensive data leakage controls. Kaspersky Anti-virus/malware Viruses, worms, Trojans and malicious code Zero-hour malware detection Comprehensive Anti-spam defences Network based filters Content based filters On-Box Email Encryption By direction or by content, using industry standard technologies
Fully conjoined policy updating Policy Web Gateway Email Gateway
World class spam protection • TRUSTmanager – global reputation network – Rejects 80-90% of all traffic before it reaches your gateway • SpamLogic – delivers in total 99.6% accuracy rate – Multi-engine layered defence
Multi-layered spam defences Connection/Network Level Checks 80-90%+ of spam rejected Content Level using these filters Checks
End user message release mechanism • Web interface to permit users to releases own messages • Allows user to build up “Trusted Senders” for automated release of messages • Administrators can monitor what email senders are being Trusted • Administrators can maintain an end users Trusted Senders List
Multi-layered Malware protection system • Email still remains a vector for viruses to propagate • Many thousands of new viruses and variants are created daily
Deep inspection, intuitive scanning options •Banned file types can be blocked or stripped from messages •Oversized messages can be rejected or parked and delivered at a more convenient time •Selective scanning enables searches of areas of interest –Headers –Messages –Attachments (MS Office, Open Office, PDF, HTML) •Powerful search criteria –Dictionaries for PCI, PII, Profanity, etc. –Expressions, Regular expressions and Operators •Multiple disclaimer support including HTML and hyperlinks
ImageLogic – Detection of unacceptable images Multiple algorithms Extensive usage of machine learning
Data loss templates •Predefined regular expressions for PII (Personally Identifiable Information) and PCl (Personal Credit Information) –National insurance number –Credit card numbers –Social security number •Editable Compliance dictionaries –GLBA, SOX, HIPAA, SEC
Email Encryption • Supports PGP, S/MIME and Password Protected messages • Allows signing, encryption and decryption of messages • Policy based encryption, i.e. by route or by content • Opportunistic TLS for server to server communications
Encryption by direction or content On a policy route On a content rule
Easy policy model• Contents Rules to inspect the data applied to Policy Routes that define what is allowed over that email communication channel
Headers, footers and meta-data Received: from eric ([192.168.201.1]) by prodman11.europe.clearswift.com (8.14.1/8.14.1) with SMTP id nB2MGP3d006083 for firstname.lastname@example.org; Wed, 2 Dec 2009 22:16:27 GMT Date: Wed, 2 Dec 2009 22:16:25 GMT Message-Id: <200912022216.nB2MGP3d006083@prodman11.europe.clearswift.com> From: <email@example.com> To: <firstname.lastname@example.org> Subject: Here is a great document Hi Eric This is a really document , call me on 01189 038503 Regards Alyn Here is my site http://www.clearswift.com
Message Tracking across peers Track messages using extensive criteriaWorks across peergroup
Built-in Reporting Over 70 different reports available Scheduled or on-demand
System Alerting Over 60 different alarms availableSMTP and SNMP asstandard
User activity monitoring • Display a log of last login time and source • Show where administrator activity • Display any break-in attempts2009-10-27 11:22:28,223  [FAFA..F2C] [LOGIN] [192.168.15.2] [admin]2009-10-27 11:22:29,7  [FAFA..F2C] [NAVIGATE] [192.168.15.2] [admin] [Clearswift Email Gateway] [/Appliance/HomePage/index.jsp]2009-10-27 11:22:35,296  [FAFA..F2C] [NAVIGATE] [192.168.15.2] [admin] [SSH Access] [/Appliance/SystemsCenter/SSH/index.jsp]2009-10-27 14:19:01,34  [93C...715] [LOGINFAILURE] [192.168.15.2] [mjuyhn]2009-10-27 14:19:07,237  [93C...715] [LOGINFAILURE] [192.168.15.2] [mjuyhn]2009-10-27 14:19:11,532  [93C...715] [LOGINFAILURE] [192.168.15.2] [mjuyhn]
Deployment options1. Pre-built on a Dell server platform2. Virtual Gateway versions on other supported hardware3. Virtualization within a VMware ESX and ESXi environment
Platform information • CSE range • ENE range – Under <500 users – Designed to handle 80,000 – Designed to handle up to messages per hour 20k messages per hour throughput throughput – Resilient system with Dual power and Raid disks `Model Size CPU Memory Disk Raid PowerR210 1U Dual Core 4Gb 250Gb No 101 wattsR610 1U Quad 4Gb 2x146Gb Yes 183 watts Core
24x7 Technical Support• Clearswift provides professional, intelligent and adaptable support and training services to meet the exacting needs of our enterprise customers• Technical information is available at anytime for our supported Customers from the Clearswift Knowledge Base• We pride ourselves on exceeding Customers’ expectations. Results of the Mar 2010 global support survey are: – Met or exceeded expectation of initial response time – 93.98% – Met or exceeded expectation of ability to solve problem – 92.37% – Met or exceeded expectation of overall response time – 90.77% – Met or exceeded expectation of technical competency – 93.89%