|
Nemx
SecurExchange
September 2005
We would like
to take this opportunity to share with you some tips
and provide information about additions and improvements
to Nemx SecurExchange and Power Tools and how these
enhancements can benefit you in dealing with the various
threats within your Exchange organization. These threats
are more than just spam, viruses, and Exchange Server
interrogation attacks. Today’s world is little
different, as you now must be conscious of the consequences
of the exposure of confidential or sensitive data,
non compliance to federal or industry standards, and
legal action over sexual and racial harassment. This
is where Nemx comes in, being your total email content
security watchdog and giving you Total Email Peace
of Mind™.
Those of you familiar with Nemx know us for our PowerTools
for Exchange lineup of products that have provided
a powerful yet flexible defense against spam and viruses
for over a decade. As the dangers, tricks and strategies
of spammers and virus propagators have evolved Nemx
has more than kept pace with enhancements to PowerTools
that have allowed us to keep one step ahead with some
of the most sophisticated and advanced tools on the
market.
Today, businesses are recognizing the potentially
disastrous consequences, and huge cost, associated
with everything from the exposure of sensitive information
to compliance violations and any form of harassment
via email. There is growing concern over issues of
corporate liability, risk, content compliance and
security related to both the deliberate and inadvertent
misuse of email. To protect against these risks it’s
imperative to monitor every message, including internal
email, and take appropriate measures before the message
is delivered.
In today's litigious business climate, with ever increasing
demands for corporate and individual privacy protection,
and aggressive regulators and industry watchdogs no
business can turn a blind eye to their email correspondence.
These challenges and how SecurExchange can deliver
solutions to these issues will be the focus of our
monthly newsletters over the next few months.
In the mean time, our website has been recently updated
to outline these challenges as they apply to your
Privacy Protection & Compliance, Acceptable Use
Policy and Threat Prevention requirements. Visit us
at www.nemx.com/solutions for more information about
SecurExchange and how Nemx delivers on the promise
of Total Email Peace of Mind™
To meet these new challenges head on Nemx launched
the SecurExchange suite of intelligent email monitoring
products in May of 2005. Nemx provides the most powerful
and flexible email monitoring solutions for organizations
using Microsoft Exchange Server. SecurExchange is
our family of compliance and security oriented intelligent
email monitoring products and now SecurExchange just
get s better.
Version 2 of SecurExchange is just around the corner
and provides a number of new features that give you
additional Total Email Peace of Mind™.
We are currently looking for organizations to participate
in the Beta program for SecurExchange V2.0. Participants
will receive a discount on new features and/or support
and maintenance renewals as our way of saying thanks.
More will follow on these new features; however here
is a brief outline of the key features being added
to Version 2.0:
Secure Email: The Secure Email capability
provides an organization the ability to 'on-demand'
encrypt or sign e-mails meeting predefined event triggers.
For instance an email containing sensitive information,
destined to a particular domain or email address,
or from an internal user can be transparently encrypted
by SecurExchange. The Secure Email Smart Action Trigger
requires no interaction with your users and maintains
a “clear text” view of the message suitable
for archival or discovery purposes within the user’s
mailbox, thus ensuring compliance to corporate or
regulated policies. Secure Email uses the industry
accepted S/Mime and X.509 Certificate standards.
Attachment Scanning: Any file attached
to a message may now be scanned for content violations,
corporate or regulatory compliancy, or acceptable
use policy (AUP) issues. Attachment content analysis
uses the same rule sets assigned to message text scanning,
thereby ensuring that any content leaving or entering
you organization is protected, compliant and within
corporate guidelines independent of how it’s
presented. Whether financial data is presented in
an excel spreadsheet, merger and acquisition plans
detailed in a PowerPoint presentation, or marketing
strategies outlined in a word or PDF document, SecurExchange
can inspect the content and invoke any number of Smart
Action Triggers.
User Policy Generation: An improved
user interface is coming which will make the task
of defining an overall email policy easier to create
and maintain. The new interface will also provide
the ability to create reusable concept hierarchies
that can be easily assigned to more complex definitions.
By creating generic concepts like Non Public Private
Information (NPI), and Credit Card Data allows the
easy creation of a Sensitive Data concept which would
be made up of NPI and Credit Card Data concepts.
If you are interested participating in the Beta program
for these exciting new features, then please contact
beta@nemx.com or
contact us directly at (613) 831-2010 ext 230.
Phishing: In the past month, the
number of phishing type emails has tripled. For those
not familiar with the term, phishing (pronounced fishing)
is the act of sending an e-mail to a user falsely
claiming to be an established legitimate enterprise
in an attempt to scam the user into surrendering private
information that will be used for identity theft.
The e-mail directs the user to visit a Web site where
they are asked to update personal information, such
as passwords and credit card, social security, and
bank account numbers, that the legitimate organization
already has. By hijacking the trusted brands of well-known
banks, online retailers and credit card companies,
phishers are able to convince up to 5% of recipients
to respond to them.
Nemx Power Tools’ Concept Manager and Content
Manager components can help detect phishing type spam
messages. Concept Manager’s unique approach
of deciphering the key concepts found within a message,
can detect the fraudulent nature of apparent “bank
originated” customer support emails, while Spam
URL Blacklist (SURBL) support in the Content Manager
can detected known websites used in phishing attempts.
Spending too much
time reviewing quarantined email? An approaching using
Spam Confidence Levels (SCL) on rules and events may
help. SCLs are a value that can be assigned to a rule
or triggerable event. As a message passes through
the various content analysis components and is triggered,
the overall SCL value of the message will be incremented.
When the message has completed its analysis, the combined
SCL can be used as a basis to determine what “action”
should be taken on the message. A high SCL would signify
that multiple components have triggered on that message
and its likelihood of being spam would be high. High
SCLs could be assigned an action of “Delete”,
while medium to low SCL ratings could be assigned
a softer action, such as quarantine or move to a sub
folder. By deleting messages that have multiple spam
triggers associated with it, reduces the amount of
mail that must be reviewed or dealt with. In all cases
Friendly Domains overrides the SCL processing (if
selected), ensuring that true business email is delivered
to its recipient.
The following knowledge base article explains this
process in more detail. http://www.nemx.com/knowledgebase/article.aspx?id=10156
Blocking mail from out foreign countries:
We all know that spam takes many forms and controlling
spam requires an understanding of what and where your
true business email comes from. A substantial amount
of spam mail originates from countries other than
your place of business or contains foreign content.
In looking at your true business email, there may
be opportunities to eliminate spam by preventing mail
arriving from countries that you have no business
partners or correspondence from or that arrive in
a language you can not interpret or even display.
If you don't do business with customers in these countries,
then you can usually safely block all email from them
and know that you are blocking unwanted email.
To filter out a subset of foreign email (or even by
ISP) you can do the following:
Country or ISP Based RBLs: There
are a number of RBL service provides that make available
specific black list databases based on the IP addresses
assigned within that country or Internet Service Provider.
By enabling these RBL providers in Nemx’s Spam
RBL configuration, can reduce the amount of spam received.
See the following knowledgebase article for additional
information:
http://www.nemx.com/KnowledgeBase/article.aspx?id=10175
SecurExchange Version 1.1.0.9
Power Tools Version 5.1.0.9
Available for download are updated versions of SecurExchange
Corporate and Perimeter Editions and Power Tools Advanced
and Internet Versions.
The following new capabilities have been added:
- The Spam | Address filter now takes precendence
over RBL filtering, allowing easier white listing
of particular blocked email addresses
The following issues have been addressed:
- Inbound Queues could backup when using a high
number of RBL providers
- SQL errors when archiving message or using audit
logs where the rule being triggered is > 80 characters
- Quarantine Release of internal mail could sometimes
result in formatting issues and the addition of
a winmail.dat attachment
- The “Move to SubFolder” Action would
sometime fail when there were 3 or more storage
groups defined
Online Knowledge Base: A Knowledge Base section has
been added to our web site to assist you in getting
the information you need when you need it. The Knowledge
Base is categorized by product, component and environment
and further by the type of issue. The KB is fully
searchable and contains articles on support, presales,
how tos, and general product information.
You can access the Knowledge Base via the following
link:
http://www.nemx.com/KnowledgeBase
We hope that this newsletter and How Tos will help
you in your content management challenges and your
daily battles with the effects of spam and viruses.
If you have any thoughts on how Nemx SecurExchange
and Power Tools can better your fight, by all means
please let us know. Many of the features in the product
come from customer suggestions, so keep them coming!
|
