Blocking Blended Threats
The rules of the security game have changed. Contemporary attacks on college
and university networks are increasingly more sophisticated and have become
incredibly destructive. Furthermore, regulatory pressures and litigation risks
require a more comprehensive approach. The latest breed of viruses such as myDoom
and Sobig.F uses extremely complicated and evasive blended threats, which disparate
point security solutions—separate firewall, VPN, and virus filter—simply
fail to defend.
According to ServGate Technologies, protecting campus networks against such
attacks requires an integrated edge defense that thoroughly examines the content
of network traffic. ServGate EdgeForce integrated modular security platforms
are designed to provide protection against harmful attacks by providing firewall,
URL filtering, virus screening, SPAM filtering, and VPN technologies in one
secure platform. This inclusive approach to security provides a solid front
against threats at every layer of the network while also reducing the costs
associated with sourcing, maintaining, and managing disparate solutions.
The EdgeForce modular architecture allows new security services to be added
as new threats and services arise. Its ability to incorporate additional performance
and security features in a single unit allows IT managers to deploy the performance
and applications they need, as they need them, without disruptive client and
server equipment upgrades.
To combat the complexities of blended threats, ServGate developed a technology
called Full Context Inspection (FCI) to screen packet contents in real time
to block suspicious traffic before it can do damage to a college or university
network. Full Context Inspection g'es beyond deep packet inspection, examining
the context of network traffic, thus reducing the risk associated with sophisticated
attacks. ServGate’s Full Context Inspection technology provides a deep
level of blended inspection by analyzing reassembled network traffic and performing
content security filtering services such as virus and SPAM screening on complete
context at the application layer.
Security is a trust brand market. ServGate's modular architecture can deliver
solutions such as McAfee Security anti-virus protection. As a result, the EdgeForce
platform can perform 100 percent screening at the network edge, inspect packets
before destructive content enters the network and protect college and university
networks from the dangers found on the public Internet.
ServGate has integrated the SPAM filtering engine from McAfee Security into
its security hardware platform. EdgeForce can be inserted into any existing
network to provide a SPAM filtering solution for any size campus. Powered by
McAfee Security SPAMAssassin and tuned for optimal performance, the EdgeForce
provides out-of-the-box SPAM filtering that can be implemented in seconds at
a fraction of normal cost.
The SPAMAssassin engine uses a rating system that scores e-mail based on a
sequence of tests. Ninety-five percent of all SPAM e-mail will be tagged with
the out-of-the-box configuration. The engine provides a very low false positive
identification rate of less than 0.05 percent. This default rule set d'es not
require any further configuration unless otherwise desired.
The scoring system used to determine whether a particular e-mail message is
SPAM consists of thousands of rules that are run against every e-mail. Both
positive and negative weights are assigned to each rule and a composite score
is attached to each scanned e-mail. This composite score is then compared to
a SPAM threshold value for the organization and the e-mail is marked SPAM if
the threshold is violated. The engine also uses historical information to optimize
the scoring of individual rules, recognizing patterns of its own function.
EdgeForce SPAM Filtering can scan both incoming and outgoing e-mail, significantly
reducing wasted network bandwidth. Filtering SPAM at the network edge greatly
increases workplace productivity, as employees do not have to be burdened with
wasteful content in their e-mail inbox.
To protect campuses from inappropriate content, and guard against misuse and
abuse of valuable network resources, an integrated Web filtering service that
outright blocks URLs is also key to the blended defense strategy.
For more information, visit www.servgate.com.
