Open Menu Close Menu

Blocking Blended Threats

The rules of the security game have changed. Contemporary attacks on college and university networks are increasingly more sophisticated and have become incredibly destructive. Furthermore, regulatory pressures and litigation risks require a more comprehensive approach. The latest breed of viruses such as myDoom and Sobig.F uses extremely complicated and evasive blended threats, which disparate point security solutions—separate firewall, VPN, and virus filter—simply fail to defend.

According to ServGate Technologies, protecting campus networks against such attacks requires an integrated edge defense that thoroughly examines the content of network traffic. ServGate EdgeForce integrated modular security platforms are designed to provide protection against harmful attacks by providing firewall, URL filtering, virus screening, SPAM filtering, and VPN technologies in one secure platform. This inclusive approach to security provides a solid front against threats at every layer of the network while also reducing the costs associated with sourcing, maintaining, and managing disparate solutions.

The EdgeForce modular architecture allows new security services to be added as new threats and services arise. Its ability to incorporate additional performance and security features in a single unit allows IT managers to deploy the performance and applications they need, as they need them, without disruptive client and server equipment upgrades.

To combat the complexities of blended threats, ServGate developed a technology called Full Context Inspection (FCI) to screen packet contents in real time to block suspicious traffic before it can do damage to a college or university network. Full Context Inspection g'es beyond deep packet inspection, examining the context of network traffic, thus reducing the risk associated with sophisticated attacks. ServGate’s Full Context Inspection technology provides a deep level of blended inspection by analyzing reassembled network traffic and performing content security filtering services such as virus and SPAM screening on complete context at the application layer.

Security is a trust brand market. ServGate's modular architecture can deliver solutions such as McAfee Security anti-virus protection. As a result, the EdgeForce platform can perform 100 percent screening at the network edge, inspect packets before destructive content enters the network and protect college and university networks from the dangers found on the public Internet.

ServGate has integrated the SPAM filtering engine from McAfee Security into its security hardware platform. EdgeForce can be inserted into any existing network to provide a SPAM filtering solution for any size campus. Powered by McAfee Security SPAMAssassin and tuned for optimal performance, the EdgeForce provides out-of-the-box SPAM filtering that can be implemented in seconds at a fraction of normal cost.

The SPAMAssassin engine uses a rating system that scores e-mail based on a sequence of tests. Ninety-five percent of all SPAM e-mail will be tagged with the out-of-the-box configuration. The engine provides a very low false positive identification rate of less than 0.05 percent. This default rule set d'es not require any further configuration unless otherwise desired.

The scoring system used to determine whether a particular e-mail message is SPAM consists of thousands of rules that are run against every e-mail. Both positive and negative weights are assigned to each rule and a composite score is attached to each scanned e-mail. This composite score is then compared to a SPAM threshold value for the organization and the e-mail is marked SPAM if the threshold is violated. The engine also uses historical information to optimize the scoring of individual rules, recognizing patterns of its own function.

EdgeForce SPAM Filtering can scan both incoming and outgoing e-mail, significantly reducing wasted network bandwidth. Filtering SPAM at the network edge greatly increases workplace productivity, as employees do not have to be burdened with wasteful content in their e-mail inbox.

To protect campuses from inappropriate content, and guard against misuse and abuse of valuable network resources, an integrated Web filtering service that outright blocks URLs is also key to the blended defense strategy.

For more information, visit

comments powered by Disqus