Front. Bridge Business & Technology James Hamilton GM Front. Bridge Technologies James. RH@microsoft. com
Agenda Front. Bridge Overview Customers & Business model Global, Load-Balanced Network Front. Bridge Service Offerings Email Security Inbound: Anti-Virus, Anti-Spam, Content & Policy Filtering Outbound: Anti-Virus & Information Leak Protection Business-to-Customer email encryption Message Archiving & AMC Demo Active Message Continuity
Front. Bridge Snapshot Overview Founded 1999 160 employees in US, Canada and Europe 80 in R&D, Client Support & Operations Moved HQ team from LA to Redmond Winnipeg team stays in place Customers… Microsoft Acquired Aug 31, 2005 Global Customers 3, 200 customers world-wide Coverage in leading verticals Financial services, life sciences, manufacturing, legal, healthcare Global Distribution… Global Network Nine globally-distributed data centers Processing over 6 billion messages per month 100% historic uptime Eight global partners & direct sales force Global Recognition Analyst, press endorsement as market visionary Leader category in Gartner magic quadrant Awards…
Business Environment E-mail Retention is Becoming a Primary Concern v Compliance: Need a complete, tamper-proof archive v e-Discovery: Need to store, find & produce information in a complete & timely manner Security Vulnerabilities Still Exist v Spam, viruses and phishing still plague inboxes v Closer relationship between viruses and spam v Companies ill-equipped to stay ahead of threats Intense Pressure on IT to Improve Productivity v Focus on projects that provide competitive advantage v Make mission-critical systems more reliable v Deploy Secure, Reliable, Manageable, & Cost-Effective
Meeting Messaging Challenges Manage cost and complexity No HW/SW to install and manage Outsource routine IT management Predictable subscription based service Scalable at no additional cost Secure, protect and comply Inbox value and access Eliminate threats before they reach the network Eliminate spam and viruses from the email stream to boost productivity Policy-compliant infrastructure Service-based e-mail archiving for rapid deployment Reliable e-mail availability and continuity systems Recover from unplanned outages or disasters
Front. Bridge Business Focus: Total Message Management Partner & direct sales model 2 to 3 year subscriptions with monthly payment Channel: Direct, white label with Telcos, & resellers Typical customer 1000 -2000 seats for Filtering, 400 -500 seats for Archive Some customers >100 k seats Filtering is largest part of revenue Archiving is fastest growing.
Agenda Front. Bridge Overview Customers & Business model Global, Load-Balanced Network Front. Bridge Service Offerings Email Security Inbound: Anti-Virus, Anti-Spam, Content & Policy Filtering Outbound: Anti-Virus & Information Leak Protection Business-to-Customer email encryption Message Archiving & AMC Demo Active Message Continuity
Front. Bridge Global Network 99. 999% uptime SLA 100% historical uptime made possible by global, load-balanced network Eight data centers 537 servers Over 200 million message recipients processed/day Over 350 million at peak Store & forward system ensures no legitimate mail is lost Automatic deferral, retry every 20 min for up to 5 days
Agenda Front. Bridge Overview Customers & Business model Global, Load-Balanced Network Front. Bridge Service Offerings Email Security Inbound: Anti-Virus, Anti-Spam, Content & Policy Filtering Outbound: Anti-Virus & Information Leak Protection Business-to-Customer email encryption Message Archiving & AMC Demo Active Message Continuity
Primary Front. Bridge Service Offerings E-mail Filtering Layered anti-spam Multi-engine anti-virus Corporate Policy Enforcement Real-time attack prevention Message Archive Interception-based message archiving Customized report generation for demonstrating compliance Fully-indexed, searchable archive Rapid deployment to meet deadlines or immediate needs Secure E-mail Full e-mail encryption B-to-C focused No public and private key management Gateway, policybased e-mail encryption Active Message Continuity Uninterrupted e-mail accessibility Rapid recovery from unplanned disasters and network outages 30 -day historical email store
Agenda Front. Bridge Overview Customers & Business model Global, Load-Balanced Network Front. Bridge Service Offerings Email Security Inbound: Anti-Virus, Anti-Spam, Content & Policy Filtering Outbound: Anti-Virus & Information Leak Protection Business-to-Customer email encryption Message Archiving & AMC Demo Active Message Continuity
Front. Bridge: Email Security Anti-Virus, Anti-Spam, & Corporate Policy Enforcement Network TLS Enabled Web-based management & reporting Highly customizable filtering environment Easy customer on-boarding Only requires MX record change No disruption in mail flow One month free trial Four Anti-Virus engines integrated Symantec, Trend Micro, Sophos, & Kaspersky Updates pushed every 10 minutes Front. Bridge Anti-Spam Engine Blocks 95%+ Spam Low false positive rate 1 in 250, 000 false positive (bulk email) 1 in 1, 000 false critical (direct business-to-business messages)
Front. Bridge: Filtering Flow Diagram MTA 1 MTA 2 Message. Switch, Deliver. Hosts, Quarantine
Spam Filtering: On the Edge SMTP Validation Some easy to detect & common spammer mistakes Sender Policy Framework Points for later spam scoring Optional CSFM (Custom Spam Filter Management) Blacklists / Reputation Services Blacklists internally maintained by spam analysts team Seed pool generated from daily reports of top IPs hitting network IPs are then investigated by SA and added to list Directory Services Administration center upload or automated SFTP dump Updated every 15 minutes
Spam Filtering: Fingerprinting Messages fingerprinted via modified MD 5 hash Adapt to avoid most hash breakers Fingerprints are compared with a per-Message Switch cache Cache synchronized with central DB Moving to real time central DB update Gray list: SMTP 450 on significant traffic changes Database tracks all messages moving through system Spam Analyst acts on real-time patterns detected Spam matches signatures in DB Honeypots Accounts set up to gather spam Honeypot messages automatically fingerprinted for blocking
Spam Filtering: Rule Engine Front. Bridge Anti-Spam Engine Spam Analyst on duty 16 x 7 Regular expression-based rules Four new rule pushes each day Spam Analyst input: Honeypots: Known Spam Customer spam submissions Spam Rule Analyzer DB Spam Rule Analyzer Over 61 k rules in DB of which ~16 k are active Each message that triggers a rule also updates usage DB False positives update the DB
Corporate Policy Enforcement Rules used to enforce customer-specific policy Create rules based on multiple message parameters • Domain • IP or IP Range • Sender • Recipient • Subject • Body • Character set • Filename • File Size • File Extension • Executable content Simple wildcard & pattern matching capabilities /d/d/d-/d/d matches any SSN Per rule customizations (notification, comments) Supported both inbound and outboud (ILP) Actions: reject, allow, deliver w/BCC, quarantine, test, encrypt
Mail Traffic Reports Web based reports in Admin Center Most can span up to 2 months of data at a time Exportable to Microsoft Excel Organization, domain, or domain-group reporting Total messages Inbound messages Outbound messages Policy filtered messages Message Level detail down to sender, recipient and policy rule applied Content filtered messages Message Level detail down to sender, recipient & content rule applied Virus Filtered messages Message Level detail down to sender, recipient and virus name
Front. Bridge Secure E-mail User sends an e-mail to Front. Bridge E-mail is automatically encrypted at the gateway according to rules created and managed within the Policy Enforcement module The public key is based on the message recipient’s e-mail address to encrypt the E-mail The private key is dynamically generated for the message recipient when they decrypt their message
Agenda Front. Bridge Overview Customers & Business model Global, Load-Balanced Network Front. Bridge Service Offerings Email Security Inbound: Anti-Virus, Anti-Spam, Content & Policy Filtering Outbound: Anti-Virus & Information Leak Protection Business-to-Customer email encryption Message Archiving & AMC Demo Active Message Continuity
Message Archive Overview Hosted service Low cost of storage & administration Captures Email, IM, Bloomberg & archives documents Multiple Business Drivers including Meets regulatory compliance requirements Offers corporate surveillance functionality Provides Knowledge management capabilities Easy on-boarding of service Requires MX record change for external email Envelope Journaling for internal email Web-based supervisory, auditing & reporting tools
Front. Bridge Message Archive Inbound E-mail scrubbed for unwanted content Messages captured and copied “in stream” Message store holds e-mail, IM, Bloomberg & uploaded documents End users have full E-mail functionality via web-based OWA clone Supervisors can have access to archive for message monitoring Auditors and outside counsel can access archive and/or reports
Compliance Managers & Supervisors SEC 17 a-4 – Physical Retention requirements Mail stored for 3 years (1 -7 years retention available) Each message assigned a unique contiguous serial number Two online copies of each message stored in 2 discreet locations Messages available online 24 x 7 Can be exported as EML files in ZIP Front. Bridge will provide letter of attestation to the SEC Act on customer’s behalf for SEC queries External Auditor role permits outside access for auditors Mail destroyed on expiration date; Destruction report included NASD 3010 – Communications Review requirements Keyword list and message sampling support Whitelist trusted senders from random sample Random sampling support of int/ext mail, int/ext IM Message harvest process built in Review classification categories, with escalation capability included
Corporate HR & Legal Advanced Search across message headers, bodies and 200 attachment types Regex, Soundex, Stemming search supported Tag messages for others; add notes to messages Case Management Return search results to custom folders Share folders with others Destruction Hold Stall message destruction by user, by organization Attorney/Client Privilege protection
Message Archive: Reporting Compliance Reports & system Reports 23 predefined reports available Web-based report-generation engine Available 24 x 7 Data harvested & parsed in real time Reports can be scheduled for regular delivery PDF or XLS format
Archiving Competition More than 50 companies in the space Big divide between service provider & onpremise Major competitors Zantaz Iron Mountain i. Lumin (Assentor) KVS EMC/Legato/OTG Other notable competitors Advisor. Mail
Message Archiving & AMC Demo Kevin Merritt, Architect
Agenda Front. Bridge Overview Customers & Business model Global, Load-Balanced Network Front. Bridge Service Offerings Email Security Inbound: Anti-Virus, Anti-Spam, Content & Policy Filtering Outbound: Anti-Virus & Information Leak Protection Business-to-Customer email encryption Message Archiving & AMC Demo Active Message Continuity
Front. Bridge Active Message Continuity Fully functioning supplementary email system – can send new messages and reply to and forward previously received messages Easy point in time as well as ad hoc restoration of messages 100% shared code base with Message Archive (including the OWA clone web-based front end) with some minor tweaks: 30 -day perpetually rolling archive Compliance features and reports concealed
Active Message Continuity Shared code base & infrastructure with Message Archiving Targeted as a continuity solution, not retention Only differences between AMC and MA are: 30 day rolling archive instead of 3, 5 or 7 years Attachments and bodies not searchable Compliance workflow tools removed Fewer reports Easier to use Less expensive MRR Limited Competition – Message. One
Summary E-mail is a mission critical application Customer benefits from software as a service model: Enable companies to tackle complex e-mail tasks with minimal IT staff No upfront capital investment Predictable recurring costs Allow IT staff to focus on more strategic projects offering real competitive advantage Front. Bridge, a Microsoft subsidiary, is the leading services provider for e-mail security, protection, and compliance We’re hiring Developers, Testers, Program Managers, System Administrators, DBAs, and Client Support Help drive Microsoft success in non-consumer hosted services
Скачать презентацию Front Bridge Business Technology James Hamilton GM
2da748b800574891e67d100119c2bfea.ppt