Transcript commtouch-09142010

Commtouch:
Cloud-based
Internet Security
Tim Johnson - Director, Strategic Alliances
Ian Hess - Technical Account Manager
September 2010
0
Agenda
1

Who We Are

What We Do

How it Works

Cloud Architecture & Security

Q&A
Foundations



2
Cloud-based security services leader
•
Award-winning Internet security
technology
•
Global delivery & service platform
Unique business model
•
Focus on OEM partners and Service
Providers
•
Partner-centric support organization
Solid financial foundation
•
Est. 1991, Public (NASDAQ: CTCH)
•
Profitable and growing
Selected Customers and OEM Partners
Security & Network Vendors
3
Service Providers
Messaging Security, Web Security & Antivirus Services
Anti-spam
Protect against spam & phishing outbreaks in real-time
Zero Hour Virus Outbreak Protection
Block email-borne malware outbreaks in real time
GlobalView Mail Reputation
2002
2004
2006
Block unwanted email traffic at the network perimeter
GlobalView URL Filtering
Comprehensive coverage, accuracy and real-time security
Outbound Spam Protection
Block and identify outbound spam & spammers
Command Antivirus
Protect against malware threats
Industry Standard Plugins
4
2008
2010
2010
2Q10 Email Threats by the numbers
•
•
179 Billion spam messages per day
•
Pharmacy spam 62% of all spam
•
•
•
82% of all emails are spam
307,000 zombies lit up per day
1800 variants of Mal/Bredo virus
1.3 Sextillion ways to spell \/ l @ g r /-\
Virus Attacks Aren’t Letting Up
400000
350000
300000
SMB Appliances
250000
Enterprise Appliances
ISP
200000
Email Server
MTA
AV Vendor
150000
Web Hoster
SaaS Security
100000
50000
0
Zero hour virus outbreaks – last 90 days
6
Domain Registrar
Mail Gateway
Spam Maxims
Spam is only economical
in large volumes
Single endpoint or
rule-based systems cannot
detect spam and viruses
quickly or accurately enough
A cloud-based
solution with global view
of internet email can
solve the problem
7
Cloud Security Market Requirements
Messaging
Antivirus
Real-time
Spam, phishing and virus
outbreak detection
Zero-Hour detection of
Web threats and new
sites
Zero-Hour malware
detection via multi-layered
approach
False
positives
Near zero
Near zero
Near zero
Global
solution
Language agnostic
detection
Worldwide, relevant
coverage of URLs
Worldwide sample feed
and updates
Industry’s highest
accuracy, with
unparalleled Web 2.0
granularity
Certified by Checkmark,
ICSA Labs and Virus
Bulletin
Cloud-based architecture
servicing hundreds of
millions of users
worldwide
Implementations from
desktop to carrier-grade
Accuracy
Scalable
8
Web
Typically 99%+ spam
detection
Automatic engines servicing
hundreds of millions of
users worldwide
Commtouch’s GlobalView Network
Infrastructure

5 Carrier grade data centers: US (3), Europe, Asia

Operational for over 12 years

Multiple collection nodes distributed worldwide
Collection & Analysis

Collection of billions of Internet transactions daily

Across diversified segments & geographies

RPD™ technology, multiple analysis engines and 3rd
party sources
Service platform
9

Unified service platform for Internet security applications

Servicing OEM vendors & service providers

Protecting hundreds of millions of users worldwide
Commtouch Technology Overview
Global
collection of
Internet traffic
& data
Real-time analysis
Queries by
endpoints
Resolution;
Query results
build locally
relevant DB
Real-time traffic
Web data sources
Security Alliance
Malware samples
Email Analysis
Recurrent Pattern
Detection
10
URL analysis
Multiple engines
Malware analysis
Multiple engines
OEM partner &
Service Provider
Endpoints
Commtouch Technology Overview: Messaging
IP
Addresses
URLs
11

Patented RPD™

Distribution and structure pattern correlation

Real time detection of global outbreaks
Malware
patterns
Spam/
phishing
patterns
取/m取
三最機是般
Commtouch Technology Overview: Web
User
queries
Spam/
phishing
URLs
Open traffic
collectors
Threat
research
URL dynamics,
popularity &
reputation
3rd party
Security
Alliance data
Analysis
Engines
12

User-behavior driven URL filtering cloud database

Multiple sources and analysis engines for broadest
coverage and highest accuracy

Zero-hour Web threat protection

More than 100M sites in 64 categories including 8 security
categories
Commtouch Architecture Detail
Zero
Hour
14
Data Center Nuts and Bolts

5 Operated by Commtouch, 4 co-operated by Commtouch
•
North America, Europe, Asia
•
Colo with Tier 1 DC providers
•

They provide building, physical security, connectivity, power & cooling

Host our equipment in our own cage
We own network equipment, firewalls, etc.

•
Multi-peering with different local ISPs
•
Managed remotely
•
Highly scalable

15
Complete physical redundancy
2 months to spin up from A to Z
Datacenter Security

Hosted in dedicated cage
•


16
Hand scan/Iris scan access
DC provides physical security protocols
•
Who has access
•
Who can request/make changes
•
Who can receive shipments, etc.
We manage technical security
•
Communications to DC from Ops is encrypted and via private VPN
•
Access, change, etc.
Technology Nuts and Bolts

Connectivity
•
17
Local engine/client

Checks local cache first

Contacts DC if not found locally

Variable TTL in cache
•
Client chooses ‘best’ DC to work with
•
100% up time to clients for 8 years
Technology Security



18
Protocols
•
Proprietary protocol over HTTP
•
100% proprietary servers
Service requires authentication

We manage keys and can disable key/service

Partners have optional 2nd level key management
No successful attacks on DCs or clients
Questions?
19
Thank You
20