Wipro`s Presentation
Download
Report
Transcript Wipro`s Presentation
Security Challenges and Opportunities
-Indian ISP Scenario
1
© 2009 Wipro Ltd - Confidential
Challenges and Opportunities:An Indian Scenario
Reducing Internet Bandwidth Losses and Saving Costs
• IP Blacklisting Prevention, DDoS protection, Reduction of Outbound Spam,
Content Caching etc.
Increasing ARPU by offering new value-added Security services for
subscribers
• Customized Security as a Service Offerings, Dynamic Subscriber Profiling, Parental
Control etc.
Compliance to Indian Government Guidelines on Internet Usage
• Implementing TRAI URL Filtering Guidelines, Lawful Intercept (LI) etc.
Providing subscribers with secure malware free Connectivity
• Offering Clean Pipe Services for malware control, MMS AV Scanning etc.
Increasing customer loyalty and attracting new subscribers in a highly
competitive market scenario
2
© 2009 Wipro Ltd - Confidential
Telecom Security Solution Offerings
Cost Saving
and
Compliance
Solutions
• IP Blacklisting Prevention through Outbound
E-mail Anti-Spam using the Fortinet FortiMail
Appliances.
• Implementing TRAI URL filtering guidelines
by deploying the innovative Fortinet FortiGate
appliance based Solution.
GTP Firewalling , SIP Signalling
Firewall and MMS Anti-Virus Scanning
• Deploying
using FortiOS Carrier solutions.
• Clean Internet Bandwidth as a value added
Revenue
Generation
Solutions
3
Managed Security Service offering for subscribers
using the Security Service Virtualization capabilities
of FortiGate UTM appliances.
• URL Filtering and Parental Control solutions
for Mobile Broadband and Mobile Internet users by
using Dynamic User Profiling capabilities
© 2009 Wipro Ltd - Confidential
ISP IP Blacklisting Prevention
-Outbound E-mail Anti-Spam
4
© 2009 Wipro Ltd - Confidential
Top 10 Countries Sending Spam
Last Week - 7/19/10-7/25/10
5
Rank
Country
Messages
% of Total
1
India
430,843
13.8%
2
Russia
298,792
9.6%
3
Brazil
216,889
7.0%
4
Ukraine
187,095
6.0%
5
United States
161,979
5.2%
6
S. Korea
145,271
4.7%
7
Vietnam
122,601
3.9%
8
Britain
69,642
2.2%
9
Romania
69,116
2.2%
10
Israel
63,697
2.0%
© 2009 Wipro Ltd - Confidential
ISP Blacklisting – Context and Subscriber Impact
• Spamming IP addresses are tracked and detailed in Blacklists (DNSBL, RBL)
• Most Internet MTAs refuse e-mail from blacklisted IP addresses
– DNSBL is a popular technique, widely used as an Anti-Spam filter by peering ISP’s
• CASE #1: Low Impact: E-mail activities of certain subscribers are affected
– The blacklisted IP is reassigned to a clean subscriber
➽ The latter can not send mail
6
© 2009 Wipro Ltd - Confidential
ISP Blacklisting – Subscriber impact and Resolution
•
CASE #2: High Impact: E-mail activities of all subscribers are affected
➽ All subscribers are impacted and can not send mail
•
RESOLUTION: Through Anti-Spam Scanning of Outbound E-mail Traffic
– Reduce Spam content in e-mail flow originating in the local network
•
•
•
•
7
Transparent E-mail Traffic Scanning for Spam
Other protocols like FTP, P2P and HTTP can be bypassed
Analyze and Report on Offending Subscribers through Radius Integration
Drop confirmed spam e-mails and initiate Out-of-Band remediation process against
repeatedly offending subscribers.
© 2009 Wipro Ltd - Confidential
Outbound Anti-Spam : Process Flow
Identification:
Inspect the Internet traffic and identify the SMTP
based e-mail traffic for further action.
Isolation:
Transparently re-direct only the SMTP traffic towards a
cluster of Anti-Spam Appliances for scanning. Other types of traffic
to be passed through.
Interrogation:
The load balanced cluster of Anti-Spam
appliances would scan for various configured parameters to
identify spam e-mails
Intervention:
The identified spam mails are dropped and
clean mails are processed for delivery to intended recipients.
Appropriate reporting mechanisms configured to identify
offending ADSL/3G subscribers.
8
© 2009 Wipro Ltd - Confidential
Outbound Anti-Spam – The Traditional Approach
• Policy-based routing (PBR) rules on the Internet Gateway Router makes
sure subscriber's mail flow are redirected to FortiMail for scanning
– No need to process web, ftp, pop3, etc. traffic
– No need to redirect/scan incoming mail flow
• High PBR related performance impact on existing routing infrastructure.
9
© 2009 Wipro Ltd - Confidential
Outbound Anti-Spam – An Innovative Approach
• Policy Based SMTP Re-direction using third-party high performance DPI
engine to reduce any induced latency on the network. No impact on
existing network performance.
• Load Balancing of multiple FortiMail Appliances for performance scalability
• Fully transparent SMTP e-mail scanning for subscriber mobility and ease of
use.
10
© 2009 Wipro Ltd - Confidential
Reporting: Identifying Offending ADSL/3G subscribers
•
For 3G mobile networks, subscriber ID = MSISDN
•
For ADSL networks, subscriber ID = ADSL modem login
– Track the offending subscriber ID
– Initiate remediation process , block all e-mail traffic from offending subscriber on repeated
offence.
11
© 2009 Wipro Ltd - Confidential
Solution Benefits
The solution improves the end customer experience thereby
increasing stickiness of its subscribers.
Increased credibility and protected reputation ensures that newer
value added services are appreciated faster by subscribers.
Deploying an Outbound Anti-Spam solution reduces outgoing e-mail
volume significantly by reducing spam related traffic.
The solution prevents incidents of IP Blacklisting due to Spam ,
saving costs in terms of fines and penalties.
The solution can help in identification of offending ADSL/3G
subscribers for remedial action.
The solution can also be scaled in the future to offer inbound e-mail
scanning services for subscribers.
12
© 2009 Wipro Ltd - Confidential
Case Studies: Securing Telecom Networks
-Wipro and Fortinet
13
© 2009 Wipro Ltd - Confidential
Case Study #1:Virtual Security Solution
• Large Telecom Player in India
• Part of one of India’s most reputed Business groups
• First ISP to offer UTM based Virtual Security-as-a-Service offerings for
Indian customers
• Solution jointly deployed by Fortinet and Wipro using chassis based
FortiGate UTM appliances.
• Customized Security Services being offered by the ISP to various
enterprise Hosted Services and Network Services customers since last 2
years.
14
© 2009 Wipro Ltd - Confidential
Case Study #2: Meeting TRAI URL Blocking Guidelines
•
•
•
•
•
•
•
•
15
Large Telecom Player in India
Part of one of India’s most reputed Business groups
Required compliance to DoT guidelines for blocking Anti-India Content
Unique Solution jointly deployed by Fortinet and Wipro using modular
FortiGate UTM appliances
List of URL’s to be blocked is configured on the Fortigate appliance
Only relevant traffic requests are evaluated. Blocked URL requests are
blocked. Rest of the traffic is transmitted untouched.
Additional URL’s can be added when required.
Solution enabled since last 2 years.
© 2009 Wipro Ltd - Confidential
Thank You
-Ravi Vaz, Wipro Infotech
16
© 2009 Wipro Ltd - Confidential