FrontBridge: Business & Technolog
Download
Report
Transcript FrontBridge: Business & Technolog
FrontBridge Business & Technology
James Hamilton
GM FrontBridge Technologies
[email protected]
Agenda
FrontBridge Overview
Customers & Business model
Global, Load-Balanced Network
FrontBridge Service Offerings
Email Security
Inbound: Anti-Virus, Anti-Spam, Content & Policy Filtering
Outbound: Anti-Virus & Information Leak Protection
Business-to-Customer email encryption
Message Archiving
Archiving & AMC Demo
Active Message Continuity
FrontBridge Snapshot
Overview
Founded 1999
160 employees in US, Canada and Europe
80 in R&D, Client Support & Operations
Moved HQ team from LA to Redmond
Winnipeg team stays in place
Customers…
Microsoft Acquired Aug 31, 2005
Global Customers
3,200 customers world-wide
Coverage in leading verticals
Financial services, life sciences, manufacturing,
legal, healthcare
Global Distribution…
Global Network
Nine globally-distributed data centers
Processing over 6 billion messages per month
100% historic uptime
Eight global partners & direct sales force
Global Recognition
Analyst, press endorsement as market visionary
Leader category in Gartner magic quadrant
Awards…
Business Environment
E-mail Retention is Becoming a Primary Concern
Compliance: Need a complete, tamper-proof archive
e-Discovery: Need to store, find & produce information in a
complete & timely manner
Security Vulnerabilities Still Exist
Spam, viruses and phishing still plague inboxes
Closer relationship between viruses and spam
Companies ill-equipped to stay ahead of threats
Intense Pressure on IT to Improve Productivity
Focus on projects that provide competitive advantage
Make mission-critical systems more reliable
Deploy Secure, Reliable, Manageable, & Cost-Effective
Meeting Messaging Challenges
Manage cost and
complexity
No HW/SW to install
and manage
Outsource routine IT
management
Predictable
subscription based
service
Scalable at no
additional cost
Secure, protect
and comply
Inbox value and
access
Eliminate threats
before they reach
the network
Eliminate spam and
viruses from the email stream to boost
productivity
Policy-compliant
infrastructure
Service-based e-mail
archiving for rapid
deployment
Reliable e-mail
availability and
continuity systems
Recover from
unplanned outages
or disasters
FrontBridge Business
Focus: Total Message Management
Partner & direct sales model
2 to 3 year subscriptions with monthly payment
Channel: Direct, white label with Telcos, & resellers
Typical customer
1000-2000 seats for Filtering, 400-500 seats for Archive
Some customers >100k seats
Filtering is largest part of revenue
Archiving is fastest growing.
Agenda
FrontBridge Overview
Customers & Business model
Global, Load-Balanced Network
FrontBridge Service Offerings
Email Security
Inbound: Anti-Virus, Anti-Spam, Content & Policy Filtering
Outbound: Anti-Virus & Information Leak Protection
Business-to-Customer email encryption
Message Archiving
Archiving & AMC Demo
Active Message Continuity
FrontBridge Global Network
99.999% uptime SLA
100% historical uptime made possible by global, load-balanced network
Eight data centers
537 servers
Over 200 million message recipients processed/day
Over 350 million at peak
Store & forward system ensures no legitimate mail is lost
Automatic deferral, retry every 20 min for up to 5 days
Agenda
FrontBridge Overview
Customers & Business model
Global, Load-Balanced Network
FrontBridge Service Offerings
Email Security
Inbound: Anti-Virus, Anti-Spam, Content & Policy Filtering
Outbound: Anti-Virus & Information Leak Protection
Business-to-Customer email encryption
Message Archiving
Archiving & AMC Demo
Active Message Continuity
Primary FrontBridge Service Offerings
E-mail
Filtering
Layered anti-spam
Multi-engine anti-virus
Corporate Policy
Enforcement
Real-time attack
prevention
Message
Archive
Interception-based
message archiving
Customized report
generation for
demonstrating
compliance
Fully-indexed,
searchable archive
Rapid deployment to
meet deadlines or
immediate needs
Secure
E-mail
Full e-mail encryption
B-to-C focused
No public and private
key management
Gateway, policybased e-mail
encryption
Active
Message
Continuity
Uninterrupted e-mail
accessibility
Rapid recovery from
unplanned disasters
and network outages
30-day historical email store
Agenda
FrontBridge Overview
Customers & Business model
Global, Load-Balanced Network
FrontBridge Service Offerings
Email Security
Inbound: Anti-Virus, Anti-Spam, Content & Policy Filtering
Outbound: Anti-Virus & Information Leak Protection
Business-to-Customer email encryption
Message Archiving
Archiving & AMC Demo
Active Message Continuity
FrontBridge: Email Security
Anti-Virus, Anti-Spam, & Corporate Policy Enforcement
Network TLS Enabled
Web-based management & reporting
Highly customizable filtering environment
Easy customer on-boarding
Only requires MX record change
No disruption in mail flow
One month free trial
Four Anti-Virus engines integrated
Symantec, Trend Micro, Sophos, & Kaspersky
Updates pushed every 10 minutes
FrontBridge Anti-Spam Engine
Blocks 95%+ Spam
Low false positive rate
1 in 250,000 false positive (bulk email)
1 in 1,000,000 false critical (direct business-to-business messages)
FrontBridge: Filtering Flow Diagram
MTA 1
MTA 2
MessageSwitch, DeliverHosts, Quarantine
Spam Filtering: On the Edge
SMTP Validation
Some easy to detect & common spammer mistakes
Sender Policy Framework
Points for later spam scoring
Optional CSFM (Custom Spam Filter Management)
Blacklists / Reputation Services
Blacklists internally maintained by spam analysts team
Seed pool generated from daily reports of top IPs hitting network
IPs are then investigated by SA and added to list
Directory Services
Administration center upload or automated SFTP dump
Updated every 15 minutes
Spam Filtering: Fingerprinting
Message Fingerprinting
Messages fingerprinted via modified MD5 hash
Adapt to avoid most hash breakers
Fingerprints are compared with a per-Message Switch cache
Cache synchronized with central DB
Moving to real time central DB update
Gray list: SMTP 450 on significant traffic changes
Database tracks all messages moving through system
Spam Analyst acts on real-time patterns detected
Spam matches signatures in DB
Honeypots
Accounts set up to gather spam
Honeypot messages automatically fingerprinted for blocking
Spam Filtering: Rule Engine
FrontBridge Anti-Spam Engine
Spam Analyst on duty 16x7
Regular expression-based rules
Four new rule pushes each day
Spam Analyst input:
Honeypots: Known Spam
Customer spam submissions
Spam Rule Analyzer DB
Spam Rule Analyzer
Over 61k rules in DB of which ~16k are active
Each message that triggers a rule also updates usage DB
False positives update the DB
Corporate Policy Enforcement
Rules used to enforce customer-specific policy
Create rules based on multiple message parameters
• Domain
• IP or IP Range
• Sender
• Recipient
• Subject
• Body
• Character set
• Filename
• File Size
• File Extension
• Executable content
Simple wildcard & pattern matching capabilities
/d/d/d-/d/d-/d/d/d/d matches any SSN
Per rule customizations (notification, comments)
Supported both inbound and outboud (ILP)
Actions: reject, allow, deliver w/BCC, quarantine, test, encrypt
Mail Traffic Reports
Web based reports in Admin Center
Most can span up to 2 months of data at a time
Exportable to Microsoft Excel
Organization, domain, or domain-group reporting
Total messages
Inbound messages
Outbound messages
Policy filtered messages
Message Level detail down to sender, recipient and policy rule applied
Content filtered messages
Message Level detail down to sender, recipient & content rule applied
Virus Filtered messages
Message Level detail down to sender, recipient and virus name
FrontBridge Secure E-mail
User sends an e-mail to FrontBridge
E-mail is automatically encrypted at the gateway according to rules
created and managed within the Policy Enforcement module
The public key is based on the message recipient’s e-mail address to
encrypt the E-mail
The private key is dynamically generated for the message recipient
when they decrypt their message
Agenda
FrontBridge Overview
Customers & Business model
Global, Load-Balanced Network
FrontBridge Service Offerings
Email Security
Inbound: Anti-Virus, Anti-Spam, Content & Policy Filtering
Outbound: Anti-Virus & Information Leak Protection
Business-to-Customer email encryption
Message Archiving
Archiving & AMC Demo
Active Message Continuity
Message Archive Overview
Hosted service
Low cost of storage & administration
Captures Email, IM, Bloomberg & archives documents
Multiple Business Drivers including
Meets regulatory compliance requirements
Offers corporate surveillance functionality
Provides Knowledge management capabilities
Easy on-boarding of service
Requires MX record change for external email
Envelope Journaling for internal email
Web-based supervisory, auditing & reporting tools
FrontBridge Message Archive
Inbound E-mail scrubbed for unwanted content
Messages captured and copied “in stream”
Message store holds e-mail, IM, Bloomberg & uploaded documents
End users have full E-mail functionality via web-based OWA clone
Supervisors can have access to archive for message monitoring
Auditors and outside counsel can access archive and/or reports
Compliance Managers & Supervisors
SEC 17a-4 – Physical Retention requirements
Mail stored for 3 years (1-7 years retention available)
Each message assigned a unique contiguous serial number
Two online copies of each message stored in 2 discreet locations
Messages available online 24 x 7
Can be exported as EML files in ZIP
FrontBridge will provide letter of attestation to the SEC
Act on customer’s behalf for SEC queries
External Auditor role permits outside access for auditors
Mail destroyed on expiration date; Destruction report included
NASD 3010 – Communications Review requirements
Keyword list and message sampling support
Whitelist trusted senders from random sample
Random sampling support of int/ext mail, int/ext IM
Message harvest process built in
Review classification categories, with escalation capability included
Corporate HR & Legal
Advanced Search
Search across message headers, bodies and 200 attachment
types
Regex, Soundex, Stemming search supported
Tag messages for others; add notes to messages
Case Management
Return search results to custom folders
Share folders with others
Destruction Hold
Stall message destruction by user, by organization
Attorney/Client Privilege protection
Message Archive: Reporting
Compliance Reports & system Reports
23 predefined reports available
Web-based report-generation engine
Available 24x7
Data harvested & parsed in real time
Reports can be scheduled for regular delivery
PDF or XLS format
Archiving Competition
More than 50 companies in the space
Big divide between service provider & onpremise
Major competitors
Zantaz
Iron Mountain
iLumin (Assentor)
KVS
EMC/Legato/OTG
Other notable competitors
AdvisorMail
Message Archiving & AMC Demo
Kevin Merritt, Architect
Agenda
FrontBridge Overview
Customers & Business model
Global, Load-Balanced Network
FrontBridge Service Offerings
Email Security
Inbound: Anti-Virus, Anti-Spam, Content & Policy Filtering
Outbound: Anti-Virus & Information Leak Protection
Business-to-Customer email encryption
Message Archiving
Archiving & AMC Demo
Active Message Continuity
FrontBridge Active Message Continuity
Fully functioning supplementary email system – can send new
messages and reply to and forward previously received messages
Easy point in time as well as ad hoc restoration of messages
100% shared code base with Message Archive (including the OWA
clone web-based front end) with some minor tweaks:
30-day perpetually rolling archive
Compliance features and reports concealed
Active Message Continuity
Shared code base & infrastructure with Message
Archiving
Targeted as a continuity solution, not retention
Only differences between AMC and MA are:
30 day rolling archive instead of 3, 5 or 7 years
Attachments and bodies not searchable
Compliance workflow tools removed
Fewer reports
Easier to use
Less expensive MRR
Limited Competition – MessageOne
Summary
E-mail is a mission critical application
Customer benefits from software as a service model:
Enable companies to tackle complex e-mail tasks with minimal IT
staff
No upfront capital investment
Predictable recurring costs
Allow IT staff to focus on more strategic projects offering real
competitive advantage
FrontBridge, a Microsoft subsidiary, is the leading
services provider for e-mail security, protection, and
compliance
We’re hiring
Developers, Testers, Program Managers, System Administrators,
DBAs, and Client Support
Help drive Microsoft success in non-consumer hosted services