cisco ironport e-mail security appliance · email security architecture ib ds it otb dc t linbound...
TRANSCRIPT
Cisco IronPort E-mail Security Appliance
Deep dive - Hrvoje Dogan
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1
Cisco IronPort Consolidates theNetwork PerimeterFor Security, Reliability and Lower Maintenance
After IronPort
Internet
Before IronPort
Internet
FirewallFirewall
Encryption PlatformMTA
DLP Scanner
IronPort Email Security Appliance
Anti-Spam
Anti-Virus
Policy Enforcement
DLP Policy Manager
Groupware
Mail Routing
Groupware
2
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID
Users Users
Email Security ArchitectureI b d S it O tb d C t lInbound Security, Outbound Control
Spam VirusINBOUND SECURITY
men
t
Defense Defense
CISCO IRONPORT ASYNCOS™
SECURITY
Man
ageCISCO IRONPORT ASYNCOS
EMAIL PLATFORM
SData Loss Prevention
Secure MessagingOUTBOUND
CONTROL
3
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID
Processing the Email (Work Queue)Processing the Email (Work Queue)
ANTI-VIRUS CONTENTFILTERS
VIRUSOUTBREAK
FILTERS
ANTI-SPAMREPUTATION
FILTERSMESSAGEFILTERS
ASYNCOS EMAIL PLATFORM
4
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID
4
Relationship Between Listeners, IP Interfaces, and Ethernet Interfaces
SMTP clients connect to the listenerto send mail
A listener is an SMTP server awaiting connections from SMTP clients, typically on TCP port 25, yp y p
IP Interface IP address
Listener Port
An IP interface is the
I P t
IP Interface IP addressbinding of an IP address to a Physical Interface, VLAN, or Aggregated
Link PairPhysical Ethernet Interface
Physical InterfaceVLAN VLAN
IronPort Appliance
Physical Ethernet InterfaceData 1 Data 2
5
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID5
IronPort supports multiple interfaces and multiple listeners
Expanded Email Pipeline Host Access Table
(HAT)
Default Domain
LDAP Recipient Acceptance(Work Queue time)
Masquerading orLDAP Masquerading
Received: Header
Virtual Gateways
Delivery Limits
Domain Map
Recipient Access Table (RAT)
Alias Tables
LDAP Routing
Message Filters
Received: Header
Domain-based Limits
Domain-based RoutingAlias Tables
LDAP Recipient Acceptance(SMTP-time)
Anti-Spam
Anti-Virus
Content Filters
Per-P
olicy Sca
Global Unsubscribe
Bounce Profiles
DKIM Signing
DKIM Verification
SMTP Server
Process MailWork Queue
Content Filters
Virus Outbreak Filters
anning
Work Queue SMTP client
Bounce Profiles
SPF/SIDF Verification
IronPort C Series
Exchange Server
InternetMTAProcess
MailSMTP
ReceiveSMTP
Delivery
6
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID
IronPort C-SeriesAccept Mail Deliver Mail
Processing the Email (Work Queue)Processing the Email (Work Queue)
ANTI-VIRUS CONTENTFILTERS
VIRUSOUTBREAK
FILTERS
ANTI-SPAMREPUTATION
FILTERSMESSAGEFILTERS
ASYNCOS EMAIL PLATFORM
7
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID
7
Registrujte se za Cisco Networkers 25 28 j 2010 B l25-28. januar 2010. Barselona28-31. mart 2010. Bahrein
8
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID
9
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID