Guest: Dave Scott - Symantec

Announcer
You are listening to a Symantec Podcast, powered by PodTech.

Dave Scott - Symantec
Welcome to the Mail Security for Microsoft Exchange Podcast, I am the project manager Dave Scott. Today, I'll give you a general overview of Mail Security for Exchange touching on the key features, competition and frequently asked questions. First I'd like to give a quick overview of the product.

Symantec Mail Security for Exchange provides integrated mail protection against virus threats, spam, security risks and other unwanted content from Microsoft Exchange 2000 and 2003 servers. Mail Security for Exchange defends against new and known viruses. Attachments and subject line blocking provide hour-zero responses to new threats. Support for hourly Rapid Release definitions and daily live updates; ensure that your Exchange Server is protected against the latest viral threats.

A Mass Mailer rule detects messages from Mass Mailer sources and deletes the entire message instead of simply deleting or repairing the attachment. This is done because generally content from Mass Mailer sources contains no value whatsoever, and rather than confuse end users it's easier to just delete the entire message. New Adware and Spyware detection address other potential security risks that maybe transferred via email.

Mail Security also includes customizable content filtering rules, which can be created to block content violations within email messages and attachments. Rules can be created to block based on message body, the attachment name, sender and message size. Attachment content can also be scanned within virtually all attachment types and finally, our new multimedia and executable file typing can be used to block files based on their true file type, instead of just relying on the extension of the file, which can be easily modified by a user.

Mail Security for Exchange also contains basic spam tools including a heuristic-based detection engine, custom filtering rules, real time blacklist and sender and recipient waitlist. Messages can be handled differently depending on the level of confidence that a message isn't fax spam. For more aggressive spam detection or more accurate spam detection an optional Symantec Premium Antispam add-on subscription service is available.

This solution is powered by Brightmail technology and response and enables organizations to achieve high-detection rates of over 97%, and the industry's highest accuracy rate against false positives. Multilayer Spam Prevention leverages multiple filtering techniques including spam signatures, heuristics, reputation filters, language identification and proprietary methods with automatic updates occurring every five to ten minutes. No new software or hardware is required and the service requires no additional IT administration or tuning once deployed.

The administrator simply adds a license key for Symantec Premium Antispam within their existing Mail Security for Exchange installation to enable the advanced premium anti-spam capabilities. Mail Security for Exchange scans for content violations, viruses and security risks on inbound traffic, outbound traffic, internal mail and also messages that reside in the mailbox server or message store.

Typically, in small organizations, Mail Security for Exchange is installed on a single box that handles all of these different roles; inbound, outbound, internal and the message store itself. In larger organizations, Mail Security for Exchange could be installed on a Gateway Server or a Parameter Server, a Front-end Server or a Bridgehead Server. In each of these cases, Mail Security for Exchange would only scan inbound and outbound messages, as there is no message stored in these scenarios.

The latest version of Symantec Mail Security for Exchange is version 5.0 which was released last December. Number of new features in this release, and I'm just going to cover some of the highlights. First of all, in Mail Security 5.0 we've completely redesigned the UI. The new UI and here is to Symantec's UI standards, so it has a similar-looking field to some of the other Symantec products you might see. It allows you to easily switch between viewing a local server and a remote server or group of servers. The new UI is also done in Windows.NET framework, which gives us a much more robust UI. Content Filtering is also been improved in the latest version.

One of the great -- the biggest enhancements is the ability to scan for violations, content violations within an attachment. We provide the ability to scan through most common attachment types, virtually all common attachment types, that are found in email today including office documents, PDF's, text files and many, many more. We also provide the ability to do user group based rules in the new version. This allows you to create a very specific rule that only applies to a user or group, or applies to absolutely everyone except for a specific user or endure group.

Another area that we've really improved in 5.0 is reporting. We now provide both detailed reports and executive summary reports that can be generated automatically and even sent to desired email recipients.

Mail security 5.0 also provides protection against security risks such as Spyware, Jokeware and Adware, and other non-viral threats that can be found in email. Finally Version 5.0 adds Windows Cluster Support, we are now truly Cluster aware, we are setting the stored in as shared location and when a cluster fails over from active to passive; the passive node picks up the settings. We also are compatible with Varvatos Clusters; however in this scenario with a Varvatos cluster, you must install Mail Security for Exchange, on both the active and passive node and manage the settings for each node separately.

So, just to review some of our competitive strengths include the fact, that we are a Mail security for Exchange as a single integrated solution, reduce your acquisition cost, reduce the solution complexity, one customer or one vendor to deal with, and also you get performance efficiencies. We provide a complete security solution, best-of-breed antivirus. Basic Anti-Spam included, comprehensive content filtering included and the option to add a best-of-breed Integrated Premium Antispam Solution. The fact that our central console has been included as a very big win for us over a competition. Mail security provides a centralized management solution without the need of purchase any additional product. Changes can be made to any server from any installation of Symantec Mail Security.

However, most of our large customers install a Console Only version of Exchange on a Windows XP or Windows 2000 machine, in order to remotely manage servers. Remote functions include deployment and updating of all settings, remote installation of mail security, virus definition deployment, and centralized reporting in status. Finally another big and competitive advantage is our comprehensive reporting, detailed reporting and executive summary reporting, all included in the base solution. Also wanted to just address some frequently asked questions.

One of the biggest questions I get from customers and from sales reps is, customer already has virus protection of the Gateway in Desktop, why do I need protection of the Groupware level? The answer to this is simple. Mail Security, provides an essential layer of protection to prevent viruses from spreading, and to react quickly to new threats and enforce internal policy and compliance rules. There are many reasons to protect your Exchange Message Store Mailbox, even if you're already scanned for viruses at the Gateway on the Desktop. First, occasionally a new threat will enter the message store before virus definitions are available at the Gateway of your Desktop.

At this point it's too late to update the Gateway, the threat is already gone past, and complete protection of the desktop requires that absolutely every end user apply the latest definitions, and not only that but it also means that, if we were to let that virus go through end users must manage that virus and address it at the Desktop. Scanning the Message Store with an application such as Mail Security for Exchange provides a non-intrusive way to clean the Message Store without any end user intervention. Groupware protection is especially important in the case of a Worm Virus, which could rapidly spread prior to definitions being updated across every end user's desktop.

Mail Security provides on access protection meaning that as soon as virus definitions are updated, every end user is instantly protected. Groupware Solutions are important in enforcing company policy internally. The Groupware Solution can be used to prevent inappropriate content from being sent internally, and can be used to enforce restrictions on the size and type of files which are sent. Mail Security for Microsoft Exchange can be used to block access too, and remove messages that are sent to internal recipients, even after that message has been released. So, it's a way of protecting your users from inappropriate content, once that content has been discovered you just create a rule, and that rule will go into enforcement right away.

As policy and especially compliance such as Hipper and Sarbanes-Oxley become more important, it will be essential for companies to be able to control messages within the Message Store. Content Filtering Rules and Mail Security for Exchange can prevent violations from occurring by intercepting internal messages that violate policy and compliance rules before they reach the intended recipient. Without Groupware Protection, there is no way to enforce compliance on internal traffic, and that concludes this Podcast on Mail Security for Exchange. If you have any further questions on this product, please feel free to give me a call, my name again is Dave Scott, and I can be reached in the New Port News Office at 757-269-2307.