Stories about: IronPort

This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport.

Tech vendors have made headway in the war on spam, yet spammers are returning volley with sheer numbers. Perhaps it's time for more drastic measures? These are the rumblings from InfoWorld Test Center analysts, who reviewed anti-spam email appliances and released their findings last week.

Cisco is looking to aggressively incorporate its reputation and monitoring gear into security gear, all under the direction the former CEO of Ironport, the company Cisco bought for its reputation technology.

Tech vendors have made headway in the war on spam, yet spammers are returning volley with sheer numbers. Perhaps it's time for more drastic measures? These are the rumblings from analysts, who reviewed anti-spam e-mail appliances and released their findings last week.

I tested the Cisco IronPort C100 (v5.5.1) without the optional Symantec "Brightmail" engine, and it excelled nevertheless. Although the filtering rate was second lowest in the group at 93 per cent, which is still quite acceptable, the false positive performance was best in the test. The C100 registered only two bulk false positives and no critical false positives, a feat much more impressive than a high filtering rate.

E-mail security continues to be a hot-button issue for IT administrators, who now find more moving parts in mail security solutions than they did just a couple of short years ago. Fighting viruses and spam were the original spurs for creating e-mail security appliances, and anti-spam is still the most important component of mail security. But the solutions have evolved to meet a host of additional requirements. These include securing connections between users, both internal and external; preventing loss of corporate data; stopping new types of threats such as phishing, spyware, and other types of malware; and blocking DoS and other network attacks as well as some application-layer attacks on mail servers.

Much of the corporate data that gets exposed goes through messaging systems -- not through insider attacks or external hacks -- when users mistakenly send out confidential information via e-mail, instant messaging, and FTP systems, or when they forget to use encryption tools.

Spoofers, spammers and phishers, beware. There's a new gun in town, and some of the Internet's most powerful companies -- including Yahoo, Google, PayPal and AOL -- are brandishing it in the ongoing battle against e-mail fraud.

Two separate security surveys this week on network access control reach similar conclusions: Employees have immoderate access rights, and management should face up to the challenge of reining in out-of-control access without sacrificing productivity gains.

A Google-hosted blog is running phony security content that's linked to malware, as well as using Google's automated notification service to try to entice subscribers to click on an infected link, says one security expert.

The rapid consolidation in the anti-data leakage market in the past year is enough to make an IT manager's head spin: This segment of the security sector ballooned to include dozens of start-ups, then even more quickly dwindled down to a few independent companies as larger vendors cherry-picked smaller ones to add data leakage to their own product portfolios.