CipherTrust appliance blocks bad mail at network edge

CipherTrust Wednesday plans to announce an upgraded version of its Edge appliance that includes new features for blocking annoying and malicious e-mail messages before they enter the corporate network.

CipherTrust Edge 2.0, available now and priced starting at US$9,995, blocks inbound e-mail determined to be malicious by CipherTrust's included TrustedSource threat engine. TrustedSource calculates a reputation score for each IP address that send e-mail based on sending patterns and history; e-mail send from IP addresses with poor reputations are automatically dropped by IronMail Edge.

With version 2.0, the company has added the ability to detect and block inbound e-mail containing known viruses. Also with this version, IronMail Edge blocks unwanted commercial messages disguised by images or other techniques, thanks to the latest version of TrustedSource that is able to flag bad e-mail not only via the sender's reputation, but also by fingerprinting existing spam messages and matching them to inbound messages.

Unlike CipherTrust's IronMail gateway appliance that sits inside a firewall and filters inbound and outbound e-mail using a variety of techniques to trap spam and malicious messages coming in -- as well as stop messages containing sensitive or corporate information from going out -- Edge sits at the edge of a company's network and does no scanning, but instead blocks inbound messages deemed malicious by TrustedSource. This means that up to half of a company's inbound traffic is blocked before it even reaches the corporate network, say company officials.

For maximum protection against malicious and unwanted e-mail, CipherTrust recommends using Edge in conjunction with its IronMail gateway appliance, allowing the edge product to block known threats and therefore relieve the IronMail appliance from having to scan so many messages.

While this layered approach may sound like overkill, one analyst says such a set up can be beneficial, particularly to large corporations that receive huge amounts of e-mail.

"If you have to process for viruses, spam, etc., using actual content filtering, it's extremely CPU-intensive," says Michael Osterman, president of Osterman Research. "If you can just determine at the very beginning that you know the e-mail is from an untrusted source, you can just drop the [IP] connection and eliminate all that bandwidth and storage."

Other enhancements to Edge 2.0 include LDAP verification, where the appliance compares recipient names on inbound e-mail messages with the enterprise LDAP directory and drops those addressed to users who don't exist, say officials. This version is also able to store inbound messages, in case of a failure in the corporate mail system, until the connection to the mail server is restored.

CipherTrust is slated to become part of Secure Computing on Sept. 8, once the announced acquisition plans are approved.

Join the newsletter!

Error: Please check your email address.

More about CipherTrustGatewayOsterman ResearchSecure ComputingVIA

Show Comments

Market Place