 |
| |
| |
Copperfasten Mail Firewall
Appliance |
|
| |
|
|
| |
Q:1. What is the Copperfasten
Mail Firewall Appliance? |
|
| |
|
|
| |
A: A mail firewall appliance
is a purpose built device designed to protect email from attack
from external treats such as viruses and Spam. It sits behind
your firewall and analysis all email prior to delivery to your
email server. Viruses are removed and Spam is quarantined. |
|
| |
|
|
| |
Q:2. I already have a firewall,
why do I need this ? |
|
| |
|
|
| |
A: Your firewall is designed
to protect your network from external attack; the Copperfasten
Mail Firewall Appliance is designed to protect your email. In
the current climate where viruses and Spam account for up to
80% of email delivered to organizations this is a must |
|
| |
|
|
| |
Q:3. How much Spam does
the Copperfasten Mail Firewall Appliance remove? |
|
| |
|
|
| |
A: The Copperfasten Mail Firewall
Appliance removes upwards of 95% of all Spam. With features
such as Whitelists, Blacklists and Email Quarantine the Coppperfasten
Mail Firewall Appliance ensures that this is achieved without
incidence of "false positive". |
|
| |
|
|
| |
Q:4. What Anti Virus product
does the Mail Firewall Appliance use? |
|
| |
|
|
| |
A: The Copperfasten Mail Firewall
Appliance is shipped with ClamAV, a freeware Anti Virus used
by some of the largest institutions and service providers worldwide
such as SourceForge.net; Loyola University, Chicago; Michigan
State University; CanTV.net, Venezuela and Graz University,
Austria.
The Copperfasten Mail Firewall Appliance can also be configured
to use most Anti Virus gateway products on the market today,
including Symantec, Sophos, Trend, McAfee and Karspersky.
|
|
| |
|
|
| |
Q:5. I already have an email
server, where does this fit in? |
|
| |
|
|
| |
A:The Copperfasten Mail Firewall
Appliance will fit seamlessly between your existing firewall
and mail server. As it is an email relay it will require only
minimal reconfiguration of existing network set up and will
be operational in minutes. |
|
| |
|
|
| |
Q:6. Does your solution
cause a delay in email delivery? |
|
| |
|
|
| |
A: No, the Copperfasten Mail
Firewall Appliance software and hardware product offerings have
been designed to cater for the needs of SME's to Global enterprises
to ensure email is processed and delivered immediately.
|
|
| |
|
|
| |
Q: 7. Why is the Copperfasten
Mail Firewall Appliance better than buying software and setting
up the same solution on a server ? |
|
| |
|
|
| |
A: The Copperfasten Mail Appliance
is a purpose built device and delivers a number of advantages
over a software/server solution. Because it is an "out
of the box" solution it is simple to implement. There is
no server build, no media packs to install and configure, no
compatibility issues and little product learning involved. This
offers huge cost saving potential right through from purchase
of product, installation, and management to ongoing maintenance.. |
|
| |
|
|
| |
Q:8. Is it rack mountable? |
|
| |
|
|
| |
A:Yes, the Copperfasten Mail
Firewall is fully rack mountable in a standard 19" rack.
The unit is 1U in height |
|
| |
|
|
| |
Q: 9. What are your support
offerings? |
|
| |
|
|
| |
A: Inclusive in the purchase
price is the first year maintenance and software subscription.
This entitles you to anti virus and Spam updates, product version
releases, patches, phone and email helpdesk support during business
hours. There is also a 12 month hardware warranty with next
day replacement in the event of failure. |
|
| |
|
|
| |
Q: 10. What happens if the
hardware fails? |
|
| |
|
|
| |
In the unlikely event of a confirmed hardware failure, Appliances
under warranty will be replaced next business day.
|
|
| |
|
|
| |
Q: 11. How are my spam rules
and virus definitions kept uptodate? |
|
| |
|
|
| |
A:.Both the Anti Virus and Spam
products running on the Copperfasten Mail Firewall Appliance
are updated automatically over the Internet. This can be configured
to update weekly, daily or hourly. |
|
| |
|
|
| |
Q: 12. How will you implement
feature enhancements ? |
|
| |
|
|
| |
A: Inclusive of the annual maintenance
customers will be entitled to access any future version releases
or feature enhancements. In the event of any such releases customers
will be informed via email and directed to our website where
any released will be available for downloading and automatically
installed on the Appliance |
|
| |
|
|
| |
|
|
| |
|
|
| |
Copperfasten Intrusion Immunity |
|
| |
|
|
| |
Q: Isn't my firewall, virus
detection, encryption, and IDS enough to secure my network? |
|
| |
|
|
| |
A: Your firewall provides a perimeter
defense. This can't, however, prevent internal attacks (which
form 52% of all successful attacks and cause 80% of hacker-induced
financial damage).
In addition, every service you enable on the firewall provides
another possible vulnerability. Virus detection is based on
the premise of detecting known threats by signature analysis
- in other words, examining the contents and looking for known
patterns: so you are always playing catch-up. Once a new attack
is released, you are at risk until your anti-virus vendor
releases a new version of the signature definition file.
IDS looks for anomalies in the operation of the system, but
this doesn't necessarily indicate an attack (hence the number
of false positives associated with IDS). In a similar way
to anti-virus strategies, an IDS system looks for specific
indicators of a possible attack (such as password errors).
As a result, it is susceptible to false negatives, or real
attacks which fail to trigger the IDS alerts.
|
|
| |
|
|
| |
Q: Why do I need Intrusion
Immunity? |
|
| |
|
|
| |
A: Unlike traditional IDS, Copperfasten
Intrusion Immunity doesn't look for known threats but focuses
instead on maintaining the consistency of critical digital assets
(files, directories, registry entries, etc). By detecting, reporting
and reversing any unauthorized change to critical assets, Intrusion
Immunity ensures that the system is truly immune to attack. |
|
| |
|
|
| |
Q: How does Copperfasten
avoid false positives? |
|
| |
|
|
| |
A: Copperfasten provides a digital
signature mechanism for each digital asset on the server. Only
the system administrator, with access to the private key, can
modify the digital signature and thus modify the actual asset.
Any modification not accompanied by a digital signature is by
definition, unauthorized. As such, the system cannot produce
false positives. Simply put, either the change is digitally
signed or it isn't. |
|
| |
|
|
| |
Q: Wouldn't a good intrusion
detection program eliminate the need for file integrity assurance
products? |
|
| |
|
|
| |
A: In theory, yes. However, all
current IDSs search for events that cause data change rather
than the effects of such change. A cause may or may not result
in an intrusion and similarly, an intrusion may occur without
alerting the IDS. This is how "false positives" and
"false negatives" occur. In contrast, Copperfasten
deals with the effects of change rather than the causes so it
can always detect an intrusion and can always differentiate
between authorized and unauthorized change. |
|
| |
|
|
| |
Q: Why are snapshot comparisons
not adequate? |
|
| |
|
|
| |
A: By definition, a "snapshot"
is a large sample of the entire infrastructure. This sample
may be comprised of several thousand files and directories.
Determining which files in the snapshot should never change
and which are permitted to change-within certain parameters-is
a daunting task. In reality, system administrators tend to endorse
all deviations found during successive snapshots, resulting
in a snapshot that actually contains unauthorized executables
or configuration changes. Only by examining each change and
automatically applying a policy engine to the delta can the
appropriate action be decided. |
|
| |
|
|
| |
Q: Doesn't continuous monitoring
bog down my system? |
|
| |
|
|
| |
A: Continuous assessment is configurable
down to the file and directory level. The level of performance
impact is determined by the user. Our recommendation is for
a performance impact of between 3 to 4 percent. Depending on
the configuration, this would mean monitoring each file every
five to ten minutes. |
|
| |
|
|
| |
Q: Many IDS solutions notify
IT personnel of a change and leave it up to them to determine
the severity of it. How is Copperfasten different? |
|
| |
|
|
| |
A: While most other products
feel that they have done their job when they have notified you
of a potential problem, Copperfasten actually prevents or fixes
the problem and then notifies you of that solution. |
|
| |
|
|
| |
Q: How does Copperfasten
discern different types of attacks -buffer overflows, DoS, port25,
virus, and worm? And how do I know it will protect against attacks
in the future, that aren't yet invented? |
|
| |
|
|
| |
A: Copperfasten doesn't need
to know the source of the attack to be effective against stopping
it. While there are countless different sources of attack against
a server, there are only a few effects. Instead of focusing
on stopping the cause, Copperfasten focuses on preventing the
effect. This makes our security methodology a very effective
protection against both internal and internal effects, as well
as known or unknown ones. |
|
| |
|
|
| |
Q: Do I still need 24x7
live security monitoring service if I use Copperfasten Intrusion
Immunity? |
|
| |
|
|
| |
A: Probably not. Usually, security
services are necessary because most security software platforms
only notify you of a problem. Because the software does not
fix the potential threat, many companies rely on expensive third-party
service organizations to determine if the software is reporting
a real problem and if so to fix it. Because our software does
fix the threat and notifies you of the solution, a monitoring
service is not required. |
|
| |
|
|
| |
Q: Doesn't 24x7 monitoring
of my server traffic count as total protection? |
|
| |
|
|
| |
A: While 24x7monitoring is a good idea, you have to ask yourself
two questions:
- "What am I monitoring for?"
- "What do I do when I see a problem?"
In most cases, 24x7 monitoring is focused on the causes of
problems, not the effects. Hence it is likely to miss some
threats, especially those coming from inside your organization.
When a problem is noticed, most services just notify you that
there is a problem. It is then up to you to fix it-even at
3 o'clock on a Sunday morning.
|
|
| |
|
|
| |
Q: Can the volume of network
traffic exceed the capability of the sensors? |
|
| |
|
|
| |
A: In most IDS solutions, the
answer "Yes". Since Immunity monitors effects rather
than causes, we can monitor 100 percent of the defined data
set. |
|
| |
|
|
| |
Q: Can Copperfasten analyze
encrypted information? |
|
| |
|
|
| |
A: Since we just look for unauthorized
changes to a file, even an encrypted file modified by an unauthorized
source would be noticed and fixed. |
|
| |
|
|
| |
|
|
| |
|
|
| |
Copperfasten Delegator |
|
| |
|
|
| |
Q: We have dozens of content
contributors feeding updates from all over the world. How can
we ensure that they are authorized to make changes, additions,
and deletions to content? |
|
| |
|
|
| |
A: On high-impact servers, where change is constant, the
Copperfasten Delegator product pre-approves the change at
the source. You can combine this with
- a content management system (in the case of a Web server)
- a build environment (in the case of an application server)
to automatically provide digital signatures for all new
and modified components, and to securely deliver these components
to the servers, regardless of location.
|
|
| |
|
|
| |
Q: Why do I need to add
another layer of asset protection? Shouldn't I focus on more
effective security policies affecting all employees and contractors? |
|
| |
|
|
| |
A: While it is essential to provide
a strong security policy for the organization, Copperfasten
provides a "last line of defense" against unauthorized
access and interference with critical assets. Research has shown
that even the most stringent of security policies will not-in
itself--provide a watertight security model. |
|
| |
|
|
