Paul Vanbosterhaut Managing Director, Vircom Europe January 2007 ModusGate™ 4.4 Smart Assurance Gateway Not Just Warmed-over Open Source Technology… … And Not Just Any Supplier

Corporate Overview Headquartered in Montreal, Canada Focused on security since 1995  Own well-architected technology o Not open to hackers and spammers o Promptly adapts to new threats or regulations o Flexible to incorporate specific customer requirements  Mature Technology  Industry-acclaimed > 10 years, >100 countries and >1.000 clients Millions of protected mailboxes Multiple awards for performance and value

Agenda Corporate Overview Modus™ Smart Assurance Technology Modus™ Solutions Lowest Total Cost of Ownership Conclusion

Modus™ Smart Assurance Modus Protection  Blocks: o DoS & Harvesting attempts, o Spoofing attempts…  Intercepts viruses, worms…  Stops forbidden attachments  Filters spam  Policy management Modus Administration  Automation  Delegation  Monitoring Advanced Features

Modus™ Protection Network-level protection Blocks most obvious spam without receiving the (about 70+%):  Verifies sending method and envelope profile  Validates the sender and checks sender’s reputation Protects against DoS attacks, Open Relay and harvesting (validation) attacks Performs Encryption Very low CPU usage Why it won’t do it alone: It would cause high false-positive rates with no opportunity to recover the valid Perimeter Defence: 1.Protocol filter 2.Reputation Filters: - Reverse DNS lookup - SPF mechanism - RBL’s - Accreditation DB’s 3.Block DHA attack 4.Connection limits 5.Block connections 6.Mail Relay Control 7.SMTP security - SMTP Authentication bit TLS Encryption

Modus™ Protection Forbidden attachments Blocks s with specific file formats attached  Efficient even against hidden extensions  Out-of-the-box file list (customizable)  Network, domain and user configurable Supports/enforces your corporate policy Fall-back option in case of unblocked viruses Discard obvious unwanted files without calling the anti- virus engine Why it won’t do it alone: It won’t replace a reliable anti- virus engine

Modus™ Protection Anti-virus engine 24/7 updated virus protection from trusted vendors:  McAfee™  Norman Data Defence™ o Incl. Noman’s SandBOX zero-hour defence Locks viruses away from your users’ inboxes Acts as an extra precaution in virus- protected environments Why it won’t do it alone: Anti-virus engines do not block spam

Modus™ Protection Whitelist / Blacklist Can block or allow from specified senders:  Based on sender’s address  Multi-level configuration  Ultra-Secure Mailbox™ feature Guarantees that from trusted senders will not be scanned and blocked Allows users to block e- mail other than spam Why it won’t do it alone: List management can become time consuming

Modus™ Protection content extractor Purifies the message body and adds advanced metrics for further analysis Neutralizes all forms of hidden malicious code Analyzes the structure in search of known spam characteristics Why it won’t do it alone: This method only detects spam with malformed HTML or MIME encoding

Modus™ Protection Custom Sieve scripts Allows corporate policy management:  Parental/Manager Review  Internal policies… Allows administrator to write custom scripts:  To alter the SCA engine’s behavior  As Fallback option to block virus, worm or trojan outbreaks Why it won’t do it alone: Scripting can become time consuming and can’t keep up with today’s spam volume Can be applied:  Before all scanning  Before AS scanning  After all scanning

Modus™ Protection SCA engine Uses stacked layers of predictive and statistical technologies to block even the most advanced forms of Spam, Image Spam & Phish:  Sequential content analysis  metrics analysis  Content sampling Unparalleled accuracy  98,2% catch rate  <0,1% false positives Real-time updates Why it won’t do it alone: While the SCA is the smartest technology in the stack, the previous specialized layers are essential

Automated Updates 24/7 Automated Anti-Spam & anti-Phishing Updates  Up to every 15 minutes. Matchless self-learning mechanism  Honeypots/Spamtraps  User feedback: o ISP partners, o Corporate users Supported by Human Analysis  Vircom’s SpamBuster Team o Minimal False Positives o Every input benefits to All  Not your own staff !

Modus ™ Administration Automation  Dynamic Population of User’s DB  AV, AS & AP Auto-updates  Automatic Quarantine Cleaning Delegation  Quarantine Report  Web Quarantine o Personal Quarantine Review o User settings WebManagement  WebAdmin  WebMonitor

Modus™ Administration Automation Account Management  Dynamic Population of Users’ DB  Authentication Proxy Automatic 24/7 Updates  Anti-Virus, anti-Spam & anti-Phishing

Modus™ Administration User Authority Delegation Quarantine Reports (all users)  Ability to View, Delete and Release false-positives  Ability to Report false positives and Whitelist senders  Scheduled and on-demand  High user customizability of Report: o Possibility to select only desired items for report o Possibility to select language

Modus™ Administration User Authority Delegation Web Quarantine (authorized users)  Personal Quarantine Management o View, Delete, Release…  Personal Settings (as authorized) o ModusScan severity level & behavior (Block, Tag or Delete) o Attachment blocking o Whitelist & blacklist o Language filtering o Quarantine reporting o …

Modus™ Administration Domain Authority Delegation WebAdmin (domain administrators)  User Management  Domain Management

Modus™ Administration WebMonitor Performance & Monitoring  Mail Traffic  System Health

Modus™ Administration WebMonitor Message Audit Log  Track status of every unique  Configurable tracking period (per user, domain or system)  Web search & exporting for auditing/discovery  Store parsed headers/body parts for search /processing

Advanced Features Fault-Tolerant Deployment  ModusBlockade Clustering option  Data centralization with external database support Policy Management  Sieve-based Scripting Engine: o Quarantine, copy, redirect & refuse s based on policy rules o Content based intercept for moderator/parental approval o Force encrypted delivery of based on content  Applies on different traffic types ( incoming, outgoing, routed & internal )  Applies at different scanning levels ( before all scanning, before AS scanning or after all scanning) Encryption  128-bit TLS Encryption o Mail traffic and Authentication Customization  Fully brand - able.Net Web Quarantine and Quarantine report

Agenda Corporate Overview Modus™ Smart Assurance Technology Modus™ Solutions Lowest Total Cost of Ownership Conclusion

ModusGate™ Assurance Gateway Features Modus Smart Assurance Technology Installs in front of any mail server  Caches s during mail server failures  Dynamic population of users’ DB (LDAP, Active Directory…) Suitable for both low or high volume environments  Supports from 10 up to mailboxes  Supports thousands of domains and mailservers  Supports clustered configurations (ModusBlockade™) Offers VPN Capabilities Has a customizable end user web interface Available as software or complete appliance!

ModusGate™ Standard Deployment ModusGate in front of Mail Server(s)

ModusGate™ SMB Deployment ModusGate on Mail Server (< 100 Mailboxes/Users)

ModusGate™ Assurance Appliance Features Modus Smart Assurance Technology Fully secure appliance based on the powerful Celestix Scorpio II appliance platform  Intel Pentium GHz processor with a 400/533/800 Front Side Bus  1 GB DDR Memory  80 GB Hard drive  2 Intel Gigbit Ethernet Controllers & 2 Intel 10/100 Mbps Ethernet Controllers  1U Rackmount Form Factor with LAN status, Ethernet Ports & LCD display on front panel Web-based Appliance Console  Full secured web-based administration interface  Seven step installation process for rapid deployment

ModusGate™ Assurance Appliance Appliance Secure Web Administration

Agenda Corporate Overview Modus™ Smart Assurance Technology Modus™ Solutions Lowest Total Cost of Ownership  The cost of Spam  The cost of anti-Spam Conclusion

The Cost of Spam Vircom’s Cost Calculator

The Costs of Confined Spam I - Product Setup Costs Solution costs  Hardware o Appliance or Platform costs (incl. OS)  Software  Service contracts (Support & Maintenance) Annual subscription  anti-Spam, anti-Phishing, anti-Virus… Installation & initial set-up Client plug-in installation (if required) This is relatively easy to calculate. It usually represents between 5 to 20% of the total costs

The Costs of Confined Spam II - Administration Costs System Tuning  Perimeter Defence,  anti-Spam Tuning/Learning… Quarantine management Specific User/Group Settings  Account Management o Users & Aliases, o Authentication…  User/Group Settings System & Software Maintenance This represents between 10 to 25% of the total cost. Top-Tier solutions try to automate these processes.

The Costs of Confined Spam III - Productivity Losses Let-through Spam (False Negatives) Quarantine Management:  Quarantine Review  False-Positives Release and Report  Sender Whitelisting User Settings Productivity losses represents between 55 to 85% of the total cost! While productivity loss is the key factor considered to calculate the cost of spam, most vendors forget this same factor when they calculate the TCO of their anti-Spam solution.

The Cost of Confined Spam Comparing anti-Spam Solutions * Source: Vircom – Assessing The Cost of Confined Spam, 2007

The Cost of Confined Spam Ferris Research * Source: Ferris Research – Calculating Spam Cost in Your Organization - February Report #511

The Cost of Confined Spam IDC * Source: IDC - The True Cost of SPAM and Value of Anti-SPAM Solutions Study, 2004

Agenda Corporate Overview Modus™ Smart Assurance Technology Modus™ Solutions Lowest Total Cost of Ownership Conclusion

The Modus™ Benefits Trust your . Today. Forever.  Protects your mail infrastructure o Offers perimeter defense, anti-Virus and Anti-Spam o Insures availability  Protects your users/employees o Protects them from fraud (anti-Phishing & anti-Spoofing) o Offers authenticated access to personal Quarantine  Protects your company o Protects against inbound & outbound threats o Encrypts critical data (128-bit TLS Encryption) o Protects against information leakage or abusive language Offers Lowest Total Cost of Ownership (TCO)  Automated Modus Administration  Authority Delegation (Quarantine Report & Web)  Performance & Monitoring

Customer Services Silver Care (Standard)  Business hour telephone support  Updates & upgrades  Knowledge-base access  List Server participation Gold Care  Silver Care plus…  24/7 telephone support (Priority 1 Calls ONLY)  Guaranteed 30 minute qualified response Installation support Optimization support Training

Modus™ Clients

Paul Vanbosterhaut Thank you !