Introducing SEG V4 Clearswift

Gateways – SEG v4.0 Features Upgrade Roadmap Q&A Platform New spam engine DKIM support New Adaptive Redaction Features Japanese character set improvements Upgrade Roadmap Q&A

Gateways v4.0 - Platform 64 bit Operating system and Platform SECURE Email Gateway Non-root application (and other security tightening) Some files moved to fit in with RHEL formats Linux style upgrade process Tighter integration with O/S Red Hat Enterprise Linux x64 6.6 Wider support for Hardware and virtualisation platforms Long life support License included with SEG product (non-transferable) New file systems (ReiserFS to Ext4) IPv6 capable (but not activated at this point) Red Hat Enterprise Linux is trusted in the financial sector and is used by numerous Investment Banks, 28 stock exchanges, retail banks and insurance companies and is used by every company in the Fortune 500.

Gateways v4.0: Why RedHat? (RHEL 6.6) Red Hat Enterprise Linux is trusted in the financial sector and is used by numerous Investment Banks, 28 stock exchanges, retail banks and insurance companies and is used by every company in the Fortune 500. https://access.redhat.com/search/browse/certified-hardware/#?&col=portal_certified_hardware&language=All&portal_certification_version=Red+Hat+Enterprise+Linux+6 Shows 1785

Gateways v4.0: Why RedHat? Initially delivered as software, appliance to follow Standard OS permits customers to load System Management agents UPS System Monitoring Backup Virtualisation tools Should enable us to work on other platforms (AWS etc) Deployments in cloud more cost effective than on a VM Supported platform by vendor - rather than the open source community

RHEL is a commercial product Red Hat is not free, $799 pa (1 physical or 2 virtual) Does a customer have to buy it…..No its included…. Support comes from Clearswift, as do upgrades If you have your own RedHat license you can still use it Support and Upgrades comes from RHEL

Gateways v4.0: Why RedHat? Clearswift repositories RHEL repositories ~small delay Device drivers Security fixes (checked) Clearswift customer Red Hat customer

SEG v4.0: Improved Anti-Spam New Anti-Spam Engine Reputation Removes old legacy “Clearswift” engines (Bayes, CURBL and ASE) New signatures engine Consistent improved detection rates Reduced false positive rates Enables simple whitelisting of business partners Full whitelisting by domain/IP address

Comparison With a feed of ~1m spam messages per day

Revised UI – SpamLogic filters

Revised UI – Whitelisting by domain

Domain Keys Identified Mail (DKIM) DKIM is a method of identifying if an email is authentic Will help to reduce the amount of spoofed messages being sent into an organization Add’s validity to messages that are sent by an organization so their business partners are more trusted Similar to Sender Policy Framework (SPF), but different

Comparision of authentication methods SPF Senders publish the IP addresses of mail servers that may send mail from their domains in DNS Receivers get messages and compare the source addresses to see if the message came from a listed address If it does, the message is authentic DKIM Senders publish their public key in DNS. Messages are sent containing a cryptographic hash of the message Receivers get message and decode the hash of the message using the published public key If it matches, the message is authentic

Adaptive Redaction: Open Office Support Popular alternative to MS Office 135m copies in use (Wikipedia) Top 5 countries by users USA France Germany Italy Japan Cost-effective choice, especially for governments Included as part of the AR license

DLP enhancements Adaptive Redaction Selective scanning

DLP enhancements Document properties

Upgrade path There is no simple upgrade Changing the operating system completely Changing the disk layout Changing the file system Customers will need to build a new system Can request PSO Hardware refresh Virtualisation opportunity Install SEG 4.0 and customers can import their existing SEG 3.8 backup Or just their policy file

A. About 10 minutes, slowest part can be rebooting if on hardware Install steps Start RHEL 6.6 install Deploy a Clearswift Kickstarter script Setup network settings Installs required operating system Reboots Login and initiate the Gateway install Gateway installs Run wizard Rename as required Q. How long does it take ? A. About 10 minutes, slowest part can be rebooting if on hardware

Migrating from 3.8 to 4 V3.8 V4.0 Policy Message Management Reporting

Migrating from 3.8 to 4 V3.8 V4.0 Policy FTP Backup Message Management Reporting

Peering in a mixed environment Policy X Message Management Reporting

How do I test 4.0? Initially can sit behind a 3.8 platform Spam settings should be configured with the 3.8 as the upstream host You should see expect to see the V4.0 catching spam missed by 3.8 Gradually implement content rules from 3.8 to 4.0 platform V3.8 V4.0

How do I test 4.0? Bring the V4.0 to the front Most of policy should be running on 4 Spam settings should be configured with the 4.0 as the upstream host Spam being detected on the 3.8 should be minimal V4.0 V3.8 V3.8 V4.0

How do I test 4.0? Use a relay-to action and “dual deliver” messages Drop messages after processing on the V4 system V3.8 V4.0

Collateral/Training plan Install Guide FAQ document Updated Hardware compatibility list (HCL) Ports and Protocols Support KB - Technotes Support video’s Available on w/c 19th January

Near term roadmap SEG 4.1 (April 2015) SEG 4.2 (Summer 2015) Import whitelists from file Support for whitelists with range and CIDR formats LDAP/S for address list connections FTP/S & SFTP for backups FTP/S & SFTP for Logfile export Keyserver lookups using LDAP/S & HTTP/S SEG 4.2 (Summer 2015) tbc

Questions