Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2009 Wipro Ltd - Confidential 1 Security Challenges and Opportunities -Indian ISP Scenario.

Published byAugust Warner Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2009 Wipro Ltd - Confidential 1 Security Challenges and Opportunities -Indian ISP Scenario."— Presentation transcript:

1 © 2009 Wipro Ltd - Confidential 1 Security Challenges and Opportunities -Indian ISP Scenario

2 © 2009 Wipro Ltd - Confidential 2 Challenges and Opportunities:An Indian Scenario Reducing Internet Bandwidth Losses and Saving Costs IP Blacklisting Prevention, DDoS protection, Reduction of Outbound Spam, Content Caching etc. Increasing ARPU by offering new value-added Security services for subscribers Customized Security as a Service Offerings, Dynamic Subscriber Profiling, Parental Control etc. Compliance to Indian Government Guidelines on Internet Usage Implementing TRAI URL Filtering Guidelines, Lawful Intercept (LI) etc. Providing subscribers with secure malware free Connectivity Offering Clean Pipe Services for malware control, MMS AV Scanning etc. Increasing customer loyalty and attracting new subscribers in a highly competitive market scenario

3 © 2009 Wipro Ltd - Confidential 3 Telecom Security Solution Offerings IP Blacklisting Prevention through Outbound E-mail Anti-Spam using the Fortinet FortiMail Appliances. Implementing TRAI URL filtering guidelines by deploying the innovative Fortinet FortiGate appliance based Solution. Deploying GTP Firewalling, SIP Signalling Firewall and MMS Anti-Virus Scanning using FortiOS Carrier solutions. Cost Saving and Compliance Solutions Clean Internet Bandwidth as a value added Managed Security Service offering for subscribers using the Security Service Virtualization capabilities of FortiGate UTM appliances. URL Filtering and Parental Control solutions for Mobile Broadband and Mobile Internet users by using Dynamic User Profiling capabilities Revenue Generation Solutions

4 © 2009 Wipro Ltd - Confidential 4 ISP IP Blacklisting Prevention -Outbound E-mail Anti-Spam

5 © 2009 Wipro Ltd - Confidential 5 RankCountryMessages% of Total 1India430,84313.8% 2Russia298,7929.6% 3Brazil216,8897.0% 4Ukraine187,0956.0% 5United States161,9795.2% 6S. Korea145,2714.7% 7Vietnam122,6013.9% 8Britain69,6422.2% 9Romania69,1162.2% 10Israel63,6972.0% Top 10 Countries Sending Spam Last Week - 7/19/10-7/25/10

6 © 2009 Wipro Ltd - Confidential 6 Spamming IP addresses are tracked and detailed in Blacklists (DNSBL, RBL) Most Internet MTAs refuse e-mail from blacklisted IP addresses – DNSBL is a popular technique, widely used as an Anti-Spam filter by peering ISP’s CASE #1: Low Impact: E-mail activities of certain subscribers are affected – The blacklisted IP is reassigned to a clean subscriber ➽ The latter can not send mail ISP Blacklisting – Context and Subscriber Impact

7 © 2009 Wipro Ltd - Confidential 7 CASE #2: High Impact: E-mail activities of all subscribers are affected ➽ All subscribers are impacted and can not send mail RESOLUTION: Through Anti-Spam Scanning of Outbound E-mail Traffic – Reduce Spam content in e-mail flow originating in the local network Transparent E-mail Traffic Scanning for Spam Other protocols like FTP, P2P and HTTP can be bypassed Analyze and Report on Offending Subscribers through Radius Integration Drop confirmed spam e-mails and initiate Out-of-Band remediation process against repeatedly offending subscribers. ISP Blacklisting – Subscriber impact and Resolution

8 © 2009 Wipro Ltd - Confidential 8 Outbound Anti-Spam : Process Flow Identification : Inspect the Internet traffic and identify the SMTP based e-mail traffic for further action. Isolation : Transparently re-direct only the SMTP traffic towards a cluster of Anti-Spam Appliances for scanning. Other types of traffic to be passed through. Interrogation: The load balanced cluster of Anti-Spam appliances would scan for various configured parameters to identify spam e-mails Intervention : The identified spam mails are dropped and clean mails are processed for delivery to intended recipients. Appropriate reporting mechanisms configured to identify offending ADSL/3G subscribers.

9 © 2009 Wipro Ltd - Confidential 9 Policy-based routing (PBR) rules on the Internet Gateway Router makes sure subscriber's mail flow are redirected to FortiMail for scanning – No need to process web, ftp, pop3, etc. traffic – No need to redirect/scan incoming mail flow High PBR related performance impact on existing routing infrastructure. Outbound Anti-Spam – The Traditional Approach

10 © 2009 Wipro Ltd - Confidential 10 Policy Based SMTP Re-direction using third-party high performance DPI engine to reduce any induced latency on the network. No impact on existing network performance. Load Balancing of multiple FortiMail Appliances for performance scalability Fully transparent SMTP e-mail scanning for subscriber mobility and ease of use. Outbound Anti-Spam – An Innovative Approach

11 © 2009 Wipro Ltd - Confidential 11 For 3G mobile networks, subscriber ID = MSISDN For ADSL networks, subscriber ID = ADSL modem login – Track the offending subscriber ID – Initiate remediation process, block all e-mail traffic from offending subscriber on repeated offence. Reporting: Identifying Offending ADSL/3G subscribers

12 © 2009 Wipro Ltd - Confidential 12 Solution Benefits The solution improves the end customer experience thereby increasing stickiness of its subscribers. Increased credibility and protected reputation ensures that newer value added services are appreciated faster by subscribers. Deploying an Outbound Anti-Spam solution reduces outgoing e-mail volume significantly by reducing spam related traffic. The solution prevents incidents of IP Blacklisting due to Spam, saving costs in terms of fines and penalties. The solution can help in identification of offending ADSL/3G subscribers for remedial action. The solution can also be scaled in the future to offer inbound e-mail scanning services for subscribers.

13 © 2009 Wipro Ltd - Confidential 13 Case Studies: Securing Telecom Networks -Wipro and Fortinet

14 © 2009 Wipro Ltd - Confidential 14 Large Telecom Player in India Part of one of India’s most reputed Business groups First ISP to offer UTM based Virtual Security-as-a-Service offerings for Indian customers Solution jointly deployed by Fortinet and Wipro using chassis based FortiGate UTM appliances. Customized Security Services being offered by the ISP to various enterprise Hosted Services and Network Services customers since last 2 years. Case Study #1: Virtual Security Solution

15 © 2009 Wipro Ltd - Confidential 15 Large Telecom Player in India Part of one of India’s most reputed Business groups Required compliance to DoT guidelines for blocking Anti-India Content Unique Solution jointly deployed by Fortinet and Wipro using modular FortiGate UTM appliances List of URL’s to be blocked is configured on the Fortigate appliance Only relevant traffic requests are evaluated. Blocked URL requests are blocked. Rest of the traffic is transmitted untouched. Additional URL’s can be added when required. Solution enabled since last 2 years. Case Study #2: Meeting TRAI URL Blocking Guidelines

16 © 2009 Wipro Ltd - Confidential 16 Thank You -Ravi Vaz, Wipro Infotech

Download ppt "© 2009 Wipro Ltd - Confidential 1 Security Challenges and Opportunities -Indian ISP Scenario."

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Barracuda Link Balancer Link Reliability and Bandwidth Optimization.

Barracuda Link Balancer Link Reliability and Bandwidth Optimization.
Business Solutions Network Security Solutions Gateway Security

Business Solutions Network Security Solutions Gateway Security
TrustPort Net Gateway Email traffic protection. WWW.TRUSTPORT.COM Keep It Secure Entry point protection –Clear separation of the risky internet and secured.

TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.
Introducing Quick Heal Terminator.

Introducing Quick Heal Terminator.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.

Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.
Curtis Parker | December 2010 | Microsoft Corporation.

Curtis Parker | December 2010 | Microsoft Corporation.
What's new in Threat Management Gateway (TMG) 2010 Ronald Beekelaar

What's new in Threat Management Gateway (TMG) 2010 Ronald Beekelaar
1 Panda GateDefender Performa Your First Line of Defense Product Presentation Name 2008.

1 Panda GateDefender Performa Your First Line of Defense Product Presentation Name 2008.
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Highly Available Central Services An Intelligent Router Approach Thomas Finnern Thorsten Witt DESY/IT.

Highly Available Central Services An Intelligent Router Approach Thomas Finnern Thorsten Witt DESY/IT.
Lisa Farmer, Cedo Vicente, Eric Ahlm

Lisa Farmer, Cedo Vicente, Eric Ahlm
MSIT 458: Information Security & Assurance By Curtis Pethley.

MSIT 458: Information Security & Assurance By Curtis Pethley.
FROM RICHARD RODRIGUES JOHN ANIMALU FELIX SHULMAN THE HONORARY MEMBERS OF THE INTERCONTINENTAL GROUP Information security in real business firewall security.

FROM RICHARD RODRIGUES JOHN ANIMALU FELIX SHULMAN THE HONORARY MEMBERS OF THE INTERCONTINENTAL GROUP Information security in real business firewall security.
Presented by Serge Kpan LTEC 4550.020 Network Systems Administration 1.

Presented by Serge Kpan LTEC Network Systems Administration 1.
What is SpamSniper? SpamSniper is the leading email security solution which locates in front of mail server to perform mail proxy, virus firewall and filter.

What is SpamSniper? SpamSniper is the leading security solution which locates in front of mail server to perform mail proxy, virus firewall and filter.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

Similar presentations

Ads by Google