Cisco IronPort E-mail Security Appliance

Deep dive - Hrvoje Dogan

© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1

Cisco IronPort Consolidates theNetwork PerimeterFor Security, Reliability and Lower Maintenance

After IronPort

Internet

Before IronPort

Internet

FirewallFirewall

Encryption PlatformMTA

DLP Scanner

IronPort Email Security Appliance

Anti-Spam

Anti-Virus

Policy Enforcement

DLP Policy Manager

Groupware

Mail Routing

Groupware

2

© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID

Users Users

Email Security ArchitectureI b d S it O tb d C t lInbound Security, Outbound Control

Spam VirusINBOUND SECURITY

men

t

Defense Defense

CISCO IRONPORT ASYNCOS™

SECURITY

Man

ageCISCO IRONPORT ASYNCOS

EMAIL PLATFORM

SData Loss Prevention

Secure MessagingOUTBOUND

CONTROL

3

© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID

Processing the Email (Work Queue)Processing the Email (Work Queue)

ANTI-VIRUS CONTENTFILTERS

VIRUSOUTBREAK

FILTERS

ANTI-SPAMREPUTATION

FILTERSMESSAGEFILTERS

ASYNCOS EMAIL PLATFORM

4

© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID

4

Relationship Between Listeners, IP Interfaces, and Ethernet Interfaces

SMTP clients connect to the listenerto send mail

A listener is an SMTP server awaiting connections from SMTP clients, typically on TCP port 25, yp y p

IP Interface IP address

Listener Port

An IP interface is the

I P t

IP Interface IP addressbinding of an IP address to a Physical Interface, VLAN, or Aggregated

Link PairPhysical Ethernet Interface

Physical InterfaceVLAN VLAN

IronPort Appliance

Physical Ethernet InterfaceData 1 Data 2

5

© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID5

IronPort supports multiple interfaces and multiple listeners

Expanded Email Pipeline Host Access Table

(HAT)

Default Domain

LDAP Recipient Acceptance(Work Queue time)

Masquerading orLDAP Masquerading

Received: Header

Virtual Gateways

Delivery Limits

Domain Map

Recipient Access Table (RAT)

Alias Tables

LDAP Routing

Message Filters

Received: Header

Domain-based Limits

Domain-based RoutingAlias Tables

LDAP Recipient Acceptance(SMTP-time)

Anti-Spam

Anti-Virus

Content Filters

Per-P

olicy Sca

Global Unsubscribe

Bounce Profiles

DKIM Signing

DKIM Verification

SMTP Server

Process MailWork Queue

Content Filters

Virus Outbreak Filters

anning

Work Queue SMTP client

Bounce Profiles

SPF/SIDF Verification

IronPort C Series

Exchange Server

InternetMTAProcess

MailSMTP

ReceiveSMTP

Delivery

6

© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID

IronPort C-SeriesAccept Mail Deliver Mail

Processing the Email (Work Queue)Processing the Email (Work Queue)

ANTI-VIRUS CONTENTFILTERS

VIRUSOUTBREAK

FILTERS

ANTI-SPAMREPUTATION

FILTERSMESSAGEFILTERS

ASYNCOS EMAIL PLATFORM

7

© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID

7

Registrujte se za Cisco Networkers 25 28 j 2010 B l25-28. januar 2010. Barselona28-31. mart 2010. Bahrein

8

© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID

9

© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID