ciscoironportcisco ironport 메일솔루션을통한 메일보안강화 · • 향후cisco network...
TRANSCRIPT
![Page 1: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/1.jpg)
Cisco IronPortCisco IronPort메일 솔루션을 통한
메일 보안 강화메일 보안 강화
Cisco SystemsCisco Systems
홍 관 희 (Kevin Hong), [email protected], [email protected]
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1
![Page 2: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/2.jpg)
Overview
© 2008 Cisco Systems, Inc. All rights reserved. 2
![Page 3: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/3.jpg)
Spam 동향Through December, 2007
120
100
ons)
2007: 1-5월 사이증가 없음
60
80
lum
e (b
illio
2006: 1-4월 사이 증가
40
vg D
aily
Vo 없음
0
20
Av
0Oct-05 Dec-05 Feb-06 Apr-06 Jun-06 Aug-06 Oct-06 Dec-06 Feb-07 Apr-07 Jun-07 Aug-07 Oct-07 Dec-07
DateDec – Dec: 100% year-over-year
increase 38B additional messagesDec – Dec: 58% year-over-year
increase: 44B additional messages
© 2008 Cisco Systems, Inc. All rights reserved. 3
increase, 38B additional messages increase: 44B additional messages
![Page 4: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/4.jpg)
첨부 파일 스팸 동향
스팸 메일에서 첨부 파일 Type 통계
Rapid Onset Spam Attacks:PDF XLS MP3 spam attachments 스팸 메일에서 첨부 파일 Type 통계PDF, XLS, MP3 spam attachments
Excel Spam MagnitudeCount of Attachment Types Seen in Spam
August 2007
© 2008 Cisco Systems, Inc. All rights reserved. 4
![Page 5: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/5.jpg)
From Images to LinksURL-only Spam is Increasing
스팸은 지속적으로 증가
첨부파일 스팸은 감소
Percent of Spam Containing
URL 삽입 스팸은 지속적으로 증가
(현재 83%의 SPAM에 URL 포함)(현재 83%의 SPAM에 URL 포함)
© 2008 Cisco Systems, Inc. All rights reserved. 5
![Page 6: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/6.jpg)
SPAM 의 진화Spammers Testing New Techniques
Text Spam PDF Spam MP3 Spam2005 2007 2nd Qtr
2006
p
3rd Qtr
4th Qtr
Image Spam
Excel Spam
“2007 has seen a proliferation of different attachment types…Spammers are
© 2008 Cisco Systems, Inc. All rights reserved. 6
2007 has seen a proliferation of different attachment types…Spammers are using these different attachments in order to try and get past email security gateways that are unable to look into complicated file types”
- 2008 Internet Security Trends Report Published By Cisco and IronPort
![Page 7: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/7.jpg)
Cisco IronPort Reputation and Spam Filteringand Spam Filtering
© 2008 Cisco Systems, Inc. All rights reserved. 7
![Page 8: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/8.jpg)
Cisco IronPort® Gateway 보안 제품
Internet
IronPortSenderBase
BLOCK Incoming Threats
InternetInternet
APPLICATION-SPECIFIC
EMAILSecurity Appliance
WEBSecurity Appliance
APPLICATION SPECIFICSECURITY GATEWAYS
PROTECT Corporate AssetsCENTRALIZE Administration
ENCRYPTIONAppliance
Security MANAGEMENT
Appliance
PROTECT Corporate AssetsData Loss Prevention
CLIENTS
© 2008 Cisco Systems, Inc. All rights reserved. 8
Web Security | Email Security | Security Management | Encryption
![Page 9: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/9.jpg)
Cisco IronPortExtending Market Leadership
Customer Leadership
99% 재계약
전세계 100대 기업 중 38 곳에서 사용
미국 10대 ISP 중 8 곳에서 사용서 사용
Technology LeadershipLeadership
Email 및 웹 보안 시장선도선
Global Leadership
© 2008 Cisco Systems, Inc. All rights reserved. 9
전세계 지사 및 지원
![Page 10: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/10.jpg)
국내 Reference
© 2008 Cisco Systems, Inc. All rights reserved. 10
![Page 11: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/11.jpg)
The SenderBase® NetworkGlobal Reach Yields Benchmark Accuracy
• 1일 30억 이상의 질의
• 150 이상의 email 및 웹parameter 수집 및 분석
• 전 세계 25% Traffic• 전 세계 25% Traffic• 향후 Cisco Network Devices
Combines Email & Web Traffic Analysisemail & Web traffic 검사를 통한 탐지 성능 향상
IronPort SenderBase
한 탐지 성능 향상
스팸 메일의 80% 이상이 URL 참조
이 웹 악성 전
IronPort EMAILSecurity Appliances
IronPort WEBSecurity
Appliances
email 이 웹 based 악성코드 전파에 주요 방법으로 사용
Spam Zombie의 감염에 악성코드가 주요 방법
© 2008 Cisco Systems, Inc. All rights reserved. 11
Appliances코드가 주요 방법
![Page 12: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/12.jpg)
IronPort AsyncOS™Multi-Layered E-Mail 보안
MANAGEMENT TOOLS (관리도구)
SPAMDEFENSE(스팸 차단)
VIRUSDEFENSE
(바이러스 차단)
EMAIL ENCRYPTION(EMAIL 암호화)
DATA LOSS PREVENTION
(정보 유출)
• AsyncOS 는 messaging을 위한 최적화 확장성 및 보안 운영체계
THE IRONPORT ASYNCOS™ EMAIL PLATFORM
AsyncOS 는 messaging을 위한 최적화, 확장성 및 보안 운영체계
• Advanced Email Controls protect reputation and downstream systems• 기존의 legacy 시스템을 손쉽고, 간단하게 대체
• IronPort Reputation Filters – 1차 사전 침입 차단
• IronPort Anti-Spam – 다양한 종류의 위협 제거 (스팸, 사기성 메일, 악성코드)
© 2008 Cisco Systems, Inc. All rights reserved. 12
![Page 13: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/13.jpg)
SenderBase Reputation Filtering vs. Black Lists & White Lists
BLACK LISTS &REPUTATION BLACK LISTS & WHITE LISTS
REPUTATION FILTERING특징
정확성
점수의 세분화
정확성
맞춤 응대
관리비용 절감
메시지 전달 향상 (성능)
© 2008 Cisco Systems, Inc. All rights reserved. 13
![Page 14: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/14.jpg)
Stop More SpamIronPort Spam Defense
Multi-Layer Spam Defense
IronPort Anti-Spam
How?Who?
Senderbase Reputation Filtering
CASEScore
How?
Where?
Who?
What?Data Modeling ReputationData Modeling Reputation
90% 이상 차단>98% 탐지 및 차단
< 1 in 1 milFalse PositivesFalse Positives
© 2008 Cisco Systems, Inc. All rights reserved. 14
![Page 15: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/15.jpg)
IronPort Anti-Spam
Reputation 점수 IPAS WBRS
Who(누가)
What (무엇을)
Where(어디서)
Reputation 점수 IPAS WBRS
(누가)
SenderBase 는어느 에서
(무엇을)
IronPort Anti-S 은메시지
(어디서)
Web Reputation 은메시지에+ +어느 IP에서
어떠한 email 을보냈는지를 추적
및 DB화
Spam 은메시지내용및구조를
분석
은메시지에삽입된 URL
link를검사및추적
+ +
및 DB화
90% 이상의불필요한
Image Spam 같은신종위협에즉각적인대응
추적
피싱 공격과 같은공격 사전 차단
차단불필요한
EMAIL사전차단즉각적인대응 공격 사전 차단
© 2008 Cisco Systems, Inc. All rights reserved. 15
= Unprecedented Spam Detection
![Page 16: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/16.jpg)
IronPort Anti-Spam: Web Reputation
I P t i ti : il에 삽입된 URLIronPort innovation: email에 삽입된 URL에 대하여 신용평가(reputation)점수를 가지고 판단 후 차단.
E lExample:
Sender (발신자)
"Barclays Bank PLC" onlinebanking@ibay gnk.barclays.co.uk
mail-from address 변조
Host IP:196.218.185.156
URL
http://ibank.barclays.co.uk.massivereach.com/olb/x/LoginMember.do/login.htmlh.com/olb/x/LoginMember.do/login.html
Mauritius ISP 에 등록되어 있음
© 2008 Cisco Systems, Inc. All rights reserved. 16
![Page 17: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/17.jpg)
Web Reputation in Action
HOW?• Message leaves trace
WHERE? WHO?
gof malware tools
• URL only just registered• URL already blacklisted• URL seeing large traffic
• IP address recently started sending email
• Message originated g gspikes
• Hosts many unique sites (rock phish kit)
from dial-up IP address• Sending IP address
located in Ukraine
VerdictVerdict
BLOCK
© 2008 Cisco Systems, Inc. All rights reserved. 17
![Page 18: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/18.jpg)
Cisco IronPort Targeted Phishing Solutions
Sender Base D/B 이용한 신용평가 필터
IPAS (IronPort Anti-Spam) Web ReputationIPAS (IronPort Anti Spam) Web Reputation
Email 인증 지원
HTML ConversionHTML Conversion
Complementary Solutions
암호화
Web 보안 (Web reputation, Anti-malware, Anti-( p , ,virus)
© 2008 Cisco Systems, Inc. All rights reserved. 18
![Page 19: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/19.jpg)
관리 시간 감소
Easy 5 Step InstallationEmail Security Manager For
ConfigurationConfiguration
Message Tracking R l Ti R ti
© 2008 Cisco Systems, Inc. All rights reserved. 19
Message Tracking Real Time Reporting
![Page 20: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/20.jpg)
IronPort Reputation FiltersDell 사례
“IronPort has• Dell 현황:
– 하루 2 600만건메시지수increased the
quality andreliability of
하루 2,600만건메시지수– 150만건정도가정상메일– Spam Assassin 으로스팸차단장비 68대를운영하였으나정확성결여 y
our networkoperations,
while
운영하였으나정확성결여• IronPort solution:
– Reputation 필터가하루 1,900만건메일삭제 whilereducing our
costs.”
p– 550만건스팸메일이 2차스팸차단– 68대 기존 장비가 Ironport 8대로 대체됨
• 정확성 10배 향상 -- Tim HelmsetetterManager, Global
Collaborative SystemsEngineering and
Service Management,
• 정확성 10배 향상
• 서버 대수 70% 감소
• 운영비 75% 감소
© 2008 Cisco Systems, Inc. All rights reserved. 20
DELL CORPORATION
![Page 21: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/21.jpg)
Comprehensive Reporting
© 2008 Cisco Systems, Inc. All rights reserved. 21
![Page 22: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/22.jpg)
Cisco IronPort Data Loss Prevention TechnologyPrevention Technology
© 2008 Cisco Systems, Inc. All rights reserved. 22
![Page 23: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/23.jpg)
Evolution of Data LossEmail Remains A Primary Loss Vector
Record Type Lost
Credit Card Numbers 45%
Email Address 13%
Other 12%
Social Security Numbers 30%
© 2008 Cisco Systems, Inc. All rights reserved. 23
![Page 24: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/24.jpg)
Stop More Data LossIronPort Data Loss Prevention
Integrated Scanning & Remediation
Scanning RemediationDictionaries Notify? ?
Filters
Quarantine?
?
? ?Smart Identifiers Secure Messaging
??
“Email has become the de facto filing system for nearly all corporate information, making it even more critical to protect the outbound flow of messages.”
© 2008 Cisco Systems, Inc. All rights reserved. 24
- Brian Burke, Security Products Research Manager, IDC
![Page 25: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/25.jpg)
Data Loss Prevention FoundationIntegrated Scanning
Compliance pDictionaries
Users
Custom Content Filters
Users
Smart IdentifiersOutbound Mail
Integrated Scanning
Weighted Content Dictionaries
Integrated Scanning Makes DLP
Deployments Quick
© 2008 Cisco Systems, Inc. All rights reserved. 25
& Easy Attachment Scanning
![Page 26: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/26.jpg)
Data Loss Prevention: Integrated Scanning and Remediation
Scanning Work Flow Remediation Work Flow
Pre-Defined Filters
Pre-Defined Filters
DLP Notification
DLP Notification
Compliance Dictionaries
Compliance Dictionaries Smart IdentifiersQuarantine View Of Violation
Quarantine View Of Violation
Encrypt The MessageEncrypt The Message
Smart Identifiers
© 2008 Cisco Systems, Inc. All rights reserved. 26
View HIPAA Violation ReportView HIPAA Violation Report
![Page 27: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/27.jpg)
Email Authentication
© 2008 Cisco Systems, Inc. All rights reserved. 27
![Page 28: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/28.jpg)
Email 인증SPF and DKIM
Sender Policy Framework (SPF) + DomainKeys Identified Mail (DKIM)
Technologies 보완: Path-based and cryptographic methods
Technology 보급: >50% of Legitimate Emails use SPF/DKIM
Phishing Attacks 차단: Protect your Brand and Customers
Public DKIM
SPF Record:
Private DKIM
DNS SPFDKIM
Internet
ISPsISPs
SPFDKIM FAILED
FAILED
Scammer
© 2008 Cisco Systems, Inc. All rights reserved. 28
![Page 29: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/29.jpg)
Example: Which is legitimate?
© 2008 Cisco Systems, Inc. All rights reserved. 29
![Page 30: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/30.jpg)
Example: Which is legitimate?
From: eBay.com
IP: 216.33.244.124
From: eBay.com
IP: 64.8.244.90
DKIM Header: s=main; d=ebay.com; c=nofws; q=dns; b=BVOKQjGvI…mQ8d8OygW
DKIM Header: None
© 2008 Cisco Systems, Inc. All rights reserved. 30
![Page 31: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/31.jpg)
Example: How it works
A SIDF Record 216.33.244.1241BSigned
216 33 244 124 64 8 244 90 eBay DNS Server
1
2 3
Signed
216.33.244.124 64.8.244.90 y2 3
Publish Records in DNSA Signed from 216 33 244 124
4
5 12
A th ti ti
A: Signed, from 216.33.244.124B: Unsigned, from 64.8.244.90Query eBay SIDF & DKIM records6 7
234
Authentication Results:
DKIM = passX-SID-Result: Pass
Authentication Results:
DKIM = neutralX-SID-Result:
F il
Receive SIDF & DKIM recordsDetermine verdicts for email ADetermine erdicts for email B
567
© 2008 Cisco Systems, Inc. All rights reserved. 31
X-SID-Result: Pass Fail Determine verdicts for email B7
![Page 32: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/32.jpg)
IronPort Security Feature
© 2008 Cisco Systems, Inc. All rights reserved. 32
![Page 33: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/33.jpg)
HTML Conversion
© 2008 Cisco Systems, Inc. All rights reserved. 33
![Page 34: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/34.jpg)
HTML Sanitization Further Protection for Targeted Phishing
HTML 방식의 email을 text 방식으로 변환
사 자 의에 의하여 릭 차단사용자 부주의에 의하여 URL Link 클릭 차단
숨겨진 email link 등을 txt로 변환하여 사용자에게 보여지게 함
User would have to copy/paste the link into web browser for rendering
Authentication Results:
DKIM = neutraleBay sent this message!Your registered name is included to DKIM neutral
X-SID-Result:Fail
ou eg ste ed a e s c uded toshow this message originated from eBay.Learn more[Bad link location which you would never go to]
Targeted Phishing Email Authentication Results Fail HTML-convert to plain text
© 2008 Cisco Systems, Inc. All rights reserved. 34
![Page 35: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/35.jpg)
Email Encryption
© 2008 Cisco Systems, Inc. All rights reserved. 35
![Page 36: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/36.jpg)
IronPort PXE: Sending a MessageInstant Deployment, Zero Management Costs
자동 사용자 생성
CISCO REGISTERED ENVELOPE SERVICE
사용자 인증 및 Key 전달
메시지 추적 기능
보안 답신
© 2008 Cisco Systems, Inc. All rights reserved. 36
안 답신
NEVER stores email message → highest security
![Page 37: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/37.jpg)
Recipient Experience: Receiving a Message
First-Time Registration
© 2008 Cisco Systems, Inc. All rights reserved. 37
![Page 38: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/38.jpg)
Recipient Experience: Receiving a Message
Simple & Intuitive
Open AttachmentEnter passwordp
© 2008 Cisco Systems, Inc. All rights reserved. 38
![Page 39: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/39.jpg)
Secure Messaging Email Encryption That’s Easy For Receivers
2. Enter password1. Open AttachmentSend To AnyoneyNo Certificates
No Plug-Ins
3. View message
© 2008 Cisco Systems, Inc. All rights reserved. 39
![Page 40: CiscoIronPortCisco IronPort 메일솔루션을통한 메일보안강화 · • 향후Cisco Network Devices Combines Email & Web Traffic Analysis ¾email & Web traffic 검사를통](https://reader034.vdocuments.site/reader034/viewer/2022050606/5fada28c20186708a51de961/html5/thumbnails/40.jpg)
© 2008 Cisco Systems, Inc. All rights reserved. 40