Secure Computing has built its business on award-winning and innovative technologies. With over 150 patents granted or pending (as of December, 2007), Secure Computing leads the industry in technological and thought leadership.
Learn more about how TrustedSource and messaging specific technologies SpamProfiler, OutbreakDefender and Connection Control can save you time and money as well as increasing your overall security.
Secure Computing's TrustedSource global Internet reputation intelligence system is the world’s first and foremost authority on cyber-reputation scores. Similar to how a credit bureau generates a credit score for anyone who is buying a home or a car, TrustedSource analyses email and web traffic to determine who has a good cyber-reputation and who shouldn’t be trusted.
TrustedSource Everywhere TrustedSource reputation intelligence forms the backbone of all Secure Computing appliances and is deployed on other products around the world, strengthening its accuracy across the board. TrustedSource can be deployed at the network gateway and/or applications gateways, depending on the type of reputations being analyzed. Since TrustedSource is highly refined and proven to be accurate and reliable, false positives are virtually a non-issue; the traffic that needs to get through reaches its destination. TrustedSource adds an extra layer of proactive protection to all of these solutions.
“Thanks to Secure Mail (IronMail), we now have a view of how severe the spam problem was for the City of Oakland, and thanks to Secure Computing, it’s no longer a problem. [When we saw a demo of Secure Mail (IronMail)] we were confident in Secure Mail (IronMail)'s capabilities then; today it is evident how right we were.”
What You Do = Who You Are
TrustedSource uses hundreds of different of calculations to determine what is good and bad behavior on the web. TrustedSource examines how often an IP sender sends mail, how many times the same email is sent out, how their sending pattern matches the norm, and literally thousands of other criteria.
Multiple Reputation Correlation
It’s not enough to calculate the reputation of one component. After all, a credit agency can’t develop an accurate picture of your credit worthiness just by looking at your bank statement. It takes multiple aspects correlated together to form a comprehensive profile of cyber-trustworthiness.
TrustedSource develops reputations scores for:
IP addresses
Messages
Images
Attachments
URLs
Domains
TrustedSource Volume of reputation data
TrustedSource sees more emails sent to enterprises and governments than any other messaging security technology in the world.
Quality of reputation data
TrustedSource correlates reputations assigned to each identity by intelligently aggregating the global behavioral and sending pattern knowledge available for each sender.
Accuracy of reputation data
TrustedSource conducts real-time behavior analysis using hundreds of behavior classifiers that examine thousands of characteristics and typically identifies hundreds of thousands of new zombies a day.
Strength of Multiples
TrustedSource adds IP + Message + URL + Domain + Image reputation scores together to allow for instant identification and prevention of blended threats
Adding these scores together is just one of the ways that TrustedSource is able to protect our customers from blended threats ... attacks that might start with an email but end on a web site.
Volume Matters
When it comes to statistical data, the amount of relevant information reviewed makes a significant difference. This is another area where no one else can compete with TrustedSource. Focused solely on business, enterprise and public sector data, TrustedSource has access to more Internet messages, information content evaluation, and traffic than any other reputation service in the world. The table below illustrates this.
This is a query done of TrustedSource and another leading competitor in October of 2007 of same of the major domains on the internet. The quantity indicates the number of IP senders associated with that domain according to TrustedSource and its competitor. Obviously the more information available about a domain, the more accurate the reputation will be.
Domain Name
TrustedSource
Other reputation service
Verizon.net
3,241,226
42,568
Comcast.net
1,263,834
28,019
AOL.com
215,654
189
Yahoo.com
16,732
7,335
Hotmail.com
5,056
280
Volume isn’t the End of the Story
TrustedSource flags changes in the behavior of Internet entities based on a combination of data from messaging volume to affiliations with URLs and malware – data from Secure Computing research labs. For example, TrustedSource has often flagged an Internet entity as a malicious sender (resulting in traffic from that sender being blocked by Secure Computing appliances and other appliances that use TrustedSource) long before sending volumes reached a malicious level. The reputation change was triggered by TrustedSource detecting that the IPs were sending malware or messages that contained URLs that were linked to known malicious schemes. This powerful combination of messaging, web, malware and firewall traffic analysis is unique to Secure Computing and to TrustedSource.
For example, in the screen shown here, TrustedSource flagged this IP sender as malicious (shown by the red bars) long before the sending pattern spiked. Bottom line, other reputation systems may appear the same, but the depth of their analysis can’t begin to match the power of TrustedSource.
Find out more for yourself. Go to www.trustedsource.org for up-to-the-minute information about Internet threats, domain and URL reputation. You can also request a free Domain Health Check on your organization to see first hand your company’s reputation score.
Secure Computing's patented SpamProfiler is the first technology that integrates and correlates signature- and content-based detection
techniques into a single, combined engine, using a variety of advanced algorithms to examine thousands of characteristics for every message. This creates a precise score for each message, determining the probability that it is spam or some other threat.
SpamProfiler's unique architecture allows for updated heuristics to be deployed dynamically, allowing for real-time response to new threats. SpamProfiler's true value is that it can utilize the benefits of each individual technique, while minimizing the drawbacks, as well as the risks of false positives or negatives.
“It’s like the boxes run themselves.” Progressive found that once the TRU was operational, Secure Mail (IronMail)’s spam-blocking effectiveness reached 99.97%, with the number of false positives … averaging less than 1 in 2 million.
Dynamic Spam Classifier
Spammers change their techniques frequently – your email security should be able to do so as well. Secure Computing Advanced Research has developed Dynamic Spam Classifier, a framework for delivering new, fast-reaction detection methods to Secure Mail (IronMail) boxes within 20 minutes. This feature allows you to rest assured that Secure Mail (IronMail) is stopping new spam technologies virtually as soon as they are launched.
Benefits
Secure Computing’s advanced SpamProfiler technology allows customers to:
Virtually eliminate the threat of false positives
Respond virtually instantaneously to new spam threats means proactive protection
Rely on Secure Computing Advanced Research to provide spam expertise
Fine tune spam blocking techniques to optimize effectiveness for particular environments
Genetic Optimization
Secure Computing continually collects, verifies and updates lists, rules, and configurations being used by customers all over the world. Each Secure Mail (IronMail) is tuned and tested against a vast, constantly updated global database of threat information derived from thousands of deployed Secure Computing appliances.
To automate the calibration testing process, Secure Computing Research developed Genetic Optimization, a patent-pending analysis technique borrowed from DNA research, which tests combinations of values for thousands of message characteristics. Genetic Optimization identifies the optimal combination of values for all pertinent characteristics and automatically applies the new settings, resulting in an optimally tuned security solution. Using these technologies, Secure Mail (IronMail) provides maximum protection against spam and spam-born threats.
Secure Computing offers the most sophisticated and precise detection of spam available. However, given the ever-growing volume of spam, blocking the bad while allowing the good is a job that demands constant innovation and dedication.
Secure Computing Connection Control offers such an innovation. Secure Computing researchers determined that rejecting connections from known spammers for pre-defined intervals could significantly reduce the amount of spam that must be fully inspected and analyzed. Connection Control identifies and rejects
“Since upgrading our boxes to Connection Control the return on investment that we have experienced is significant. We have been able to process more mail with no incremental cost.”
connections from targeted IP addresses to limit the number of messages that reach Secure Computing and restrict the resources available to the offending IP. By relying on data gathered by the Secure Computing global network, Secure Computing Research has determined the optimal intervals to reject and allow connections.
Global Intelligence, Local Protection
Connection Control uses message scoring from Secure Computing’s Message Profiler to create a local reputation database of senders to
identify spammers – along with global sender reputation data from TrustedSource Reputation Service – and then dynamically limits or rejects messages from offending senders. The result is the highest performance in the industry and the best return on investment for our customers.
Benefits
Secure Computing’s advanced Connection Control functionality allows customers to:
Block up to 50% of incoming spam without any analysis or processing time
Turn the tables on spammers and make spamming unprofitable
Preserve bandwidth for good traffic and ensure that legitimate emails arrive into inboxes as quickly as possible
Change the Economics of Spam: Offense or Defense
Administrators can decide whether to take an offensive or defensive posture with spammers targeting their servers:
Defense – Messages from violators are rejected at the gateway, providing the maximum performance benefit
Offense – Turns the tables on spammers by accepting a connection, but slowing the flow of email to a handful of messages per hour. This “tar pitting” forces spammers to expend more effort and makes domains protected by Secure Computing very unprofitable targets for spammers
Secure Computing's OutbreakDefender uses defense-in-depth techniques to ensure that malware, viruses and other threats don’t enter your infrastructure through inbound emails. Using combinations of proactive, predictive, reaction and preventive technologies, OutbreakDefender virtually eliminates threats posed by known and unknown, new and existing threats, regardless of where they’re from or what technologies they might employ.
“Secure Computing continuously innovates their product line and makes new solutions available to customers, adding value to every product release. They really have one of the best solutions on the market and the fact that we have been able to establish a relationship with them, and use the product for more than e-mail security, has been invaluable.”
TrustedSource TrustedSource is OutbreakDefender’s first line of defense, passing multiple message and web reputations to the Secure Mail (IronMail) appliance. OutbreakDefender weighs TrustedSource data along with local knowledge of attachment blocking, behavior anomaly engines, keyword matching and anti-virus signatures to form a profile of every message.
Because TrustedSource gathers and reports on knowledge gathered from all around the global, your experiences and thwarted attacks will help protect others from malware threats.
Secure Computing’s advanced OutbreakDefender provides the following benefits:
Relies primarily on TrustedSource global intelligence to protect against zero-hour attacks
Uses defense-in-depth techniques to investigate every incoming email
Ensures that malware is stopped before it can infiltrate your network
Provides feedback to others on attempted attacks
Anti-Virus
Secure Mail (IronMail) is designed to support multiple anti-virus products, should you desire them. Up to three anti-virus engines can run simultaneously within Secure Mail (IronMail) for maximum protection. However, since anti-virus signatures are inherently a reactive technology, they are the last defense deployed by Secure Mail (IronMail). Proactive, intelligent tools, such as TrustedSource, are the primary technologies used by Secure Mail (IronMail).
Secure Computing provides a complete portfolio of messaging security solutions within our Secure Mail (IronMail), Edge, and Encryption best-of-breed appliances. These security products provide security solutions that help protect inbound and outbound messages so enterprises can regain control of their email inboxes, protect sensitive content, provide compliance, and secure delivery. Our line of Secure Mail products help prevent spam, phishing, and virus attacks.
TrustedSource Everywhere
Secure Computing offers the most sophisticated and precise detection of spam available. However, given the ever-growing volume of spam, blocking the bad while allowing the good is a job that demands constant innovation and dedication.
Secure Computing's OutbreakDefender uses defense-in-depth techniques to ensure that malware, viruses and other threats don’t enter your infrastructure through inbound emails. Using combinations of proactive, predictive, reaction and preventive technologies, OutbreakDefender virtually eliminates threats posed by known and unknown, new and existing threats, regardless of where they’re from or what technologies they might employ.