Feeds

Mirapoint adds directory to email gateway

Local anti-spam checks mean less network load

SANS - Survey on application security programs

Mirapoint has developed what it says is the first secure email gateway with a built-in directory and policy engine. According to the company, this increases security and lightens the load on the gateway because it no longer has to query the corporate directory server through the firewall for every incoming message.

The directory software is now a standard feature on Mirapoint's RazorGate appliances and will be a free upgrade to customers on support contracts, said Mike Dodson, the company's security accounts technical director.

He said that the Mirapoint directory software can copy email addresses and associated policies - but not more sensitive data such as passwords or user names - from a variety of LDAP servers, such as Active Directory, Domino or eDirectory. It also has features to detect and prevent directory harvesting, he added.

"Historically, the gateway would have a steady stream of traffic going back to the directory - checking for valid recipients, whether they can receive that type of attachment, and so on," he explained. "The problem is that spikes in email traffic are passed on to the directory servers.

"Also, email gateways are hardened, but if your gateway server were ever compromised, the attacker would be able to attack your directory. This way, the most they could get is a list of email addresses."

But doesn't the addition of policy enforcement increase the workload on the email appliance, reducing the amount of email it can handle? Dodson claimed not.

"Quite the opposite," he said. "Now when we query the directory it's process-to-process, not over the network, so it works in our favour. We actually get a marginal performance improvement."

He claimed that while the technology to replicate directory data is pretty standard in the metadata world, this is the first time it has been used in an email appliance.

The increasing importance of the directory in messaging means that Mirapoint's competitors are sure to follow suit, but Dodson suggested that integrating the replication technology and the directory into the email appliance, and providing the right management tools, would take them many months. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
Canadian taxman says hundreds pierced by Heartbleed SSL skewer
900 social insurance numbers nicked, says revenue watchman
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.