Iron Port Systems is now looking at India for growth

Pragati Simlote

E-mail security product company Iron Port Systems is now looking at India for

growth. The company set up its India operations about seven months back and

claims to have 10-12 per cent of India's mailboxes already.

Pragati Simlote of CyberMedia News met up with Iron Port Systems Inc.

security applications product management senior director Ambika Gadre to know

more about the company's products, technology and growth plans.

What is IronPort Systems all about?

IronPort Systems is the leading e-mail and Web security products provider for

organizations ranging from small businesses to the Global 2000. We have full

family of products with X1000 (5,000+ users) at the high end to C600 (5,000+

users), C300 (1,000-5,000 users) and C10 (<1,000 users). Depending on the size

and their price performance needs, a company can buy our products that suit

them.

Today from an e-mail security viewpoint, we are recognized as the leaders in

the market and are tracking 25 per cent of the e-mail traffic worldwide.

Worldwide today eight of the top 10 ISPs are our customers. We also have about

20 per cent penetration in the Fortune 500 companies like Dell, Juniper, etc. We

have built the brand at the high end of the market and are now able to take that

brand and push it to the mid and lower end market.

Apart from ISPs and Fortune 500 we are also present in the US Navy, US Air

Force, etc. These government organizations are very sensitive to security and

have adopted our solution after a lot of evaluation and this is further

testament to the kind of product that we build. We entered India around

six-seven months back and are present directly in around 18-19 countries and

through our partners in 35 countries.

How do you differentiate yourself from other security products

providers?

As we built up our product, we have stayed very focused on what is happening,

what are the needs of our customers and trying to solve those problems. In doing

so, we came up with the concept of virtual gateways. So on one appliance,

companies can have different IP addresses for different mails they are sending

out be it production/business mails or marketing mails. If there were a problem

in one type of mail, it would not affect the other.

We also have different queues for every destination in our product. If I am

sending an e-mail to Yahoo! and if there is a problem with Yahoo! receiving

server, it would not block up the mails I am sending to other destinations

because each destination has its own queue.

Bounces are also a very big problem as people have started using bounces for

distributed denial of service attacks. We have put a lot of intelligence into

our technology to deal with issues like this. That's on the operating systems

side.

Can you elaborate on your data network that monitors e-mail traffic -

SenderBase?

The other thing we did very early was that we started building a data network

that monitors e-mail traffic. SenderBase is the world's first and largest e-mail

traffic monitoring service and collects data from more than 100,000 ISPs,

universities, and corporations around the world. It measures more than 110

different parameters for any e-mail server on the Internet. IronPort's

enterprise e-mail security customers harness the power of SenderBase through

IronPort Reputation Filters and the SenderBase Reputation Score (SBRS), which

boils down SenderBase data into a single score indicating the threat level for

each incoming message.

IronPort Reputation Filters provide the outer layer of spam protection for

companies' e-mail infrastructure. As the first line of defense on the IronPort

e-mail security appliances, Reputation Filters dispose of up to 80 per cent of

incoming spam at the connection level - saving bandwidth, conserving system

resources and yielding the highest levels of security for critical messaging

systems.

For E.g., Dell on a daily basis receives 26 million messages, out of which

only 1.5 m are legitimate. Using reputation scorecard we get rid of 70 per cent

of spam. The remaining gets filtered with the anti-spam solution. It saves in

the number of server deployed by Dell.

Reputation scorecard is the outer layer, while the inner layer is spam

filtering. Spammers have become very good. The recent introduction being image

based spam. We look at the full content — what is in the message, how the

message was constructed, who is sending the message and also look at where is

this sending you to i.e. the URL. Because 80 per cent of spam has a URL — buy

something, download something, etc. By taking this whole view of this, our

systems can paint an extremely accurate picture — whether this message is a spam

or not. So between reputation filters and anti-spam technology, we have the

industry-leading defense for spam.

How have e-mail threats changed overtime?

We are seeing some interesting trends. Threats have become much more

sophisticated. What is scary is the way people are mixing their different

protocols to get the threat in. The key thing is that the kind of people who are

behind these threats today are in a real business. It's a multi billion-dollar

industry and people are using a significant part of what they are making to hire

more people who are very very talented to write these threats. Given the kind of

threats, it's hard to block them entirely.

What kind of future product releases are you looking at?

Ninety per cent of home user PCs and 75-80 per cent of corporate PCs are

infected with spyware today and people don't know. IronPort has this strong

vision of solving the communication problem at the gateway. So we are now about

desktops and intend to be the one stop shop for companies to fall back upon.

We have a product for e-mail security and are in the process of releasing a

product in the web security area. Down the road, we would address instant

messaging and VOIP. We are going to use one common threat database — SenderBase

across all of them. Also from a management standpoint, we have a product called

M Series, which would allow us to control, configure, report and manage all the

different appliances through a single interface, which is hierarchical. We are

using AsyncOS across different product, optimizing it for the particular

protocol that we need to use.

Which is the greatest threat today —spam, viruses...?

It's all getting mixed up. Earlier viruses had this specific characteristic,

spam had specific characteristic. Now people are using a little bit of

everything. Attacks have become more planned. It is hard to distinguish where

one kind of threat ends and where one begins. The most contagious ones are

malware, which combines computer viruses, worms, Trojan horses, spyware and

adware..

In 2004, IDC survey spam was not even on top 10 threats of CIOs. Recently, it

was No 3 with viruses and malware already occupying the top 2 slots. The reason

is that while people have started solving the problem, now spam threats have

started becoming sophisticated again. Spam volume has also increased 40 per cent

in the past three months. As it is more targeted and also uses image-based spam,

it is getting through. Spam continues to be a productivity risk and a big source

help desk complaint and viruses and spyware are a massive security risk. Now

threats are also coming in with executables in Word documents.

What kind of solutions are you looking in the web security space?

The solution would be very similar to what we have done in e-mail security.

It will have a very high performance robust platform with anti malware filtering

on top of it, defense in-depth and an outer and inner layer of filtering. And

all this would be provided in one box. In e-mail if I introduce two seconds

delay, you are not going to notice. But if you are browsing a website and there

is a delay you know. That's where a very high performance platform becomes even

important when you have to do a lot of filtering. This solution is running at

some systems in IronPort and would be generally available in the next few

months.

© CyberMedia News