Spam, viruses and phishing attacks are a serious threat to your company's security and your customers' privacy. The most effective attacks are precisely
targeted using traffic analysis, bulk message delivery, compromised Web hosts, surreptitiously installed key loggers and large
doses of social engineering.
To date, e-mail filtering has taken a conservative stance on identifying unwanted messages, accepting more unwanted messages
for fear of losing real wanted messages to misidentification. But this practice opens a significant security hole. With the
increasing volume and sophistication of e-mail-borne attacks, allowing any suspicious messages to reach downstream systems
increases the risk to those systems.
Click to see: How it works: Deceptive Header Screening
In a typical enterprise configuration, e-mail passes through several layers on its way to the desktop - the perimeter system, the content filtering layer and an antivirus layer.
This model is dictated by the structure of e-mail inflows. The perimeter faces the largest volume of messages and traffic,
as much as 90% of which is malicious, so filtering methods closest to the perimeter must be the fastest. Traffic shaping can
identify unwanted traffic quickly while operating at or near wire speeds.
Virus filtering requires a complex scan of each message, searching for malicious code hidden in multiple message parts. Because
it is computationally expensive, it should be done after the other layers have removed everything they can.
The outermost system can remove 50% of unwanted traffic, and content analysis can remove as much as 80% of the remainder,
which leaves 10% of the original malicious traffic reaching antivirus and groupware systems.
