Tag Archives: Mail and Web Security Blog

Upcoming Twitter Chat on Targeted Email Attacks

Join hashtag #MailSec and learn more about the dangers of targetted email attacks and how to prevent them.
Takedowns of large botnet rings in recent years have caused spam numbers to plummet. However, the drop in spam doesn’t make spammers any le…

Protecting Cloud Services, Applications and Storage with Symantec Protection Engine

Did you see my session at Symantec Vision 2012?  If not, you missed me talk about how you need your very own Robocop to protect services, applications and storage that accept and distribute files.

His prime directives align very well with how you should approach your service and infrastructure security:

1. Serve the public trust – Your users will TRUST your service.  They’ll ignore warnings and common sense because YOU are giving them access to something.

2. Protect the innocent – Your users are unlikely to be as security-aware as you are, they may not understand risks and they certainly shouldn’t be trusted to protect themselves 🙂

3. Uphold the law – You need to be able to set and enforce policies and you need to do this at your application or storage level.

{If you’re a fan of Robocop, as I am, just ignore the “Classified” 4th directive… It doesn’t quite fit the metaphor 🙂 }

 

Symantec Protection Engine gives you the ability to do just that.

It gives you out-of-the box integrations with almost all storage vendors, many applications and services.  Oh and we’ll also give you access to our SDK so you can embed our industry leading threat detection technology DIRECTLY INTO YOUR OWN APPLICATIONS.

BETA

I’m delighted to announce that we’re now accepting registrations for the Symantec Protection Engine 7.0 beta program.
This major release is the next generation of the technologies currently sold as Symantec Scan Engine and Symantec AV for NAS/Messaging/Caching.

For more information about this new release and the benefits of participating in our beta program, use this link: https://symbeta.symantec.com/callout/default.html?callid=7E4530E666124B0A80EFBF428FE32301

 

Symantec Email Submission Client (SESC) 1.0: NOW AVAILABLE

 

Hi!
 
My last post back in October 2011 introduced the beta program for a new application for our messaging security customers.
I’m delighted to announce that we achieved our Generally Available (GA) milestone yesterday on March 19th meaning that the Symantec Email Submission Client is now available for all of our customers to download and install.  This is my first “1.0” product release so I’m particularly excited to see this product ship 🙂
 
Did I mention that this is provided at no extra charge?  Yup, free.
 
We had some excellent beta participants in this cycle, ranging from large enterprise customers to small businesses and we got some fantastic real world feedback which helped us ship an even better product than we originally scoped.
 
So, what is SESC?
 
The Symantec Email Submission Client (SESC) enables messaging administrators to streamline their process and procedures around one of the highest help desk call generators – missed spam.
 
Without blocking ALL email, no mail security vendor can claim to have a 100% catch rate.  Despite having an externally verified and market leading catch rate, Symantec understands that customers want to be able to report missed spam to us so that we are able to prevent the same spam attack hitting them again.
 
The SESC has been designed with the end user in mind, with the goal of making it SIMPLE TO SUBMIT.
 
Awesome! How does it work?
 
SESC integrates with Microsoft Exchange Server 2007 and 2010, utilising the flexible Exchange Web Services (EWS) platform to provide native support for all rich Exchange clients including Outlook, Outlook:Mac, OWA and Exchange enabled mobile devices.
By integrating directly with the backend of the messaging system, customers can avoid the costly admin overhead associated with deploying a plug-in or client to endpoint devices.
Because of the way EWS works, we are able to recommend that SESC is installed to a non-Exchange server so that there is no additionaly CPU burden placed on your mission critical infrastructure.  You can run SESC on any Windows 2008 R2 server, both physical or virtual (VMware ESX/ESXi or MS Hyper-V) are supported too.
 
What about the user experience?
 
Like I said, we want this to be as simple as possible and actually aimed to make it easier than deleting an item from your Exchange client.
To submit missed spam (aka false negatives) to Symantec, end-users simply move the offending message to an special folder in their mailbox.
This folder name is fully configurable by Administrators, who also have absolute control over which users are enabled for submissions.  Using their existing Active Directory infrastructure, Administrators can use pre-existing or new Groups or OU’s as well a providing a custom LDAP query to opt-in the users.
 
There are two working modes for SESC, Moderated Submissions and Direct Submissions.
With Direct Submission mode, every message moved to the submission folder by an end-user is submitted to Symantec.
With Moderated Mode, Administrators can delegate an approval process to one or more users.  In this mode, the end-user moves the message to the submission folder as normal.  This message is then made available to the ‘approval’ user who can decide whether the message should be submitted to Symantec or not.
This is particularly useful where data privacy may be a concern.
 
With SESC, customers no longer have to use the existing and rather convoluted method of submission; which involves supplying the entire missed spam message as an RFC822 attachment to ANOTHER email and sending it to the correct email address at Symantec.
 
The Symantec Email Submission Client is available today for the following products:
  • Symantec Messaging Gateway
  • Symantec Mail Security for Exchange
Simply sign into http://fileconnect.symantec.com and download the installer.
Note: Symantec Protection Suite Enterprise Edition customers will be able to download SESC from Fileconnnect from April 2012.
 
There are some really fantastic extensions to our submissions process coming in the next release of Symantec Messaging Gateway which not only extend the functionality of SESC but also help to improve your protection even more.  What’s more, the beta for Symantec Messaging Gateway 10 is due to kick off in May 2012 – if you are interested in participating please get in touch either in the comments below or you can email me ian_mcshane@symantec.com.
 
I’m excited to get more feedback as we start to think about the next releases of SESC so please do download, install it, check it out and let me know what you think either in the comments or directly by email.
 
Cheers!
 
Ian McShane
Senior Product Manager | Messaging & Web Security
Endpoint & Mobility | Symantec

Announcing the Symantec Email Submission Client Beta

One of the great things about working in the Messaging & Web Security BU is the amount of cool new technology and functionality we work on.  Some times, this is behind the scenes on our backend systems and other times this is new functionality for existing products.

This time, however, I’m really excited to announce the beta program of a brand new application:

Symantec Email Submissions Client

This application allows you to automate the submission of missed spam (aka false negatives) to Symantec, directly from your end user mailboxes.

Symantec Email Submission Client takes advantage of the Exchange Web Services framework built into Microsoft Exchange Server to provide a submissions solution that:

  • Does NOT require any installation to you endpoint devices.
  • Does NOT require any updates to be managed/pushed to your endpoint devices. 
  • Does NOT require any complex end user training.
  • Does NOT require any additional licensing from Symantec.  

 

Deploying the Symantec Email Submission Client allows you to:

  • Provide your end users with a consistent answer to the question “What do I do with this spam message?”
  • Reduce helpdesk calls by providing a simple process for your end users to follow.
  • Increase antispam effectiveness and block even more threats from entering your environment.
  • Take full advantage of our antispam technology today and in future Messaging Security product updates. 

 

In order to participate in this beta program, you must be running Microsoft Exchange Server 2010 or 2007 SP1 (or above).

To receive more information and to register for this beta program, use the following link:

http://symbeta.symantec.com/callout/?callid=6DFF3025F2654CE0AB37629981C7988E

 

When the final release ships, the Symantec Email Submission Client will be provided to all customers using a Symantec mail security product as part of your existing product entitlement.  This includes customers using:

  • Symantec Messaging Gateway (formerly known as Symantec Brightmail Gateway)
  • Symantec Mail Security for Microsoft Exchange
  • Symantec Protection Suite

 

This beta program supports our commitment to product quality and customer satisfaction, enabling customers to download pre-release versions of our products and to provide feedback directly to members of the Symantec product team.

Symantec Protection for Sharepoint Servers 6.0 Beta

I’m excited to announce that the beta program has started for our next release of Symantec Protection for Sharepoint Servers.

You can sign up to this beta at this link : https://symbeta.symantec.com/callout/default.html?callid=8A18C6447CE54D99AD4ADEBCC28E7F9C

 

With this release, you’ll see new features such as:

 

  1. Completely new quarantine management functionality available through the UI.
  2. Brand new user interface.
  3. Simple export & import of configuration, settings and policies to enable quick and easy disaster recovery as well as roll out your policies to multiple farms in a quick and efficient manner.
This release supports the following platforms:
  • Windows® SharePoint® Services 2.0 (WSS 2.0)
  • Windows SharePoint Services 3.0 (WSS 3.0)
  • SharePoint Portal Server 2003 (SPS 2003)
  • Microsoft Office SharePoint® Server 2007 (MOSS 2007)
  • Microsoft SharePoint Foundation 2010
  • Microsoft Office SharePoint® Server 2010

We’re looking forward to your feedback!

 

//ian

Symantec Web Gateway 5.0 – Forward Thinking Protection against Advanced Threats

I am pleased to announce that Symantec Web Gateway 5.0 is now available!  Nearly half of our production deployments have already upgraded to the new version and the software is now available to all customers. 
This release brings not only a s…

Personalize Protection Against Unwanted Email with Symantec Messaging Gateway

We’ve been holding off on the news, but as many of you have realized, Symantec Messaging Gateway 9.5 (formerly Symantec Brightmail Gateway) is now available – in fact, over 1,800 customers have already upgraded to the new release. We mentio…

Mail & Web Security – 2011 Projects

      No Comments on Mail & Web Security – 2011 Projects

I can’t believe we’re already one month in to the new year!  It has been a busy January for the Mail & Web Security business at Symantec, as we plan for a full slate of product releases in the coming months.  We have releases planned for all three of our Brightmail products, our web gateway solution, and our groupware products planned in 2011. We also have follow-on releases planned for our exciting new Next Generation Network Protection platform for service providers.

The threat landscape continues to evolve in dynamic and unexpected ways.  We saw a remarkable drop in spam levels right after Christmas when some major botnets stopped sending out spam for a few weeks.  The botnets did not go away, however, and we’ve seen spam bounce back in recent weeks.  Check out www.symantec.com/brightmail/iqservices to see a clear illustration of this drop and recover, as well as a number of recent blog postings on threats.  Don’t forget our monthly State of Spam & Phishing Report, which is posted to www.symantec.com/spam. And don’t forget our more general blog on the threat landscape from the Symantec Security Response team, posted here on Connect at https://www-secure.symantec.com/connect/symantec-blogs/sr.

Stay tuned for some exciting announcements about our portfolio in the coming months.  If there any questions you would like us to tackle on this blog, please drop us a note in the comments below – we look forward to continuing the dialogue!

On behalf of the entire mail and web security product team at Symantec, I wanted to wish you all a very Happy New Year – we may be a bit late for the traditional New Year holiday, but we are just in time for the Chinese New Year – gong hay fat choy! 

Symantec Brightmail Gateway – Beta for 9.5 release

The Symantec Enterprise Security team is now accepting applications to participate in the Symantec Brightmail Gateway 9.5 Beta program. Symantec Brightmail Gateway is also part of the Symantec Protection Suites.

The beta process is a great way for participants to get an early look at exciting new features in our upcoming release, and also get direct access back to the product development team on product feedback.

The 9.5 release includes:

  • New Dispositions: New configurable verdicts for unwanted email categories allow customers to configure policies regarding marketing mail, newsletters, and email with suspicious URLs.
  • Enhanced Spam Scanning: Updates to the Brightmail Antispam Engine allow better scanning of text-based attachments for spam and malicious URLs.
  • Match Logging: Enhanced message audit logs capture matching policy, text, and message part for content filtering policies.
  • TLS Logging: Enhanced message audit logs track TLS delivery status, allowing confirmation of TLS delivery for auditing.
  • Enhanced Integration with Symantec Protection Center: Symantec Protection Center provides unified management across Symantec security products, including single sign-on, composition of product management within the Protection Center console, and unified reporting across multiple products.
  • Software Update: Improved software update process within the Control Center UI allows for staging of updates and rich logs and update status. Note that this enhancement will impact updates subsequent to the 9.5 release.
  • DRAC Support: Expanded support for Integrated Dell Remote Access Controller functionality in the Symantec 8360 and 8380 hardware appliances allows customers to remotely monitor and manage their hardware environment.
  • More Flexible Backup & Restore: Restore process has been enhanced to allow a backup to be restored to a separate instance while preserving network configuration, enabling easier appliance migration and disaster recover.
  • Expanded Localization in Spanish and French: Product configuration has been fully localized into Spanish and French, in addition to the existing translations into Japanese, Simplified and Traditional Chinese, and Korean.

Quality is one of the key Symantec deliverables and we strive to deliver a first class product with every release. So we want to get as much customer feedback as possible before we ship. By participating in this beta program, you can help to ensure this release is as successful as possible.

All participants must be members of the Customer Advisory Program, which is free to join for all customers entitled to support and maintenance.

http://www.symantec.com/connect/groups/symantec-customer-advisory-program-enterprise-security

Applying for the beta is simple, once you’ve registered for the CAP just complete the registration form at the following link.

https://symbeta.symantec.com/callout/default.html?callid=57918D6D4DCA486B86B16D586405477B

This is a great opportunity to receive an early release in order to plan your implementation and provide us with feedback to ensure issues are prioritized. We hope you can join us as we prepare for this exciting product release!

Welcome to the new Mail & Web Security Blog!

      No Comments on Welcome to the new Mail & Web Security Blog!

Welcome to the new Mail & Web Security Blog!  Brightmail isn’t going away, but we wanted to expand our coverage to include news about our complete email and web security portfolio, including the Brightmail products (Brightmail Gateway, Brightmail Message Filter, and Brightmail Traffic Shaper), the Mail Security products (Mail Security for Microsoft Exchange and Mail Security for Domino), and Symantec Web Gateway.

In addition, Symantec’s messaging and web security products are core components of the Symantec Protection Suites.

Stay tuned for more updates, including an expanded cast of authors as we grow our coverage across a broader slice of the Symantec portfolio.