|
#
|
Description
|
Impact
|
F/W
|
A/V
|
MX
|
Comment
|
|
1
|
The
mail server’s underlying operating system is vulnerable
to “buffer overflows” and similar types of attacks.
|
Specially
crafted emails exploit this weakness, allowing a hacker
to take over the server. (Example: Code Red worm)
|
No
|
No
|
Yes
|
Mxtreme
is built on the EAL4 certified S-Core operating system,
in use for 8 years with thousands of installations. S-Core
has real-time detection of buffer overflows and stops
them immediately.
|
|
2
|
Incoming
mail traffic is passed directly to your internal email
servers, providing opportunities to hackers. Firewalls
provide only partial protection.
|
Many
SMTP servers have vulnerabilities that can be exploited
to take control of the complete system.
|
No
|
No
|
Yes
|
Mxtreme
SMTP server is hardened and secured by BorderWare's specialists,
and is constantly updated for new threats.
|
|
3
|
OWA(Outlook
Web Access) requires three components – Windows, IIS and
Exchange. Each must be separately installed and secured.
Traffic must also be passed through the firewall.
|
Complex
installations present opportunities for error that may
be readily exploited.
In
addition, each component has many vulnerabilities
|
No
|
No
|
Yes
|
Mxtreme
installs in one integrated operation, with all components
integrated and secured. Its OWA proxy provides a secure
mechanism for providing access.
|
|
4
|
Email
clients such as Outlook helpfully “correct” invalidly
formatted email messages.
Some
AV platforms also accept malformed messages.
|
Hackers
construct invalid messages that bypass standard AV scanners
and are then accepted, corrected executed.
|
No
|
No
|
Yes
|
MXTREME
provides Message Integrity Checking that detects and blocks
100% of invalid messages per University of Magdeburg test
suite.
|
|
5
|
For
convenience, roaming users forward confidential business
email to public mail servers like Hotmail or Yahoo.
|
Unauthorized
parties can read the email. Numerous password exploits
have been published for Hotmail and other web mail sites.
|
No
|
No
|
Yes
|
MXTREME
provides secure BorderPost web-mail client and secure
Outlook Web Access proxy.
|
|
6
|
Employees
are not restricted in which types of files can be emailed.
|
Confidential
and valuable documents can be revealed, accidentally or
deliberately.
|
No
|
No
|
Yes
|
MXTREME's
attachment filtering can be used to prevent documents
getting outside of your organization’s control.
|
|
7
|
Employees
may use an email system to exchange personal files, including
jokes, images etc.
|
Such
materials may cause significant offense to other employees,
leading to legal liability.
|
No
|
No
|
Yes
|
MXTREME
can be easily configured to block employees from sending
inappropriate attachments – e.g. jpg files.
|
|
8
|
Common
viruses are propagated as email attachments.
|
User
opens attachment and activates virus. Widespread damage
results.
|
No
|
Yes
|
Yes
|
For
organizations lacking centralized AV, MXTREME can provide
optional AV scanning using Trend AV engine and hourly
pattern updates.
|
|
9
|
Roaming
users access email via OWA to internal Exchange server.
OWA
passwords are passed in the clear on internal networks.
OWA
sessions are not cleared from public terminals.
|
Weak
passwords can be cracked by “brute force” password cracking
programs. Third parties can read confidential mail.
|
No
|
No
|
Yes
|
MXTREME
provides strong authenticated access control using built
in SecurID support, or other tokens via Radius.
|
|
10
|
Roaming
users access email using IPSEC VPN client on laptop.
|
Seemingly
secure, but difficult to use for average employee. Trojans
on laptop can penetrate corporate network through VPN.
Requires IPSEC deployment and personal firewall on all
laptops. Expensive to install and manage.
|
No
|
No
|
Yes
|
MXTREME
provides secure remote email access with no-cost VPN using
Secure Web Access (SSL), strong authentication, and access
to Exchange via secure OWA proxy. No potential for accidental
exposure of other internal network assets.
|
|
11
|
Desktop
AV packages out of date or inoperable due to expired subscriptions,
technical glitches, disabled by user, etc.
|
User
is wide open to new or existing virus attacks.
|
No
|
No
|
Yes
|
MXTREME
provides high performance server based AV. Much easier
to manage than desktop AV.
Also
– MXTREME updates automatically once an hour.
|
|
12
|
Newly
introduced viruses propagate before pattern files are
updated by AV vendors.
|
Users
assume they are secure so open attachments. Widespread
damage results.
|
No
|
No
|
Yes
|
MXTREME
can be configured to selectively block common attachments
used for viruses such as executables and script files.
|
