|
#
|
Description
|
Impact
|
F/W
|
A/V
|
MX
|
Comment
|
|
13
|
Hackers
can send executable Trojans disguised as legitimate email
attachments. E.g. “Nimda”
|
Attachment
bypasses AV scanners until signature file is updated.
Users open file and massive damages occur.
|
No
|
No
|
Yes
|
MXTREME
can be configured to selectively block common attachments
used for viruses such as executables and script files.
|
|
14
|
Employees
can send unauthorized email to third parties.
|
Confidential
information available to third parties.
|
No
|
No
|
Yes
|
MXTREME
can maintain complete audit trail of all messages sent by
users.
|
|
15
|
Harassing
email sent to your employees by third parties.
|
Employees
sue company.
|
No
|
No
|
Yes
|
MXTREME
can block specified source addresses, and maintains audit
trail to assist investigation.
|
|
16
|
Mail
server default configuration allows relaying of third
party email. Spammers abuse server.
|
Your
server gets placed on “black-hole” list, and you
can’t send mail to many destinations.
|
No
|
No
|
Yes
|
MXTREME
blocks mail relaying out of the box.
|
|
17
|
Internal
email addresses “leak” onto Internet. e.g. fred.smith@secretproject.abc.com.
|
Competitors
or hackers find out about your internal organizational
structure.
|
No
|
No
|
Yes
|
MXTREME
address mapping features hide internal structure, and
enforce consistent external addressing policy.
|
|
18
|
Email
traffic between company branches or with business partners
travels in the clear.
|
Email
can be “sniffed” in transit and confidential
information exposed.
|
No
|
No
|
Yes
|
MXTREME
implements standards based server-to-server encryption as
a no extra cost feature.
|
|
19
|
Internal
email travels in the clear.
|
Executives
email is “sniffed” by any employee using freely
available download utilities.
|
No
|
No
|
Yes
|
MXTREME
provides encrypted connection for commonly used mail
clients (Outlook etc.)
|
|
20
|
Userids
and passwords used for POP mail access are not encrypted
on internal network.
|
Can
be sniffed by anyone and used to gain access into other
servers.
|
No
|
No
|
Yes
|
MXTREME
provides encrypted connection for common POP and IMAP mail
clients.
|
|
21
|
Hackers
run scanners against mail server to detect operating
system and mail server type.
|
If
NT/Exchange detected, a host of attacks are launched
automatically.
|
No
|
No
|
Yes
|
MXTREME
does not return any identifying information. Response to
ping can be disabled to decrease visibility.
|
|
22
|
Organization
has many mail servers accepting connections from external
sources. Security measures are inconsistent, and security
responsibility is spread out or unclear.
|
Hackers
or viruses can penetrate at “weakest link” in chain,
then disrupt internal network.
|
No
|
No
|
Yes
|
MXTREME
provides single controlled gateway and enforces consistent
security policy.
|
|
23
|
Mail
server not kept up to date with security or other patches.
Server becomes vulnerable to new exploits.
|
Server
is compromised and used as launch point into internal
network.
|
No
|
No
|
Yes
|
MXTREME
is automatically kept up to date by the BorderWare
Security Connection, which downloads software updates and
security bulletins.
|
|
24
|
Network
administrator fails to install important NT security patch.
This can easily happen due to the large number of patches,
and difficulty of installation, especially if multiple
servers are involved.
|
Server
is wide open to attacks.
|
No
|
No
|
Yes
|
MXTREME
is based on secure S-Core operating system. No need to
install NT “patch of the week”.
|
