|
#
|
Description
|
Impact
|
F/W
|
A/V
|
MX
|
Comment
|
|
25
|
NT
server running Exchange cannot be updated with new patches
because of incompatibilities with other applications running
on same system
|
Server
is wide open to new exploits.
|
No
|
No
|
Yes
|
MXTREME
is a dedicated single purpose server.
|
|
26
|
Hackers
can target your server with SYN floods or other network
level attacks.
|
Denial
of service condition. Internal email service stops as
well as external email connectivity.
|
No
|
No
|
Yes
|
MXTREME
detects and blocks all network level attacks.
|
|
27
|
Hackers
can flood your mail server with huge messages to exhaust
resources..
|
Denial
of service condition. Internal email service stops as
well as external email connectivity.
|
No
|
No
|
Yes
|
MXTREME
allows message size limits and disk quotas to be easily
configured.
|
|
28
|
Overloaded
network administrators look after security on a “best
efforts” basis.
|
Hackers
take advantage of delays in implementing security fixes
to penetrate network.
|
No
|
No
|
Yes
|
MXTREME
kept up to date by dedicated development and support teams.
|
|
29
|
Network
administrators are not security experts, and miss the
significance of important announcements or developments.
|
Hackers
take advantage of lack of expertise and penetrate your
network.
|
No
|
No
|
Yes
|
MXTREME
is developed and maintained by BorderWare Technologies,
a world leader in email and Internet security, and first
company to achieve EAL4 security certification.
|
|
30
|
Network
admin has designed a “home grown” email security system.
Admin quits and no-one knows quite how the system works.
|
System
is not maintained and becomes “fragile” and open to compromise.
|
No
|
No
|
Yes
|
MXTREME
is kept up to date by highly skilled and motivated development
team. Training and 24x7 support are just a phone call
away.
|
|
31
|
Network
admin not able to configure system remotely to deal with
new threat. Configuration update has to wait until next
day.
|
Hackers
or viruses take advantage of “window of opportunity” to
penetrate network.
|
No
|
No
|
Yes
|
MXTREME
allows secure remote browser based configuration.
|
|
32
|
Default
installation of Exchange results in an insecure installation.
|
Services
– e.g. FTP – are enabled and may be exploited
|
No
|
No
|
Yes
|
MXTREME
default installation provides for only necessary services.
Additional services, like web mail, must be explicitly
enabled. .
|
|
33
|
Employees
may use an email system for personal use.
|
This
may lead to wasted time and resources.
|
No
|
No
|
Yes
|
MXTREME
logs all activity and may also archive email messages.
Effective monitoring acts as a powerful deterrent to inappropriate
activity.
|
|
34
|
Encryption
systems are often complex to implement and manage, involving
PKI, exchanging keys and signatures etc.
|
Users
will typically bi-pass systems that they do not understand
or which require some technical knowledge, and will revert
to sending email in the clear.
|
No
|
No
|
Yes
|
MXTREME's
encryption requires no end-user involvement to provide
secure and confidential email messaging.
|
|
35
|
Mail
servers today offer a wide range of features, and are
central to many workflow collaboration tools, file servers
etc..
|
An
attack on SMTP is now also an attack on your central corporate
electronic resource.
|
No
|
No
|
Yes
|
MXTREME
stands between your internal mail servers and the internet,
in the same way that firewalls protect databases and other
resources.
|
|
36
|
Users
may introduce viruses to the system via diskette, CD etc.
|
These
viruses can then spread locally without intervention by
a virus scanner.
|
No
|
No
|
Yes
|
MXTREME
can be configured to act as a delivery point for all email
clients and systems, effectively centralizing and containing
this risk.
|
