Symantec Messaging

Gateway
Stphane Jacobs
Pre-sales Consultant
Symantec Messaging Gateway Small
Business Edition
Purpose built appliance
that prevents spam,
viruses, and phishing
attacks from reaching
email servers
Small Business Edition
Targets 250 users and below
Same enterprise class
protection
Installation in minutes
Small Business friendly per-
appliance pricing and
licensing
2
Symantec Global Intelligence Network

25,000+ vulnerabilities 55,000+ technologies from

Vulnerability
in database over 8000 vendors
Database
Statistics on 1+ Billion email
Fraud: Spam 2+ Million Probe Network messages a day
Geo-location capabilities on
& Phishing Accounts
servers and zombies

Virtual network of 8000+ IP Capturing previously unseen

Honeypot Network addresses threats and attack methods

> 10,000 Security Professionals

2B+ events logged daily Over 100,000 security 200,000 daily code
alerts generated annually submissions

Managed devices in 40,000+ Sensors in 120 Million Threat/ Virus

70+ countries 200+ Countries Submission Systems

3
Symantecs Approach to Messaging
Security

Better Greater Easy

Protection Control Management

Best Antispam Advanced Unified Control

and Antivirus Content Filtering and Management
Personalized Content Continuous
Protection Encryption Automatic Spam
Adaptive Data Loss and Virus updates
Reputation Prevention On-demand
Management Integration Reporting
Global Compliance Virtual appliance
Intelligence
Network ...From the Leader in Enterprise Security
4
Uncompromising Protection
Spam 20+ Layers of
Protection
PROTECT 99% Effective Global
Reputation
<1 in 1 million false positives
Local Reputation
Anti-phishing Image spam
Inbound
Adaptive Reputation Mgmt PDF spam
Protection:
stops 90% at connection Zombie attacks

Effective & Accurate

Viruses BATV backscatter
Directory
AV & AS
Adaptive Reputation
Leading AV engine Harvest
Management (Global Day Zero Language filters
and Self-Learning
Local Reputation)
Worlds Largest
Content Filtering
Global Intelligence Offensive language
Network
Confidential information

Managed devices in 40,000+ Sensors in 120 Million Threat/ Virus

70+ countries 200+ Countries Submission Systems
Best in Class Antispam Protection
Symantec Brightmail Antispam Engine
Reputation Filtering
High Volume Spam
Sources
Safe Sources
Inputs from Global
Intelligence Network
Heuristics
Header Analysis
Language Analysis
Content Analysis
Structural Analysis
Image Analysis
Managed by Symantec
Greater than 99% effectiveness
Accuracy of over 99.9999%
Less than one false positive in every one million legitimate emails
Bounce Attack Prev. URL Filters
Tag Validation to Protect Fraud URLs
against Bounce Attacks HTTP URLs
Configurable Group Adult URLs
Policies
Flexible Remediation
Signatures Allow and Block Lists
Body Hash Personal Allowed and
Body Fuzzy Signatures Blocked Lists
Attachment Signatures Personal Language
Filters
Admin-Defined Allowed
and Blocked Senders List
Managed by customers (optional)
6
Adaptive Reputation Management
Global reputation
Leverages reputation service from Brightmail
BLOC and patented Probe Network
Tracks millions of known spam and safe
senders based on IP
Local reputation
Self-learning local reputation scoring
tracked by each scanner
Used by connection classification to defer
connections of likely spam senders
Effectively tracks mixed reputation and
distributed low volume senders

Connection Classification

Assigns system resources differentially

based on connection class
Guarantees higher quality of service to
senders with better reputations
Filters out up to 90% of spam traffic
based on reputation

7
Best in Class Antivirus Protection
Symantec Antivirus Engine

Signature-based Virus Multi-threaded Scanning for

Definitions
Script-Blocking
Bloodhound Heuristic
Definitions
Day Zero Malware Protection
Mail/zip Bomb Protection
Decomposer and File Typer
for Attachment Scanning
Performance
Mass-mailer Cleanup
Heuristic- and Behavior-based
IM Monitoring
LiveUpdate
Multi-threaded Scanning
Repair Engine
Flexible Workflow with
Multiple Dispositions

Over 40 consecutive perfect scores (VB100 designation) from VirusBulletin, since

1999 excellent scanning speeds and the usual impeccable detection
Top performer in AV-Test benchmarks, with no false positives, fast scan speed,
rootkit detection, and malware cleaning

8
Outbound Control

Email and attachments

CONTROL
Compliance
Intellectual Property

Outbound Sensitive Information

Control:
Inappropriate

Advanced Content Structured Data

Filtering
Data Loss Prevention Matching
Regulatory Compliance
Flexible Policy-based Fingerprinting
Workflow and Rule sets
Pre-built Templates and Exact data protection
Dictionaries
Compliance Folders Related data matching

9
Advanced Content Filtering
Framework

Symantec Brightmail Content Filtering Engine

Policy Management Detection Incident Management

Centralized Management Regular Expressions Compliance Folders

Pre-built Policies,
Patterns, and Templates
Graphical Condition
Builder
Pre-built Dictionaries Access Controls
Structured Data Matching Multiple Verdicts
True File Typing Hold-for-Review
Text Extraction and Workflow
Attachment Scanning Graphical Incident
Manager

Remediation Reporting

Notifications Pre-built Reports with

Enforce TLS Encryption Flexible Options
Tag for Archiving Automated Report
Header/Message Generation
Modification Illustrate Liability and
Bounce Message Risk Reduction

1
0
Choice in Email Encryption
Symantec Content Encryption, a hosted option leveraging
Symantec.cloud
Customer Network

Messaging Gateway
Unencrypted Communications

Unencrypted
Users Email TLS
Recipient
Server
Encrypted Email
Policy Based on Policies
Configuration Encryption
Admin Encrypted Response Encrypted
Recipient

Symantec PGP Universal Gateway Email, for extensible on-premises

Customer Network

Messaging

encryption Unencrypted Communications

Gateway

Users Email Unencrypted

Server Encryp Recipient
ted Co
m munica
tions
ion
olicy urat
P n fig
Co
PGP GW
Email

Admin Encrypted
Recipient

22
1
Powerful and Easy to Use Management

Setup in minutes
MANAGE
No tuning requirements
Adapts to local environment
Management and Minimize administrative
Administration
effort
Unified Control and Role based administration
Management
Frequent Automatic End user self service quarantine
Spam/Virus Updates
Comprehensive Dashboard and automated
Logging and Alerts reporting
On-Demand
Reporting and Message tracking and auditing
Intelligence
Virtual Appliance Benefit from virtualization
Supports mixed physical / VMware
environments
Save on hardware costs
1
2
Simply backup and high availability
Virtual vs. Physical Appliance Option

Model 8340
Platform 1 Rack Unit
Single Processor
2x160GB
Hypervisor

Segment Small and Medium Businesses

Compatible with VMWare ESX Dedicated Scanners or Dedicated

3.5 and ESXi 3.5 servers Control Center
Same software license for Combined Scanner/Control
virtual and traditional Center: Suitable for smaller
appliance organizations 1
3
 Out-Of-The-Box Reporting
Full set of reporting options
Dashboard - quantifies all known
email threats
Executive Summaries
Over 50 preset reports
Flexible reporting workflow
Scheduled report generation and
export options

Benefits
Gain insight into performance
Identify Email and IM security
trends
Track potential compliance issues

1
4
 Simple Message Tracking
1
Filter with multiple criteria

Sender
Recipient
Subject
etc.

2
Retrieve Message Status

Time message processed

Sender
Recipient
Subject of the message
Disposition (spam, virus, blocked
sender, etc)
Actions Taken

3
Drill down for
detailed forensics

15
 Flexible Compliance Administration
Create additional administrator
accounts
Specify desired level of management
privileges
Specify list of administrators who can
use Control Center
Specify administrators who can
access compliance folders
Customize administrator rights
Full Administrator rights (View and
Modify any page in Control Center)
Limited access to restrict access to
certain settings
Differentiate between View and
Modify access 1
6
Thank you!
Stphane Jacobs
Stephane_jacobs@symantec.com

Copyright 2011 Symantec Corporation. All rights reserved.Symantec and the Symantec Logo are trademarks or registered trademarks
of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this
document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to
change without notice.
Key Benefits
Best of Breed Technologies
Uncompromising Protection
Unique Antispam Effective on botnets and adapts to your local threat
conditions with greater than 99% effectiveness and 99.9999% false positive
rate
Best Antivirus Unparallel VB100 testing results
Advanced Content Filtering Protect confidential information

Powerful and Easy-to-Use Management

Out-of-box Installation Less than 15 min setup time
Zero Tuning No administrative work is required to train the rulesets
Continuous Automated Updates From Symantec Global Intelligence Network

Smart Investment, Today and Tomorrow

Save on hardware by implementing the Virtual appliance on hardware of choice,
including ones currently owned
Lower total cost of ownership with minimal ongoing administrative overhead
19
1
 Competitive Comparison
Compared to Barracuda, Symantec has
Better protection 8% more effective than Barracuda; and Barracuda had almost
9x more false positives than Symantec did1.
Easier to manage Zero ruleset maintenance, and no tuning required.
Lower total cost of ownership Lowest on-going costs; scalable appliance

Compared to Cisco Virus and Spam Blocker, Symantec has

Smarter appliance Industry only global AND local IP reputation technology
Better antivirus Day zero antivirus protection included

Compared to McAfee, Symantec has

Better antispam McAfee has substantial administrative burden to train rulesets
Better antivirus - Symantec has more than 40 consecutive VB100 awards for the
last 10 years. McAfee has failed 11 times since 19992.

1 InfoWorld Technology of the Year Award, 2005-2008, winner for Best Anti-Spam/Mail Security Solution.
2 VirusBulletin100 Awards 1999 to 2009
2
0
 Challenge #1: Spam Continues to Flood
Servers and Employee Inboxes
Spam as a Percentage of Email Volume

419 Spam
PDF Spam
Image Spam
90%
Phishing
HTML
ASCII
Simple Text

8%
2001 2009
Source: Symantec State of Spam Report Severity/Complexity
2
1
21
Challenge #2: Sensitive Data is Leaving
the Enterprise, Risking Brand and
Reputation

Customer, Employee, Intellectual Property Company Confidential

Patient Data

Regulatory Compliance Competitive Reputation

HIPAA, GLBA, PCI, Source Code Press Release
State Data Privacy, Engineering Specs Quarterly Earnings
Caldicott, PIPEDA
Strategy Documents M&A
SSN, Credit Card
Pricing CEO Internal Email
Numbers, Health Info

1:400 emails contain confidential information

Over 90% of data loss caused by breakdowns in process
controls by good employees

2
2
2
Reducing False Positives with Structured
Data Matching
Matching to database extracts
Protect the exact data you care about not just a pattern that
looks like a credit card number, but your customers actual credit
card numbers
Protect data that is difficult to describe and only important if
related - e.g. Employee first name, last name and salary
Once a fingerprint has been created from these data, the
administrator can specify what defines a violation
E.g. fields required for a match
First Name Last Name Social Security Hair Color

Kayla Douglas 770-12-6909 Black

Karen Whitcomb 149-60-0533 Blond

Brian Hubert 227-01-2294 Brown

Clare Mata 476-68-0222 Red

Ralph Hansen 221-20-9165 Brown

Felipe Fulmer 698-01-7121 Gray

2
3
Symantec Data Loss Prevention
Integration

Protect confidential
data across
endpoint, network,
and storage systems
New integration:
Simplifies deployment
and management
Ensures high
availability and
performance

2
4
Challenge #3: Messaging Infrastructure is
Increasing in Cost and Complexity 8:15 AM
8 AM

Targeted Attack Occurs

9 AM
9:00 AM
Help Desk is Bombarded All
Day
Challenges 10 AM

10:30 AM
11 AM
Install System Updates,
Manually Adjust Policies
Generating Management Reports
Keeping Systems Current 11:45 AM
Noon
Responding to End User Requests Generate Reports for
Executive Review
Managing Policies Across Systems 1 PM
Managing Spiraling Energy Costs 1:30 PM
Search Through Spam
2 PM Quarantine for Missing
Emails

2:45 PM
3 PM Change Block Lists Based
on Message Audit Results
IT Budgets and Headcount are Flat
IT Responsibilities are Growing 4 PM

12:00 Midnight
Midnight Executive Calls: Cant Find
My Email!

2
5
2
 Streamlined System Management

Automated filter downloads and statistics

Antivirus LiveUpdate process
Simple software updates
Automated email alerts
Granular backup and restore
Configurable logging levels
SNMP support

2
6
Upsell/Crosssell
Easy Up-sell/Cross-sell
Opportunities

Add Messaging Gateway Small Business Edition to

provide comprehensive end-to-end protection, securing
both inbound and outbound email and instant message
traffic from phishing threats.

One affordable Messaging Gateway Small Business

Edition appliance at the messaging gateway can
drastically reduce spam volumesrelieving stress at the
mail server level.
Mail Servers

Customer Plug & Play Email and IM protection

Benefit Lowe TCO and save costs on mail servers

Partner Easy up-sell from Symantec portfolio

Opportunity Additional revenue 2
8
 Competitive Displacements

Customer Better protection technologies

Benefit Much less administrative overhead
Hardware scalability and flexibility
Lower Total Cost of Ownership (TCO)

Partner Easy and centralized management

Opportunity Focus more on higher revenue consulting services
than day-to-day administration
Improve customer relationship

2
9
Summary
Symantec Brightmail Gateway
Product Recognition

Symantec
Symantec takes
takes the
the prize
prize with
with superior
superior anti-
anti-
spam and anti-malware capabilities, strong
spam and anti-malware capabilities, strong
enterprise-class
enterprise-class features,
features, excellent
excellent
management
management and and reporting
reporting tools,
tools, and
and aa very
very
polished and easy-to-use administrative
polished and easy-to-use administrative
interface.
interface.
-InfoWorld 2008 Technology of the Year Awards
4th Consecutive Year
- Best Messaging Security

Product Excellence
Award: Server Appliance

Leader, Forrester Wave

2009 Email Filtering
Symantec
Symantec shows
shows aa level
level ofof
sophistication
sophistication andand ease
ease of
of use
use that
that
only comes from being a class
only comes from being a class leader leader
Leader, Magic Quadrant for
for aa long
long time,
time, and
and having
having all
all the
the sharp
sharp
2010 Secure E-Mail Gateways edges rounded off.
edges rounded off.
3
1
31
Customer Confidence In Symantec

We protect over 800M mailboxes at over 100,000

customers, including

32
3
 Global Support Presence
More than 2400 highly trained global
support professionals
29 regional support centers
70 regional delivery partners
Experts with certifications from
more than 20 industry
associations and technology
providers including:
Microsoft, Cisco, Sun, HP, IBM,
SNIA, and CISSP
Rapid resolution of multi-vendor
cases provided through:
Cooperative support agreements
with more than 200 vendors
TSANet board membership
Support delivered in 10 languages
Awards:
SSPA Star Award (Service and
Support Professionals Assoc.)
Omegas NorthFace
ScoreboardSM Award
WebStar Award from
Supportgate.com
Global programs to extend support
delivery through partners
3
3
What To Do Next

Try the product!

30-day evaluation
www.symantec.com/trybrightmail

Compare effectiveness and

accuracy
Greater than 99% effectiveness, less
than 1 in a million false positives

Symantec and our partners can

help assess, plan and deploy
successfully!

3
Backup

35
 Messaging Gateway Architecture
Symantec Global Intelligence Network
Reputation
Rules
Signatures
Heuristics
Definitions

Advance Data

Management Interface
Antispa d Loss
Antivirus
Adaptive Reputation

m Content Preventi
Filtering on
SMTP
Embedded MTA IM Proxy
Mgmt.

IM

Message processing and verdict analysis

SMTP Policy Engine

IM
Encryption*

* Native TLS encryption, Integration with encryption partners 36