Foundary:An Fighting Spam Network

of 3
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Related Documents
Foundary:An Fighting Spam Network
  Foundry Networks August 24, 2004 Fighting Spam @ the Network Using the Intelligent Network with Application Intelligence, Policy Enforcement and Security to Fight Spam Spam is a menace, and is growing. Studies show that Spam accounts for about 70% of e-mail messages today, having grown from 60% last year. One fact remains, Spam is here to stay and will grow. Traditionally, host- and content-based solutions that perform inspection, filtering, and verification have been used to fight Spam. These solutions are necessary, but are neither sufficient nor economical for current and growing volume of Spam. To effectively fight Spam and scale with its growth, Enterprises and Service Providers need new intelligent networking solutions that complement and increase the effectiveness of traditional approaches. The network is vastly more efficient, secure, and scalable, and delivers high performance needed for high-bandwidth mail applications compared to the host- and application-based solutions. Enhancing the network to integrate Spam intelligence is the most effective solution to fight and prevent the growing threat of Spam. Internet Service Providers are leading the way in making the intelligent network a central solution in their strategy to fight Spam. Emerging Spam prevention solutions apply network-based application switching and policy enforcement to scale host- and application-based solutions by intelligently distributing e-mail messages to targeted resources for further inspection and processing. Such a solution provides a scalable and cost-effective solution to fight Spam for both Enterprise and Service Provider organizations. In the late 90s, application switches (Layer 4-7 load balancers) helped solve the challenges of high-availability, scalability, and security for business critical applications by integrating load balancing, application intelligence and security functions into the network. These switches now are emerging as the leading choice of Service Providers to deliver Spam protection at the network while simultaneously increasing the overall scalability and security of the mail infrastructure by load balancing to mail servers and mail content inspection devices. Application switches also defend the mail services infrastructure from Denial of Service (DoS) and other attacks by defeating such attacks before they reach the servers.  Application switches, armed with Spam protection, deliver three key benefits to the business-critical mail services infrastructure. They block mail from blacklisted sources right at the network, thus conserving resources on the mail servers for processing legitimate mail. The switches transparently re-direct mail based on source identification to only the resources that need to process these messages, thereby optimizing resource utilization and helping to scale the infrastructure on demand and for targeted needs. Application switches also provide load balancing, content switching and security to scale and secure mail server farms and e-mail virus gateway devices. The following sections discuss the Spam fighting capabilities of application switches and the core requirements these solutions must meet for the most demanding customers. Many network layer switches provide access control policies and enforcement at wire speed using hardware-based access control lists (ACLs). There are two key problems with using traditional ACLs to block Spam. First, the number of enforceable policies on these switches is small relative to the number of Spam sources, and the ACL solution becomes exponentially expensive as size increases. Currently, Spam lists already run into hundreds of thousands of entries, and will soon grow into millions. Second, managing access control lists is not a real time operation. It can take hours to download new access policies leaving a wide window for Spam to get through to the mail servers.  Application switches equipped with specialized Spam prevention capabilities offer high performance access control that scales to millions of entries without forklift upgrades and massive capital investment. These switches also provide real-time policy list management with  Foundry Networks August 24, 2004 near zero downtime for Spam blocking while policy list is being modified. Near zero downtime during policy list change is critical because most Service Providers and Enterprises change the lists at least once a day, and in many cases more frequently, and cannot tolerate windows of exposure during which Spam can get through. In an ideal world where all external mail users are easily identifiable as legitimate mail users and spammers, access control that permits messages from sources on a white list through and blocks messages from sources on a black list would suffice. In practice, however, not all mail is identifiable as Spam by simply looking at the srcinating source. Further processing of messages from unidentifiable and suspicious sources is required. Application switches, acting as proxies to the mail servers, can transparently intercept and re-direct selected messages to Spam and Virus servers. For example, white list user messages may be directly sent to the mail servers, whereas grey list user messages are re-directed to a Spam server cluster for further investigation. Access policies identify the source and the resource to which the messages need to be transparently re-directed for further processing. Additional granularity in identifying the source and the type of message for transparent re-direction to servers can be achieved by enabling content switching capabilities integral to the application switch. Normal Mail ServersIntelligent  Application and SPAM Switch Gigabit Rate Denial of Service Attack  Legitimate UsersSuspicious UsersHackersKnown Spammers IP Network    IP Network  SPAM Servers Virus Gateways Next-Generation Secure Mail Infrastructure  Access and Resource Policy List   Normal Mail Servers   Normal Mail ServersIntelligent  Application and SPAM Switch Gigabit Rate Denial of Service Attack  Legitimate UsersLegitimate UsersSuspicious UsersSuspicious UsersHackersHackersKnown SpammersKnown Spammers IP Network    IP Network  SPAM Servers   SPAM Servers Virus Gateways    Virus Gateways Next-Generation Secure Mail Infrastructure  Access and Resource Policy List   Figure-1: Next-Generation Secure Mail Infrastructure with Network-Assisted Spam Prevention Figure 1 shows a high-level architecture of the next-generation secure mail infrastructure using intelligent application switches for Spam control. In addition to blocking known Spam and transparently re-directing user messages to appropriate resources, application switches simultaneously provide high availability, security and scalability to the server farms with efficient load balancing and protection against Denial of Service (DoS) attacks. Application switches distribute user requests efficiently to the “best” among a pool of servers by considering server availability, load, response time, and other performance metrics to provide the best response time and availability. By using sophisticated “health checks” to servers and applications, application switches identify unavailable resources in real time and switch users to other available resources. These switches also help scale server farms on demand by allowing server capacity to be added or removed on demand without impacting application availability. Load balancing is especially important when using special-purpose content-based Spam and virus  Foundry Networks August 24, 2004 inspection devices to scale their performance and to increase overall availability of the business-critical mail infrastructure. Summary Spam is one of the biggest challenges facing businesses today, impacting productivity, capital costs, and end-user service experience and performance. Defeating Spam requires innovative and cost-effective approaches that can scale with the growth of Spam. Today, most Enterprises and Service Providers rely only on host- and content-based approaches to stop Spam, and are unable to keep pace with increasing volume without massive capital investment in non-scalable solutions. By leveraging the new intelligent network with Spam prevention capabilities, businesses can migrate towards a highly scalable and cost-effective solution to control and mitigate Spam attacks. Application switches with Spam prevention capabilities are emerging as the solution of choice in the migration. Gopala Tumuluri is the Product Line Manager for Multi-Layer Switching and Security Solutions at Foundry Networks, an innovative maker of Internet routers, Layer 2 switches and Layer 4-7  Application Switches located in San Jose, CA. He can be reached at  
Related Search
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks