Home
Subscribe
Articles Archive		 Forward Features List
NC IP User Survey
Event Announcement

Contact Information
Media Information
More Magazines From BTC
  Cloudmark Server Edition 2.1

Cloudmark Server Edition 2.1

From NetworkComputing Magazine Vol 16, Issue 6 - November/December 2007

In a world where SPAM, Phishing and Virus attacks are directed at the majority, there is a real sense of advantage in using a detection system that creatively looks the other way, beyond mainstream methods; a central principle behind the Cloudmark Server Edition (CSE).

This product is designed to integrate simply, with low operational impact, into the MS Exchange Server environment. Because it is doesn't rely on the bulk movement of messages - duplicating network traffic - it does not require its own server, and comfortably sits on the existing Exchange Server.

Designed to be familiar and easy for Exchange administrators (it is), a competent tech-savvy business manager will comfortably handle this product. If using Active Directory, these profiles can be utilised or separately created within CSE. The admin console and installation wizard work neatly together to guide you through the powerful, but not voluminous options; while you can choose a different installation location to default, it cannot be a mapped drive.

You will need to decide (globally) where you want SPAM directed; either to individual SPAM folders or public folders. The design of the product encourages you to the former, as this facilitates the beneficial effects to scale up quickly and in real time. You will need to set up HTTP Proxy support using port 80, or ideally open port 2703 to connect to the Cloudmark Service. Once set-up is complete, you receive a summary and installation proceeds automatically.

Once installed, you will be using the CSE Admin Console where you can further describe how you want the product to work. At this point you need to understand a fundamental principle. As users receive messages, they will have been scanned against a fingerprinting algorithm. This check produces a hash value, which is sent to the Cloudmark Service and verified against the database of known bad fingerprints and based on a collective vote, the message will either be placed into the user's inbox or SPAM
folder.

Where the user finds a message has been misclassified - bad message in the inbox (false negative) or good message in SPAM folder (false positive) - the users action in reclassifying (moving) that message is corroborated by the Cloudmark Service, building zero hour detection. The eight Fingerprinting algorithms look at message structure, not content, and this is important, as it is common for Spammers to morph messages using re-cycled content; this approach renders language, words or character sets irrelevant, putting Cloudmark ahead of the game.

Moving back to the console, user, scan and filter options can be adjusted, and there is a useful link (visited during setup) to My Cloudmark, which helps manage license compliance.

It is not just SMB and Enterprise users who comprise the community, but ISPs as well. This all conspires to make this application and its support infrastructure very effective in early detection. In fact, whilst essentially a SPAM and Phishing detection solution, it comfortably claims Zero hour AV detection; this does not remove the need for a product to deal with infections arriving from Web site visits or other remediation; it is an extra line of defence.

If it's creative use of user community and fingerprinting algorithms create the capability backbone, then it is the trust rating of contributors that give it its final line of capability. This highly automated system ranks contributors in a way that takes a long time to gain credibility and little time to loose it; a defence against external manipulation.

Installed on the Exchange Server, Cloudmark claim that CPU utilisation is always less than 5%, and its operation does nothing to impede message mobility. Cloudmark also claims that it blocks over 98% of SPAM making false positives and negatives a thing of the past.

In an environment where you need to be protected, this solution offers an intelligent and forward looking method of reducing the impact of SPAM. NC

Product: Cloudmark Server Edition 2.1
Supplier: Cloudmark Inc.
Available in the UK and Europe from Moore Secure IT, and their resellers
Telephone: 020 7193 4244
Email: sales@MooreSecureIT.com
Web: www.MooreSecureIT.com
 
The products referenced in this site are provided by parties other than BTC. BTC makes no representations regarding either the products or any information about the products. Any questions, complaints, or claims regarding the products must be directed to the appropriate manufacturer or vendor. Click here for usage terms and conditions.
For Comments towards this website please contact the webmaster

©2005 Business and Technical Communications Ltd. All rights reserved.
No part of this site may be reproduced without written permission of the owners.
www.NetworkComputing.co.uk