watch guard aec electronic a amenazas de seguridad en la nube
TRANSCRIPT
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 1/18 © 2009 WatchGuard Technologies
Combating email threatsin the cloud
Juan Munoz – Sales Director, Latin America [email protected]
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 2/18
Combating Email threats in the Cloud
Email importance
How does email work?
Most common Email threats
Current defense methodologies
Using the cloud to protect email
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 3/18 © 2009 WatchGuard Technologies
Why is Email important?
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 4/18 © 2009 WatchGuard Technologies
How does Email work?
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 5/18
Anatomy of a Mail Transport System
Internet
Router/gateway
External DNS server
Internal DNS server
Internal email server
Firewall
port 25
Forward port 25 traffic tointernal mail serverSending SMTP Server To: [email protected]
Lookup MX record for example.com
example.com MX record = 50.50.50.25
50.50.50.25
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 6/18 © 2009 WatchGuard Technologies
Most common email threats
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 7/18
• Most common email threats
Spam: more than 85% of all email is unsolicited
Viruses
Phishing
Code execution: HTML
Dangerous attachments
Also:
Data leakage
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 8/18
Why Doesn’t Someone Stop Them?
Legal: convictions require time and money
Example of the resources it takes to catch
one spammer:
• 2003, first Microsoft suit against spam emailFive million accounts sent 18 million spam emails
• Kornblum subpoenas “John Doe” times 150
• Custom “link analysis” tool shows where
source addresses converge
• MS forms a coalition: AOL, Yahoo, Earthlink,Amazon, Pfizer, various Attorneys General in
US, Interpol• Leads to Robert Soloway, convicted December
2003
Took nine months and all this effort to
catch and convict one spammer.
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 9/18
Why Doesn’t Someone Stop Them?
Financial: convictions require MORE time and money
Arrest and conviction did not stop Soloway:
• June 2004 – April 2005, Soloway’s company sends millions of emails
Uses legal dodge to claim recipients had “opted in”
• 2005, appeals end and Soloway must pay Microsoft $7.8 millionNever does: his bank accounts remain elusive
• 2006, Soloway moves his email server to China
• May 2007, arrested, indicted on 35 chargesMail fraud, email fraud, identity theft, money laundering…
• July 2008, sentenced to 47 months in federal prison
It took five years of legal process to stop this spammer.
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 10/18 © 2009 WatchGuard Technologies
Current defense methodologies
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 11/18
Current defense methodologies
Anti-spam:
Blacklists
Heuristics
IP Reputation
Anti-virus:
Signature-based
Some heuristics
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 12/18
What happens if email is SPAM?
Internet
Router/gateway
External DNS server
Internal DNS server
Internal email server
Firewall
Sending SMTP Server
Antispam solution
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 13/18
Let’s zoom in…
13 WatchGuard Training
Internet
Internet link
Firewall
Anti-spam
Quarantine
Email Server
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 14/18
© 2009 WatchGuard Technologies
Using the cloud to protect email
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 15/18
How can we improve the current model?Using the cloud!!!
15 WatchGuard Training
Internet
Internet link
Firewall
Anti-spam
Quarantine
Email Server
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 16/18
Some ReputationAuthority.org Statistics
16 WatchGuard Training
• Only 6.6% of email and web traffic is legitimate• “In-the-cloud” defenses can reject up to 98% of such traffic at the perimeter
5/13/2018 Watch Guard Aec Electronic A Amenazas de Seguridad en La Nube - slidepdf.com
http://slidepdf.com/reader/full/watch-guard-aec-electronic-a-amenazas-de-seguridad-en-la-nube 17/18
Questions?
[email protected]@watchguard.com