[Top] [Prev] [Next] [Bottom]




MIMEsweeper overview


Most companies now use email as part of their day to day business, to communicate both internally and with the outside world. Meanwhile, the World Wide Web (WWW) is exploding in popularity as an information resource and publishing arena.

This flow of data greatly increases the need to protect your company from potential threats that can arrive via external sources, or depart from it's own internal computer systems. These threats usually lurk within email messages or Web data.

Email based threats include:

WEB based threats include:

Traditionally, firewalls are employed to restrict access to your network, by blocking users and applications types, for example, Telnet, FTP and NFS. However, controlling user access through firewalls does not protect your company from the content based threats that are buried in email or Web data.

MIMEsweeper has been developed with these content based threats in mind.

Whereas a firewall can provide your company with access security, MIMEsweeper provides comprehensive content security. It stops content based threats before they arrive on the network, in the same way that firewalls control user access. Companies need to deploy both access security and content security for complete network security.

MIMEsweeper offers a centrally managed content security solution which complements your companies existing security policies. It can be configured in any number of ways, to suit the varying security requirements of each and every company, and delivers content security where and when it is needed most.

MIMEsweeper runs under Windows NT, on a dedicated host machine2 or a firewall. It comprises two modules:

MAILsweeper

MAILsweeper provides comprehensive content security for email. It acts as a mail router or relay, depending on the underlying mail system. The following mail systems are currently supported:

MAILsweeper works by acting as a transparent store placed in the path of incoming and outgoing messages. It is usually positioned in the path of SMTP traffic, between two cc:Mail post offices, between two GroupWise domains or on the same machine as the Notes server or Exchange server.

MAILsweeper checks the underlying mail system at pre-determined intervals, to determine if there are any messages awaiting processing. Each message awaiting processing is extracted from the store by MAILsweeper, which then disassembles, validates and finally disposes of the message, according to configured rules.

MAILsweeper can be configured to suit the mail environment in which it is operating. For example, MAILsweeper for SMTP can sit on either side of a firewall. MAILsweeper for cc:Mail can act as a standard or a hub router. MAILsweeper for GroupWise can operate in a primary to primary or a primary to secondary domain environment.

For Lotus Notes and Exchange, MAILsweeper can only be deployed on the server.
 

WEBsweeper

WEBsweeper provides comprehensive content security for the WWW. It is installed on a dedicated WEBsweeper host and acts as a caching Web proxy server.

Any Web browser on your network that is capable of receiving Internet traffic is also capable of receiving threats, for example:

Implementing a corporate wide security policy would involve enabling and maintaining security options on every Web browser, as well as virus scanning every single download.

With WEBsweeper deployed, all Web browsers on the network are configured to have all their requests sent via the WEBsweeper host. This means that security is implemented in a single place rather than at every Web browser. The WEBsweeper host can be administered and maintained securely by your system administrator.

Whenever a user requests a resource, the request is first forwarded to WEBsweeper. WEBsweeper searches its cache for the resource and if successful the cached data is downloaded. If not the proxy server sends a request to the origin Web server and the data is returned.

WEBsweeper checks the data and depending on the results, it is either downloaded or a user configurable message is sent to the Web browser as a replacement, to indicate a problem.

If the data is downloaded a copy is also cached for a period of time. Where there is a problem, the data is discarded and the replacement message is cached instead. This means that subsequent requests for the same URL within that time will result in the data or the replacement message being downloaded from the cache. The same URL will not have to be retrieved and checked again.



[Top] [Prev] [Next] [Bottom]



1 A zoo is a collection of viruses.

2 Such as an INTEL 486, or a Pentium processor for high throughput email environments.

msw.support@mimesweeper.com

Copyright © 1998, Content Technologies Limited. All rights reserved.