ASK THE EXPERT - EMAIL SECURITY

Unanswered Question
Dec 12th, 2008

Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to learn how to protect data through filtering and encryption with Cisco expert Tom Topping. Tom Topping is director of federal operations of IronPort, a Cisco company. He has been involved in federal programs for more than 29 years in various roles including programmer, systems engineer, marketing, and account management. He is a founding member of the IronPort team and is a frequent speaker on the topics of messaging security and web-based threats.

Remember to use the rating system to let Tom know if you have received an adequate response.

Tom might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through December 24, 2008. Visit this forum often to view responses to your questions and the questions of other community members.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
b.hsu Fri, 12/12/2008 - 12:00

Does the IronPort Email Security Appliance support Authentication Mechanisms such as Domain Keys?

totoppin Wed, 12/17/2008 - 19:04

Yes, The IronPort Email Security Appliance authenticates received messages that are signed with SIDF, Domain Keys and DKIM. The appliances also can sign outbound messages with DKIM and Domain Keys.

punithsree Mon, 12/15/2008 - 04:52

hi,

Please confirm whether the 4 HWIC serial ports are configured as multilink ppp.

CISCO 2821 AND 2811 Routers individually.

totoppin Fri, 12/19/2008 - 08:31

I am not able to answer this question.

Please seek assistance from your Cisco Account Systems Engineer or from Cisco Customer Support.

mshahroriahmaD8 Mon, 12/15/2008 - 07:40

if you please i want bay ASA5520 FROM CISCO can you send me a compare between cisco and ASTARO

bbaley Thu, 12/18/2008 - 16:02

How does the IronPort prevent Directory Harvest Attacks?

totoppin Fri, 12/19/2008 - 08:29

Directories are harvested when a sender delivers thousands of common email recipient addresses to a domain; for example asmith@, bsmith@, csmith@, ajones@....... The attacker is seeking to understand which addresses DO NOT generate an Invalid Recipient Bounce. By knowing which addresses do not bounce the attacker knows which addresses are valid for that domain. Therefore in order to stop these attacks the IronPort does two things:

1) It validates the recipient email address, via an LDAP query, during the SMTP Conversation.

2) It counts the number of invalid recipients from each sender and stops responding after a configurable number of invalid recipients during each hour.

b.hsu Fri, 12/19/2008 - 10:32

How many real emails does the IronPort misclassify and stick into the Spam Bucket?

totoppin Fri, 12/19/2008 - 11:36

IronPort's advertised False Positive Rate is "Less Than One In One Million", IronPort customer actually experience far fewer False Positives than that. Effectively, the typical end-user behind an IronPort never experiences a false positive.

aghaznavi Mon, 12/22/2008 - 08:40

Does the IronPort Anti-Spam system have Centralized Management so that a change can be made to one systems and that change get propagated to the others.

totoppin Mon, 12/22/2008 - 08:55

Yes, the system does support Centralized Management.

This is implemented on-system, without the need for an additional Centralized-Management appliance.

totoppin Tue, 12/23/2008 - 19:39

The IronPort C160 has two network interfaces (copper 10/100/1000).

The IronPort C360, C660, X1060 all have three network interfaces (copper 10/100/1000).

The X1060 has a 4 x gigabit fiber option.

Actions

This Discussion