Ever vigilant

In the fight against spam, vendors and customers must join forces

PROJECT: Spam protection.

AGENCY: City of Fresno, Calif.

PARTNERS: Proofpoint Inc. and Fresno's information technology staff.

GOAL: To
reduce the ever-growing amount of spam coming to the inboxes of city staff.

OBSTACLES: The city's homegrown spam protection would take time to upgrade and still
might not be able to handle the problem.

SOLUTION: A spam protection appliance was installed on the perimeter of the city's computer network.

PAYOFF: Spam was
reduced dramatically without blocking important e-mail messages.

Receiving one or two pieces of spam e-mail a
day used to be typical for municipal employees
in Fresno, Calif. Then, a little
more than a year ago, that
number began to rise.

First, it hit about 10 a day. Then it quickly
rose to as many as 20 or 30 unwanted
e-mail messages every day.

For Fresno, the increase in spam was
potentially hurting employee productivity,
besides exposing the city to security threats,
such as phishing attempts, said Raj Nagra,
the city's senior network systems specialist.

The city's homegrown spam protection
solution that had worked for years was finally
starting to lose the fight against unwanted
e-mail. Rather than try to fix the old system
or build a new one, city officials decided to
buy a spam protection appliance to stop
junk e-mail, Nagra said.

"It could have taken a few weeks to fix the
existing system, and we didn't want to wait,"
Nagra said. "And we couldn't guarantee fixing
would stop all the spam. To get a guarantee,
we had to spend the money and buy a
real solution."

After looking at several products and trying
two ?
both of
which
effectively
blocked spam ?
city officials selected
a security gateway
appliance from
Proofpoint Inc., of
Sunnyvale, Calif.

Other features,
such as
daily digests of blocked e-mail
and Web interfaces, were the
determining factors between the two products.
"When it came down to it, it was some of
the smaller features that won us over
because the main features everybody had,"
Nagra said.

APPLIANCE AVAILABLE

Fresno chose the Proofpoint Messaging
Security Gateway, which is typically how customers
use the product, said Andrés Kohn,
Proofpoint's vice president of product management.
The gateway is also available as a virtual
appliance running on VMware or as a hosted
version that runs in Proofpoint's data centers.

The appliance sits at the perimeter of an
organization's infrastructure, typically within
the first line of the network. It scans all
inbound and outbound e-mail messages and
applies the appropriate policies that decide
what gets through and what doesn't.

"So, for the city of Fresno, we're looking at
all the inbound e-mail, detecting spam messages
and blocking them from coming in,"
Kohn said. The system also scans for viruses.
One of the biggest challenges organizations
face is a tremendous increase in the volume of
spam messages, along with a rise in viruses
and malware. The sheer volume makes it difficult
for some anti-spam systems installed three
or more years ago to keep up with the demand.

"With the city of Fresno, since the beginning
of the year until now, they've seen their e-mail
volume more than double," Kohn said. "What
that obviously means is if you bought a solution
that was barely keeping up with demand
when you first bought it, by now, it would be
half the power they need."

Kohn has seen organizations that received
10,000 e-mails a day three years ago now
receive about 100,000 a day. That makes it important to find a system that can scale to
meet an ever-growing demand.

Fresno's initial use of a homegrown system
is typical, especially in the government, Kohn
said. However, it is difficult to continually
update in-house systems to keep pace with
increasingly sophisticated spammers.

"It takes a lot of time and effort to keep
these filters up-to-date; you might even need
programming skills," he said. "Even older-generation
solutions need to be constantly
tweaked, which takes a lot of
manpower."

Proofpoint's appliances and
some of its competitors' offerings also help
agencies comply with privacy regulations by
scanning outbound e-mail messages. The same
infrastructure can detect such information as
private health care and credit card data.

One of the city's biggest concerns was
whether a system might block too much
e-mail. City council members, for example,
depend on the municipal e-mail system to
interact with citizens. Blocking legitimate
messages hasn't happened yet, and a digest of
blocked messages is available to employees
who want to monitor the traffic.

"Some users would like more blocked and
other people, just to be safe, want to let more
in," Nagra said. "It's just that tightrope you
have to walk."

Proofpoint's update service
automatically maintains spam
protection. It also has individually
controllable spam and
adult content scores that
allow the organization to
enforce policies against
pornographic spam.

Proofpoint's multilingual spam
detection offers protection against
spam in any language, including
hard-to-analyze languages
such as Japanese and
Chinese.

For systems integrators working
with government agencies in
circumstances similar to Fresno's,
Nagra recommends approaching
only those vendors willing to provide
demonstration units.

The best way to evaluate the products'
effectiveness is to run them side
by side in a real environment,
he said.

Doug Beizer (dbeizer@1105govinfo.com)
is a staff writer at Washington Technology.

About the Author

Doug Beizer is a staff writer for Washington Technology.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close
SEARCH
 Top 100 Slideshow
contracts DB

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Read More

  • Is SBA MIA on contractor fraud? Nick Wakeman

    Editor Nick Wakeman explores the puzzle of why SBA has been so silent on the latest contractor fraud scandal when it has been so quick to act in other cases. Read More

Webcasts