Anti-spam and anti-malware solutions for next generation networks

Cloudmark and IBM BladeCenter – delivering advanced network security for Telecom Service Providers

By some industry estimates, 95% of

inbound broadband messages now

consist of spam, phishing or viruses

— up from 20% in 2002. The deluge of

malware on telecom service providers’

networks has significantly increased

operational and infrastructure costs.

Much of today’s email spam and

malware is sent not by individuals,

but by networks of compromised

computers (“zombies”) that launch

millions of spam messages without the

user’s knowledge. To make matters

worse, new classes of spam are

extremely sophisticated, containing

spoofed addresses, embedded links

to malware sites and rapidly-mutating

images.

Messaging abuse has now moved

beyond the computer to the mobile

device, in the form of SMS and

MMS spam and phishing. In some

countries like China and India, mobile

• Designed for carrier

environments, Cloudmark

Authority on the IBM BladeCenter

platform protects mobile and

fixed-line messaging

infrastructures from spam,

phishing and viruses

• The accuracy and efficiency of

the Cloudmark solution reduces

hardware and operational costs

while improving subscriber

satisfaction

• The IBM BladeCenter family

provides a scalable platform to

deliver open multi-services

framework for next generation

network and messaging security

applications

Highlights

users receive on average 6-10 spam

messages each day. This problem will

likely worsen as spammers join in the

fray in trying to monetize the mobile

channel.

Traditional content filtering systems

that rely on static rules, traffic patterns

and heuristics have been ineffectual

at responding to these advanced

messaging threats. In the face of

today’s unpredictable and highly

mutable threats, service providers have

seen their spam filtering rates drop by

30% from their legacy solutions.

Carrier-grade messaging security

Effectively managing messaging

abuse requires an automated, real-

time solution that can detect threats

and their variants while permitting

legitimate messages through to

recipients. Telecom service providers

must consider the scalability and

performance of their content filtering

system, which can impact the overall

performance their messaging services.

Leading service providers have

turned to Cloudmark’s carrier-grade

messaging security solutions to

protect their network and subscribers

from spam, phishing and viruses. In

carrier deployments, Cloudmark has

consistently demonstrated filtering

accuracy above 98% with near-zero

false positives.

Cloudmark’s accuracy and efficiency

have led to dramatic cost savings

in the areas of network operations,

infrastructure and customer support.

• $US 4 to $US 50 million annual

savings in OpEx and CapEx

• 40-80% decrease in infrastructure

requirements

• Decreased customer support, costs and

churn

Advanced message fingerprinting

The core of Cloudmark’s solution is its

Advanced Message Fingerprinting

which employs eight high-performance

fingerprinting algorithms. These

fingerprinting algorithms identify and

track spam, phishing, and virus attacks

throughout the network. Cloudmark

continuously evolves these algorithms

(now in its 6th generation) which work

in tandem to target different threat

attributes embedded in a message.

These algorithms are able to identify

mutations in a given attack, such as

changes in content, image, sender,

URL, or other attributes, so that

threat variants are stopped in zero

time — before they are transmitted to

subscribers.

Cloudmark’s unique text-agnostic

threat analysis enables Cloudmark

to filter spam in various languages

(including double-byte characters

such as Chinese, Japanese and

Cyrillic) and formats, including image,

SMS and MMS spam.

“Cloudmark’s unique combination of Advanced Message Fingerprinting, global threat detection and trust system is what drives the system’s unparalleled accuracy. Cloudmark running on the IBM BladeCenter is ideal for demanding carrier environments, providing the highest level of performance and protection against all forms of messaging threats.”

— Jamie DeGuerreChief Technology Officer

Cloudmark

The Cloudmark Global Threat Network

Cloudmark is able to provide

extremely fast coverage of new threat

outbreaks through its Global Threat

Network which consists of over 300

million reporting sources in 200

countries. With Cloudmark, threat

monitoring comes not from a group of

individuals in a company, but from a

24x7 worldwide network of reporters.

Feedback from these reported enables

Cloudmark to block the latest threats

within minutes of attack origination.

This approach contributes to faster

threat detection and more accurate

message classification.

Trust Evaluation System

All feedback by the Global Threat

Network is corroborated and analyzed

in real time by the Trust Evaluation

System (TES). This system tracks the

reporter’s reputation and determines

when to mark fingerprints as abusive

based on the number of reports and

reporter’s reputation. Trust is earned

over time by consistently reporting

correct abuse feedback. By identifying

trusted sources within the network,

Cloudmark has automated the data

analysis process. TES performs

the back-end analysis to determine

whether a message is legitimate or

a threat, categorizes threats by type

and distributes threat intelligence to

Cloudmark’s customers.

Cloudmark solutions

Cloudmark provides comprehensive

messaging security solutions that

enable service providers to protect

their infrastructure and subscribers.

• Comprehensive protection against

spam, phishing and viruses for email

and SMS/MMS

• Edge gateway software with

full protocol filtering and policy

management

Cloudmark Authority™

Cloudmark Authority is a carrier-grade

messaging security solution for fixed-

line and mobile networks. Cloudmark

Authority provides inbound and

outbound protection against spam,

phishing and viruses. Designed for

large-scale carrier deployments,

Cloudmark Authority delivers up to 20

times faster messaging throughput

than competitive solutions while

utilizing 90% less CPU. This superior

performance translates to higher

efficiency and significantly reduced

total cost of ownership (TCO).

Cloudmark Authority offers the

highest level of filtering reliability and

performance due to its fingerprinting

approach and distributed architecture,

which includes a full local cache of the

latest threat data that is updated every

45 seconds.

Cloudmark Gateway™

The Cloudmark Gateway is a carrier-

class mail transfer agent (MTA) that

integrates with Cloudmark Authority

to provide high performance edge

protection. Using policy-based

protocol and content filtering,

Cloudmark Gateway blocks unwanted

email traffic at the edge of the network.

Cloudmark Gateway effectively

prevents outbound malware, such

as “botnet” and “zombie” attacks,

from compromising service provider

networks through intelligent flow

control and traffic shaping techniques.

Offering highly configurable

administration and scalability,

Cloudmark Gateway is ideal for service

providers. Cloudmark Gateway has

demonstrated the capacity to manage

incoming email traffic of over 1.2 million

users per server (compared to 150,000

users with other solutions).

IBM BladeCenter family — for every

customer need

The IBM BladeCenter T chassis

provides hardware redundancy (power

supply, I/O modules, management

modules, L2 switching, mid-plane, etc.)

thereby reducing potential points of

failure in the solution.

The IBM BladeCenter is an advanced

blade system which integrates

servers, storage and networking into

a single chassis — yielding significant

simplification, improved density and

potential TCO savings. A single family

of common server blades, storage, I/O,

switches and networking modules are

fully supported and interchangeable

across the family of BladeCenter

chassis. The IBM BladeCenter chassis

is designed as the ideal solution for

data center deployments. The IBM

BladeCenter H is for high performance

computing platform, while the IBM

BladeCenter T chassis is specifically

designed for telecom central office

deployments.

The new, IBM BladeCenter HT — a

new, telecom optimized version of the

BladeCenter H — opens new market

opportunities with a new and powerful

NGN platform ideally suited for telecom

equipment and service providers.

The IBM BladeCenter T and

BladeCenter HT deliver rich

telecommunications features and

functionality, including fault-tolerant

capabilities, hot-swappable redundant

DC or AC power supplies and cooling,

and built-in systems management

resources in a 20” deep chassis. The

rigorous Network Equipment Building

System (NEBS) Level 3 and European

Telecommunications Standard Institute

(ETSI) outline requirements typical of

telecom central office environments

in the areas of electromagnetic

compatibility, thermal robustness,

© Copyright IBM Corporation 2008

IBM Systems and Technology GroupDepartment XVXA3039 Cornwallis RoadResearch Triangle Park, NCU.S.A., 27709

February 2008All Rights Reserved.

BladeCenter, IBM, and the IBM logo are trademarks of International Business Machines Corporation in the United States, other countries or both.

Intel and Xeon are trademarks of Intel Corporation In the United Slates, other countries or both.

Linux is a trademark of Linus Torvalds in the United States, other countries, or both.

Other company product and service names may be trademarks or service marks of others.

References in this publication to IBM products or services do not imply that IBM intends to make them available in all countries in which IBM operates.

QS20 requires a dedicated chassis and is currently supported only in the IBM BladeCenter E chassis. QS21 is currently supported only in the IBM BladeCenter H chassis.

IBM hardware products are manufactured from new parts, or new and serviceable used parts. Regardless, our warranty terms apply. For a copy of applicable product warranties, write to: Warranty Information, P.O. Box 12195, RTP, NC 27709, Attn: Dept. JDJA/B203.

The information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice.

[1] For additional details, please refer to Underwriter’s Laboratory (UL) certified NEBS Level 3 / ETSI test report.

Printed in the United States of America on recycled paper containing 10% recovered post-consumer fiber.

fire resistance, earthquake and office

vibration resistance, transportation

and handling durability, acoustics and

illumination, and airborne contaminant

resistance. The IBM BladeCenter T

and BladeCenter HT chassis meet the

NEBS Level 3 / ETSI requirements1.

Cloudmark and IBM: a winning

combination

The combination of Cloudmark’s

messaging security technologies

and IBM BladeCenter family

delivers the performance, reliability

and affordability demanded by

mission critical telecommunications

applications.

Performance tests with Cloudmark

Authority and Gateway running on

IBM BladeCenter LS21 model blade

showed a message throughput rate of

up to 1300 messages/second. Other

IBM blades and rack mount server

configurations were able to achieve

throughput rates of approximately

1,000 messages/second. This

solution combination delivers more

than 10 times superior performance

to competitive solution running on

proprietary hardware and 30%

improvement running over equivalent

hardware platforms.

The Cloudmark solution delivers the

highest level of security protection

for service providers rolling out IP

Multimedia Subsystems (IMS) and

Service Delivery Platforms (SDP).

Deploying a unified platform reduces

operating costs and complexity and the

IBM BladeCenter is the ideal integrated

platform for the deployment of these

open multi-services frameworks.

For more information

Learn how IBM Systems can help your

company achieve more revenue and

reduce your costs, while helping you

keep your profitable customers.

Have questions? Contact the IBM

Telecommunications team today on

how we can help you take advantage

of our extensive industry expertise.

Please visit us on the web at:

ibm.com/telecom/systems

For more information about Cloudmark,

visit:

cloudmark.com