Anti-spam and anti-malware solutions for next generation networks
Cloudmark and IBM BladeCenter – delivering advanced network security for Telecom Service Providers
By some industry estimates, 95% of
inbound broadband messages now
consist of spam, phishing or viruses
— up from 20% in 2002. The deluge of
malware on telecom service providers’
networks has significantly increased
operational and infrastructure costs.
Much of today’s email spam and
malware is sent not by individuals,
but by networks of compromised
computers (“zombies”) that launch
millions of spam messages without the
user’s knowledge. To make matters
worse, new classes of spam are
extremely sophisticated, containing
spoofed addresses, embedded links
to malware sites and rapidly-mutating
images.
Messaging abuse has now moved
beyond the computer to the mobile
device, in the form of SMS and
MMS spam and phishing. In some
countries like China and India, mobile
• Designed for carrier
environments, Cloudmark
Authority on the IBM BladeCenter
platform protects mobile and
fixed-line messaging
infrastructures from spam,
phishing and viruses
• The accuracy and efficiency of
the Cloudmark solution reduces
hardware and operational costs
while improving subscriber
satisfaction
• The IBM BladeCenter family
provides a scalable platform to
deliver open multi-services
framework for next generation
network and messaging security
applications
Highlights
users receive on average 6-10 spam
messages each day. This problem will
likely worsen as spammers join in the
fray in trying to monetize the mobile
channel.
Traditional content filtering systems
that rely on static rules, traffic patterns
and heuristics have been ineffectual
at responding to these advanced
messaging threats. In the face of
today’s unpredictable and highly
mutable threats, service providers have
seen their spam filtering rates drop by
30% from their legacy solutions.
Carrier-grade messaging security
Effectively managing messaging
abuse requires an automated, real-
time solution that can detect threats
and their variants while permitting
legitimate messages through to
recipients. Telecom service providers
must consider the scalability and
performance of their content filtering
system, which can impact the overall
performance their messaging services.
Leading service providers have
turned to Cloudmark’s carrier-grade
messaging security solutions to
protect their network and subscribers
from spam, phishing and viruses. In
carrier deployments, Cloudmark has
consistently demonstrated filtering
accuracy above 98% with near-zero
false positives.
Cloudmark’s accuracy and efficiency
have led to dramatic cost savings
in the areas of network operations,
infrastructure and customer support.
• $US 4 to $US 50 million annual
savings in OpEx and CapEx
• 40-80% decrease in infrastructure
requirements
• Decreased customer support, costs and
churn
Advanced message fingerprinting
The core of Cloudmark’s solution is its
Advanced Message Fingerprinting
which employs eight high-performance
fingerprinting algorithms. These
fingerprinting algorithms identify and
track spam, phishing, and virus attacks
throughout the network. Cloudmark
continuously evolves these algorithms
(now in its 6th generation) which work
in tandem to target different threat
attributes embedded in a message.
These algorithms are able to identify
mutations in a given attack, such as
changes in content, image, sender,
URL, or other attributes, so that
threat variants are stopped in zero
time — before they are transmitted to
subscribers.
Cloudmark’s unique text-agnostic
threat analysis enables Cloudmark
to filter spam in various languages
(including double-byte characters
such as Chinese, Japanese and
Cyrillic) and formats, including image,
SMS and MMS spam.
“Cloudmark’s unique combination of Advanced Message Fingerprinting, global threat detection and trust system is what drives the system’s unparalleled accuracy. Cloudmark running on the IBM BladeCenter is ideal for demanding carrier environments, providing the highest level of performance and protection against all forms of messaging threats.”
— Jamie DeGuerreChief Technology Officer
Cloudmark
The Cloudmark Global Threat Network
Cloudmark is able to provide
extremely fast coverage of new threat
outbreaks through its Global Threat
Network which consists of over 300
million reporting sources in 200
countries. With Cloudmark, threat
monitoring comes not from a group of
individuals in a company, but from a
24x7 worldwide network of reporters.
Feedback from these reported enables
Cloudmark to block the latest threats
within minutes of attack origination.
This approach contributes to faster
threat detection and more accurate
message classification.
Trust Evaluation System
All feedback by the Global Threat
Network is corroborated and analyzed
in real time by the Trust Evaluation
System (TES). This system tracks the
reporter’s reputation and determines
when to mark fingerprints as abusive
based on the number of reports and
reporter’s reputation. Trust is earned
over time by consistently reporting
correct abuse feedback. By identifying
trusted sources within the network,
Cloudmark has automated the data
analysis process. TES performs
the back-end analysis to determine
whether a message is legitimate or
a threat, categorizes threats by type
and distributes threat intelligence to
Cloudmark’s customers.
Cloudmark solutions
Cloudmark provides comprehensive
messaging security solutions that
enable service providers to protect
their infrastructure and subscribers.
• Comprehensive protection against
spam, phishing and viruses for email
and SMS/MMS
• Edge gateway software with
full protocol filtering and policy
management
Cloudmark Authority™
Cloudmark Authority is a carrier-grade
messaging security solution for fixed-
line and mobile networks. Cloudmark
Authority provides inbound and
outbound protection against spam,
phishing and viruses. Designed for
large-scale carrier deployments,
Cloudmark Authority delivers up to 20
times faster messaging throughput
than competitive solutions while
utilizing 90% less CPU. This superior
performance translates to higher
efficiency and significantly reduced
total cost of ownership (TCO).
Cloudmark Authority offers the
highest level of filtering reliability and
performance due to its fingerprinting
approach and distributed architecture,
which includes a full local cache of the
latest threat data that is updated every
45 seconds.
Cloudmark Gateway™
The Cloudmark Gateway is a carrier-
class mail transfer agent (MTA) that
integrates with Cloudmark Authority
to provide high performance edge
protection. Using policy-based
protocol and content filtering,
Cloudmark Gateway blocks unwanted
email traffic at the edge of the network.
Cloudmark Gateway effectively
prevents outbound malware, such
as “botnet” and “zombie” attacks,
from compromising service provider
networks through intelligent flow
control and traffic shaping techniques.
Offering highly configurable
administration and scalability,
Cloudmark Gateway is ideal for service
providers. Cloudmark Gateway has
demonstrated the capacity to manage
incoming email traffic of over 1.2 million
users per server (compared to 150,000
users with other solutions).
IBM BladeCenter family — for every
customer need
The IBM BladeCenter T chassis
provides hardware redundancy (power
supply, I/O modules, management
modules, L2 switching, mid-plane, etc.)
thereby reducing potential points of
failure in the solution.
The IBM BladeCenter is an advanced
blade system which integrates
servers, storage and networking into
a single chassis — yielding significant
simplification, improved density and
potential TCO savings. A single family
of common server blades, storage, I/O,
switches and networking modules are
fully supported and interchangeable
across the family of BladeCenter
chassis. The IBM BladeCenter chassis
is designed as the ideal solution for
data center deployments. The IBM
BladeCenter H is for high performance
computing platform, while the IBM
BladeCenter T chassis is specifically
designed for telecom central office
deployments.
The new, IBM BladeCenter HT — a
new, telecom optimized version of the
BladeCenter H — opens new market
opportunities with a new and powerful
NGN platform ideally suited for telecom
equipment and service providers.
The IBM BladeCenter T and
BladeCenter HT deliver rich
telecommunications features and
functionality, including fault-tolerant
capabilities, hot-swappable redundant
DC or AC power supplies and cooling,
and built-in systems management
resources in a 20” deep chassis. The
rigorous Network Equipment Building
System (NEBS) Level 3 and European
Telecommunications Standard Institute
(ETSI) outline requirements typical of
telecom central office environments
in the areas of electromagnetic
compatibility, thermal robustness,
© Copyright IBM Corporation 2008
IBM Systems and Technology GroupDepartment XVXA3039 Cornwallis RoadResearch Triangle Park, NCU.S.A., 27709
February 2008All Rights Reserved.
BladeCenter, IBM, and the IBM logo are trademarks of International Business Machines Corporation in the United States, other countries or both.
Intel and Xeon are trademarks of Intel Corporation In the United Slates, other countries or both.
Linux is a trademark of Linus Torvalds in the United States, other countries, or both.
Other company product and service names may be trademarks or service marks of others.
References in this publication to IBM products or services do not imply that IBM intends to make them available in all countries in which IBM operates.
QS20 requires a dedicated chassis and is currently supported only in the IBM BladeCenter E chassis. QS21 is currently supported only in the IBM BladeCenter H chassis.
IBM hardware products are manufactured from new parts, or new and serviceable used parts. Regardless, our warranty terms apply. For a copy of applicable product warranties, write to: Warranty Information, P.O. Box 12195, RTP, NC 27709, Attn: Dept. JDJA/B203.
The information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice.
[1] For additional details, please refer to Underwriter’s Laboratory (UL) certified NEBS Level 3 / ETSI test report.
Printed in the United States of America on recycled paper containing 10% recovered post-consumer fiber.
fire resistance, earthquake and office
vibration resistance, transportation
and handling durability, acoustics and
illumination, and airborne contaminant
resistance. The IBM BladeCenter T
and BladeCenter HT chassis meet the
NEBS Level 3 / ETSI requirements1.
Cloudmark and IBM: a winning
combination
The combination of Cloudmark’s
messaging security technologies
and IBM BladeCenter family
delivers the performance, reliability
and affordability demanded by
mission critical telecommunications
applications.
Performance tests with Cloudmark
Authority and Gateway running on
IBM BladeCenter LS21 model blade
showed a message throughput rate of
up to 1300 messages/second. Other
IBM blades and rack mount server
configurations were able to achieve
throughput rates of approximately
1,000 messages/second. This
solution combination delivers more
than 10 times superior performance
to competitive solution running on
proprietary hardware and 30%
improvement running over equivalent
hardware platforms.
The Cloudmark solution delivers the
highest level of security protection
for service providers rolling out IP
Multimedia Subsystems (IMS) and
Service Delivery Platforms (SDP).
Deploying a unified platform reduces
operating costs and complexity and the
IBM BladeCenter is the ideal integrated
platform for the deployment of these
open multi-services frameworks.
For more information
Learn how IBM Systems can help your
company achieve more revenue and
reduce your costs, while helping you
keep your profitable customers.
Have questions? Contact the IBM
Telecommunications team today on
how we can help you take advantage
of our extensive industry expertise.
Please visit us on the web at:
ibm.com/telecom/systems
For more information about Cloudmark,
visit:
cloudmark.com