Overview

To effectively fight Spam and scale with its growth, enterprises and service providers need new intelligent, cost-effective and scalable network-based solutions that complement traditional approaches to fighting Spam. The network is vastly more efficient, secure and scalable, and delivers better price/performance compared to server hosts and applications. Leveraging these fundamental advantages of the network, and enhancing it with Spam intelligence is the best way to gain an upper hand on Spam. While a network-based solution cannot completely eliminate Spam, it substantially mitigates the amount of Spam that enters the application infrastructure and therefore minimizes the exposure to limitations of traditional host- and application-based solutions. With substantial reduction in Spam volume, content-based Spam and Virus prevention solutions can economically scale.

Emerging Spam prevention solutions combine the benefits of network performance and resilience with application intelligence and policy enforcement to block Spam more effectively at the network. These solutions also help scale host- and application-based Spam solutions by intelligently distributing only needed load to multiple devices and servers. The result is a highly scalable, vastly efficient, and highly economical total Spam prevention solution for the Enterprises and Service Providers.

Foundry’s SPAM-Def solution is ideal for Service Providers and large Enterprises to block Spam at the network, while simultaneously improving availability and scalability of e-mail servers and content inspection anti-Spam and anti-Virus devices. ServerIron SPAM-Def delivers three key benefits to the e-mail application infrastructure. First, it blocks mail from unwanted sources right at the network. Second, it transparently re-directs mail from suspicious sources to only devices that specialize in Spam and Virus processing, which optimizes resource utilization and helps granularly scale content-based solutions. Third, it provides load balancing, content switching and security to scale and secure e-mail server farms and e-mail virus gateway devices.

Many network layer switches provide access control enforcement at wire speed using hardware-based access control lists (ACLs). There are two key problems with using traditional ACLs to block Spam. First, the number of enforceable policies on these switches is small relative to the number of Spam sources, and the ACL solution becomes exponentially expensive as size increases (Spam lists already run into hundreds of thousands of entries, and will soon grow to millions). Second, managing access control lists is not a real time operation. It can take hours to download new access policies, which leaves a long window of time for Spam to get through to the mail servers.

ServerIron switches offer high performance access control and policy enforcement that scales to 5 million IP prefix entries today, and even more tomorrow, without forklift upgrades and massive capital investment and re-investment. By using a combination of high-performance software and hardware access control and policy enforcement, the ServerIron switches ensure security from Spam while delivering superior performance. ServerIron switches also provide real-time policy list management with near zero downtime for Spam blocking while policy list is being modified. Near zero downtime during policy list change is critical because most Service Providers and Enterprises change the lists at least once a day, and in many cases more frequently, and cannot tolerate windows of exposure during which Spam can get through. A new policy list may be downloaded in the background while continued enforcement takes place, and when the download is complete, the ServerIron switch rapidly swaps existing list for the new one, thus ensuring there is no exposure for Spam to get through to the mail infrastructure.

In an ideal world where all external mail sources are easily identifiable as legitimate mail sources and spammers, access control that permits messages from sources on a white list through and blocks messages from sources on a black list would suffice. In practice, however, not all mail is identifiable as Spam by simply looking at the originating source host. Further processing of messages from unidentifiable and suspicious sources is required, likely by content-based Spam and Virus appliances or servers.

ServerIron switches, acting as proxies to the mail servers, transparently intercept and re-direct messages from selected sources to Spam and Virus servers. For example, white list user messages may be directly sent to the mail servers, whereas grey list user messages are re-directed to a Spam server cluster for further investigation. Access policies match a source to the resource that the message needs to be transparently re-directed for further processing. Additional granularity in identifying messages that need re-direction is achieved by enabling content switching capabilities integral to the ServerIron switch.

Spam is one of the biggest challenges facing businesses today, and it impacts security, productivity, capital costs and end-user service. Defeating Spam requires innovative approaches that are cost effective and scale with the growth of Spam. Foundry Networks’ SPAM-Def solution leverages network and application switching intelligence to identify and block Spam at the network. The solution complements content-based Anti-Spam and Anti-Virus solutions, and helps create a secure, scalable and high-performance e-mail infrastructure for service providers and enterprises.

Back to top

Related Products

Foundry's application switching solutions are available on a range of ServerIron products purpose-built with ASIC-based and network-centric architecture to deliver highest availability, performance and scalability when deployed in business-critical application infrastructures. The ServerIron family of products feature the high-intelligent TrafficWorks OS to deliver a full range of application switching solutions cusotmizable to the customer environment.

View all products

Back to top

Literature

Applications

• Server Load Balancing
• Transparent Cache Switching
• Firewall Load Balancing
• Global Server Load Balancing

Solutions Guides

• Application Delivery Solutions Guide (PDF 1.3M)

Case Studies

• aCerno Delivers Predictive, Targeted Ads to Online Buyers in Milliseconds (PDF 262K)

Research & Test Reports

• Current Analysis Report: ServerIron 4G Models (PDF 102K)
• Tolly Report: ServerIron 450 Application Switch (PDF 338K)

White Papers & Application Notes

General

• Application Delivery Solutions for Enterprise Service-Oriented Architecture (PDF 368K)
• Leveraging the Advantages of a Multi-vendor Network Strategy (PDF 181K)

Load Balancing

• Server Load Balancing in Today's Web-enabled Enterprises (PDF 229K)
• Global Server Load Balancing (PDF 145K)
• Firewall Load Balancing (PDF 82K)

Content Switching

• ServerIron SIP & VoIP Application Switching (PDF 823K)
• Offloading Server Connection Management Using ServerIron (PDF 163K)
• Foundry ServerIron FIXSWITCH™ (PDF 276K)
• XML Switching on ServerIron (PDF 217K)

Security

• Fighting Spam @ the Network Using Foundry ServerIron SPAM-Def (PDF 202K)
• Emerging Approaches to Fighting Spam @ the Network (PDF 128K)

Application Support

• Deploying SAP NetWeaver Infrastructure with Foundry Network ServerIron (PDF 618K)
• Microsoft Office Communications Server 2007 - Load Balancing with Foundry Networks ServerIron Platform (PDF 709K)
• OracleAS Infrastructure with ServerIron Hardware Load Balancer (PDF 483K)
• Microsoft Live Communications Server 2005 Load Balancing With Foundry Networks ServerIron Platform (PDF 92K)

Back to top