Lotus Protector for Mail Security

Lotus Protector for Mail Security is an appliance suitable for businesses who are looking to proactively protect their email systems from spam and viruses. This appliance comes in two flavors (deployment flexibility), as a hardware software combo appliance (Rack Unit : 2U) and as a virtual appliance using vmware.  Designed specifically for the Lotus Domino environment the appliance is very easy to setup on an existing Domino platform.

For evaluation purpose we chose to use the virtual appliance using VMWare server as it is easy to install on our existing vmware infrastructure. The vmware image is based on a linux OS and has the Lotus Protector software pre-installed. Once you have the Lotus Protector vmware image turned on, you will be guided through a series of configuration questions that took us about 20 minutes to configure. Nothing is better than a simple yet security rich management interface, and this appliance comes with it.

As soon as we opened the management interface we updated the licenses and made sure that the components (Content Filter Database, Appliance Firmware, Intrusion Prevention Signatures and AntiVirus Signatures) are up-to-date. We updated the time to sync with an external time server, made sure that the networking and firewall part is configured correctly and checked the Events for abnormalities.

The next step is to setup the appliance for LDAP access. In the Policy Objects under Directories, we added an entry to access our domino ldap server so that incoming mails can be verified against the mail field in the ldap directory. The trickiest part was to enter a username who has access to the ldap directory.  The correct format should be in LDIF format such as entering the DN into the Username field, in this case we entered “cn=FirstName LastName/o=OrganizationName”. We at first entered our Domino Short Name which didn’t work. We left everything by default except in the last tab “SMTP Domains” we added our domain. Next step is to setup a Who Objects in the Policy Objects section under the Who tab. Make sure that the type is “Directory” and choose the directory that we have previously setup. Once the changes have been saved, we can verify if the ldap directory is working by going to Verify Who Objects and choose All Who Objects. Click Submit. You should see an OK in the result column.

whoObject

To verify an email address, simply select SMTP Address in the selection box and type in an exisiting email address.

whoObjectSMTP

The next step is to configure the Receiving SMTP setting so that the appliance can verify that a recipient actually exist in the Domino directory and what to do if the recipient is not found. There is also an option to silently drop the email if it is being addressed to an unknown recipient, however for our testing purpose we left it as Rejected with Error. This is nice to have when troubleshooting and testing a spam email from the Internet.

recvSMTPconfig

Once that is in place we can procede with the testing and here is the result when an exisiting user doesn’t exist

recvSMTPtest

What about spam? To test this out I sent myself an email containing a simple text email that offers a viagra product. Here is the email sample so that you can use it for testing purpose too : Email. Immediatly Lotus Protector caught the email spam and quarantined it.

SPAM is quarantined

Quarantined Spam Detail

Another feature in Lotus Protector is the automatic updates of the following components required for the appliance to effectively filter spam which I believe are being updated often by IBM :

  • Content Filter Database
  • Bayes Filter Database
  • Spam Heuristics
  • AntiVirus Signatures
  • Intrusion Prevention Signatures

Not to forget the reporting tools are awesome too,  Lotus Protector can create an executive summary report from a time period of your choosing. To name a few, reports can be categorized according to top 10 Viruses or top 10 senders to traffic monitoring to matched rules. This report also includes a very nice graph to help us to assess patterns and trends.

LotusProtectorGraph

Wednesday appliance test

As I am only touching the surface, for more information regarding this appliance, please visit IBM’s website directly :

http://www-01.ibm.com/software/lotus/products/protector/mailsecurity/

Then if you like to see if this product suits you, there is a 90-day trial for this appliance. Follow the link : http://www.ibm.com/developerworks/downloads/ls/lotusprotector/learn.html

Tagged with: , , , , , , , , , , , ,
One comment on “Lotus Protector for Mail Security
  1. robin says:

    Great post very helpful and informative.

Leave a Reply

Your email address will not be published.

*




Enter Captcha Here :