IceWarp Security Features PDF

The document discusses the integrated security features of IceWarp, an email server. It details IceWarp's multi-layered security including internal antivirus, spam filtering using multiple techniques, intrusion prevention, account policies, encryption, mailserver protections, mobile device management, and FAQs about its security capabilities. Key features highlighted are zero-day malware protection, IP blocking, password policies, device management, and content filtering.

Uploaded by

Prasad Kshirsagar

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

430 views

IceWarp Security Features PDF

Uploaded by

Prasad Kshirsagar

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 4

IceWarp - Integrated Security Features

Multi-Layered Security with Online Detection

• Internal Kaspersky Antivirus
• Scans files over SMTP, IM, File Transfers, HTTP
• Scans IMAP Append, Document Uploads
• Blocks Potential Dangerous Attachments – Executables within Zip & RAR Archives & password
protected attachments
• Cloud Scanning - Kaspersky Security Network
• Powerful Engine – Scans 40000 messages /sec
• Real-time Protection against Spam & Malware – Zero Hour Protection using Cyren RPD
• 20 Antispam Technologies: Spamassassin, Bayesian, DNSBL, RBL, URIBL/SURBL, DKIM, SPF,
Razor2, Call Back Verification, Greylisting, SMTP delay, etc.
• User Level & Admin level controls on Backlists, Whitelists, Spam Folder & Quarantine Reports
• Multiple spam Management Scenarios: Reject, Delete, Quarantine, Tag, Move to Junk Folder,
sort on a score

Intrusion Prevention
• Integrated Intrusion Prevention – SMTP, POP3, IMAP
• Analyse all incoming sessions for
1. No of connections per minute
2. No of failed login attempts
3. No of Parallel connections initiated
4. Failed relay attempts, Directory harvest attacks, etc.
• Blocks the IP Address with Cross-session and cross-protocol monitoring

Account Policies
• Dual Authentication (Cert based) – Webclient & EAS
• Enforce Password Policies & Expiration
• Account Expiration – Scheduled & Inactive
• Block Accounts exceeding failed attempts
• Login IP Restriction- IP Address, IP Mask
• Restrictions on no of emails or data sent out per day
• Feature/Policy access restrictions at User level
• BCC forwarding for Sent & Received Emails

Enterprise Messaging for Companies of all Sizes

www.icewarp.co.in
Encryption
• Certificate Management – Users can digitally sign & encrypt emails
• Integrated Let's Encrypt service with certificate lifecycle management
• Secured Destinations – Enforce SSL Communications using Certificate Based Authentication
• Voice & Video Encryption – Integrated WebRTC & Secure RTP
• TLS for messages on transmit

Mailserver
• Content Filtering - parse message content (headers and body), Light weight DLP
• Closed Relay & Spoof Protection
• Service Access Firewall
• Verify AUTH & Sender
• SRS with NDR Validation

Mobile Device Management

• Microsoft Active Sync based Lightweight MDM
• Centralized Administration of all devices
• Allow/Block/Quarantine Rules
• Soft & Hard Wipes
• Policies on Device Security & Email Synchronization
• Policies on Device Components & Device Applications

Enterprise Messaging for Companies of all Sizes

www.icewarp.co.in
IceWarp Server Security FAQ’s
1. What all Security Features does IceWarp Provide Zero Hour Protection Antispam & Antivirus.?

Threats are blocked as soon as they are emerged. Email & Voice Encryption, Mail Content Filtering
Engine, Intrusion prevention, IP Login Restriction, Webclient Multi Factor Authentication, Mobile
Device Management, etc.

2. How do you take care of the DLP?

IceWarp Server has content filtering engine which can filter messages based on regex & headers
such as from, to, recipient or any other header, specific words in subject, body or attachment name.
Users can be prevented to send emails externally or to specific recipients. Emails sent to particular
recipient or with a specific word can be forwarded to the approver.

However if you have a third party dedicated DLP solution, we can design IceWarp traffic flow
through it.

3. What solution you have for Antispam & Antivirus ?

Antispam: For spam control, the system includes Spamassassin & 20+ techniques (DKIM, SPF,
Razor2, Greylisting etc.). As emails are received through the icewarp server, they are processed
against all these 20 techniques. Emails classified as spam can be moved to the spam folder,
quarantined, deleted, rejected or copied before rejecting as per the Administrator’s configuration.
Spam reports can be enabled for the users & administrators. Users can control their
blacklists/whitelists. Administrators can manage blacklists/whitelists at the global level.

Antispam Live: It includes zero-hour protection powered by Cyren (Formerly known as Commtouch).
Provides real-time protection from the moment a spam outbreak emerges in the internet. New
spam is detected within seconds.

Antivirus: The antivirus engine is powered by Kaspersky. Every file going in or out of your server is
scanned and validated, be it email, groupware attachments, FTP files, or IM file transfers.

The system can block password protected files & potentially dangerous extensions like exe hqx pif,
etc. It also checks for such extensions within a zip or rar archive.

4. How effective is your Antivirus/Antispam. How threats are identified?

We have a zero hour protection solution powered by Cyren which can block threats as soon as they
are emerged in the internet.

5. Can we do Blacklists/Whitelists?

Yes. Users can control their own blacklists/whitelists. Administrators can control at the
user/domain/global level.

Enterprise Messaging for Companies of all Sizes

www.icewarp.co.in
6. How do we prevent outbound spam?

The intrusion prevention system auto blocks the ip address from which such attacks are initiated.
Webclient can be protected with multi factor authentication. The Antispam also checks for
outbound emails sent by the users & blocks the confirmed spam emails. Limits can be applied on the
no of emails sent out per day on each account. Moreover sms/email alerts can be configured to
notify in such events.

7. Can we block specific attachments?

Yes we can block attachments with specific extensions (e.g .hqx .pif .scr) or names. The extensions
are also checked inside the zip/rar archive files.

8. Do you have Anti Spoofing Mechanism?

IceWarp SMTP Server & Antispam includes a lot of features which prevents email spoofing. E.g
authentications are enforced, authentications are checked against the corresponding sender email
address, etc

9. Can you prevent a user from configuring email account in multiple devices?

Yes once the user’s device is registered in IceWarp Active Sync MDM, policies can be enforced to
achieve this.

10. Can you prevent a user configuring POP3/IMAP account only in his/her phone

If POP3/IMAP access is granted to the user, it will not be possible to do so. However by using
features such as IP Login Restriction & by registering the device with IceWarp ActiveSync MDM, it is
possible to do so.