central organization of email traffic
iQ.Suite Security for the public sector
Client District of Sigmaringen |
Technology Antivirus, Spam, Signature Management |
Industry FSI |
Size 600 Users |
Challenge
The district administration (LRA) of the ” three-state district” of Sigmaringen – comprising parts of the former states of Baden, Hohenzollern and Württemberg – is operating online with a wide range of services. The website offers citizens the opportunity to contact the authority’s employees directly by e-mail. This has become increasingly difficult due to the exploding volume of spam at the district administration office.
“The filtering methods of our Microsoft Exchange email platform could no longer cope with the volume of spam,” says IT manager Gerhard Schönbucher from Sigmaringen district administration, summarizing the initial situation. “Checking the subject line and text using a word list was not efficient. Our employees were complaining more and more frequently that important messages were mistakenly being dropped as false positives.”
The platform also allowed potentially dangerous email attachments, such as executable files, to pass through without being checked. There was also no option to store emails suspected of being spam in a separate database for final assessment by the recipient. In addition, the virus scanner was not updated on an hourly basis and could not be adjusted finely enough.
It was also no longer practical to have three people in separate locations responsible for email administration. A new administration structure for e-mail traffic was required to compensate for the functional deficits of the messaging environment at Sigmaringen district administration and to be centrally manageable via a single interface.
Solution
The modular iQ.Suite not only implements the basic security aspects, such as virus protection and spam defence, but also provides organizational support, for example by automatically creating and adding sender signatures. All steps are carried out centrally, on the server side and based on policy.
The implementation of the iQ.Suite modules took just one day. The training required by the administrator was minimal. 600 users are now integrated into e-mail management via the system.
The first modules used by the district administration office are iQ.Suite Wall for spam filtering, iQ.Suite Watchdog for virus scanning and iQ.Suite Trailer for email signatures. “As far as the ratio between spam filtering performance and elimination of false positives is concerned, iQ.Suite Wall shows impressive results. Every employee now only receives truly important emails,” summarizes Schönbucher.
This is thanks to a flexible filtering process. Messages clearly identified as spam (advertising, “hoaxes”) are already intercepted on the Exchange server. The probability of spam is determined by analyzing the sender, subject and message text using over 20 criteria groups. These processes run automatically and any necessary adjustments to the iQ.Suite are minimal.
The Sigmaringen district administration also uses the quarantine database, where email recipients can view particularly uncertain “message statuses”. At the same time, the administrator receives a message that allows them to quickly adjust the spam and virus filters. “iQ.Suite is far superior to comparable solutions in terms of filter efficiency with regard to false positives and the differentiation options in the set of rules,” concludes Schönbucher.
iQ.Suite Watchdog uses the fingerprint method to clearly identify files suspected of containing viruses. These are specific patterns that characterize each file type. Fake file extensions can be unmasked by comparing the patterns. As file types should not be blocked across the board in practice, the module offers the option of creating your own file patterns for text, image and sound documents, for example, or restricting them as required.
The third main area of application at the district administration office concerns the sender signature with iQ.Suite Trailer. Here, a uniform external appearance was crucial for the district administration office. With iQ.Suite Trailer, signatures and short texts can now be generated centrally and automatically attached to outgoing emails. The source for the sender information is Microsoft’s “Active Directory” user directory. The administrator uses MMC (Microsoft Management Console) to centrally compile the desired user signatures for all user groups. Employees do not need to do anything. A “query” to the Active Directory provides information on whether special sender details need to be integrated in addition to the standard signature, which is then done automatically.
Benefits
Email security and organization were professionally implemented at the Sigmaringen district administration office with iQ.Suite. “The iQ.Suite modules work so well together that we don’t have to make any significant changes to our system,” summarizes Gerhard Schönbucher. “All we have to do is update the rules once a month.” With the central and easy-to-use administration console, the management effort remains low.
The functional areas of iQ.Suite used to date have taken the management of email traffic at the Sigmaringen district office to a new level. The IT managers want to continue along this path and are planning to test server-side encryption with the iQ.Suite Crypt module as the next step.