Office of the CIO Services Catalog

Last modified on:10/15/2009

Enterprise Spam Protection

Description

The Enterprise Spam Protection uses an e-mail security appliance to provide two layers of protection against spam and one layer of virus protection.  A preventative outer layer of reputation filters performs a real-time e-mail traffic threat assessment and identifies suspicious e-mail senders.  Anti-virus technology provides a fully integrated perimeter virus protection based on content filtering of in-bound traffic.  Content filtering of outbound traffic and encryption technology are also available.

The following services included as part of the standard implementation:

  • Spam protection examines the complete context of a message, including how the message is constructed, who is sending the message, and where the call to action of the message goes.
  • Anti-virus protection provides a fully integrated perimeter virus protection using inbound content scanning.
  • E-mail security management provides easy control for managing all e-mail security, including preventative and reactive anti-spam and anti-virus filters, and content filtering.

The following additional services are also available.  The cost of the additional services will be based on time and materials for creating special configurations and any on-going maintenance and support.

  • Content scanning of outbound e-mail enables enforcement of regulatory and acceptable use policies, based on the content of messages.  Turnkey HIPAA, SOX, and GLB solutions are available with this feature.

  • Secure TLS e-mail provides Transparent Layer Security (TLS), which is a new version of SSL.  This service provides gateway to gateway security.

  • Compliance quarantine provides delegated access to e-mails that have been flagged by the content scanning engine.

  • Mail flow monitoring and reporting allows for custom reports to show who is sending e-mail and alerts administrators to suspicious traffic, allowing them to take action.

  • Spam quarantine provides a self-service, end-user solution, with either a web-based or e-mail-based interface.  It gives end users a safe holding area for spam messages and integrates seamlessly with existing directory and mail systems.

Business Value

  • Increased End-user Productivity.  By securing the network at the gateway level, the enterprise spam protection service will insure that end-users are not bogged down by spam, viruses, and other threats.  High accuracy is maintained through continuous and automatic rule updates. 

  • Attachment Protection and Security.  The enterprise spam appliance blocks dangerous attachments by screening the content of the attachments.  Allows for customization based on different needs of different agencies or groups of users.

  • Future Ability to Reduce Spoofing.  The spam appliance stamps all outbound mail from the state.  Bounced spoof mail fails because it is not stamped.  This will be implemented once all state e-mail goes through this appliance.

  • Content Scanning of Outbound E-mail.  This service enables organizations to monitor messages for sensitive information such as Social Security numbers.

  • Secure TLS E-mail.   This service  provides users the ability to securely send e-mail to business partners.  This will help to comply with regulatory requirements such as HIPAA. 

  • Reduced Total Cost of Ownership.  A single enterprise approach to spam control will provide the lowest cost solution, compared to installation and maintenance of multiple solutions across state government.  By excluding most spam, the enterprise spam appliance will also reduce the storage costs of e-mail systems.

  • Greater Administrative Efficiency.  The default settings of the enterprise spam protection service will typically block over 90 percent of incoming spam at the connection level, saving bandwidth and system resources. 

  • Enhanced Reporting.  The enterprise spam protection service provides sophisticated management, monitoring and reporting tools.  The enterprise spam appliance provides a high level of logging and troubleshooting to help resolve mail routing issues.

 

Customer Profile

State agencies, boards, and commissions; political subdivisions (e.g., cities, counties, community colleges and school districts); and federal agencies who require protected e-mail.

Service Cost

This protection is provided at the perimeter because of its critical nature.  There is no separate charge for the standard service. 

The cost of the additional services will be based on time and materials for creating special configurations and any on-going maintenance and support.

Spam Protection Rates and Fees (PDF 19k)

Major Cost Drivers/Cost-Saving Tips

  • Take normal precautions to protect your state e-mail address from abuse.  This will lower the amount of spam coming into the state e-mail system.
  • Promptly inform business partners of your correct e-mail address and any changes so that their messages are not blocked.

How to Order Service

The Office of the CIO Help Desk may be reached at 1-800-982-2468 or 471-4636 or 471-INFO or by e-mailing GWI.Support@nebraska.gov

For those interested in self serve capabilities, an End User Desktop allows customers to submit their own tickets.  The current status of existing tickets can be obtained with a Lotus Notes client at Helpdesk@nebraska.gov from a browser.

Responsibilities for Service Delivery

Office of the CIO e-mail team is responsible for administration of the service.

Service Goals

Service is available 24x7 and will block most spam e-mail with a low false positive rate.  While percentages will vary depending on the nature of e-mail traffic at any given time, blocked incoming mail at the current time amounts to over 90%.


January 2007


Support

Contact the Office of the CIO Help Desk by calling1-800-982-2468 or 471-4636 or
471-INFO or e-mail GWI.Support@nebraska.gov.
The Lotus Notes team will work with agencies to provide the required level of spam protection through customization. 

 

Related Products

Basic E-mail
Business Class E-mail

Glossary/Expanded Definitions

Bounced Spoof Mail - Bounced e-mail is e-mail returned to the sender because it cannot be delivered for some reason.  Bounced spoof mail is returned to the forged or spoofed e-mail address and not the true sender.  Spoof mail affects the state when a state address is being spoofed (see Spoof Mail).  The receiving organization sees the message as a virus or spam and bounces it back to the forged address. 

Spam - Spam is electronic junk mail also referred to as Unsolicited Bulk E-mail (UBE).  It is characterized by many substantively similar e-mails being sent through automated means.

Spoof Mail – Spoofing is when a spammer or virus sends out a message with a “from” address of someone who did not send the message.  It is the forgery of the e-mail header to hide the actual sender.

SSL – The acronym for Secure Sockets Layer which is a commonly-used protocol developed for transporting private documents via the internet through the use of private and public keys that encrypt the data.

TLS – The acronym for Transport Layer Security which is a protocol that guarantees privacy and data integrity between users and communicating applications on the internet.  TLS uses authentication and is the successor to the Secure Sockets Layer (SSL).