Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

Postini to sell threat-identification technology to others

By Cara Garretson , NetworkWorld.com , 10/25/2005
  • Share/Email
  • Tweet This
  • Comment
  • Print

E-mail security service provider Postini Monday made commercially available the Postini Threat Identification Network service, which the company has been using internally to pinpoint senders of spam and malicious e-mail.

PTIN is a real-time analysis technology that examines the sending patterns of IP addresses sending mail to Postini’s customer base and blocks traffic from addresses deemed suspicious, says Andrew Lochart, senior director of marketing with Postini. Each sending IP address monitored by Postini is given a score based on activity – for example, an IP address that suddenly sends out hundreds of thousands of e-mail messages in a short period of time would score high on the potential threat scale – and messages coming from high-scoring addresses would be blocked until the sender’s activity returns to a normal level, Lochart explains.

The data that drives Postini Threat Identification Network is gathered from the 500 million messages the company processes for its customers every day, Lochart says.

PTIN has been a part of Postini’s outsourced e-mail security for three years; now, Postini is making the technology available to three sets of third-party companies. The first are makers of routers and e-mail gateways that want to integrate PTIN into their products to provide an extra level of threat protection, says Lochart.

“Our engineers have figured out they can use BGP (Border Gateway Protocol) to send snapshots of data to the router and update that information… so if a range of IP addresses are engaged in an attack for some period of time, [the updates would say] don’t route packets from them,” Lochart says. Postini is in talks with an equipment maker to purchase PTIN and hopes to make a related announcement in the near future, he adds.

The second group is ISPs who want up-to-date information about any of their members that are considered a threat by PTIN, so the ISP can take action to correct the situation, Lochart says. The third group is companies who provide reputation services to legitimate e-mailers; for these companies Postini would supply a history of sending activity so that the certifier could be sure of an e-mail sender’s reputation.

In June, Postini was awarded a patent with 35 claims that cover how PTIN works. While competitors including IronPort, CipherTrust, Symantec, Trend Micro and others take a similar approach to flagging suspicious IP addresses, Lochart says he is unaware of any other company making their technology commercially available outside of their offerings.

Pricing for PTIN Access will be set on a case-by-case basis, Lochart says.

  • Share/Email
  • Tweet This
  • Comment
  • Print

Partner Content

Blue Stripe Software

www.bluestripe.com/

Improving Application Performance Troubleshooting

Diagnosing why an application is slow is hard, at times taking days or weeks to isolate and resolve. This paper explains the challenges involved using current management tools, provides a 'wish list' for application management and analysis, and explains the need for an application system-wide approach that monitors entire applications, not components.

Download Whitepaper

Virtual Vigilance: Managing Application Performance in Virtual Environments

This paper highlights the impact of virtualization on application performance.  "Managing Application Performance in Virtual Environments" states: "Best-in-Class organizations are predominately taking actions around improving visibility across both physical and virtual systems, assessing the business impact of application performance and understanding interdependencies of applications in virtualized environments."

Download Whitepaper

Application Service Requests: The Missing Link for Pragmatic ITSM

Forrester Research analyst Glenn O'Donnell and BlueStripe co-founder Vic Nyman discuss a breakthrough approach to application problem management. Learn the new approach for ITSM problem management, which provides: Rapid isolation of application slow-downs to specific components for quick problem resolution, 24/7 monitoring for proactive notification of potential issues before end users are impacted and much more.

Register for Webcast

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed