ESG200 - Barracuda Email Security Gateway Certified Product Specialist

Barracuda Email Security Gateway

ESG200 - Barracuda Email Security Gateway Certified Product Specialist

Agenda
• Marketplace Overview
• Features and Benefits
• Deployment Options
• Sizing and Product Selection
• Frequently Asked Questions

ESG200 - Barracuda Email Security Gateway Certified

Product Specialist
Marketplace Overview

1
ESG200 - Barracuda Email Security Gateway Certified Product Specialist

Market Drivers
• Keep employees productive
– Over 90% of all email is spam
– Many filtering solutions have a high false positive rate
– Help backend server applications to work better
• Ensure business continuity
– Email spooling up to 96 hours

Operational Costs
• Reduces load on existing infrastructure
• Simple to deploy and manage
– Up and running in 15 minutes
– Very little ongoing maintenance
– Automatic definition updates

Security & Policy Enforcement

• Real-time protection from malware and viruses
• Advanced Threat Protection
– Defend against ransomware and other advanced threats
• Outbound filtering for compliance/DLP
– Powerful, flexible criteria options
• Includes outbound email encryption
– Automatically encrypts sensitive outbound messages
– Does not require software on recipient machine

2
ESG200 - Barracuda Email Security Gateway Certified Product Specialist

ESG200 - Barracuda Email Security Gateway Certified

Product Specialist
Features and Benefits

Definition
• The Barracuda Email Security Gateway acts as a filter for the
mail server
• Good mail is forwarded to the mail server
• Spam does not even reach the mail server

Blocked! Spam message

Barracuda Email Security Gateway

Mail Server

Ease of Use
• Simple web-based administrative interface
• Up and running in 15 minutes
• Default configuration blocks 95% of all spam

3
ESG200 - Barracuda Email Security Gateway Certified Product Specialist

Defense Layers
• Comprehensive Protection from Email-Based Threats
• Protects against inbound malware, spam, phishing, and
Denial of Service attacks
• Powerful, multi-method spam detection
• Leverages proprietary, open-source, and user-defined
methods

10

Spam Checking
• Global spam protection for all domains
• Proprietary system used to determine likelihood of spam
• Fully automatic, score calculation is not user adjustable
• Multiple methods of protection including:
– Spam Scoring
– Fingerprint Analysis
– Intent Analysis
– Image Analysis
– Bayesian Analysis

11

Spam Checking - Scoring

• Spam Scoring Limits
– Score ranges from 0 (definitely not spam) to 9 or greater (definitely
spam)
– Based on this score, one of four actions are taken:
▪ Block X-Barracuda-Spam-Score: 7.85
Rule breakdown below
▪ Quarantine pts rule name description
---- ---------------------- --------------------------

▪ Tag 0.14 MISSING_MID

1.40 MISSING_DATE
Missing Message-Id: header
Missing Date: header
0.30 TVD_RCVD_SINGLE TVD_RCVD_SINGLE
▪ Allow 1.21 MISSING_HEADERS Missing To: header
1.50 BSF_SC0_TG076a Custom Rule TG076a

• System wide or per domain 0.01 MISSING_SUBJECT

0.00 TO_CC_NONE
Missing Subject: header
No To: or Cc: header
0.50 BSF_SC0_SA609_FM_CB Custom Rule SA609_FM_CB
scoring available 1.28 MISSING_SUBJECT_2
1.50 BSF_SC0_TG076
Missing Subject: header
Custom Rule TG076

• Inbound and outbound scoring

12

4
ESG200 - Barracuda Email Security Gateway Certified Product Specialist

Spam Checking - Fingerprint Analysis

• Default Action – Block
• Looks for known message components that have been
classified as spam
• Real-time analysis is available and
must be turned on under
BASIC > Virus Checking
Known Spam
Fingerprint
Database

13

Spam Checking - Intent Analysis

• Checks web links, telephone numbers and email addresses
• Intent Analysis is the defense layer that catches phishing
attacks
• The Barracuda Email Security Gateway
features multiple forms of
Intent Analysis: www.bad.com

– Intent Categorization Intent

Analysis
– Multi-Level Intent Analysis
– Real-time intent analysis

14

Spam Checking - Image Analysis

• Image spam represents about one third of all traffic on the
Internet
• Optical character recognition (OCR) - On by default
– Analyzes text embedded in images.
• Image processing
Cheap
– Normalizes the images prior to the Viagra
OCR phase engine running
OCR
• Animated GIF analysis Engine

– Specialized algorithms for analyzing

animated GIFs

15

5
ESG200 - Barracuda Email Security Gateway Certified Product Specialist

Spam Checking - Bayesian Analysis

• Linguistic algorithm that creates a language profile
• The administrator must classify message prior to use via
the message log
– 200 legitimate messages
– 200 spam messages
• Retraining is required every 3-6
months to ensure accuracy Bayesian

• Barracuda does not recommend Engine

using Bayesian filtering in most

circumstances.

16

Virus Checking
• All messages processed by the Barracuda Email Security
Gateway are checked for viruses
• Detected viruses will not be quarantined or delivered to the
intended recipient - even if the message has been
whitelisted
• Barracuda Real-Time Protection – Provides live updates in
real time between Barracuda Central and your ESG
• Advanced Threat Protection subscription available

17

Quarantine
• Inbound options for quarantine:
– Global Quarantine
– Per-User Quarantine
• Outbound Quarantine
– Admin managed
Quarantine

Outbound Inbound

Barracuda Email Security Gateway

18

6
ESG200 - Barracuda Email Security Gateway Certified Product Specialist

Inbound Quarantine Type

• Global –
– One central inbound quarantine delivery location for each domain
– Global quarantine uses fewer system resources
– Quarantined emails are not stored on the appliance
• Per-User –
– Personal quarantine inbox for inbound mail
– Quarantined emails are stored on the Barracuda Email Security Gateway
– Available on the ESG model 300+

19

Outbound Mail Defense

• Stops outbound spam and viruses
• Provides compliance via DLP (Data Loss Prevention)
• Allows intelligent email encryption

Barracuda Email Security Gateway

Mail Server

20

Cloud Management
• Barracuda Cloud Control offers centralized cloud-based
management
• Manage multiple Barracuda appliances though a single web
interface

Cloud-based Management

Barracuda Email Security Gateways

21

7
ESG200 - Barracuda Email Security Gateway Certified Product Specialist

Barracuda Cloud Protection Layer

• Definitions are provided in real time by Barracuda Central
• Ensures that threats never reach the network perimeter
• Offloads CPU-intensive tasks like antivirus and DDoS
filtering to the cloud
• Email can be spooled up to 96 hours
• Requires the Barracuda Advanced Threat Protection
Subscription

22

Powerful Administration
• Flexible logging system
• Scheduled reporting
• Syslog and SNMP available
• Role-based administration

23

ESG200 - Barracuda Email Security Gateway Certified

Product Specialist
Deployment Options

24

8
ESG200 - Barracuda Email Security Gateway Certified Product Specialist

Deployment in the DMZ

• Assign an external IP address to the Barracuda Email
Security Gateway
• MX record points to the Barracuda Email Security Gateway
DNS

example.com IN MX mail.example.com
mail.example.com IN A 65.5.5.7

Public IP Address
Send email to user@example.com
65.5.5.7

Barracuda Email Security Gateway

25

Deployment behind a Corporate Firewall

• MX record points to the firewall’s WAN interface
• Configure SMTP Port Forwarding (TCP Port 25) on the
firewall
DNS

example.com IN MX mail.example.com
mail.example.com IN A 65.5.5.7

Public IP Address
Send email to user@example.com
65.5.5.7

Barracuda Email Security Gateway

26

Clustering the Email Security Gateway

• High availability and fault tolerance
• Centralized management of policy, scalability and data redundancy
• Supported on models 400 and higher
• Must be the same platform, model and firmware.

Admin changes policy

Mail Server
Internet Policy change replicates across cluster

27

9
ESG200 - Barracuda Email Security Gateway Certified Product Specialist

Supported Platforms
• Appliance
• Virtual
• Public Cloud
– AWS
– Azure

28

Hardware Models

100 400 800

200 600 900

300

29

VX Models
• Hypervisor Support including
– VMware
– Microsoft Hyper-V
– KVM
– XenServer

30

10
ESG200 - Barracuda Email Security Gateway Certified Product Specialist

Public Cloud
• AWS and Azure
– BYOL License or Hourly / Metered
– 3 models in each cloud to choose from

31

Barracuda Email Security Gateway Models

32

Product Features

33

11
ESG200 - Barracuda Email Security Gateway Certified Product Specialist

ESG200 - Barracuda Email Security Gateway Certified

Product Specialist
Frequently Asked Questions

34

Tagging
• Why tag email? What happens to tagged emails?
– Tagging email benefits organizations by easily identifying messages that
meet set criteria. Tagged emails are delivered to the recipient with a
customizable label, such as [BULK], that is added to the subject of the
message.

35

Technologies
• What new technologies has the Barracuda Email Security
Gateway added to combat the latest spam campaigns?
– Multi-Pass Optical Character Recognition Engine
– Predictive Sender Profiling
– Barracuda Real-Time Protection

36

12
ESG200 - Barracuda Email Security Gateway Certified Product Specialist

Management
• How much time will I spend installing and maintaining the
Barracuda Email Security Gateway?
Without any tuning, the Barracuda Email Security Gateway offers:
– 95 percent spam accuracy rate
– 0.01 percent false positive rate
– In as little as 15 minutes.

37

Threat Protection
• How does the Barracuda Email Security Gateway protect
organizations from spear phishing and BEC?
Spear phishing attacks are:
– Highly personalized
– Typically very low volume
– No malicious attachments or links inside

Because of this, they are very hard to stop with existing email security
solutions. As a complement to the Barracuda Email Security Gateway,
Barracuda Sentinel is the leading comprehensive AI solution for real-time
spear phishing and cyber fraud defense.

38

Thank You

39

13