Sophos joins Simplicita Reputation Data Partner Program
Sophos, a world leader in IT management solutions, and
Simplicita, the company that frees carrier networks from zombies
and botnets, today announced a strategic partnership that enables
Internet Service Providers (ISPs) to automatically identify and
quarantine botnet-hijacked computers on their networks within
minutes of infection. As part of the alliance, the companies have
integrated a real-time data feed from SophosLabs, Sophos's global
network of virus and spam analysis centers, to the Simplicita ZBX
remediation system. The combined Simplicita-Sophos offering is
currently in trials with several telecommunications and cable
network operators. Sophos has also joined the Simplicita Reputation
Data Partner (RDP) Program announced today.
Automated detection and quarantine
To identify zombie infected computers, Sophos maintains an
extensive worldwide network of spamtraps, which collect unsolicited
emails from spam zombies for analysis by SophosLabsâ„¢. Under the partnership with
Simplicita, SophosLabs delivers Simplicita, a continuous feed of IP
addresses of zombie computers that are actively sending spam.
Simplicita then distributes the data in real-time to ZBX
deployments at service providers around the globe for active
quarantine switching. The entire process occurs dynamically and
within minutes.
In addition, the companies are using modular adaptors to enable
a real-time data interface between ZBX and the Sophos PureMessage email security
gateway, which is deployed in ISP networks. This integration will
enable threat information detected in outbound emails by the
PureMessage gateway to be simultaneously imported into ZBX and
transformed into reputation information using the service
provider's acceptable use policy. Once ZBX identifies hijacked
machines on a carrier's network, it uses a DNS traffic switch to
isolate the zombie into a walled garden quarantine. Here
subscribers are alerted to the problem and provided with resources
to fix their machines, including connectivity required to download
tools, security definitions and operating system updates.
"Using a single data source or technology to detect
botnet-controlled machines on a service provider network is both
difficult and a recipe for generating a huge trail of false
positives," said Rob Fleischman, CTO of Simplicita. "The
integration of live and continuous reputation data feeds from
Sophos with our existing reputation assessment resources enables
ZBX to make precise real-time decisions on whether a computer has
been hijacked. We are pleased to be working with Sophos, one of the
most respected security organizations in the world."
"Hackers and spammers are exploiting innocent users' computers
to bombard the Internet with unwanted marketing messages, malware
and denial-of-service attacks," said Mark Harris, global director
of SophosLabs. "ISPs have a vital role to play in the fight against
botnets and zombie computers. Simplicita and Sophos can help
provide operators with a means to identify and remove hijacked PCs
before they can cause serious disruption."
The Sophos-Simplicita partnership
As part of the RDP Program, Simplicita has licensed and
integrated into ZBX real-time data feeds on zombie infected PCs and
phishing data from Sophos. The companies are also integrating
PureMessage and ZBX to allow for direct information exchanges
between the two products. The companies will conduct joint
marketing, selling and referral programs for these service provider
software products.
Pricing and availability
The Sophos data feed for Simplicita ZBX is available immediately
from Simplicita and its business partners worldwide. Data feed
pricing is calculated as an annual fee based on the number of
subscribers served by the ISP. Simplicita ZBX pricing is calculated
per individual subscriber that is remediated by ZBX. Simplicita ZBX
supports Solaris 10 on Sparc or x86, and Redhat Enterprise v4 on
x86.
About Simplicita
Simplicita frees carrier networks from zombies and botnets. The
company has developed the first commercial software product for
ISPs, including cable and telco network operators, which
dynamically identifies, isolates and fixes computers that have been
hijacked by zombie-botnet malware. The company's management team
has built Internet infrastructure businesses acquired by
Software.com, Excite and Verio. For more information, visit
www.simplicita.com
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.