• Blog
• Announcements
• Info
• Thoughts

• Company
• Board of Directors
• Management Team
• Reference Customers
• Job Opportunities
• Press Room

• Contact
• Americas
• Europe
• Asia Pacific

• Homepage
• Email Reinvented
• Find Out More

• Login

• Partners
• Technology
• Anti-Spam and E-mail Content
• Anti-Virus
• Reputation
• E-mail Certification
• Encryption and Compliance
• Collaboration
• Hardware
• User Agents
• Delivery
• OEM
• Full List
• Partner Contact

• Products
• IMP Base Platform
• IMP Central Data Repository
• IMP Centralized Management
• Maintenance / SLA
• Services
• IMP Options
• Applications
• Advanced Queue Management
• Protocol Flow Control

• Resources
• Case Studies

• Support
• FAQ
• Extranet

Print this page

How an ISP boosted its uptime and lowered its TCO

Customer: green.ch

Summary

Facing a massive service problem due to targeted attacks on its E-mail infrastructure, green.ch, a Swiss Internet service provider (ISP), installed a Bizanga IMP cluster to secure and manage its inbound E-mail traffic. green.ch also deployed a Bizanga IMP cluster to manage its outbound E-mail traffic to meet Swiss ISP industry standards. As a result, green.ch lowered its total cost of ownership (TCO), boosted its service uptime and received a positive return on investment (ROI) in less than one year.

Situation

While migrating customers to a new E-mail platform, green.ch ran into malicious E-mail-based harvesting and Denial-of-Service (DoS) attacks. This hurt green.ch's E-mail service quality to its customers as average delivery times went beyond a marginally acceptable three hours. Furthermore, the breakdown required the operations staff to manually intervene on a continuous basis to prevent the E-mail platform from failing.

The E-mail system under attack was on a redundant Hosted Exchange platform, deployed to provide nonstop service to its clients. The system used a cluster of SMTP servers with Sybari content filtering for incoming E-mail and as outbound E-mail relays. Inbound customer E-mail was delivered to another cluster of back-end servers acting as message store with a third cluster of servers providing Webmail, POP3 and MAPI access to the message store. The system also used an Active Directory cluster for user verification and provisioning. Finally, IP Load balancers ensured easy TCP/IP manageability and allowed IP-level traffic filtering as needed.

Objectives

Beyond dealing with the operational problems, green.ch needed to implement a scalable solution to handle future customers and provide individualized services. Swiss ISP industry standards required green.ch to support differentiated SMTP authentication for outbound spam blocking. The system also needed to supply operations and customer support with statistics regarding its E-mail traffic. Furthermore, Swiss lawful interception regulations required law enforcement agencies to access designated E-mail traffic on the platform.

Solution

Bizanga proposed deploying two clusters of its Intelligent Message Processor® (IMP). One cluster would handle the incoming E-mail stream while the other cluster managed customers' outgoing E-mails. Both clusters integrated tightly with existing Microsoft components.

Changes included configuring the incoming cluster to apply dynamic protocol-based filters along with statistical and reputation filters. The project also involved combining user verification through the Active-Directory database and traffic load management to the internal message store.

Bizanga modified the outgoing cluster to provide authenticated access exclusively on port 587 and selectively on port 25, differentiating by customer type and source of the incoming connection. Additionally, the outgoing cluster was configured to identify and throttle green.ch customers with runaway zombie systems.
Both systems interfaced with the lawful interception system and provided detailed, configurable event logging for post-processing.

Advantages

The core workflow policy processor with its flexibility and easy integration played the key role in this solution. It made it possible to quickly and tightly integrate with the Microsoft Hosted Exchange environment and to simultaneously facilitate a change environment that can easily adapt to future requirements. The solution also allowed the unique combination of dynamic protocol and reputation filters for the early filtering of more than 90 percent of incoming E-mail connections. The scalability of the IMP clusters provided peace of mind knowing that the system could handle any possible load in its lifetime.

Result

“The ease of integration of our Workflow Policy Processor allowed us to take the IMP clusters live at green.ch within a few hours to immediately stem an ongoing attack,”
Giorgio Regni, VP engineering at Bizanga.

With the deployment of the Bizanga solution, green.ch immediately solved its service problems and freed its operations staff to focus on other strategic issues. The early filtering extended the scalability of its existing E-mail infrastructure and gave operations personnel more options for analyzing E-mail messages streaming through the system with the enhanced management, forensics and statistics included in the platform and allowed them to identify the health of the E-mail platform with one look.

Outcome

• Solved existing problems immediately and improve service quality
• Received positive return on investment in less than one year
• Enabled higher-value and differentiated services
• Improved use of current assets
• Lowered TCO for complete E-mail infrastructure
• Facilitated instantaneous E-mail system status check
• Sped time-to-market for complex E-mail products

Evolution for the future

“Bizanga has provided us the tool to continue our leadership in E-mail services to the Swiss market,”
Beni Frei, IT director at green.ch.

green.ch expects to use the workflow policy processor to provide further value-added services, which lets the company treat customers on an individual basis based on the products purchased and used. This allows green.ch to react to customer requirements almost instantly, giving the company a unique capability in the market. green.ch also expects to deploy third-party applications such as content filters or anti-virus applications on the Bizanga IMP clusters, adding more capabilities to the edge of its network.

About green.ch

green.ch -- the third-largest ISP of Switzerland with one of the largest deployments of Microsoft Hosted Exchange with more than 30,000 active domains -- provides innovative Internet and converged services to small and medium enterprises. In business since 1995, green.ch works closely with vendors such as Bizanga and Microsoft to provide the highest quality of customer service to over 70,000 business clients.