
In this particular episode, we are looking at rolling out a business continuity plan regarding a modern mail server architecture.
Today, many companies use a 2-tier architecture model to secure their email infrastructure.
On top of their original SMTP servers (ex: Exchange), an additional security solution is integrated to act as their front-facing application (Proofpoint/Checkpoint/Vade/Mimecast …).
This can present 3 major benefits especially in the case where the security solution has mail retention capabilities :
Enhanced security checks
Increased air gap on original servers
Redundancy / HA
By placing a filtering server on top of the original, you are creating an opportunity to reduce the amount of IPs that are allowed to communicate with your main servers.
This is a common security design principle where we look to move the risk away from a critical asset on to a separate location, thus allowing for greater damage control options, and better separation of concerns.