Posts Modern Email Security Architecture
Post
Cancel

Modern Email Security Architecture

In this particular episode, we are looking at rolling out a business continuity plan regarding a modern mail server architecture.

Today, many companies use a 2-tier architecture model to secure their email infrastructure.

On top of their original SMTP servers (ex: Exchange), an additional security solution is integrated to act as their front-facing application (Proofpoint/Checkpoint/Vade/Mimecast …).

This can present 3 major benefits especially in the case where the security solution has mail retention capabilities :

  • Enhanced security checks

  • Increased air gap on original servers

  • Redundancy / HA

By placing a filtering server on top of the original, you are creating an opportunity to reduce the amount of IPs that are allowed to communicate with your main servers.

This is a common security design principle where we look to move the risk away from a critical asset on to a separate location, thus allowing for greater damage control options, and better separation of concerns.