SpamTitan Gateway

Version: Gateway Anti-Spam Appliance

SpamTitan Gateway is a high-performance mail filtering security suite that provides the necessary email infrastructure to meet the needs of the most demanding enterprises. SpamTitan combines a hardened operating system and an assortment of software applications and services to produce a mail firewall appliance that eliminates spam, viruses and enforces corporate email policy.

Netsurion Open XDR helps to monitor events from SpamTitan Gateway. Its dashboard, alerts, and reports will help you to find detailed information on all events. Alerts determine and stop the attack and suspicious activities in real-time, and dashboards help to analyse all the security-related events in a single console. Malware and spam related to the Covid-19 pandemic is on the rise globally and spam is unsolicited email sent in bulk to unsuspecting users for commercial or malicious purposes.

Netsurion Open XDR Enhances investigations by performing SpamTitan Gateway’s events and information flow data in both real-time and on a historical basis. Using the Netsurion Open XDR alerts component we can create & tune alerts/alarms for critical events like- virus detected, will allow analysts to focus more on remediation and response efforts.

Spam is frequently used to deliver malware. Ransomware is most commonly delivered via spam, using this KP we can monitor the ongoing events related to spam and virus detection will help our analysts to create a policy, runbook to determine and stop the attack.

Using this integration we will get a deeper understanding of mail traffic running through SpamTitan Gateway. It provides a narrow understanding of mails recipient-sender, source-destination IP addresses, domain names, and action taken on the mails. We can find out the reason why a mail was not delivered and using the suspicious domain/IP address we can create a spam blacklist.

Using Netsurion Open XDR reports, we can audit sensitive data to see who did what, when, where, and how, to satisfy audits for multiple industry regulatory requirements.

Netsurion Data Source Integration for SpamTitan Gateway allows you to monitor the following components:

  • Security – Virus detected, Spam email events, Infected emails.
  • Operation – Passed Emails, Noqueue email events.
  • Compliance – Mail Sender-Recipient details.

Once SpamTitan Gateway is configured to deliver events to Netsurion Open XDR; alerts, dashboards and reports can be configured into Netsurion Open XDR.

The following are the key Data Source Integration available in Netsurion Open XDR.

Alerts

Type Name Description
Security SpamTitan Gateway – Virus detected in Infected mails This alert is triggered when Virus/Malware is detected in the mail.
Security SpamTitan Gateway – Mail with Coronavirus/Covid-19 subject This alert is triggered when the mail subject contains details of Coronavirus or Covid-19.

Reports

Type Name Description
Security SpamTitan Gateway – Infected Emails with Virus This report gives information regarding the virus detection in the mail. Reports contain source IP address, sender-recipient emails, seize, action taken on the mail, and other useful information for further analysis to drill down the incidents.
Operations SpamTitan Gateway – Spam Emails This report gives the information about the spam email detected in the SpamTitan Gateway. Reports contain sender-recipient email address, source IP address, protocol, size, the action was taken on the mail, reason, and other details that can be used for further investigation.
Compliance SpamTitan Gateway – Passed Emails This report gives information about the past emails in SpamTitan Gateway. The report contains source IP address, sender-recipient email address details, and other useful information.
Compliance SpamTitan Gateway – Noqueue Email This report gives information about the Noqueue emails in SpamTitan Gateway. The report contains source IP address, sender-recipient email address details, and other useful information for the deeper understand of the event.

Documentation

The configuration details are consistent with Netsurion Open XDR 9.2 or later, and SpamTitan Gateway.

Download Integration Guide and How-to Guide for configuration instructions and more information