|
 Border Scout is a fully managed email security service that scans incoming and outgoing email in order to remove viruses and spam, based on domain name or individual email address and user preferences, which are configured either during implementation or by the user after implementation is complete. |
|
|
 In order for Border Scout to function email must be passed through a scanning server. The default mechanism (part of the core services) for achieving this is to amend the MX record for a particular domain so that inbound mail is sent to Checkbridge infrastructure, which scans the mail (if the individual address exists in the user database) and forwards it to the real email server. |
|
|
 Each satellite is deliberately simple in design so as to ease deployment and management and to ensure that only the essential tasks are performed at the edge of the solution. The perimeter is protected by a single firewall, which also provides an IPSEC tunnel back to the core infrastructure. Behind the firewall there are two servers: a mail server and a scanning server. |
|
|
 The core is deployed in one data centre as a full mesh topology, so does not have any single points of failure. The perimeter is protected by two firewalls, configured as an active / active pair, each of which is connected to two layer two switches on the external side, which are in turn connected to two core switches. |
|
|
 Two servers, one of which is within the core and one of which is entirely separate, monitor the Checkbridge infrastructure. The internal and external monitoring servers are used to monitor each other so that Checkbridge support teams are aware of any failure. The internal server monitors and restarts critical service and SNMPv3 to monitor available disk space, CPU load, open TCP sockets and number of processes on each server within the infrastructure, including the satellites. |
|
|
 The data is backed up to tape on a monthly rotation. The tapes are changed manually and stored off-site. The data is also backed up to the SAN within the core to provide the possibility of a more rapid restoration than tape in the event that server rebuild is required and the SAN is functioning correctly. |
 |
|
|
© Checkbridge 2008 |