Symantec Mail Security 8300 series Appliances Daniel Arnanz

Presentación del tema: "Symantec Mail Security 8300 series Appliances Daniel Arnanz"— Transcripción de la presentación:

1 Symantec Mail Security 8300 series Appliances Daniel Arnanz
2005 Symantec Corporation, All Rights Reserved

2 Agenda Problemática del Spam Protección de la mensajería
Características del SMS 8300 Preguntas 2 – 2005 Symantec Corporation, All Rights Reserved

3 Problemas de las empresas
Grandes cantidades de SPAM Se necesita mayor infraestructura de correo Ataques vía Spam (i.e. ataques combinados, phishing) Afecta a usuarios y administradores Los ataques por afectan al negocio Virus, worms, directory harvest attacks, DoS attacks Coste de la gestión de la infraestructura de IT 3 – 2005 Symantec Corporation, All Rights Reserved

4 Evolución de los ataques
4 – 2005 Symantec Corporation, All Rights Reserved

5 Symantec Mail Security
Symantec, the global leader in information security, is the only vendor that offers best-of-breed security at the network, gateway, and server, with multiple deployment options for all organizations SMS - Symantec Mail Security SBAS - Symantec Brightmail AntiSpam 5 – 2005 Symantec Corporation, All Rights Reserved

6 No todo es correo electronico
SMS 8160 SMS Hosted Reduccion de datos 1 SMS for SMTP SMS 8300 IM Manager Proteccion Gateway 2 SMS for MS Exchange SMS for Domino IMlogic IM Manager Proteccion Interna del correo y IM 3 Enterprise Vault (EV) Retenccion de datos 4 EV Compliance Accelerator y Discovery Accelerator Descubrimiento y recuperacion 5 IM and MTA Gateways remains accessible by IT, legal and compliance officers Microsoft Exchange IBM Lotus Domino Enterprise Vault Server Internet Unlike vendors who can address just parts of the problem, Symantec is strongly positioned to meet organizations’ present and future Enterprise Messaging Management needs. This slide summarizes the breadth of Symantec’s enterprise messaging management solutions. They are unique in their ability to reduce the risk to messaging systems and data, and to ensure uptime and performance of both systems and users, while satisfying regulatory and corporate policy requirements. First (moving from left to right), Symantec has a unique capability to reduce spam at the outer edge in the Symantec Mail Security 8160 appliance. It dynamically and reliably identifies spam senders and applies "traffic-shaping" to the those connections, which makes it difficult, even painful, for spammers to send spam to a protected environment. The result is an 80% reduction in spam, as spammers stop transmitting spam to your environment. Second, at the SMTP or internet gateway, we have our Symantec Mail Security solutions that offer integrated antivirus, antispam and content filtering technologies with rapid response virus and spam definitions to maintain very high detection rates with very high accuracy and reliability. At this layer, we also help organizations secure their instant messaging gateways, as well as manage and enforce IM policies in the organizations. These capabilities are delivered by the market leading Symantec IMLogic Manager. Third, Symantec Mail Security for Microsoft Exchange and Domino tightly integrate into their respective environments, and provide high-performance virus scanning and content filtering on a real-time, scheduled and on-demand basis to ensure that internal traffic is free of unwanted content. Fourth, Enterprise Vault is our archiving capability that automatically moves older off of the message store and manages the lifecycle of information from "cradle to grave", based on corporate policy. Fifth, to help companies meet legal or regulatory requirements, Enterprise Vault Compliance Accelerator and Discovery Accelerator enable Legal, HR, and Compliance Officers to collaborate and review potentially incriminating or problematic content. What you see here represents just the beginning as we execute on our goal of comprehensive Enterprise Messaging Management: An integrated suite of components, from a single vendor, supported around the globe. Vault Store SMTP and IM Traffic Spam Retention (Regulation-dependent) Spam Quarantine SMS = Symantec Mail Security 6 – 2005 Symantec Corporation, All Rights Reserved

7 Novedades - 8300 Appliance Rapida implemantacion Beneficio Beneficio
Securidad – Spam y Virus Filtrado de contenidos y Compliance Rapida implemantacion Gateway Spam Protection Protección contra Day Zero Virus y Antiphishing Spyware/Adware verdicts Escaneo de contenedores y zips 50 plantillas de políticas pre configuradas 60 diccionarios reconfigurados 37 búsquedas con “regular expressions” preconfiguradas True file typing Servicio de cifrado de Integración en LDAP existentes Administración centralizada Gestión de incidentes Archivado automático In addition to integrating features from other Mail Security products, Symantec Mail Security 8300 Appliance Series also delivers key new capabilities. We’ll cover these in detail in just a minute, but at the high level, we’ve added more in-depth threat defenses, include day zero virus protection. We’ve also introduced new content filtering capabilities to simplify policy enforcement and regulatory compliance, and we’ve beefed up the administration capabilities to deliver more visibility and control. Premium Content Management is an optional add-on that integrates powerful data scanning capabilities with pre-configured templates that ensure is handled within appropriate guidlines. Key capabilities include: Three premium system patterns with advanced lexical analysis that perform additional checking and validation beyond regular expression definitions to reduce false positives. Available patterns include credit card numbers, social security numbers, and IP addresses. Fifty pre-built premium templates which enable companies to build and add their specific actions and group policies to quickly address the most common compliance regulations and data privacy best practices. The included templates are: Thirty-seven pre-built regular expressions used to search for protected data such as Beneficio Beneficio Beneficio Ayuda a conseguir los requerimientos legales/internos Incrementa la eficiencia del departamenteo de IT Bloquear y neutralizarlos ultimos ataques via 7 – 2005 Symantec Corporation, All Rights Reserved

8 Ataques “Zero-Day” New threats are also exploiting software vulnerabilities more quickly. Until recently, it took about six months from the time a software vulnerability was first announced until threats began to appear that exploited that vulnerability (Slammer followed this pattern). This gave businesses plenty of time to review the vulnerability, prioritize the impact, and test and deploy the correct patches. Today, this window is quickly shrinking. On August 11, 2003, the Blaster worm exploited the Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability only 27 days after it was announced on July 16th. In June 2004, the Sasser worm exploited a new vulnerability only 18 days after it was announced. Very soon, we expect to see “zero-day” threats that actually exploit vulnerabilities before they are announced and before countermeasures and threat signatures can be developed. This potential gap between the time a zero-day threat is released and the time effective countermeasures can be made available could translate into serious problems and costs for businesses around the world. Many of today’s threats are also able to propagate with bewildering speed. Code Red doubled its infection rate every 37 minutes. Slammer doubled its rate every 8.5 seconds—and infected 90% of the world’s unprotected servers in an alarming 10 minutes. These fast-spreading threats require security analysts to identify and analyze threats immediately—and make decisions quickly. We’re fast approaching a state where we will have little or no reaction time against new threats. Therefore we need to focus on proactive security instead of reactive response. NOTE: This graph shows (a) the evolution of computer virus/worm threats with respect to their speed of replication (blue line) and (b) the evolution of antivirus technology with respect to the speed of response (red line). The horizontal axis is measured in years, from 1990 to The vertical axis actually shows two different sets of times (both have the same time scale as indicated on the left-axis). The left vertical axis (blue text), shows how long it takes for a malicious threat to reach “contagion” status, where it has infected a critical number of the vulnerable machines. The right vertical axis shows how long it takes to provide a signature for a malicious threat. The “area under the curve” represents the cost to corporations and customers due to down-time, infection, and data theft/loss. As threats spread more quickly, this cost is only growing. 8 – 2005 Symantec Corporation, All Rights Reserved

9 Symantec Mail Security 8300 Series
2005 Symantec Corporation, All Rights Reserved

10 Architectura 10 – 2005 Symantec Corporation, All Rights Reserved

11 Scanner El Scanner incluye: MTA que procesa correo entrante y saliente
Motor de filtrado que escanea los mensajes Motor de políticas que realiza acciones basándose en la configuración del administrador The Scanner is the piece that is responsible for inbound and outbound filtering. It includes an integrated relay MTA that process inbound mail and outbound mail. It also delivers mail to the groupware server. The Scanner also has a comprehensive filtering engine. The engine is comprised of source or IP connection checks, antispam filtering using Brightmail technology, award-winning Symantec AntiVirus protection, content compliance checks and more. The scanner is also responsible for implementing any of the policies that the administrator sets up. For example, an organization might want to add a annotation tag line to all outgoing mail from the Sales group. 11 – 2005 Symantec Corporation, All Rights Reserved

12 MTA Integrada Responsable de Basado en Postfix
Procesar correo de entrada Procesar correo de salida Mandar a los servidores de correo Basado en Postfix Mayor control sobre la sesión de correo Herramientas de gestión y monitorización Mostrar estado de la colas de entrada, salida y distribución Tomar la acciones necesarias (Liberar, borrar, etc) As I mentioned the Scanner also includes an MTA that handles inbound and outbound SMTP traffic. It’s based on Postfix, the leading open source MTA known for its performance, security, and flexibility. With the integrated MTA, we have much more control over the mail session. This extends our capabilities for filtering and gives us rich options for message modification. We can also reject and defer connections based on the source connection. We’ll talk about how the benefits in terms of volume reduction when look at the powerful Firewall. The product does include all the key MTA management tools you’ll need to stop, start, monitor and flush mail queues. In addition to the Scanner, another key piece of the architecture is the Control Center. 12 – 2005 Symantec Corporation, All Rights Reserved

13 Tecnología antispam multicapa
No hay una tecnología perfecta en anti-spam Técnicas diferentes sirven para distinto tipos de spam In terms of on-site filtering, there really is no silver-bullet antispam technology. The only way to catch spam, without blocking legitimate mail, is to employ a combination of techniques. For the 8200 Series , this includes filters created and managed by Symantec, as well as administrator-based controls. In all, Symantec offers over 20 different antispam filtering techniques to provide the most accurate and effective antispam protection. Let’s take a quick look at some of the key technologies. 13 – 2005 Symantec Corporation, All Rights Reserved

14 Email Firewall: primera linea de defensa
Para ataques a nivel de conexion IP Personalizable Listas blancas y negras Opción de configuración de RBL Múltiples acciones Change (SPF) to (SPF and Sender ID) Directory harvest attacks Alto volumen de spam y ataques de virus IPs que continuamente mandan SPAM It makes no sense to spend the time and processing resources to accept, open up, and filter a message if we are sure that it’s coming from a know spam sender or a malicious source. The Firewall is a collection of technologies that help Symantec Mail Security 8300 Appliance Series determine whether an incoming message originates from an abusive sender. If so, the Firewall can take action to stop all messages from this person, as far out in perimeter as possible. The immediate benefit is a substantial reduction in volume. And, because the scanning engine doesn’t need to process as much unnecessary mail, the Firewall also saves resources and capacity. On the bottom of the slide, you can see some of the threats that are handled by the Firewall. Each of those red arrows represent IP connections from senders who are attempting to connect to the system. Spam senders or blocked senders – This can include suspected spammers identified by symantec’s sender reputation service. Directory harvest – This is the practice of attempting to steal or “harvest” addresses from an server, typically with the intent to later send spam. This type of attack creates tremendous loads on the server which affects performance Open proxies - open proxies refer to computers that have been compromised by a virus or -borne worm. These proxies used to turn the computer into a spam relay from which spammers can send spam. Legitimate senders can proceed on through the firewall process. As you can see, the Firewall serves as a powerful “gatekeeper,” ensuring that certain mail doesn’t breach the gateway in the first place. 14 – 2005 Symantec Corporation, All Rights Reserved

15 Proteccion contra codigo malicioso
Award-winning Symantec Antivirus Firmas de Symantec Response Opción de heurística para nuevos ataques Diferenciación de Mass-mailer worms Motor rapido y fiable Symantec is the worldwide leader in antivirus with over 100 million users. The core technology includes signature and heuristic based scanning for detecting known and unknown viruses. The heuristics technology (known as Bloodhound) detects virus-like behavior, to identify and repair unknown viruses. You can adjust heuristics settings for more or less aggressive identification of viruses. The technology can detect up to 90 percent of new macro viruses and up to 80 percent of new and unknown executable file viruses, including malicious mobile code. The mass mailing cleanup feature addresses the aftermath from mass mailing worms. These worms often leave hundreds of unnecessary sender notifications and other unnecessary s in their wake. Instead of just deleting the infected attachment, Symantec Mail Security 8300 Appliance Series automatically removes not only the mass-mailing worm but also these associated spawned s that serve no valuable purpose. Symantec AntiVirus features multi-threaded fast scan capabilities for faster detection and repair of file attachments in SMTP traffic. Symantec AntiVirus has received 23 virus bulletin 100% awards and is the most consistently certified virus protection in the industry. And, unlike many competitors, Symantec AntiVirus updates virus definitions and scan engines without having to redeploy the software or restart services. Thus, there is no interruption in virus scanning to get new definition. 23 Virus Bulletin 100% awards Sistema de escaneo Multi-threaded scanning para mejorar el rendimiento Mismo motor que los otros productos de Symantec 15 – 2005 Symantec Corporation, All Rights Reserved

16 Filtrado de contenidos
Build Custom Scanning Regular Expression Scans Keyword Scans Scans attachments and ZIPs Detects true file type Leverage 50+ Keyword Dictionaries Drug, Treatment and Disease Financial Terms Munitions & Arms Trafficing Regulations Meeting Compliance and Governance Needs Regulatory Compliance Acceptable Use Network Security Customer and Data Confidential Data UK Regulatory Compliance Data Filtering Included Word / Phrase Filtering Included Content Scanning The enhancements for version include: Better scanning: the updated engine regular expression, keyword scanning, and dictionary scanning. To support more advanced content analysis and to reduce false positives, administrators can specify the number of keywords in a dictionary that must be present to trigger a match. Deeper scanning: in addition to the message body, administrators can now scan for keyword matches inside attachments and within ZIP files. This deeper level of inspection ensures that important content does not escape detection because it is embedded in a container. Smarter scanning (True file typing). Instead of relying on the provided extension or MIME type of an attachment, SMS 8300 Appliance Series determines the true file type of an attachment by analyzing its structure and signature. The robust scanning engine recognizes over 300 word processing, spreadsheet and presentation file formats, enabling administrators to check content in the most information sources possible. This includes .doc, .xls, .ppt, executables, and more. This ability prevents malicious senders from attempting to bypass attachment filters by renaming a malicious attachment extension (for example, .exe) to a more commonly used extension (for example, .doc). Premium Content Control Module (requires additional purchase) The Premium Content Control Module is a subscription based add-on that extends the power of the standard content filtering and compliance tools. A PCC subscription provides an expanded set of pre-built policy templates, dictionaries, and patterns. The PCC module provide companies with a set of tools that can be used to demonstrate internal controls to support internal data security policies and best practices, as well as external -related regulations. The available pre-built resources include: Three premium system patterns with advanced lexical analysis that perform additional checking and validation beyond regular expression definitions to reduce false positives. Available patterns include credit card numbers, social security numbers, and IP addresses. Fifty pre-built premium templates which enable companies to build and add their specific actions and group policies to quickly address the most common compliance regulations and data privacy best practices. The included templates are: Example Template Names (numbers) Regulatory Compliance (15) HIPAA (including PHI) Gramm-Leach-Bliley Sarbanes-OxleyState Data Privacy Acceptable Use (12) Gambling Media Files Competitor Communications ResumesNetwork Security (3) Network Diagrams Hackers Customer and Data Protection(12) Customer Data Canadian SSN Confidential Data Protection (11) Confidential Docs Source Code UK Regulatory Compliance (3) Human Rights Act 1998 Caldecott Report, 1997 Over sixty pre-built dictionaries containing keywords and keyphrases that support the pre-built policy templates including Drug, Treatment and Disease keywords for HIPAA financial terms for SOX and NASD/NYSE Rules Munitions and Specially Designated Nationals List for International Traffic in Arms Regulations and Office of Foreign Assets Control policies Thirty-seven pre-built regular expressions used to search for protected data such as US Social Security Numbers UK Passport Numbers Drivers License Numbers ABA Routing Numbers. Premium Content Control* Information Filtering 16 – 2005 Symantec Corporation, All Rights Reserved * Optional Premium Content Control Module

17 Facilidad en la búsqueda de información sobre correos procesados
1 Busqueda ith multiple criteria Sender Recipient Asunto etc. Estado del mensaje 2 Hora en que fue procesado Sender Recipient Asunto del mensaje Resultado (spam, virus, blocked sender, etc) Acción realizada Symantec Mail Security 8300 Appliance Series offers a graphical message auditing interface that Symantec said allows administrators to perform advanced tracking across multiple scanners in their network. messages can be queried using the system by subject, date and time range, envelope information or IP address. 3 Informacion detallada para forensics 17 – 2005 Symantec Corporation, All Rights Reserved

18 Políticas de grupo Group policies refer to the ability to treat different sets of users in different ways. For example, assume that the legal department needs to maintain all spam messages forever—they can’t delete the messages. In this case, the administrator could define a default policy for everyone in the company, such as: delete spam and quarantine suspected spam. But for the legal team, administrators would set the system to quarantine both spam and suspect spam. Likewise, the support group might need even more specialized handling of mail. Most organizations will not have hundreds of different policies. Most will define a default group policy that works for the vast majority of their users, then specify outlying cases as necessary. 18 – 2005 Symantec Corporation, All Rights Reserved

19 Cuarentena basada en Web
Almacena spam y otros mensajes filtrados de manera centralizada Ganar visibilidad sobre el problema del spam Da confianza a los usuarios Puede ser configurada para que solo tenga acceso el Administrador Quarantine is an optional storage area for messages filtered by the 8200 Series. For administrators, Quarantine is a good way to get visibility into the type of spam targeting the organization. For users, viewing the volumes of caught spam in a central quarantine shows your users the success of your filtering measures. It will also reassure them no legitimate mail is never caught. As they become familiar with the 8200 series’ accuracy, they will become confident that legitimate mail is rarely, if ever, quarantined. You can set up Quarantine so that it is only accessible to administrators. 19 – 2005 Symantec Corporation, All Rights Reserved

20 Administración basada en Web
In the 8200 Series, administrators have access to an powerful Web-based interface. This interface is called the Control Center. The Control Center lets administrators manage, configure, and administer all Scanners in your environment from one central location, using a Web browser. This slide shows the overview page of the Control Center. This is the summary dashboard that an administrator will likely see when he or she first logs on in the Control Center. From this page, administrators can view the system status, see a graph showing the percentage of mail that is spam, and view other data points. The Control Center also provides an easy way to view consolidated device status and logs, as well as statistics and reports. 20 – 2005 Symantec Corporation, All Rights Reserved

21 Reportes detallados 55 reportes diferentes, mas reportes personalizados Reportes programados enviados por Comprehensive reporting let administrators quickly see what's happening in their environment and what the mail flow and filtering rates look like. This slide shows an example of a typical report—the Mail Overview report—that includes data points for all mail categories, including spam, virus, suspected spam, viruses, and others. The 8200 Series features over 50 reports, which you can customize to meet your needs. You can also schedule reports and have them ed to specific users. 21 – 2005 Symantec Corporation, All Rights Reserved

22 Actualización de Software
Comprueba si hay nuevas actualizaciones Cuando sea necesario se pueden instalar con un solo click (todos los componentes) Se utiliza una conexión segura The 8200 Series features a software update feature. The software update feature lets you easily: • Check for available updates. You can view the current system software version and, if available, request software updates. • Update in one step. Instead of updating the components such as the operating system, supporting software, drivers, and other components one by one, the Symantec Mail Security Series update process enables complete system upgrades in one easy step. No administrator intervention is required after starting the update. • Minimize downtime. Updates and enhancements are quickly and securely downloaded over a secure network connection. Once the appliance is rebooted, it is ready filter mail This feature provides an easy way to stay current with operating system, MTA, and supporting software levels. The single-click update process ensures that you are always running the safest system possible, mitigating the risk of exploitable security flaws. 22 – 2005 Symantec Corporation, All Rights Reserved

23 Posicionamiento Symantec Brightmail
Detecta Spam Eficazmente Con “Zero Administration” Dispone de la Red más grande de detección de Spam. Arsenal más completo con 20 Tecnologías de filtrado y detección de Spam Bloqueo de Mensajes en idiomas diferentes al Inglés Protección contra Phishing y spamming. Menor Porcentaje de FP de la Industria: menos de 1 en un Millón Porcentajes medidos diariamente en más de 300 Millones de usuarios. Posibles falsos positivos analizados y corregidos por BrightMail Eliminación segura de Spam sin tener que revisarlo Sin Carga Administrativa No es necesario Configurar o Afinar el Producto Protección contra nuevos ataques de spam y virus 24/7/365 Actualizaciones cada 5-10 minutos: automáticas, seguras y a tiempo Administración global de servidores. Beneficios Salve recursos y ancho de Banda, Devolviendo la productividad a sus empleados Beneficios Nunca pierda información vital por un mal filtrado de spam Beneficios El personal de se podrá concentrar en proyectos estratégicos y no en la administración del filtro Spam. 23 – 2005 Symantec Corporation, All Rights Reserved

24 Gartner’s Magic Quadrant for E-Mail Security
Security Boundary incluye... Antispam Antivirus Intrusion prevention de entrada y salida The foundation of Enterprise Messaging management—and the reason we’re here today—is . Symantec is the recognized leader in Security, both in terms of market share and in the eyes of analysts such as Gartner. The original magic quadrant was published in the first quarter of 2004 and was focused on a much smaller customer problem - antispam filtering. This new magic quadrant covers a much wider (and more valuable) customer problem - boundary security. boundary security includes antispam, antivirus and intrusion prevention of both inbound and outbound threats. Within this larger market, we were able to increase our distance from competitors by improving both our ability to execute and our completeness of vision. How did we improve our vision? By delivering an incredible number of new products and making significant improvements to existing products. We now have the most complete portfolio of products for enterprises worried about their boundary. The Symantec Mail Security 8100 appliance, an updated version of the revolutionary TurnTide technology The Symantec Mail Security 8300 appliance, a complete security appliance based on the Brightmail technology Symantec Premium AntiSpam for Symantec's existing products (SMTP, Domino and Exchange) Symantec Hosted Mail Security, our first offering that requires no onsite hardware or software Source: Magic Quadrant for Security Boundary, Sept 2006 24 – 2005 Symantec Corporation, All Rights Reserved

25 Symantec™ Global Intelligence Network
4 Symantec SOCs 74 Paises monitorizados + Sensores Registradosen Paises + + 8 Symantec Security Response Centers >6.200 Dispositivos Gestionados + 120 Millones de sistemas + 30% del correo del mundo + Advanced Honeypot Network 200,000 malware submissions per month Millions of security alerts per month Millions of threat reports per month Hundreds of MSS customers Redwood City, CA Santa Monica, CA Calgary, Canada San Francisco, CA Dublin, Ireland Pune, India Taipei, Taiwan Tokyo, Japan Twyford, England Munich, Germany Alexandria, VA Sydney, Australia Six key international locations Santa Monica, Calif. (Response headquarters) American Fork, Utah Sydney, Australia Calgary, Canada Dublin, Ireland Tokyo, Japan Worldwide sensor network from DeepSight 180 countries >20,000 sensors AV submissions from 120,000,000 customers This is a powerful slide as it illustrates how Symantec offers the most complete information on threats from around the world to the media. It’s a great visual of how strong Symantec’s information and expertise it. You should be sure to explain what “18,000 sensors in 180 countries” exactly means and how we can watch what is happening around the Internet. You may also want to add that Symantec’s Managed Security Services also adds another view of the Internet. Global technical support Springfield, Oregon Toronto, Canada 25 – 2005 Symantec Corporation, All Rights Reserved

26 Licenciamiento 2005 Symantec Corporation, All Rights Reserved

27 Proceso Modelo 8360 Modelo 8380 27 – 2005 Symantec Corporation, All Rights Reserved

28 Diferentes modelos Model 8380 8360 8340/8240 8320/8320 1,000 Users +
Customer segment 1,000 Users + 100-1,000 Users Under 100 Users Form factor 2U 1U Tower PC RAM/Storage 4GB / 4x146 GB 1.5GB / 2x80 GB 1GB / 1x80 GB Raid Raid 10 Raid 1 None The Symantec Mail Security 8300 features two models, designed to accommodate varying license and performance needs. Both models support the same level of security protection, including volume management, antispam, antivirus, content filtering, and message integrity. And both models feature compact, rack-mounted, 1U Intel-based server appliances. The 8260 is designed for larger organizations, with over 1,000 users. The 8260 expands on the standard RAID1 disk storage to include other availability features such as redundant power supplies and fans. Antispam, Antivirus, Content Filtering, & Message Integrity Delivered Across all Platforms 28 – 2005 Symantec Corporation, All Rights Reserved

29 Ejemplo de implementación
29 – 2005 Symantec Corporation, All Rights Reserved

30 Preguntas 2005 Symantec Corporation, All Rights Reserved