General

Last month we announced a major upgrade and expansion of our network to better serve our clients in a more challenging cybersecurity world. I’m sure you’ve seen many stories in the news about cyber attacks and how some groups and nations are expected to attack our critical infrastructure.

We can assure you that those threats are real and are ongoing in a very focused fashion. In order to prepare for a more massive attack, we’ve had to rely on some BGP routing magic to make ExchangeDefender far more resilient.

Make sure you allow inbound SMTP traffic from ExchangeDefender’s 65.99.255.0/24 (255.255.255.0) range.

This range has been in use by ExchangeDefender since 2003 so if you’ve followed our deployment guide correctly you should be all set. If you’ve chosen to deploy ExchangeDefender differently and have other scanning/security active on that range, you might see email delivery delays and failures. Easy fix, just add the whole class C.

What is happening under the hood is that all of our different data centers are routing traffic via the same 65.99.255.x range. Even if half of our data centers disappear due to a telecom or power event, we will be able to continue email delivery.

As you’ve seen over the past year, we’ve focused on Inbox, LiveArchive, and upcoming Replay features to improve security and reliability. Like you, we wake up every day to another Exchange/Gmail event/issue/policy/fubar and nobody likes losing email or the ability to communicate. This is why having ExchangeDefender around your email infrastructure is critical if email is critical to your organization. The new supernet has been routing messages for over a month with no issue and on Wednesday, May 15th we will make it available for everyone.

Protecting your digital world is like building a superhero team! Think of your budget as the resources used to train your team, buy gadgets, and build a strong defense. The better you allocate your budget, the stronger your team and the safer your digital world will be. This way, you can keep the “bad guys” out!

Think of your cybersecurity budget like a superhero team protecting your digital world. Here’s how your resources get allocated:

1. The A-Team: Your Cybersecurity Squad (39%)

These are the real-life heroes, the security analysts, incident responders, and engineers who keep the bad guys at bay. They’re like the Iron Man and Captain America of your digital defense.

2. The Gadget Guru: Security Software (28%)

Firewalls, antivirus programs, intrusion detection systems – these are the high-tech tools that constantly scan for threats, like a super cool Batman utility belt for your computer.

3. The Fortress: Hardware Security (Varies)

Firewalls, and secure routers – these are the physical barriers that keep intruders out, like your digital castle walls. Not the flashiest part of the team, but crucial nonetheless.

4. Training Day: Employee Awareness (5-10%)

Empowering your employees with knowledge about phishing scams and best practices is like giving them all mini Captain America shields. They become part of the defense team!

5. Calling in the Experts: Third-party Services (10%)

Think of third-party specialists as your cybersecurity consultants. They bring specialized skills for complex situations, like penetration testers acting as ethical hackers to uncover vulnerabilities.

Bonus Tips:

  • Industry and Size: Your budget might differ depending on your business type and needs. A small bakery won’t need the same defenses as a giant tech company.
  • Frameworks: Think of cybersecurity frameworks like blueprints for building a strong defense. They help you prioritize spending effectively.
  • Risk Assessment: Regularly check your weak spots and allocate resources accordingly. It’s like having your own superhero strategist!

Remember, a strong cybersecurity posture is an investment, not an expense. By understanding where your budget goes, you can build a powerful defense system and keep the bad guys out! Now go forth and conquer the digital world, with your awesome cybersecurity team by your side!


Looking for a cybersecurity provider for your small business? Let’s chat! Visit us at www.exchangedefender.com

At ExchangeDefender, we’re obsessed with keeping your clients’ emails safe and secure. That’s why we’ve just completed a massive network upgrade, designed to empower you, the IT Managed Service Provider, to offer unparalleled disaster recovery and enhanced security for your M365 clients.

Why the Upgrade? The Cloud Needs Saving Too!

Remember the good ol’ days of on-prem email outages? Well, guess what? The cloud isn’t immune!

  • M365 Outages Happen: We’ve all been there – clients waking up to a down Office 365 tenant. Scary stuff.
  • Data Loss Lurks: Lost emails due to strange glitches or language barriers (seriously, Croatian?) are a real threat.

Building on LiveArchive, we’re massively expanding our disaster recovery businesses due to increased demand for client protection on the Microsoft M365 network.

Our upcoming live mail caching service is here to save the day! We’ll cache copies of your clients’ emails for 24 hours, ensuring no email gets lost due to infrastructure issues. Need a message from the past day? Simply request a redelivery – problem solved!

Network Upgrade? More Like a Network Revolution!

To make Live Mail Caching a reality, here’s how we did it:

  • Open-sourced LiveArchive: This empowers you to deploy massive email archiving solutions for your clients on their own cloud.
  • Infrastructure Overhaul: We’ve upgraded nearly every switch, firewall, core router, and most of our backend to handle the massive data demands of live caching.
  • Network Failover on Autopilot: BGP magic ensures seamless service delivery across multiple data centers, automatically routing around network issues and regional outages. No configuration changes on your end are needed!

In the coming quarter, we’re excited to unveil all these new services.

While email remains a prime target for cyberattacks (not a good thing!), our core focus continues to be protecting traffic and identifying threats. However, our M365 clients are facing a surge of issues and are turning to us for solutions.

For instance, when Microsoft experiences delivery delays or mail latency problems, our ExchangeDefender Inbox service becomes the go-to solution for accessing critical OTP/MFA tokens.

Many clients have also adopted Inbox as their preferred webmail client due to its speed and lightweight design.

As Microsoft prepares to sunset Basic Authentication, many legacy SMTP services and mail-enabled applications will become inoperable. To address this growing demand for reliable and secure email routing and delivery, we’ve significantly upgraded our network and services this past quarter.

Email delivery problems happen.

With ExchangeDefender, however, these problems won’t impact your operations. That’s our unwavering commitment, and we’re thrilled to announce the expanded ExchangeDefender network is here to serve you and ensure the continued security of your email.


P.S. Sounds expensive and boy was it!! We’re in an era where any excuse is used to raise prices, so this might come as a bit of a surprise: There will be no change in pricing as a result of all these upgrades. Thank you for keeping us in business in our 4th decade and thank you for trusting us with your email.

ExchangeDefender has recently enhanced our MFA features (multi-factor authentication) to help you enforce domain-level MFA compliance and to make it easier for users to be enrolled and protected by a layered authentication process automatically.

Simply put, we’re making it easier for you to keep everyone protected.

Today we are announcing ExchangeDefender MFA support for custom authenticator apps. By now everyone is familiar with our typical MFA functionality, available under your Settings at https://admin.exchangedefender.com. Just scan the QR code on your device and you’re set!

BUT WHAT IF YOUR DEVICE DOESN’T HAVE A CAMERA?

ExchangeDefender now supports MFA app enrollment using a QR code. This is great for scenarios in which:

– You don’t have a camera on your device
– The QR code doesn’t seem to scan (problems with the camera or monitor)
– You want to use a text-based MFA app
– You want to integrate PowerShell/no-code with MFA
– You want to share your MFA codes with others

If you’re in one of those scenarios, note the text under the QR code when you start the enrollment:

Click on the Can’t scan? Show code link and you’ll get the TOTP secret (aka secret code, MFA code). Paste it in your solution and paste back the 6 digit code it generates. That’s it, you’re done. MFA is now enforced and ExchangeDefender will rely on the codes generated by your app to validate MFA and grant access to your account.

All our features come from user feedback so if there is something we need to be doing to keep you more secure please let us know!

ExchangeDefender is giving users more power to lock down their valuable data. Now that ExchangeDefender handles business continuity and backups for M365/Gmail tenants there is even more information in ExchangeDefender that demands more flexibility with security policies. First, let’s talk about the upcoming feature that allows you to lock down your ExchangeDefender SPAM Quarantine Report activity.

Bit of background: ExchangeDefender Quarantine Reports are an immensely popular ExchangeDefender feature (coming up for an upgrade this spring btw!) that sends users a list of quarantined messages with a set schedule. Users tend to rarely look in Junk Items or review SPAM unless they are waiting for something so this is a cool feature that our users just love. Scroll down the list of quarantined messages and release or trust just by tapping the link. Super convenient, but does it meet your security requirements?

ExchangeDefender Quick Release feature now enables you to choose between convenience and a more secure release process. For many organizations, having the message released or get added to trusted senders with just a click is a huge time saver and user convenience. But if your Microsoft M365 / Gmail account gets compromised (which happens ALL the time) or you deploy a new security/business/CRM (mostly AI stuff) that scans links then this “convenience” can turn into an Inbox packed with SPAM messages that some hacker/service inadvertently released.

If this happens to you, know that ExchangeDefender can help with the “Secure Release” setting. By enforcing Secure Release, when the user clicks to release or trust a message they will be prompted to authenticate before they can release/trust the message. This way if you get hacked or install link scanning/crawling software in your tenant will not be able to access the messages without a password.


Now please, go setup your favorite authenticator app with ExchangeDefender MFA (next up, you can set it to be mandatory/required)

By now we hope everyone who needs a backup has started it via ExchangeDefender LiveArchive and as previously mentioned we’ve got a huge new feature to show off this Wednesday:

During this event, we will discuss the ExchangeDefender LiveArchive Web UI, the open-source eDiscovery platform for your LiveArchive email backups. This stack can be hosted anywhere, even on your PC as in the example below. With database services holding metadata and the location of the email message on S3 storage, the LiveArchive user interface is very similar to webmail platforms. We even have themes that are inspired by GMail and M365 platforms so users can access their backups in the interface that feels similar to the one they are familiar with.

We know a lot of our partners and clients like to tinker, so if you like to get ahead here is a sample docker-compose.yml you can use to launch LiveArchive Web UI right now (production branch):

services:
    app:
        image: public.ecr.aws/y9g1h8n8/exchangedefender/livearchive:latest
        extra_hosts:
            - 'host.docker.internal:host-gateway'
        ports:
            - '${APP_PORT:-80}:80'
        volumes:
            -   livearchive-config:/app/storage/app/settings
            -   livearchive-loadbalancer:/data
        environment:
          LIVEARCHIVE_PERSISTENCE: browser
        networks:
            - livearchive
volumes:
    livearchive-config:
    livearchive-loadbalancer:
networks:
    livearchive:
        driver: bridge

Then simply point your browser to the container or if you’re running it on your PC http://localhost
That should give you everything you need to access LiveArchive backups with a modern and responsive eDiscovery frontend you own – we should discuss more details about deployment, different cloud hosting options, best practices, and different ways you can use LiveArchive Web UI. This should be plenty to get you started and get your questions ready for the live webinar this Wednesday, February 7th. and we look forward to seeing you there.

P.S. If you’re looking for old LiveArchive business continuity features, they are now a part of ExchangeDefender Inbox! Dive into the new world of ExchangeDefender Inbox, our smartest, most advanced email outage protection. Unlock insights on top features and highlights with our new brochure!

ExchangeDefender will be launching the LiveArchive Web UI during our webinar next week and we are looking forward to showing you how to launch it with a single command! In the meantime, this blog post is intended to give you a heads-up about the requirements and functionality so you can make design decisions.

Docker & Design

In a recent post, we discussed why MariaDB/RDS is required for the LiveArchive Web UI: it’s where we store the message metadata such as sender/recipient/subject/etc. These elements drive the UI and enable users to locate messages, search, and complete eDiscovery and email recovery tasks.

ExchangeDefender has organized the entire LiveArchive Web UI into a single container that can run on your own docker on a workstation or NAS in your office, across a wide variety of virtualization products and services, as well as public cloud like Amazon Web Services and Microsoft Azure. This makes ExchangeDefender Web UI easy to update, easy to manage, and easy to tweak to your requirements.

There are two ways to configure and start the container: preconfigured with environment variables or on-demand browser configuration. If you start the container without the environment defined you will be presented with a web configuration wizard that will prompt for S3 and RDS credentials. If this is the first time you’re deploying LiveArchive Web UI or just want to test it, this is the best way. Once you close your browser all the configuration vanishes and nobody else has access to your mail.

After you’ve configured everything to your liking and are looking to put the service into production, place the appropriate information in the container environment variables, and the container will always launch in production mode and bypass the wizard configuration.

Authentication

ExchangeDefender Web UI was designed to facilitate your email backup and eDiscovery needs. Our experience in compliance archiving and long-term email archiving has allowed us to work with countless organizations and one thing they all have in common is that they all have their own unique access and control needs.

ExchangeDefender Web UI by default presents all the available mailboxes and each email address has its own path. Using this predictable data storage process your Web Application Firewall can easily be configured to include or exclude data by path alone.

We designed the solution so it can be launched quickly, accessed, and managed without a lot of technical skill, and so it can be quickly modified/optimized for production. LiveArchive offers a lot of solutions to modern email problems and the flexibility means you can run different LiveArchive Web UI for different personnel or different tasks.

Resources & Customization

ExchangeDefender Web UI is completely free and open source. This means you can download it, modify it, and use it freely.

It also means that the solution will live even after ExchangeDefender as an organization is gone. You will not find any references or callbacks to our network and all the protocols are fully documented. This enables you to truly craft a failover email solution that can be completely disconnected from the Internet and placed into cold storage / safe.

Resource-wise the container is a little more than a web server and you can run hundreds of users with even the minimal 1 cpu / 1gb ram. This is possible because the SQL workload and data storage are handled by other services.


We hope you’re as excited about the launch as we are. Please join us for the webinar to see how it’s done and we’ll even help you set yours up right after the event! Just think of a good subdomain to point to your new LiveArchive backup platform.

The new ExchangeDefender LiveArchive has been delighting our clients for months and we’ve got a surprise for you coming in February with a huge new feature pack we can’t wait to show you:

ExchangeDefender LiveArchive Web UI is the free, open-source, host-anywhere platform that will make it easy to access and perform eDiscovery tasks with your LiveArchive backups. Instead of just staring at a directory in S3, you can have a beautiful interface to quickly locate, view, and export messages. You can host it anywhere that offers container hosting or on your PC, you have the entire source code that’s free forever that you can customize and build on, and it’s free!

We’ve even rolled out similar user interface elements so that the experience will feel familiar to users of Microsoft M365 or Google Gmail:

During the launch webinar, we will go over the features, execute a full deployment so you can see how easy and quick the process is, and go over the security best practices. In less than an hour, you will have all the expertise needed to position, price, deploy, and manage the entire LiveArchive backup system.

We’ve had a busy December rolling out LiveArchive with our partners and one of the most common questions that comes up is:

“Do I really need RDS/MariaDB/database service for LiveArchive? Can’t I get away with just S3 if we’re only using it for backup?”

The technical answers to this are “no” and “yes”, respectively. Unfortunately, in the real world both those answers are wrong. Allow us to explain:

ExchangeDefender LiveArchive relies on S3 object storage to store emails which is why it’s required for the service. ExchangeDefender does not require the RDS/MariaDB/database service for deployment – we will still perform the same backup of messages to object storage and place all emails into the appropriate user@domain.com folder. You can still download .eml files and open them with no issues in Outlook and other popular email clients.

Problem:

Unless you know the exact message I’d of the email you’re looking for you’ll have to download the entire user@domain.com directory and use a text search to locate it.

Solution:

Add RDS to LiveArchive so your archive looks more like this:

ExchangeDefender LiveArchive uses database services (choice of RDS, MariaDB, MySQL) to store message metadata which contains important message information such as message sender, recipient, subject, and attachments. That metadata is what our ExchangeDefender Web UI relies on to give you a friendly interface to access, search, export, and locate messages quickly in a friendly web interface. ExchangeDefender LiveArchive UI also enables you to filter your message view so you can do eDiscovery: enabling you to limit your search by sender, subject, and date.

We understand why some IT staff would want to do the bare minimum – the market, “nobody is buying stuff”, the complexity, nobody is ever going to look at it – and we hope that the explanation of how database services are used gives you the initiative to deploy RDS. It’s practically free (or totally free if you run it on your hardware) and it will greatly improve your performance, reduce time to recovery, and make it possible to quickly delegate eDiscovery or move data in a format that is open, documented, and will likely be around for decades. Not even tape can claim that! :slightly_smiling_face: