Trinity College Dublin Exchange Hosted Services

Published: April 2007

Situation

With a population of 20,000 people, located in the heart of the city, Trinity College Dublin (TCD) is Ireland's oldest and most famous university. The 13,000 undergraduates, 3,000 post-graduates and 3,000 staff use email as their principal communication tool, but the system was buckling under a deluge of spam.

All over the world academic institutions are targeted by spammers and TCD is no exception. Unlike private companies, universities and colleges tend to be open sites with multiple email addresses readily accessible via the web, making them ripe for attack. The TCD problem had become enormous. Of the 20 million messages sent and received each month, 80 per cent were spam.

A Unix-based email system had a rules-based spam filter that was fighting a losing battle. Regular updates were deployed centrally by the IT department but it was a cumbersome, hit-and-miss process. Individual users, many of whom would not be IT literate, could set their own rules which sometimes made the problem worse.

"Initially spam was seen as a nuisance rather than a threat," said John Murphy, deputy director of IS Services in Trinity, "but the sheer volume changed that perception. Every morning users were spending a considerable amount of time just cleaning out spam before they could get down to work. Email was becoming virtually unusable."

On a bad day it could take some time for an email to traverse the college. Critical messages were being delayed as the spam filter tried to cope with the onslaught of junk mail. Staff and students were beginning to lose faith in the system and the IT department was in danger of losing credibility. Solving the problem became a priority.

Solution

Two years ago the TCD's IS Services department set about replacing what was a Windows NT Domain with Active Directory and Windows Server 2003. Murphy and his team saw it as an opportunity to create a foundation for other products such as Exchange Server, Microsoft's email and collaboration software. "The Unix-based system was complicated; we had to write scripts to extend what it could do. Exchange gives greater control to the IT department and more features to the user," explained Murphy.

As it turned out, the migration of TCD staff to Exchange Server would be superseded by another Microsoft product/service as the spam crisis deepened.

Exchange Hosted Services is a managed service from Microsoft for messaging security. Composed of four distinct services, it helps organisations protect themselves from spam and email-borne malware, satisfies retention requirements for compliance, encrypts data to preserve confidentiality, and preserves access to email during and after emergency situations.

The services are deployed over the web using a 'software as a service' model which keeps capital investment to a minimum and frees up internal IT resources. There is no additional hardware to provision or software to install. The service is simply activated by changing the configuration of the mail exchange (MX) record. The service is platform agnostic and works with a mixed email environment.

EHS runs over Microsoft's global Datacentre network that is load-balanced from site to site and from server to server, ensuring continuity. If one data centre is unavailable, traffic is routed to another, minimising the chances of interruption to the service. A key part of the proposition for TCD were Service Level Agreements that gave impressive assurances, including 100 per cent virus protection, a minimum of 95 per cent spam filtering and a maximum of two minute scanning time on each mail. In practice, most mail passes through the system in seconds.

The SLA also guarantees that only one legitimate mail in every 250,000 is quarantined in EHS which equates to one false positive every ten years for somebody who gets an average of 100 mails per day.

Jordi Munoz-Royo, Microsoft's Security Business Manager, said that such terms reflect Microsoft's unique insight into potential threats. "Our advantage is the huge volume of email that we see - billions every month globally. This gives us insight into how spam is behaving on a worldwide basis which differentiates us from our competitors. When we see a virus outbreak happening in the Far East, for example, we don't need to wait until it reaches Europe. We can stop it before it reaches the rest of the world."

Benefits

TCD decided to carry out a trial of the service. Trinity's MX record was changed and all mail was routed through EHS. The effect was immediate and spectacular. Over a period of 20 days 12.1 million emails were sent to addresses in the TCD domain. EHS blocked 11.1 million – 92 per cent of all incoming traffic.

One of the challenges with any filtering solution is striking the balance between effectively controlling spam and 'false positives', the legitimate mail that is mistaken for spam. "EHS could be 100 per cent effective and prevent all spam from getting though but some legitimate mail would also be stopped," explained Munoz-Royo.

Because false positives are always a possibility, EHS allows the quarantine of email to be self-managed by individual users. This means they can log in to the system and browse through the quarantined mail, bringing something back to their inboxes if required. The reality, however, is that such action is rarely necessary because of the low level of false positives outlined in the SLA.

The impact of EHS has been profound. "From a public relations point of view it's been absolutely wonderful for the IT department," said Murphy. "We have people stopping us in corridors telling us how much they appreciate the improvement." The managed service has also helped liberate the IT department from day-to-day involvement with email, letting Murphy and his team focus on issues that deliver more value to TCD.

Summary

The trial convinced the IT department that the Microsoft managed service was the cure for its spam problem. EHS was bought by TCD under the terms of Microsoft's Campus Licensing agreement. "It represents great value for money and it could end up being one of the best investments we've ever made," said Murphy.

TCD was one of the earliest adopters of EHS in Ireland, a product that Jordi Munoz-Royo describes as "among the hottest" in the company's portfolio, appealing to small firms as well as large multinational customers like Shell and Sony.

"The proposition is simple and effective. Lets the experts deal with your email on a 24/7 basis, in a safe and secure hosted environment, governed by compelling Service Level Agreements" he said. "If an organisation has a messaging problem they can start a trial tomorrow and cure it very quickly."