Proofpoint, Inc расположена в Саннивейл, Калифорния и предлагает облачные, программные и аппаратные решения для фильтрации электронной почты, защиты от утечек данных, шифрования и архивирования почты. Компания Proofpoint является лидером среди производителей решений для почтовой безопасности на 2010 год согласно Квадранту Гартнера.^[1]

История

Компания основана в июне 2002 года Эриком Ханном, бывшим техническим директором Netscape Communications. Официальный запуск и выпуск первого продукта состоялся 21 июля 2003 года после получения $7-миллионного финансирования от венчурных инвесторов Mohr, Davidow Ventures, Benchmark Capital, и Stanford University.^[2] И дополнительные $9 миллионов были получены от Нью-Йоркской RRE Ventures в октябре 2003 года.^[3]

Ранние разработки

Первым продуктом стал Proofpoint Protection Server для средних и больших компаний. Он включал в себя так называемую "MLX технологию" - запатентованный алгоритм машинного обучения - для решения проблемы точной идентификации спама, используя 10,000 разных атрибутов, чтобы отделить спам от чистого письма. Таким образом, компания Proofpoint присоединилась к десяткам других производителей решений в отрасли почтовой безопасности^[2], которая образовалась из-за растущих объемов спама, что угрожало продуктивности работников и превратило спам в угрозу номер один.^[4] Согласно исследованию Information Week’s 2004 National Technology Readiness, стоимость спама в пересчете на потерю продуктивности достигла $21.58 миллиардов в год.^[5]

Первый апгрейд Proofpoint Protection Server был анасирован в ноябре 2003 года и расширил количество атрибутов для идентификации спама до 50,000+.^[6]

В декабре 2003 года Forrester Research обьявил лауреатов шестой ежегодной премии Emerging Technology Showcase. Proofpoint был награжден за “Identifying And Dealing With Threats And Nuisances To The Enterprise”.^[7]

Encryption products spurred by HIPAA

В 2004 году новые правила в стандартах защиты финансовой и медицинской информации подтолкнули Proofpoint к разработке новых продуктов, которые могли бы автоматически идентифицировать и перехватывать исходящую почту, содержащую конфиденциальную информацию.^[8]

In March, 2004, Proofpoint introduced its first hardware appliance, the P-Series Message Protection Appliance (later renamed Proofpoint Messaging Security Gateway), using a hardened Linux kernel and Proofpoint's Protection Server 2.0 software.^[9] It was tested by Infoworld and found to stop 94% of spam.^[10]

Another product introduction in November, 2004 included Protection Server 3.0, with Email Firewall and MLX-based Dynamic Reputation Analysis, and the Content Security Suite, plug-in modules designed for scanning outbound messages and their attachments to assist in compliance with data protection regulations such as ProofPoint Appliance Stands Guard At E-Mail Gate, ChannelWeb, Nov 26, 2004, which observed that it used a “combination of technologies: policy-based management, a spam-filtering engine and adaptive learning technology”. Implemented by Brown University, in the first 24 hours the Proofpoint system saved 447 Mb of email storage space by blocking 90,000 spam messages.^[11] Infoworld reported that a number of companies were broadening their products to address other messaging issues besides spam, such as compliance violations, phishing scams, and viruses.^[12]

The University of Illinois at Urbana-Champaign incorporated Proofpoint software into their CITES Spam Control system with positive results.^[13] Government Computer News reported that their GCN Lab found the Proofpoint P800 Gateway offered “Maximum control for administrators; highly configurable; optional module prevents e-mailing of classified documents”.^[14]

Proofpoint introduced a new product, the Network Content Sentry, as an add-on appliance to the Content Security Suite in August, 2005.^[15] Designed to monitor online messaging other than email, the appliance monitors Web mail, message boards, blogs and FTP-based communications. Proofpoint also introduced policy-based email encryption features, using identity-based encryption technology licensed from Voltage Security.

At about the same time, the Zero-Hour Anti-Virus software module was released. It was specifically designed to detect and block new computer viruses before their “signature” is formally identified.^[16]

As part of a continuing product expansion related to regulation monitoring, in November, 2005, the Healthcare Privacy Bundle was released as add-on to Messaging Security Gateway appliance.^[17]

Proofpoint Messaging Security Gateway V4.0 was released in March, 2006, with additional capabilities such as directory harvest attack prevention features and enhancements to the Proofpoint MLX Dynamic Reputation software.^[18]

Virtual appliance development

In a step towards simpler operational requirements, the Proofpoint Messaging Security Gateway Virtual Edition was released in April, 2007. The product runs as a virtual appliance on a host running VMware's virtual server software.^[19] Moving a dedicated hardware appliance to a virtual server eliminates problems associated with proprietary hardware and reduces upgrade costs,^[20] though it does require knowledge of VMware's virtual server architecture.

Proofpoint Messaging Security Gateway V5.0 was released in June, 2007, and was based on a new, integrated architecture, combining all its capabilities into a single platform.^[21] It could be run either as a dedicated appliance, virtual appliance, or software suite.

ICSA Labs, an independent division of Verizon Business, announced in April, 2007, that it had certified six anti-spam products under their new testing program, one of which was the Proofpoint Messaging Security Gateway. The goal of ICSA Labs' anti-spam product testing and certification is to evaluate product effectiveness in detecting and removing spam. The guidelines also address how well the products recognize e-mail messages from legitimate sources.^[22]

Software as a Service

Moving into the software-as-a-service business, Proofpoint introduced Proofpoint on Demand, a hosted version of its email security and data loss prevention offerings.^[23] In May, 2008, the company’s hosted offerings were expanded with the introduction of Proofpoint on Demand—Standard Edition.^[24] The product is targeted at small-to-medium size businesses that need email security but do not run their own servers or have on-site IT personnel.

Email Archiving

In June 2008, Proofpoint acquired Fortiva, Inc., a provider of on-demand Email archiving software for legal discovery, regulatory compliance and email storage management.^[25] Given current compliance legislation and legal discovery requirements, corporate IT departments need to carefully manage their e-mail archiving so that specific messages can be located quickly. Fortiva uses Exchange journaling to automatically archive all internal and external communications so that end users can search all archived messages, including attachments, directly from a search folder in Outlook.

Overall timeline

• Jun 2002 Proofpoint, Inc. founded by Eric Hahn
• Jul 2003 Raises $7 million series A funding round
• Oct 2003 $9 million in Series B funding led by New York-based RRE Ventures
• Oct 2003 Stuart Ellman, RRE Ventures general partner, joins Proofpoint's Board of Directors
• Mar 2005 Strategic partnerships with four email encryption vendors
• Mar 2006 Additional $20 million raised in venture capital
• May 2006 Sydney, Australia, office opens
• Feb 2008 Additional $28 million raised from DAG Ventures
• Jun 2008 Proofpoint, Inc. Acquires SaaS Email Archiving Vendor Fortiva, Inc.
• Sep 2008 Gartner positions Proofpoint in the Leaders quadrant in the 2008 Magic Quadrant for Email Security Boundaries ^[26]
• Jun 2009 Proofpoint issued US patent #7,512,814 ("Secure and Searchable Storage System and Method") for DoubleBlind encryption technology, introduces new version of its SaaS email archiving solution ^[27]
• Jul 2009 Proofpoint selects TelecityGroup to host European datacenters for Proofpoint on Demand email security solutions ^[28]
• Jul 2009 Proofpoint hits six years (24 quarters) of sequential quarterly revenue growth ^[29]

Technology timeline (product releases)

• Jul 2003 Launches first product, Proofpoint Protection Server software
• Nov 2003 Product upgrade incorporates MLX Learning Technology
• Mar 2004 Introduces first appliance, P-Series Message Protection Appliance
• Nov 2004 Protection Server 3.0 with Email Firewall and MLX-based Dynamic Reputation Analysis
• Nov 2004 Content Security Suite, plug-in modules for digital asset security and regulation monitoring
• Mar 2005 Proofpoint provides hosted anti-spam services
• Aug 2005 Network Content Sentry introduced as add-on appliance to Content Security Suite along with Secure Messaging (email encryption) software module
• Sep 2005 Zero-Hour Anti-Virus software module released
• Nov 2005 Healthcare Privacy Bundle released as add-on to Messaging Security Gateway appliance
• Mar 2006 Proofpoint Messaging Security Gateway V4.0 released
• Apr 2007 Messaging Security Gateway Virtual Edition is released
• Jun 2007 Proofpoint Messaging Security Gateway V5.0 released
• Aug 2007 Proofpoint On Demand is released
• May 2008 Proofpoint On Demand—Standard Edition is released, Proofpoint Secure File Transfer software module released
• Jun 2008 Proofpoint On Demand Email Archiving is released
• Feb 2009 Proofpoint SHIELD introduced, cloud-computing solution for email connection management and frontline anti-spam

Products and services

Proofpoint’s product line is offered as Software as a Service (Saas), hybrid, and virtual appliances:

• Proofpoint Messaging Security Gateway messaging security appliance, available in a variety of models for both large enterprises and SMBs
• Proofpoint Messaging Security Gateway Virtual Edition messaging security virtual appliance for VMware Infrastructure.
• Proofpoint Protection Server software for Linux
• Proofpoint on Demand hosted email security and data loss prevention service

Add-on modules that address various email security or data loss prevention issues include:

• Proofpoint Spam Detection for defense against spam, adult content and phishing attacks. For connection management, Proofpoint Dynamic Reputation and netMLX technology are also offered.
• Proofpoint Virus Protection defends against email-borne viruses, worms, trojans

and other forms of malicious code.

• Proofpoint Zero-Hour Anti-Virus protects against emerging viruses before anti-virus signatures are available
• Proofpoint Content Compliance for defining and enforcing acceptable use policies for message content and attachments
• Proofpoint Digital Asset Security for protecting sensitive digital assets and

confidential information from leaking outside the organization via email.

• Proofpoint Regulatory Compliance for detecting protected health information, protected financial information and other sensitive content in outbound messages
• Proofpoint Secure Messaging for policy-based encryption functionality.
• Proofpoint Network Content Sentry extends Proofpoint’s content security and policy enforcement features to web-based email, blog and message board postings, FTP and other message streams.
• Proofpoint Smart Search is a separate appliance that adds message tracing, forensics and log analytics features
• Proofpoint Secure File Transfer adds secure, large file transfer capabilities.

Примечания