[appsuite-announce] Open-Xchange releases OX Abuse Shield v2.0

Open-Xchange App Suite Maintenance Announcements appsuite-announce at open-xchange.com
Wed Jan 16 12:21:49 CET 2019


Dear Open-Xchange Customers and Partners,

Open-Xchange is pleased to announce the release of the new major version of OX Abuse Shield v2.0.

Open-Xchange decided to re-name the product from Dovecot Anti-Abuse Shield to OX Abuse Shield. This name change corresponds to the ability to use OX Abuse Shield in different environments.

OX Abuse Shield provides abuse-prevention for Web Applications (including Webmail), POP, and IMAP. It is integrated with both OX App Suite and Dovecot Pro to prevent login and authentication abuse as well as protecting against brute-force attacks.

The goal of OX Abuse Shield is to detect brute forcing of passwords across many servers, services and instances, as well as enforce policy for authentication and authorization. In order to support the real world, brute force detection policy can be tailored to deal with "bulk, but legitimate" users of your service, as well as botnet-wide slow-scans of passwords.

The new OX Abuse Shield v2.0 provides the following main improvements and new features:

- Long-Term Storage of Login Data in Elasticsearch
Storing all login reports in Elasticsearch; this new functionality is used for sophisticated anomaly detection features such as detecting suspicious logins.

- Suspicious Login Detection
Sending email alerts to end-users or webhooks to abuse and operations teams when logins are detected as suspicious due to anomalies from previous logins.

- Compromised Account Reports
Periodic reports, based on long-term data stored in Elasticsearch, sent via webhooks to abuse and operations teams about potentially compromised users and IP addresses abusing the system.

What’s New in General and Feature Overviews

Open-Xchange now provides more detailed overviews, data sheet and product guide, relating to new product major release. These can be found at 
https://www.open-xchange.com/portfolio/whats-new/

A more detailed overview of the main functions and technical descriptions of OX Abuse Shield can be found at the Whitepaper under:
http://software.open-xchange.com/products/weakforced/doc/OX_Whitepaper_OX_Abuse_Shield_2_0_0.pdf

General Information – Please Note

- OX Abuse Shield v2.0 introduces an upgrade path from v1.4.4 to v2.0. Please read http://oxpedia.org/wiki/index.php?title=AppSuite:OX_Abuse_Shield#Debian_Upgrade_Instructions_with_OX_Abuse_Shield_v2.0 carefully to familiarize with the details, implications and our proposed upgrade path.

- In accordance with the supported platform policy, OX Abuse Shield v2.0 supports Debian 9 (Stretch) and CentOS 7. Debian 8 (Jessie) is no longer supported with OX Abuse Shield v2.0.

Shipped packages and versions
- OX Abuse Shield v2.0.0-rev8

Complete Release Notes 

- OX Abuse Shield v2.0:
http://software.open-xchange.com/products/weakforced/doc/OX_Abuse_Shield_Release_Notes_for_Release_2.0.0_2019-01-16.pdf

For further details about OX Abuse Shield installation and configuration, mandatory and optional packages, policies, please refer to the documentation provided: http://oxpedia.org/wiki/index.php?title=AppSuite:OX_Abuse_Shield

Best regards,
Your Open-Xchange Team

-------------------------------------------------------------------------------------
Open-Xchange AG, Hohenzollernring 72, 50672 Cologne, District Court Cologne HRB 95366
Managing Board: Rafael Laguna de la Vera, Carsten Dirks, Michael Knapstein, Stephan Martin 
Chairman of the Board: Richard Seibt

European Office:
Open-Xchange GmbH, Olper Huette 5f, D-57462 Olpe, Germany, District Court Siegen, HRB 8718
Managing Director: Frank Hoberg

US Office:
Open-Xchange. Inc., 530 Lytton Avenue, Palo Alto, CA 94301, USA
-------------------------------------------------------------------------------------


More information about the appsuite-announce mailing list