Open-Xchange releases OX Abuse Shield v2.0

Open-Xchange is pleased to announce the release of the new major version of OX Abuse Shield v2.0.

Open-Xchange decided to re-name the product from Dovecot Anti-Abuse Shield to OX Abuse Shield. This name change corresponds to the ability to use OX Abuse Shield in different environments.

OX Abuse Shield provides abuse-prevention for Web Applications (including Webmail), POP, and IMAP. It is integrated with both OX App Suite and Dovecot Pro to prevent login and authentication abuse as well as protecting against brute-force attacks.

The goal of OX Abuse Shield is to detect brute forcing of passwords across many servers, services and instances, as well as enforce policy for authentication and authorization. In order to support the real world, brute force detection policy can be tailored to deal with "bulk, but legitimate" users of your service, as well as botnet-wide slow-scans of passwords.

The new OX Abuse Shield v2.0 provides the following main improvements and new features:

  • Long-Term Storage of Login Data in Elasticsearch
    Storing all login reports in Elasticsearch; this new functionality is used for sophisticated anomaly detection features such as detecting suspicious logins.
  • Suspicious Login Detection
    Sending email alerts to end-users or webhooks to abuse and operations teams when logins are detected as suspicious due to anomalies from previous logins.
  • - Compromised Account Reports
    Periodic reports, based on long-term data stored in Elasticsearch, sent via webhooks to abuse and operations teams about potentially compromised users and IP addresses abusing the system.

What’s New in General and Feature Overviews

Open-Xchange now provides more detailed overviews, data sheet and product guide, relating to new product major release. These can be found at
https://www.open-xchange.com/portfolio/whats-new/

A more detailed overview of the main functions and technical descriptions of OX Abuse Shield can be found at the Whitepaper under:
http://software.open-xchange.com/pro...ield_2_0_0.pdf

General Information – Please Note

  • OX Abuse Shield v2.0 introduces an upgrade path from v1.4.4 to v2.0. Please read http://oxpedia.org/wiki/index.php?ti...se_Shield_v2.0 carefully to familiarize with the details, implications and our proposed upgrade path.
  • In accordance with the supported platform policy, OX Abuse Shield v2.0 supports Debian 9 (Stretch) and CentOS 7. Debian 8 (Jessie) is no longer supported with OX Abuse Shield v2.0.

Shipped packages and versions
  • OX Abuse Shield v2.0.0-rev8

Complete Release Notes

Download and Installation

For further details about OX Abuse Shield installation and configuration, mandatory and optional packages, policies, please refer to the documentation provided: http://oxpedia.org/wiki/index.php?ti...X_Abuse_Shield