Simplicita has a software solution to help you make your bot-infected customers get help from you.

by Alex Goldman ISP-Planet Managing Editor [March 26, 2007]

Customers should do what's best for themselves, but you don't need a movie like Jackass to tell you that people sometimes put themselves in danger. It's likely that you've already seen this for yourself.

"We found that the root problem with spam today isn't better filters," says Jim Gilbert, vice president of product management at Denver, Colo.-based software provider Simplicita. "The solution is to get machines cleaned up."

The company, founded in 2005, has built a system that it calls ZBX to solve this problem. Initially, it is targeting the world's top 150 ISPs as customers, but the software should scale down to serve ISPs with as few as 5,000 customers. On the other hand, it is also very efficient for large ISPs. "An ISP with 1 million users would require about 10 to 15 boxes total," says Gilbert. The software can deploy on an Intel x86 or Sun Sparc platform and on a variety of operating systems.

The ZBX system consists of the following components:

A Reputation Knowledge Server that tracks security event data in the network. "For example," says Gilbert, "if a subscriber is sending abnormal volumes of spam, sending spam mails, or sending traffic indicative of a DDoS attack, that subscriber should go into remediation."

A DNS Traffic Switch that prevents queries to bad services and dynamically switches subscribers in and out of remediation. "Any application's first action is a DNS query," notes Gilbert.

A Walled Garden Server connects to a Support Portal to help infected customers solve the problem without a phone call (see screen shot below, click on it to view the full screen shot).

The system relies on third party services and network-usage information to provide security data, and on Sana Security's Primary Response SafeConnect to fix the problems the system finds.

ISPs can modify welcome screens. For example, Gilbert says, an ISP could place a "fix this later" button on the remediation page to allow an infected customer to do something important and time sensitive, such as print out a boarding pass. But once the customer has used this button once, the system would log the event and force the customer to fix the problem the next time they logged on.

Today's announcement
Other applications can also run on this platform. Today, Simplicita is announcing a partnership with Yahoo! to combat typo squatters and phishing by redirecting users to an ISP branded landing page when they type the most common misspellings into their browser. The flexibility of this system gives it great potential for the future.

Simplicita calls this service NXD, for Name Error Redirect.

Pricing and availability
Simplicita ZBX pricing is calculated per subscriber, with options based on either remediated subscribers only or all subscribers on an ISP's network. Subscribers placed in the walled garden receive a 15 day trial of Sana Security Primary Response SafeConnect. They can upgrade their free trials to 1 year licenses for $29.95.

ISPs choose and provide the hardware.

—End