Cyber Security Services Business Plan

Transcription

CONFIDENTIAL
1
No.
_________________
2009-
Cyber Security Services
Business Plan
Industriestrasse 13C CH-6304 Zug Schweiz +41.44.586.8520 info@digitar.eu
10306 West Emerald Street Boise, Idaho. 83704 +1.208.343.8520 info@digitar.com
3-15-6 Higashi 3-Chome 150-0011 Tokyo Japan +81 (0) 3 5468 7373 http://japan.digitar.com
Confidentiality Agreement
The undersigned acknowledges that the information provided by DigiTar AG. in this business plan is
confidential; therefore, reader of said document agrees not to disclose it without the express written
permission of DigiTar AG.
It is acknowledged by the reader that information furnished in this Business Plan is in all respects
confidential (except information that is in the public domain or obtained through other means) and
that any disclosure or use of same by reader may cause serious harm or damage to DigiTar AG.
Upon request, this document is to be immediately returned to:
D. W. Williams, CEO, DigiTar AG.
10306 West Emerald Boise, ID 83704
___________________
Signature
___________________
Name (typed or printed)
___________________
Date
This is a business plan. It does not imply an offering of securities.
2
CONFIDENTIAL
SaaS Cyber Security Services Business Plan.
1.8
Industriestrasse 13C CH-6304 Zug Schweiz +41.44.586.8520 info@digitar.eu
10306 West Emerald Street Boise, Idaho. 83704 +1.208.343.8520 info@digitar.com
3-15-6 Higashi 3-Chome 150-0011 Tokyo Japan +81 (0) 3 5468 7373 http://japan.digitar.com
DigiTar: A Complete Network Security On Demand; No Assembly required
Traditional security approaches that require IT managers to research, justify, acquire, install and maintain multiple security
technologies are quickly going the way of the dinosaur and being replaced with utility based security also known as Security In The
Cloud. As we are all too aware, security threats are growing at an exponential rate as are the number of security technologies designed
to address these new threats. This never ending process has become an arms race that no one can win.
DigiTar's Security In The Cloud model provides the highest level of protection and flexibility available today by connecting businesses
to the Internet through DigiTar’s multimillion dollar security infrastructure - all without capital expenditure or complicated and
expensive systems integration projects. Offered as a subscription based, pre-integrated security utility, DigiTar has significantly
reduced the time and work required to address pressing security issues without integration risk or headaches;
in other words: "No Assembly Required".
DigiTar's Vision of the Future:
•
Bring order and clarity to the world's messaging.
–
–
e-mail, Instant Messaging, Web-Mail, VoIP and Micro-Blog messaging of the next decade [Web 2.0 enhanced].
provide advanced secure communications for cyber / wired / wireless connectivity's.
–
–
–
–
services that interlock to provide intuitive seamless access to the messages you need,
presented in ways that are instantly relevant to your task at hand.
empower organizations and individuals with the features they desperately need...instantly.
this means no client administration burdens and no waiting for results and benefits.
–
correlate and find the information you want regardless of how you received it (eMail, IM, Twitter, VoIP, etc.)
•
•
Continuously expanding set of messaging services.
DigiTar’s “Next-Gen” Over-arching concept of "Unified Messaging".
DigiTar Motto: ZERO Configuration; ZERO Maintenance; 100% Security!
DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan
20090622 1.8
3
CONFIDENTIAL
CONTENTS
Executive Summary ……………………………………………………………………………………….
Page 4
Financial Summary Overview ……………………………………………………………………….
Page 5
The Business Concept ……………………………………………………………………………………
Page 6
In-depth Overview ………………………………………………………………………………………....
Page 8
Company History ……………………………………………………………………………………………..
Page 11
Sales Objectives / Strategies …………………………………………………………………………
Page 11
Management CV’s / Advisory Board ……………………………………………………………….
Page 12
Company Facilities ………………………………………………………………………………………….
Page 13
Products & Services Summary ………………….……………………………………………….
Page 14
Competitive Comparisons ……………………………………………………………………………..
Page 15
Technology Assets ………………………………………………………………………………………….
Page 16
DigiTar Services Examples ……………………………….…………………………………………..
Page 19
Detailed Market Analysis ………………………………………………………………………………
Page 24
Global Customer Base & Demand ………………………………………………………………..
Page 26
Primary Markets / Market Trends .………………………………………………………………..
Page 28
Value Proposition …………………………………………………………………………………………..
Page 31
Marketing Strategy …………………………………………………………………………………………
Page 32
Sales Strategy ………………………………………………………………………………………………..
Page 33
Sample Client List
………………………………………………………………………………………………………………………
Page 34
Strategic Alliances ………………………………………………………………………………………..
Page 35
Customer Testimonials & Recommendations ………………………………………………
Page 37
News Articles re: CyberSec Markets ……………………………………………………………
Page 49
DigiTar Technology Scaling & Financial Impact Plans ……………………………….
Page 55
20090622 1.8
4
CONFIDENTIAL
DigiTar AG.
Cyber Messaging Security Services
Business Plan Briefing
Executive Summary: DigiTar was established for the development of proprietary technology solutions to cyber
security problems within the internet communications industries. DigiTar formalized the infrastructure (people and facilities)
and development of advanced proprietary technology services solutions for the rapidly growing eMessaging and voice/data
security markets. Starting in 2005, DigiTar put real customers (Banks and ISP’s) on line!
market share opportunity
>$1,000,000,000 by 2016.
DigiTar provides proprietary advanced cyber security solutions and unparalleled
message processing capabilities, at extremely low cost, to IT Subcontractors,
Internet Service Providers, and small medium (SMB) corporate enterprise
network markets. Equivalent service performance products are not available at the retail level, and are not cost effective when
obtained from competitive commercial cyber security service providers.
DigiTar believes that security and management of information technology for
business is similar to legal advice, accounting, graphic arts and other bodies of
knowledge; that it is not inherently a do-it-yourself project. Smart business
people who aren't computer experts require vendors of reliable cyber security
technologies and support. They will utilize quality cyber security vendors as
they use other professional service suppliers, as “Trusted Allies”.
Demand for these
services is growing at
> 30% year-to-year.
DigiTar has invested $2,000,000 in proprietary systems and advanced product-services to capture this phenomenal opportunity.
DigiTar provides comprehensive proprietary eMessage™-DNA processing technologies for use by ISP’s, businesses, and
individual’s worldwide, against today’s and tomorrow’s cyber terrorism attacks and malicious content internet communications.
The demand for these services is growing at a rate greater than 30% year-to-year. As the sophistication of these attacks
becomes more difficult for business organizations and individuals to handle, DigiTar
..greater than
meets these challenges with low cost 24x7 advanced surveillance/protection systems
$100,000,000 in sales
and the most contemporary knowledge of attack signatures and eMessage-DNA
properties available today.
by the end of 2012.
DigiTar has achieved strong market acceptance and plans to grow toward greater
than $100,000,000 in sales by the end of 2012. This represents a corporate
growth of >200% year-to-year.
DigiTar’s plan targets attaining a 20% share of served markets by 2013.
For the investor, an IRR
greater than 200+%
More importantly, DigiTar’s market expansion plan, for its’ proprietary technologies, targets untapped parallel markets including
mobile communications/handhelds and Internet Telephony for its cyber security technology. With proprietary new services,
DigiTar’s growth will continue exponentially.
DigiTar technology was designed modularly so enhancements and new eComm services can be encompassed dynamically as
client needs change. DigiTar projects the future eComm will split into multiple embodiments including email, Webmail, Instant
Messaging, Voice over Internet and Micro Blogging. Each technology serves a different purpose and provides different benefits to
the user. All are inherently insecure and require solutions to provide protection from cyber threats. DigiTar’s technology today
scales easily to provide a complete integrated solution for these evolving multiple eCommunications embodiments.
New investment funding activities proceeds will be used to market and promote its’ proprietary services globally and expand the
client base for its’ Secure Messaging Services [SMS] and Complete Enterprise Security [CES] service-products.
Long term financing: During March 2009, DigiTar executed a Memo of Understanding, for investment during 3rd Quarter of
2009, of up to €2,000,000, by Pontis Capital GmbH of Vienna Austria. Proceeds of this financing will be used as working capital to
globally expand and intensify the scope of the Company’s sales & marketing programs; and to assure maximized revenue and
client base growth during 2010, and beyond, for DigiTar’s SaaS eServices.
PONTIS is member of the Austrian Private Equity and Venture Capital Organization (AVCO) and the European Private Equity and
Venture Capital Association (EVCA).
20090622 1.8
5
CONFIDENTIAL
Financial Plan Snapshot/Summary & Projections:
2004
Revenue
nm
COGS
2005
2006
2007
2008
2009
$156,000
$109,997
$523,300
$1,502,090
forecast
$4,356,000
2010
2011
2012
forecast
$14,675,000
forecast
$60,650,000
forecast
$132,550,000
$23,000
$37,607
$230,082
$732,350
$2,106,360
$6,834,250
$26,986,000
$55,803,170
Gross Pf’
$133,000
$72,390
$293,218
$769,740
$2,249,640
$7,840,750
$33,664,000
$76,746,830
Expenses
$232,000
$388,634
$288,500
$760,850
$2,136,900
$7,060,000
$27,550,000
$55,650,000
EBT
($99,000)
($316,244)
$4,718
$8,890
$112,740
$780,750
$6,114,000
$21,096,830
FY 2007
$306,660
$37,000
$0
$98,640
$81,000
FY 2008
$456,000
$62,000
$0
$25,000
$959,090
FY 2009
$3,050,000
$106,000
$0
$25,000
$1,175,000
FY 2010
$9,700,000
$550,000
$150,000
$500,000
$3,775,000
FY 2011
$43,800,000
$3,050,000
$2,000,000
$500,000
$11,300,000
FY2012
$75,824,000
$19,429,000
$10,982,000
$1,600,000
$24,715,000
Sales
SENTINEL SMS
SENTINEL CES
SENTINEL IM
Licensing & ManSecurityServices
Other/SENTINEL Services Enhancements
Total Revenue:
$523,300
$1,502,090
$4,356,000
$14,675,000
$60,650,000
$132,550,000
FY 2007
$44,370
$2,386
$0
$2,650
$5,676
$175,000
FY 2008
$286,000
$16,500
$0
$8,850
$216,000
$205,000
FY 2009
$1,282,000
$53,000
$0
$6,250
$503,750
$261,360
FY 2010
$3,983,000
$275,000
$49,500
$125,000
$1,521,250
$880,500
FY 2011
$17,082,000
$1,525,000
$660,000
$125,000
$3,955,000
$3,639,000
FY2012
$27,516,360
$9,714,500
$3,624,060
$400,000
$6,595,250
$7,953,000
$230,082
$732,350
$2,106,360
$6,834,250
$26,986,000
$55,803,170
GM
Expenses
$293,218
$288,500
$769,740
$760,850
$2,249,640
$2,136,900
$7,840,750
$7,060,000
$33,664,000
$27,550,000
$76,746,830
$55,650,000
PBT
PBT%
COGS%
Exp%
$4,718
0.90%
43.97%
55.13%
$8,890
0.59%
48.76%
50.65%
$112,740
2.59%
48.36%
49.06%
$780,750
5.32%
46.57%
48.11%
$6,114,000
10.08%
44.49%
45.42%
$21,096,830
15.92%
42.10%
41.98%
COGS
SENTINEL SMS
SENTINEL CES
SENTINEL IM
Licensing & ManSecurityServices
SENTINEL Services Enhancements
Depreciation
Total COGS:
20090622 1.8
6
CONFIDENTIAL
The Business Concept: There was a time when cutting-edge
enterprise network security meant a firewall on your perimeter and antivirus software on the desktop. No longer!
With the advent of polymorphic Internet worms, application-layer cyber
attacks, Trojan horses, Intrusion-Identity Theft, adware, spyware, and
wireless hacks, the network security picture is more complicated than ever.
To make matters worse, the enterprise’s cost of managing cyber security
has increased exponentially; well beyond the resources of small and
medium sized organizations.
Managed Services Reach “Tipping Point”
IT research firm Yankee Group issued a report mid-year
suggesting that message management and threat protection
had reached a “tipping point” in favor of an outsourced
managed service model. Yankee cited several factors
spurring the shift
away from in-house software products to managed services,
including the need to rely on specialized knowledge, the
rapid response time needed to deal with threats, and the fact
that fighting message threats is not a core competency that
adds any value to the company’s bottom line.
“Email Sanitization Services Preserve Peace of Mind,” Yankee Group
DigiTar provides complete cyber messaging systems solutions,
Research by Andrew Jaquith,
including advanced programs and advanced proprietary security feature
sets, without the need for the user organization to hire or expand internal
staff or spend capital on new network facilities in order to enjoy a secure
internal and external network environment. DigiTar’s client remains focused
on their own business activities, be that a Law Firm, Bank, Mortgage
Broker, Church, University or Medical office/Clinic, etc., thereby keeping precious resources invested in activities that meet
regulatory compliance issues or business data management needs which optimize revenue & costs.
The total SMB IT Market is currently (2009) >$26B in size; growing at greater than 33% compounded annual rate; and is largely
unprotected from sophisticated attackers operating today.
Value Proposition
DigiTar makes it easy for regional IT Subcontractors, Value-Added Resellers/Distributors (VARs/VADs) and Internet Service
Providers (ISP’s) to play a larger role in combating all sorts of spam and viruses without the need to spend money. VAR’s & ISP’s
are offering DigiTar security services that scan all incoming and outgoing mail for viruses and spam; if a user's machine comes
under attack, DigiTar technology blocks the attacking traffic, notifies the client, and performs automatic disinfection of the traffic.
This kind of resource allows each VAR/ISP to charge additional fees for the cyber security protection which increases their own
business revenues more quickly and with reduced competitive pressure from other ISP’s who do not offer DigiTar Sentinel leading
edge cyber security services.
No other supplier delivers the eMessage™ classification accuracy of services, the network performance
improvements nor the exceptionally low cost benefits for the customer, equivalent to DigiTar.
Value Proposition
DigiTar makes it easy for regional IT Subcontractors, Value-Added Resellers/Distributors (VARs/VADs) and Internet Service
Providers (ISP’s) to play a larger role in combating all sorts of spam and viruses without the need to spend money. Because of
the "designed-in ability to scale", DigiTar makes it easy for its clients to grow or diminish in headcount, and/or modify bandwidth
requirements. All without any budget “impacts” for additional/excess hardware, bandwidth, software and personnel expense
issues.
Unique to DigiTar is a proprietary "Auto-Provisioning" technology whereby customers are relieved of draconian
bookkeeping and directory integration tasks that competitive offerings require. DigiTar automatically keeps track of "active" users
in the client domain and charges only for users that utilize the service during the calendar month. This eliminates painful periodic
manual "culling" by the client administrator (if there is one) and insecure external links to internal client directories. This keeps
costs in line with actual use and maintains maximum client security and separation. This frees up several 100’s of hours per year
of productivity savings, and incalculable security savings for the enterprise.
DigiTar’s Sentinel technology is built on accelerated architecture implementations and proprietary message processing algorithms
that simply “stop” Spam and other Cyber Threats from Entering Your Networks! DigiTar Sentinel can process messages 400 to
700 times faster than the competition. What they do in 3 seconds, DigiTar can do in .004 secs. This allows DigiTar to service
100’s more clients on a given technology resource (hardware processing facility) at an internal cost that is estimated at <5% of
the competition’s cost of operations. This gives DigiTar the advantage of selling its’ services at a fraction of that of the
competition and still enjoy excellent gross margins.
For the end user client, as well as the VAR/ISP sales channel, this means unequalled benefits of real savings, revenue
enhancement and state of the art (up to 99.9% message classification accuracy) Cyber Security benefits.
DigiTar's Vision is to bring order and clarity to the world's messaging; be it e-mail, IM, VoIP, micro-blogging(Twitter) or
messaging of the next decade. We envision a continuously expanding set of messaging services. Services that interlock to provide
intuitive seamless access to the messages you need, presented in ways that are instantly relevant to your task at hand.
20090622 1.8
7
CONFIDENTIAL
DigiTar empowers organizations and individuals with the service features they desperately need...instantly. This means no
administration burdens and no waiting.
DigiTar's Vision is to bring order and clarity to the world's messaging; be it e-mail, IM, VoIP, micro-blogging(Twitter) or
messaging of the next decade. We envision a continuously expanding set of messaging services. Services that interlock to provide
intuitive seamless access to the messages you need, presented in ways that are instantly relevant to your task at hand.
Our immediate and midterm vision comprises 6 Business Vectors:
1.) Next-Generation eMessaging - Solutions that enable customers to maintain connectivity, archive communications (of all
types), enforce security, be compliant, and communicate with any organization...using IM services like AIM, MSN and
Yahoo and/or micro blogging via Twitter!
2.) Consumer market revenues - proprietary user defined preferences advertising platforms with regional markets internet
promotions advertisers and agencies.
3.) Regulatory compliance (SOX, HIPAA, etc.) - Service-based compliance for an organization's messaging. Nothing to
replace. No additional capital or administrative overhead to become compliant. No burden.
4.) For Major Client’s mail flow, DigiTar On-Site Systems, DigiTar SENTINEL “On-Site” Resource Unit [DSRU], allows DigiTar
to perform in-client as a systems service resource provider. Sentinel Messaging™ On-Site DSRU scales dynamically to
accommodate virtually unlimited message processing capacity.
5.) Wireless communications – Elimination of unwanted communications (Spam etc.) and advertisements on wireless
networks and wireless text messaging facilities. Fixed-flat rate wireless services evolution makes the cost of bandwidth
the primary expense growth factor for wireless service providers.
6.) Voice-over-IP - VoIP is just another message for DigiTar. Our services will protect clients from voice spam, while
providing the regulatory compliance that is mandatory for any electronic messaging medium.
Over-arching all our efforts is the long-term concept of "unified messaging". The ability to find and correlate the
information you want, regardless of how you received it
Web Plan Summary
The DigiTar website (www.digitar.com) is the virtual business card and portfolio for the company, as well as its online "home."
The website is intuitive and straightforward, yet elegant and well designed; a cyber message processing website that stays
current with the latest trends and provides information to the customers and a portal to our programs and products. The site
utilizes the latest demonstrations capability of Flash technology so as to maximize a potential client's quick understanding of
DigiTar product-services and application information.
Website Marketing Strategy
We will maintain a two-way link between our website and our product-services customers and suppliers. In addition to using the
page as a sales tool, we will develop a monthly newsletter and a cyber security status links information page for industry lexicon
sites. We will also maintain two-way links between major client organizations and supporters.
Development Requirements
The DigiTar website has been developed with limited expense and technical resources. A simple hosting provider, Tierranet.net,
hosts the site and provides the network technical back end.
DigiTar will maintain and enhance the site user graphic and interface to develop the simple, elegant, yet Internet focused site.
DigiTar will design all website graphics and layouts.
As the website rolls out future developments, newsletters and other related messaging and cyber security related applications
issues will be chronicled via technical presentations and "walk-thru demonstration presentations.
Organizational Structure
DigiTar is organized to focus on two main activities:
1.) Client development for revenue growth; and
2.) Product development for greater reach into the served markets. Support personnel and staff positions are limited and
must be associated with specific tasks that directly support one or both of the above objectives.
20090622 1.8
8
CONFIDENTIAL
In Depth Overview: DigiTar’s Security as a Service (SaaS): Sentinel Messaging™
This presentation covers DigiTar’s “Security as a Service” (SaaS), the next
generation in eMessage processing innovations.
DigiTar Sentinel Messaging™ is a paradigm shift away from the methods of
the past and greatly reduces the complexity of enterprise email flow while
dramatically increasing its reliability and security.
In brief, DigiTar developed “eStrands Technology” in order to deliver
advanced eMessage processing innovation for several problem areas:

Highly parallel-modular architectural implementation that assures
message delivery and unlimited scalability to meet load demand
without disrupting a Client’s business operations.

Reduces enterprise system complexity and increases stability by
providing a completely outsourced integrated solution with zero
required management.

Enables quick reaction to Client’s needs via modular architecture –
add functionality and feature sets as fast as, and whenever,
required.
No more, “One size limit’s all”.

Ensures message continuity and enhanced reliability through a
massively parallel, self-healing and redundant channel architecture
that includes integrated in-depth audit reporting and content
filtering capabilities

Assured messaging compliance via enforced messaging formatting
and integrated archiving procedures.

Secure CLIENT-wide messaging through multi-layered anti-virus and proprietary anti-spam technologies in combination
with policy-enforced encryption.

Simplifies and transparently automates delivery of functional module code updates & service enhancements through an
update anytime service-approach and single-point of precision delivery channel.

Modularity architecture eliminates code update defects associated with application rewrites required to add-on / expand
functionality necessary to mitigate new threat vector evolutions.
Sentinel Messaging™ is an outsourced complete SMTP message-processing solution that integrates several proprietary Internet
cyber security & eMessaging components to form a tightly integrated service pipeline.
eStrands™/eMessage™ Processing Element Components include & integrate:

E-mail Distributed-Denial-of-Service Protection (DDoS)

Autoprovisioning and VeriSYNC™ – eliminates manual administration/management of user directories

Anti-Virus – zero hour blocking

Anti-Spam – unmatched spam/legitimate classification accuracy (>99.7% average)

Content Filtering – complex policy-based filtering on 60 different categories

Outbound Processing – Confidential / Proprietary info management

Disaster Recovery - NeverLost™ eMessaging -7-day mail queuing for downed mail servers

Transport-level Encryption - (B2B)

Message-level Encryption - (individual recipient)

Archival - regulatory compliance mail retention

Premium Disaster Recovery - continuous data protection backup with per-user browser-based recovery consoles and
per-user webmail capability
Innovation & Novelty
As a SaaS service, DigiTar Sentinel Messaging™ provides several unique benefits unavailable from appliance and boxed-product
approaches:
 Zero-effort systems administration
 Zero-effort cyber threat signature upgrades
 Zero-effort technology functionality update management
 Single-point of responsibility (“one throat to choke”)
 Sub 1-hour malware threat vulnerability window
 Round-the-clock automatic spam detection updates
 Instant provisioning of additional service features (no downtime, no architecting)
 Elimination of virii and other security threats outside of your perimeter
 Reduction of penetration risk and vulnerability exploits by locating all functional components (i.e. anti-virus, anti-spam,
mail processing engines, etc.) outside of Client’s IT infrastructure.
20090622 1.8
9
CONFIDENTIAL
In addition to the singular ability of Sentinel Messaging™ to dramatically reduce a Client’s mail flow complexity, DigiTar also
provides hand-in-glove support services including automated direct user support on day-to-day issue resolutions.
Benefits and Marketability
In the course of implementing a Sentinel Messaging™ installation for the CLIENT, DigiTar provides the following:
Reduced system complexity – Integrated functionality and cross-functionalities

Eliminate multiple CLIENT-internal tiers of mail functionality (anti-virus, anti-spam, etc.).

Remove the need for CLIENT administration of multiple vendor solutions and supporting infrastructure
(load-balancers, etc.) and improves messaging systems reliability.

Eradicate finger pointing and problem resolution times by providing a single vendor of responsibility.
1. Improve overall communication with operational users and customers

Provides a robust / redundant communication resource and eliminates message latency delays.

User-administered anti-spam quarantines provides unmatched 99%+ classification accuracy and
dramatically increases the quality of the mail stream; thereby enhancing the robustness of the Client’s ecommunication.

Provide support controls, which ensure accountability, security and availability.
2. Eliminate security risks

VeriSYNC™ / Autoprovisioning and confirmation of valid users without the requiring integration with the
Client’s LDAP Directory protects enterprise network structure and confidential information.

Removes requirements to manually manage eMail user Directories. No insecured human activities &
disclosures.

Establish pro-active process controls that pre-empt and obviate potential operational interruptions.
3. Provide turn-key levels of messaging and resource management

As there is no hardware to operate, and no software to maintain or configure, Sentinel Messaging™
eliminates the majority of burdens of conducting messaging management on Client’s mail flow.

Capacity upgrades and feature enhancements are instantly provisioned. Sentinel Messaging™ completely
eliminates the equipment surplus; acquisition and re-purposing that are normally required parts of
eSecurity life-cycle management for optimizing a Client’s mail flow.
4. Eliminate problems of a Monolithic solution (Dedicated Appliance or Server configurations)

No more “all-new” hardware upgrades or undected code defects embodied in rewritten applications.

No more waiting several days for cyber threat signatures updates or cyclical software release
enhancements.

Enjoy Real-time Dynamic load matching of “resources-to-functionality-requirements” and infinite scaling
without limitation.

No single point of failure that takes down the entire network operation.




Disruptive Implications of the eStrands SaaS Technology: Services and Systems
DigiTar SENTINEL “On-Site” Resource Unit [DSRU]
As a systems service resource provider, Sentinel Messaging™ On-Site DSRU scales dynamically to accommodate virtually
unlimited message processing capacity. For a Major Client’s mail flow, DigiTar assures expandable DSRU modular unit capacity
of:
Peak messages per hour capacity: 4,000,000
Sustained messages per day capacity: 61,000,000
Disaster recovery retention period: 7 days
Uninterrupted message flow and latencies of less than 1.5 seconds.
DigiTar’s Fully Integrated SaaS Solution
Currently, the complexity of a Client’s mail flow is largely induced by the variety of vendors (sometimes more than 4)
and number of servers/appliances (6-9) necessary to satisfy all of a typical Client’s required processing (AV, AS, content filtering,
etc.). This does not take into account the ancillary networking and server load-balancing gear required to further support the
current solution.
In contrast, implementing Sentinel Messaging™ consolidates all required message processing functionality into a single
logical unit, and completely eliminates the management headache of an in-house solution. Further, by re-locating the DigiTar
message processing out ahead of the Client’s network (in the red zone), the risk of security breach through an exploit in the mail
flow is completely contained outside of Clients critical infrastructure.
Unlike legacy vendor solutions, Sentinel Messaging™ was not narrowly designed primarily as an anti-spam or anti-virus
solution. Rather, its primary design goal was to create a massively parallel, self-healing and redundant message processing and
logistics pipeline, into which various service functionalities could be plugged easily, reliably and rapidly. As such, all messaging
services offered by Sentinel Messaging™ are designed as fully integrated modules, which plug into a well-defined and robust
messaging backbone. The benefits when compared to competing single and multi-vendor solutions are many-fold.
20090622 1.8
10
CONFIDENTIAL
First, each processing phase (i.e., anti-virus, anti-spam, encryption, etc.) is not an autonomous unit as with typical
competitive single-function vendor (multiple-box and/or applications software) solutions. Rather, each DigiTar Processing element
within each service phase is aware not only of the load and health of other processing elements in the same phase, but also the
availability of other phases downstream. This allows all processing elements within a phase to dynamically absorb the excess
message load from a failed peer, and also to dynamically route around entire phases in the unlikely scenario that all processing
elements in a phase become unavailable (it has never occurred). This resiliency is possible because the services are built on a
common messaging backbone whose primary design goal was to ensure the absolute delivery of every message. Further, since all
services that integrate with the backbone are DigiTar-developed, there is no incompatibility between varying message processing
functionality.
Second, by implementing a common messaging backbone, DigiTar does not have to micro-manage the components in
the pipeline. Rather they interact to self-adjust and self-heal, thereby eliminating the number one cause of system downtime:
human error. Also, this common backbone enables an enforced audit trail/chain-of-custody across services for maximum audit
and regulatory compliance.
Third, for the CLIENT there is no management or administration required at all. All service and capacity upgrades, spam
DNA and AV updates, as well as, service monitoring and repair are handled 24/7/365 by DigiTar. This zero management impact
also extends to the initial installation, where there is no equipment to install or software to configure. All that is required is an MX
eMail redirection.
Fourth, Sentinel Messaging™ uses the well-defined principal of MX-redirection to enable the transparent and secure
routing of CLIENT mail to a DigiTar processing silo. What this entails is changing the mail exchanger (MX) record for the CLIENT
to point first to the DigiTar processing silo, instead of the CLIENT mail host system. At that point, all mail is first delivered to
Sentinel Messaging™ where it is cleaned and processed, after which it is then sent over an encrypted link to Client’s mail servers.
Start-up installations take less than 10 minutes to complete from start to finish. This occurs without requiring the CLIENT to
remove any of the existing mail flow architecture.
Rather than being disruptive to the Client, Sentinel Messaging™ is installed in parallel to the existing mail flow and delivers
around it directly to the Client’s Messaging servers (Java Systems or Exchange). The existing mail flow components that are then
unnecessary and can be inactivated once Sentinel Messaging™ installation is complete and active, thereby ensuring a disruptionless migration.
Overall, Sentinel Messaging™ allows a CLIENT to eliminate several servers and load-balancers from the Client’s existing mailflow, and instead receive a single point of reporting and provisioning for mail services. Also, the CLIENT has “one-throat-tochoke” in terms of support, thereby eliminating the potential finger pointing from disparate multi-vendor solutions. Sentinel
Messaging™ is by its nature as a robust service-oriented solution; the epitome of integrated mail processing.
20090622 1.8
11
CONFIDENTIAL
Company History: DigiTar represents the consolidation of two business entities, DigiTar SP (Founded 2002) {IT
Networking & Cyber Security contract services}, and Spectrum Technology SP (Founded 1992) {high technology business
development consulting company to the data communications and cyber connectivity industries}. DigiTar's founders have
a combined experience of more than 50 man/years in high technology and data communications technology and
management. DigiTar AG. is a Swiss Corporation headquartered in Zug Schweiz with R&D in Boise, Idaho USA. The
Company founders are, Dale Williams, Chairman/President; Jason Williams Vice President CTO/COO and Director of
Finance K. Sipiora-Williams.
DigiTar's primary business Charter is to provide in-depth cyber security network services, for profit, as a managed
security service provider (MSSP) to SMB legal, medical, corporate and financial enterprises as well as large
Municipal/State/Federal agencies and corporations.
The combined paid-in capital of the resulting enterprise is made up of business assets, equipment, purchased technology,
purchased market research, memberships with Homeland Security industry organizations and alliances, purchased
technical training and cyber security certifications, office equipment, furniture, and file systems. Additionally, more than
one thousand (1000+) Man months of DigiTar cyber processing technology, and business and market development
activities, have been completed and funded by the founders at a replacement value of the proprietary IP of more than
$2,000,000.
Capital: Throughout the startup phase the founder’s funded DigiTar R&D activities. All Founders investments have been
consolidated into the Paid-in Capital of DigiTar. In 2005, DigiTar secured long term SBA financing for equipment. In
2006, additional private financing for working capital needs was established. Total debt is as follows:
Total long-term debt and funding history is shown by this table below:
Source of
Date of
Capital
Loan or
capital
venture
Amount
Equity
Founders
2004 /2005
$900,000
Seed
SBA Loan
2005
$250,000
Loan
Pvt Investors
2006 /2007
$400,000
Loan
Sales Objectives / Strategies
1. Penetrate the global/regional Internet Service Providers [ISP], Telcos and IT Sub-Contractor markets, second and
third tier suppliers, to>50% level with DigiTar SENTINEL SMS and CES message processing services. The major Internet
service providers today, namely Microsoft, AOL and Yahoo, have already started major campaigns to lure e-mail accounts
away from competitive suppliers who are promising antivirus and antispam filtering as a part of their service. This leaves
the second and third tier suppliers at a significant disadvantage, because it is costly for any one of them to be able to do
establish Advanced Technology message processing for their user base. DigiTar's SENTINEL technology provides an
immediate and transparent solution for this market, which comprises more than 30 million e-mail accounts, serviced by
1500 second and third tier ISP’s.
2. Introduce advanced service products that expand revenues for SMB and major business enterprise messaging clients
and/or enterprise message content management markets so as to differentiate DigiTar's high-margin DigiTar Sentinel
technology services and make them super-attractive for add-on to in-house enterprise IT traffic management and
productivity value-added programs.
3. Expand DigiTar's rifle shot marketing to targeted Global Distribution Channels, with a broad sales program aimed at
selected-targeted end-user enterprises using Value-Added Resellers and in-country Partner-Agents. The key phrase here
is Market Segmentation.
Keys to Success
The strength and value of DigiTar's technology is most appreciated by those organizations that are subject to new
demands on their capital and technical staff by outside forces and regulations. In the past, smaller and medium-sized
business organizations have been able to operate without extensive record/document security facilities and systems. Now,
with the mandates of several new governmental laws, many companies (including medical clinics, drug stores, law firms,
records repositories, title companies, mortgage companies, real estate firms, brokerage firms {especially satellite
locations}, and many other firms) are faced with compliance investments to their networks and archive facilities. These
new demands are coming at the same time that the cost of supporting ongoing, sustaining operations and updating
requirements, is skyrocketing. As cyber-based communications take over greater percentages of business information
and commerce activities, the need for better cyber security is expanding exponentially.
DigiTar provides the latest state-of-the-art in antivirus, antispam, intrusion-detection & prevention, content filtering,
spyware/Phishing and Hacker attack deterrence, to name a few. The keys to DigiTar's success depend upon timely
penetration of these types of organizations. Initial contacts will be made through regional ISP's who are the primary
20090622 1.8
12
CONFIDENTIAL
connectivity suppliers to the targeted clients. DigiTar will initially distribute its services and SMS technology through ISP’s
as an add-on service and revenue opportunity for smaller regional IPSs. This resolves the need for the ISP to invest in
cyber security enhancements at the same time it is investing in necessary resources required to meet the compliance
issues of their customers who are subject to the new reporting and archival mandates of the federal laws.
Management / Advisory Board C.V.’s
Chairman of DigiTar AG. Previously VP/General Manager Rockwell International, Director of
Marketing Microcomputer Division Intel Corporation; over 30 years experience in the computer, e-business and
telecommunications industries as an entrepreneur and business development consultant.
D W Williams – President
J J W Williams – VP Chief Operations & Technology Officer, > 15 years experience in computer networking applications
markets. He received his BA from Washington & Lee University in Virginia, magna cum laude.
Member of Technical Staff at CyberHighway internet services provider, and as Manager IT and Network Specialist for the State
of Idaho. He has received Professional Certification as a Cyber Security gateway systems expert and is a Member of the ISSA
and Homeland Security Leadership Alliance.
K Sipiora-Williams –VP & Chief Administration Officer, has more than 20 years of business operations experience in high
Technology firms in Silicon Valley. She has been a member of several technology startup organizations and has held senior
financial planning and market development positions with successful entrepreneurial firms. She served as VP of Finance for
Spectrum Technology for 10 years.
Premier European business development experience in Cyber
Information and Advanced Networking technology markets. Executive Sales and Market channel development positions with
leading Europe suppliers: General Manager-NOKIA Internet Communications; Vice President EMEA-Exinda Networks Pty.;
Vice President EMEA & Managing Director- ForeScout Technologies, Central & Eastern European Manager-Ipsilon Networks
Ltd, and Business Unit Director-ADIVA Computertechnology GMBH.
R M Richter – Director Business Development Europe,
H Iino – Director Business Development Japan, Eminently successful Japan entrepreneur and
network systems market
pioneer. Iino san’s business associations include extensive previous collaboration with Matsushita, Fuji and NEC Corporations.
Iino san introduced DigiTar to Sakura KK, the IT division of Mitsui-Sumitomo Bank Group, and major Japan clients for DigiTar
services including Sakushin University of Tokyo.
T Rampelberg, Member of Technical Staff Technology Development, extensive development experience in anti-spam
engines and next generation proprietary cyber security software algorithms. Previous experience includes Performance
Engineering – Mirapoint, and Google, and LDAP, NIS+ and Kerberos distributed authentication services for the Computer
Science Division at Pepperdine University. Tom has a BS in Computer Science from Pepperdine University.
DigiTar Advisory Board:
DigiTar has established a Technology/Business Advisory Board made up of key individuals from several cyber communications
disciplines and business expertise arenas. The Charter of this body is “to facilitate critical reviews, discussions, analysis and
recommendations concerning DigiTar development technology programs and/or business concepts.
R Wagner -Director; 30+ years Contracts Lawyer, as in-house executive counsel in High Tech Fortune 50 Corporations.
Dr. D. Bingham - Senior Scientist – Advanced Technologies, Idaho National Laboratories US Energy Dept.
G Litteer – Scientist – Cyber Security Infrastructure Research, Idaho National Laboratories US Energy Dept.
Dr. D Thompson - VP, Computer Science & Technology Dept Chairman, Pepperdine University; California
T W Tinsley; University Network Security Director, Washington & Lee University; Virginia
Maj. Gen. M Heath (Ret.) – Director Emeritus UK Defense Electronics Research Agency (DERA) England
D Bartlett - Executive VP Operations, IDACOMM [Internet Services Provider] Idaho
C Merrill – Certified Public Accountant, BDO Siedman LLP.
P Thoms – Chairman/ CEO, NXT Private Limited Hong Kong
DigiTar AG of Counsel:
Peter Midgley, Esq.; Lawyer & Partner Zarian Midgley LLP - Boise, Idaho USA
Dr. Christian Faßbender; Lawyer & Partner Waldeck Rechtsanwälte, Frankfurt am Main DE
Peter Hodel; Lawyer & Partner Hodel - Frei Advokatur – Zug Schweiz
Dr. Stefan Klass; Lawyer & Partner BRUHIN KLASS Rechtsanwälte - Zug Schweiz
20090622 1.8
13
CONFIDENTIAL
Company Points of Presence and Facilities
DigiTar's European HQ Domicile is in Zug Schweiz with USA business offices and R&D Operations Center located at a secure
facility (co-located with the Boise Police Substation and the offices of Loomis Fargo armored car services) at Boise, ID 83704.
DigiTar’s Secure Production Operations Center is located in Boise, ID 83709 (see photos below). In addition, DigiTar has
established a DigiTar-Japan business development agency in Ebisu, Shibuya-ku, Tokyo, Japan for Japan and China eMessage
processing markets.
USA Business & R&D Center:
Production Operations Data Center:
20090622 1.8
14
CONFIDENTIAL
Product and Service Descriptions
DigiTar has developed a specialized cyber network security services program known as "Sentinel©", targeted specifically at
SMB Enterprise, Legal, Medical and Professional services and large enterprise businesses. Sentinel© is a low-cost high security
services technology platform specifically tailored in a modular, expandable configuration that is available on a low-cost
monthly basis. DigiTar is marketing these services as annual or multiple year service contracts. Sentinel© is a turnkey solution
which provides all aspects of cyber security needs including antivirus, intrusion detection-prevention, virtual private
networking, content filtering, firewall and bandwidth management.
DigiTar is strongly positioned against its competitors in the managed security services space, due primarily to the combination
of its focus on small-medium business and our proprietary industry-unique methods of detecting and preventing cyber threats.
As compared to competitive MSSP providers, DigiTar provides sub-25 user pricing models that make security affordable to
smaller firms, and when technology compared, DigiTar's Digital DNA method (unique to DigiTar) of identifying and eliminating
message-borne pathogens yields a 99.9+% protection-level that no other services provider can claim, thus making DigiTar a
more attractive solution even to companies as large as 200,000+ users/employees.
Graphical Overview of DigiTar SENTINEL Architecture
Composite overview of SENTINEL SMS and CES services functional processes components.
DigiTar SENTINEL Messaging Services [SMS]: E-mail messaging Protection Services
SMS services monitor and cleanse all domain e-mail traffic; removing Cyber virii and Spam contents from the data
streams between a user's site and any incoming message(s), via the Internet.
DigiTar Complete EnterprisePRO Security [CES]: Complete business cyber security Protection services. CES
provides business protection services, operating 24/7, extending cyber protection to include all web traffic, e-mail,
and private communications between a user and any web site or e-mail host associated with the worldwide web
communication networks. CES enterprise protection provides safekeeping from cyber terrorism, including intrusion
detection & prevention, content filtering, and network performance & bandwidth management.
DigiTar cyber security equipment systems that have proprietary DigiTar functionality integrated as a valueadded component. These products range from cyber filters and software to complete turnkey SOC (Security
Operations Centers) implementations, as customized for specific customers.
DigiTar “On-Site™ & DSRU Licensing of proprietary security services equipment to international partners and major
OEM accounts; and for unique or specific customer requirements which can be added to DigiTar products and
services offerings as standard products for revenue enhancement and competitive sales advantages.
DigiTar Cyber Technology Sales: Licensing of proprietary software and associated security services
DigiTar's market reach strategy targets unique and/or specific customer requirements that can be added to the
DigiTar products and services offerings, as standard products, for revenue enhancement and competitive sales
advantages. Development of an international presence can most effectively be accomplished by developing jointventure partners in targeted market countries who contribute to the efficacy of the services technology, via language
and symbol recognition enhancements to the underlying DigiTar algorithms and processing technology. Local incountry marketing activities by a Licensee/Partner will deliver more timely revenue results at lower costs to DigiTar
than direct expansion into a foreign market by the Company. Licensing of technology allows for a continual (multiyear) sharing of revenue streams without the expense of developing in-country support personnel.
20090622 1.8
15
CONFIDENTIAL
Competitive Comparison
DigiTar SENTINEL SMS message processing cost/benefit ratio exceeds all the top competitors in the cyber security services
market today.
Taken strictly on a cost per user basis, SENTINEL SMS sells for $3.00/month/user [$36.00/Yr] in small company
implementations, (i.e., 3 to 5 users per domain). By comparison, all other suppliers charge $60.00 to $80.00/year/user; and
most of them require a minimum of 50 or 100 users per domain. At higher populations of users/domain, the cost of SENTINEL
SMS is less than $8.00/user/year.
On the technical level, SENTINEL SMS is the “clear leader in performance” due to real-time message processing; no
competitor offers this benefit. Therefore, there are virtually no delays associated with the Processing/Cleansing processes.
Message datum transfer is real-time and never delayed; this means that the recipient is never left "on hold" while the antivirus/anti-spam systems are working.
The following table summarizes the technical features of DigiTar SENTINEL vs. those of the competitive offerings in the
market today.
Competitive Technology Analysis
DigiTar
SENTINEL
McAfee
Mirapoint
Barracuda
SpamCop
Symantec
Ironport
MessageLabs
Google
Postini
Spam Engine
iSTAT©
Spam Assassin
Realtime Black List
Brightmail®
Proprietary
Technology
Dynamic Spam
Trend Alignment™
DNA
Rules
RBL
Bayesian
Rules
YES
NO
NO
NO
NO
YES
Per Individual
Global Rule Based
Global Rule
Based
Global Rule Based
Global Rule Based
YES
Complete User
Control
YES
SENTINEL Auto
Learns from User
Preferences and
Actions
NO
Requires Admin @
Server Level
NO
Requires Admin
@ Server Level
MessageLabs-Yes
Yes
NO
NO
NO
NO
YES
Tailored to User
Preferences
NO
User Must Mark Each
Message for
White/Black Listing
NO
Yes
Yes
Automatic
Quarantine
YES
NO
Sys Re-labels
Message “Subject
Line” Only
NO
Yes
Yes
Secure Personal
Quarantine
YES
NO Quarantine
NO
MessageLabs-Yes
Yes
NO
Symantec/Ironport-NO
MessageLabs-Yes
Yes
User Preferences
User
Self Service
Automatic System
Learning
Personal
White List
Spam Isolated
Complete Content
Anti-Virus
Protection
Spam Catch Rate
NO
YES
Spam is handled after
Outside of the User’s penetrating User’s
Network
Network
YES
Nested Attachments
Included
NO
Simple Virus
Protection @
Additional Cost
NO
NO
Simple Virus
Protection Only
@ Additional Cost
NO
Simple Virus
Protection @
Additional Cost
99%+
Typ 85%-90%
Flattens @ 95%
with Full Time
Network
Spam Administrator
Typ65%-80%
Typ 90%-95%
Typ 90%-95%
20090622 1.8
16
CONFIDENTIAL
Technology
Internet technology has had a significant effect on business processes over the past couple of decades. For that reason, a
new trend in business communications has emerged. Technological advances in electronic mail are attracting the attention of
companies who depend on direct mail for leads. Companies can download potential customer addresses and names over the
Internet and have a host of customer communications out-sourced.
To the recipients, this communications inflow is most times unwanted, and in some cases contains dangerous message
materials. Moreover, this robs the targeted business enterprise of valuable employee productivity time. (See: Cost of Spam
Calculator in the Appendix.)
DigiTar has developed an advanced set of Message DNA algorithms that support all types of system operating environments
including Linux, Windows and Macintosh technology. Moreover, DigiTar has developed feature rich enhancement benefits for
the user so as to eliminate major protocol and size limitations associated with E-mail and Instant Messaging constructs
currently plaguing the industry.
DigiTar Sentinel™ Technologies/Benefits:
iStat© - eStrand© Technology
-Dynamically Adjusts to Block Emerging ThreatsTraditional anti-spam technology methods such as lists, rules and heuristics are all limited in their approach. Sentinel DNA
indexes are highly specialized analysis's designed to detect elements in a message’s DNA. Further, SENTINEL eliminates the
need for constant user updates required by traditional anti-spam technologies.
SENTINEL analyzes the DNA of email to provide a “spam index” gene used to determine and identify spam. Because
SENTINEL analyzes the genetic make-up of email rather than content, it is language agnostic, and are capable of identifying
spam in any language.
SENTINEL is able to track evolving mutations to spam’s genetic structure, delivering updated spamDNA information
continuously, defeating new spam techniques before they can become effective. Sentinel is the immune system for email.
iSTAT© – Powerful Proprietary Algorithms Identify Spam
• Highly specialized iSTAT© programs detect mutations in a message’s DNA
• Sentinel’s iSTAT technology immunizes against evolving spam forms
• iSTAT technology supersedes traditional approaches including content evaluation, lists, rules, heuristics
eStrands© - Proprietary DNA classification Engine
• Sentinel’s eStrand engine, using genetic algorithms, constantly provides most effective spam DNA classification accuracy
• Sentinel eStrand Technology delivers continuously updated eMessage DNA information 24/7
• Sentinel eStrand Technology appends each message with a unique tag enabling future logging services
iMESH™ /”WCL Technology
-Dynamically reacting/adjusting to Morphing DDos AttacksMitigating a Distributed Denial of Service (DDoS) attack requires OSI Layer 3 mitigation combined with Layer 7 intelligence. In
the DigiTar™ systems, this means identifying offending hosts (Cyber Threat Attackers) quickly through numerous Layer 7
anomaly detection processes, and denying those, and similar, hosts the ability to send such content for an amount of time
commensurate with their offenses. The key to stopping a DDoS is to quickly translate threat identification into threat
mitigation.
DigiTar™ created its multi-phased iMESH™ mail transfer system. iMESH™ is a distributed system that consists of multiple
phases that are meshed for resiliency and speed. Each phase of iMESH™ can communicate Layer 7 anomalies back to the very
first phase to enable deep pattern recognition and thereby mitigate extremely distributed attacks.
Key to iMESH™’s mitigation capabilities is its proprietary Weighted Control List™ (WCL™) embedded in the first phase. As
hosts exhibit offending behavior, they are added to the WCL™ with a weight commensurate to their offenses. Repeat offenses
greatly increase the weight, particularly when done at short intervals. The higher the weight, the longer a host will be denied
access to the DigiTar™ ecosystem. A host’s weight decays over time, allowing attacking mail servers the opportunity to be
cleaned up and eventually be considered legitimate again. iMESH™ will also auto-rate limit mail deliveries to protect client mail
servers from floods of legitimate mail.
20090622 1.8
17
CONFIDENTIAL
Sentinel Kamiza™ Overview
-Superior Management Control for select AdminsSometimes it is necessary and beneficial for Client Administrators to be assigned special privileges regarding the governance
of Sentinel Messaging™ operations. The Kamiza Administrator is assigned senior responsibility for a number of important roles
critical to maintaining the maximum efficiency and efficacy of the organization.
Sentinel Kamiza™ enables approved individuals who are assigned Kamiza Administrator status, to access the Sentinel
Messaging™ quarantine of any individual within their organization. This is provided through DoppelGanger™ technology,
which enables a Kamiza Administrator to assume the Sentinel Messaging™ identity of any user who’s Sentinel Messaging™
Portal they need to access. Once a Kamiza Administrator has assumed the Sentinel Messaging™ identity of a user, he or she
can do anything the user themselves could do within their Sentinel Messaging™ Portal, including:

Release false positives.

Change the user’s password.

Change Sentinel Messaging™ Digest delivery frequency.

Administer the user’s whitelist.

More…
Sentinel Kamiza™ empowers any approved Principal, within the organization, to execute the responsibility of maintaining a
constant vigil over their e-mail security.
DigiTar veriSYNC™ Technology
-AutoProvisioningIf/when a DigiTar customer enables/disables a user name in their mail server, Sentinel Messaging™ will notice automatically
that that the user is new-valid or now-invalid. If a user is found to be invalid by veriSYNC™, Sentinel Messaging™ will refuse
to accept new messages and return an error to the sending server, which will then send a bounce to legitimate senders
informing them the message could not be delivered.
On the other hand, if Sentinel Messaging™ notices that a new user has been validated in the Customer’s mail host, DigiTar’s
system automatically provisions the new user in the DigiTar approved user lists. This relieves the customer from the of
draconian bookkeeping and directory integration tasks required by all competitive AV/AS technology suppliers.; DigiTar
automatically keeps track of "active" users eliminating painful periodic manual "culling" by the client administrator and
insecure links to client directories. The elegance of veriSYNC™ is that it works with all customer e-mail systems and
directories, regardless of type.
DigiTar veriSYNC™ Technology (cont)
-Protection from Cyber Security Directory Harvest AttacksThe DigiTar customer can choose between 3 behaviors when veriSYNC™ determines a recipient is invalid:
554 Response: Accept the invalid recipient and return a 554 error. This has the benefit of not telling the spammer which
recipient is invalid. It also provides the benefit that if a legitimate sender types a recipient name incorrectly by mistake, they
will receive a bounce message informing them of the mistake.
This is an exclusive to SENTINEL, DigiTar-proprietary behavior.
No competitor protects against DHA while enabling legitimate senders to receive notification of their
addressing mistakes.
 Silent Drop: Accept the invalid recipient and also accept the DATA section. Then silently drop the message to any invalid
recipients, and deliver the message to any valid recipients.
 DHA Protection Disabled: Send a standard “550 No Such User” error in response to any invalid RCPT TO. This provides no
DHA protection.
Silent dropping of mail to invalid recipients is a crucial security feature that is accepted best practice. Sentinel Messaging ™
veriSYNC™ feature is the “Best-in-Class” mechanism by which we enable this best practice.
DigiTar veriSYNC™ Technology (cont)
-Protection from Denial of Service AttacksDigiTar’s veriSYNC™ technology also continuously protects its’ customers from Denial-of-Service attacks.
A prime example is a DigiTar customer who is a global positioning tracking company. Their devices are used in critical law
enforcement applications, and the devices e-mail their status back to the company who then publishes the data via the web to
their customers 24/7. Very recently, the company's domain saw their gross e-mail traffic jump from 7,000 messages/day to
60,000 messages/day. That jump occurred within an 8-hour period of time, as a result of being targeted by a spam attack.
20090622 1.8
18
CONFIDENTIAL
Because they were protected by veriSYNC™, Sentinel Messaging™ silently dropped the messages to invalid accounts (over
100,000 different user accounts were tried) and the company was able to keep their mission critical e-mail flowing. The
company did not experience any increase in their normal mail traffic (2,500 legitimate messages/day), as DigiTar filtered these
(legitimate eMessages™) out of the deluge of bogus traffic and delivered them to the rightful recipients.
For minimum vulnerability and liability purposes, DigiTar has an unequalled competitive advantage using veriSYNC(tm) to
maximally protect its’ client organizations from both cyber-attacks as well as social engineering that comes from directory
harvests.
DigiTar Technology Benefits
DigiTar “SENTINEL” Technology provides complete cyber messaging solutions.
 Including: low cost 24x7 protection using the most advanced knowledge of attack signatures and eMessage-DNA
properties to block: virus, spam, spyware, polymorphic Internet worms, Trojans, Identity Theft, adware, Intrusion and
application layer cyber attacks.
 Eliminating: need for the customer to hire/expand internal staff or spend capital to achieve complete security of internal
and external network messaging environments.
 Competitive Edge: SENTINEL services are easy (transparent) to integrate; use customer’s existing domain and networks;
no additional infrastructure or personnel required.
 Designed-in “Ability to scale“: DigiTar makes it easy for clients to grow or diminish in headcount, and/or bandwidth
requirements. No client Capital budget “impacts” for additional (or surplus ) hardware, bandwidth, software or personnel
changes.
 Auto-Provisioning: Customers are relieved of draconian bookkeeping and directory integration tasks; DigiTar
automatically keeps track of "active" users eliminating painful periodic manual "culling" by the client administrator and
insecure links to client directories.
 Eliminates costs and maintains maximum client security and separation. [Several 100’s of hours per month of productivity
savings, and incalculable security savings.]
 Threat Classification Accuracy: For the end user client, as well as the VAR/ISP sales channel, this means unequalled
productivity (real $$’s) savings, revenue enhancement and state of the art (99.9% accurate) Cyber Security benefits.
20090622 1.8
19
CONFIDENTIAL
Cyber security Service Market Segments: SMS / CES
DigiTar SENTINEL SMS (SENTINEL Messaging Services)
DigiTar has a highly redundant multiphase security message processing and content cleansing network architecture.
SENTINEL SMS: Use of multiple antispam engines and antivirus engines coupled with 24x7 security updates as to the latest
antivirus signatures and rule sets designated by global cyber security monitoring and cyber terrorism prevention organizations.
SENTINEL SMS blocks objectionable and/or unwanted messaging; removal of spam, spy ware, Phishing, and intrusion attack
software – sites – documents. Material of this nature is removed from the message stream and trashed according to central
cyber security monitoring and client managed security rule sets. Questionable materials are quarantined in a protected clientunique web site for review and disposition by the client, (i.e., "whitelist" if always valuable; "release" to client mail server if
desired this time). SENTINEL will automatically empty the quarantine after periodic reviews by the user; no further actions by
the user to eliminate the spam from the quarantine are required.
20090622 1.8
20
CONFIDENTIAL
For example;
Normally, when someone is sending an e-mail message to "Joe@blow.com", the sender’s mail server interrogates the Internet
name server to locate the IP address for blow.com. The Internet name server returns requested information; in this case that
the blow.com domain is located at IP address 1.2.3.4. Joe is inundated with a torrent of unwanted and hazardous material on
an hourly and daily basis. Management of this in-rush requires considerable time and expense both in regard to personnel
distractions, productivity impacts, acquisition costs of AV software and manual updates on a regular basis. By redirecting Joe's
inbound e-mail traffic to SENTINEL's SMS Cleansing Silo [IP 4.2.1.4], only spam-free and virus-free e-mails are allowed
through. All virii, worms, etc. are trashed and the spam is quarantined in a secure user-personal quarantine site, away from
the enterprise network. An additional benefit to the enterprise is the cost reduction associated with expanded
network/bandwidth infrastructures no longer burdened by supporting messaging traffic flows that were clogging up the
Enterprise's Voice/Data communications facilities.
20090622 1.8
21
CONFIDENTIAL
DigiTar SENTINEL CES (Complete Enterprise Security)
SENTINEL CES: DigiTar’s on-site client premise Sentinel provides complete Enterprise-wide intrusion prevention and
virtual private networking capability, which augments the secure messaging services from the Sentinel SMS configuration.
SENTINEL CES builds on the SMS message processing engines, for SMTP traffic, and broadens the datum processing activities
by adding custom HTTP traffic engines and algorithms that clean web content, File Transfer Protocol files, Instant Messaging
traffic and provide Intrusion Detection and Prevention processing as well as Virtual Private Networking communications.
As with SENTINEL SMS, SENTINEL CES blocks objectionable and/or unwanted Web content material and provides removal of
Virii, Spyware, Phishing, and Intrusion Attacks delivered by Software/Sites/Documents. Material of this nature is removed
from the Datum stream and trashed according to central cyber security monitoring and client managed security rule sets.
Again, questionable materials can be quarantined in a protected client-unique web site for review and disposition by the client,
(i.e., "whitelist" if always valuable; "release" to client mail server if desired this time).
SENTINEL will automatically empty the quarantine after periodic reviews by the user; no further actions by the user to
eliminate Datum from the quarantine are required.
20090622 1.8
22
CONFIDENTIAL
Enterprise Security with SENTINEL CES Technology
Internet
Hacker Bob
Enterprise Branch
Offices
Secure SMTP
Secure HTTP
Remote Sites
VPN - Secure VoIP
CES
Work at Home
Dedicated VPN Link
Major
Customer
On-Demand VPN Link
PBX
PBX
SENTINEL
DigiTar SENTINEL SMS
Secure VoIP
Web Server
Hotel / Home / Cust Site
Secure VoIP
Secure HTTP
Secure SMTP
V
oI V
P oI
V
P oI
V
P oI
P
Mail
Server
DigiTar Client Services
Enterprise HQ
Offices
CES Secure Services: AV / AS / CF / I PS / BW /VPN
Sentinel CES/VoIP – Providing VoIP Security & QoS
A key issue for VoIP phone system deployments is the problem of normal data traffic plugging networks lines, and leaving
little or no room for VoIP traffic. This is particularly the case with Service Provider (SP) deployments, where the SP controls
the quality of service (QoS) inside the SP network, but cannot control how the customer uses the T1 or DSL that provides
service over the “last mile”. Often, the customer will use their network link to full capacity (i.e. downloading PDFs or watching
videos) thus making it very difficult for VoIP calls to maintain their quality…if they can get through at all.
Adding to this situation is the recent FCC ruling that VoIP SPs must provide
911 access, thus making the problem of an unusable VoIP installation
particularly acute. Moreover, VoIP handsets are susceptible to the same virus
infections, exploits and Denial-of-Service (DoS) attacks that plague standard
computer systems.
“… CES… guarantees VoIP
quality and availability,
regardless of the client’s
Internet usage profile.”
Sentinel CES/VoIP secures the VoIP handsets, and, in addition, guarantees minimum available bandwidth levels to those
handsets. By deploying CES/VoIP, VoIP SPs can guarantee VoIP quality and availability, regardless of the client’s Internet
usage profile. Undesirable-effects of attacks on VoIP handsets include: phone calls by unauthorized third parties (i.e.
suspicious calls to Afghanistan on your bill), eavesdropping, and complete incapacitation of your VoIP systems. CES can
ensure both the security of your calls, and protect the capability to make them.
20090622 1.8
23
CONFIDENTIAL
Future Products and Services
Next Generation DigiTar -PRODUCT ENHANCEMENT PLANS/PRIORITIES – CONFIDENTIAL
1.) SENTINEL “Today” Enhancements:
Pattern-based routing & policy groups.
Dynamic Address extensions.
New Portal with web APIs underneath.
Managerial executive console [Confidential PRD]
IBM Lotus-Domino Plug-in & Integration
2.) SENTINEL “Next Generation” Technologies:
TweetComplete™ Micro-Blogging Tools [Confidential PRD]
MaxIM™ Secure Instant Messaging [Confidential PRD]
eAttach™ Protection Services [Confidential PRD]
MadAve™ Advert Revenue [Confidential PRD]
SMS Wireless eMessaging™ [Confidential PRD]
These development activities are sensitive work product of DigiTar technical team, and will be a part of patent and Intellectual
Property filings covering state-of-the-art messaging management, and smart wireless technologies along with instant
messaging Web2.0 security. Introduction of these service products is scheduled during late 2009 through 2011. The
heretofore-unavailable features and capabilities of these advanced technologies will revolutionize the way providers service
their clients. Moreover, they will infinitely expand revenue communications currently “blocked” due to system limitations of
today’s network implementations. Lastly, these products will "unfetter" the next generation smart phone 3G capabilities when
it comes to eliminating "malware" (voice and eMessage Spam) and other cyber attacks these new phones are subject to.
Summary Market Characteristics:
SMB Market: Average Range Client Size 50 to 250 users/client
Large Enterprise Market: Average Range Client Size 750 to 5000 users/client
Larger Gov/Telco/ISP Enterprise Market: Range Client Size 25,000 to 3.5 million users/client
Anticipated changes in the client makeup will be driven by the bi-furcations of eMessaging structures and the impact of .MOBI
on the organizations. eMail as we know it today is evolving and expanding alone the “needs” lines of usage.
In particular “Text Messaging” and “Instant Messaging” are replacing portions of the normal short context emails of the past.
Immediacy of connection and feedback is the big attraction of these communications mediums. Even newer eMessaging
Channels are appearing as “Opt-In” Micro-Blogging message delivery conduits (Twitter/Tweets).
These will further expand / enhance the efficacy of eCommunications and have significant impacts on future concepts of
Business and operations campaigns of all types (Marketing, Services, Political, Public Relations, etc.).
Likewise, it is impossible to escape the evolution of wireless “Mobile” connectivity. Products such as iPhones, Blackberrys,
and new Nokia smart handsets are bringing the information directly to the user without the need of in-house networks
and client hardware systems.
Fortunately for DigiTar, these evolutions were considered as a part of the backbone technology architecture of our all
types of “eMessagingAlignment™ charter and long term business objectives. Also fortunate, is the fact that these new
Communications implementations are massively insecure in their HTTP transfer protocols. They open additional requirements
and applications for DigiTar technology available today and planned for release in the future.
DigiTar’s services market is getting exponentially larger and less competitive (for a while) at the same time.
A contra positive trend, to the above, we see with very large enterprise clients planning to move to services “On-Site”.
Select types of enterprises are driven to seek better functionally and costs but wish to do so with on-site data processing
storage and management. These orgs are highly regulated in some cases and worry about data processing outside their
physical plant for PR and ethereal reasons. Inquiries from Japanese and USA bank clients have suggested a desire/need
for “DigiTar On-Site” and/or “DigiTar In-a Box” embodiments with remote management and updating of on-site
operations being performed on client traffic. As discussed earlier, DigiTar technology is massively modular and redundant
to maximize performance and reliability. DigiTar has been working with its hardware technology partner, SUN
Microsystems, Inc., on development of server-storage technology systems that embody multiple virtual processing
Elements using SUN’s “Secure SOLARIS” Operating system and multi-Threaded server architectures. This is a long term
Vision-of-the-future concept which is not included in the financial projections. It is included here for completeness of
Disclosure and insight into the modularity of our technology.
20090622 1.8
24
CONFIDENTIAL
Market Analysis Summary
Enterprise Security: As recent virus attacks vividly demonstrated, companies large and small are struggling to maintain
around-the-clock network security. Occurring nearly simultaneously,
the Blaster, Welchia, Sobig.F and Conflicker worms ripped through
“the need for better cyber security is
hundreds of thousands of corporate computers, resulting in untold
expanding exponentially.” [Gartner]
damages and lost productivity. This was followed by even more
devastating epidemics of MyDoom, Bagle, and NetSky worms. In such an atmosphere, how can small businesses maximize
their IT investments and successfully manage security?
“in-house teams struggle to understand and defend
against the latest security threats because this
requires constant system monitoring – something
that few small businesses can afford”. [Gartner]
Handling security in-house: Small/medium sized
businesses are in a unique – and extremely challenging
– position when it comes to combating security threats.
Lacking the IT staff commonly found in enterprise
operations, they must nevertheless protect their network from attack. This normally entails formulating a security policy and
implementing firewall, intrusion detection, virus detection, and other security technologies. But even after taking these steps,
the challenge remains of how to manage the security effort. Security, after all, is not static, and small businesses – like any
other operation – must be prepared to proactively monitor, maintain, and upgrade their network protection.
According to market researcher Gartner, at most companies, the staff responsible for these security functions is also
responsible for other activities and spends most of its time on non-security projects. For resource-constrained small
businesses, Gartner added, such added responsibility is often too taxing.
The bottom line: maintaining the necessary vigilance in these days of “zero-day” attacks requires significant investments in
staff, IT systems, and training. NB: DigiTar provides “Zero-Hour”
Protection!
Michael Osterman reported in 2006 “The trend to
integrate messaging security will continue,
Outsourcing the security operation: The cost-effective alternative is
driven by an increasing number of organizational
for small businesses to outsource the management and monitoring of
requirements for messaging security focused on
stopping malware, spam and phishing attacks;
their network security to an MSSP like DigiTar. An MSSP can combine
plus adding secure messaging, archiving, content
advanced technology with expert human analysis, enabling a small
filtering for compliance and other services.”
business to cost-effectively strengthen its security posture. An MSSP can
“Messaging Security Market Trends, 2005-2008,
also provide a level of technology and expertise that ensures rapid
An Osterman Research Multiclient Study, 2008.
response to real threats. In general, an MSSP’s services include timely
phone and email access to security monitoring staff and Web access to
reports on such things as device status, change requests, and service
level performance. Most importantly, by effectively solving security
problems, these services enable small businesses to focus on their core, everyday business issues.
Security Management: Small/medium sized Business (SMB) need the benefits of maximum protection, and minimized
threat-discovery to threat-destruction time just like the large enterprises. In-short, World-class security, Maximum Protection,
but at minimum costs
SMB Threats Summary:
 -Worldwide problem
 -Everyone connected to the Internet is a target.
 -Automated tools, blended threats, and worms increase exposure.
 -Systemic problems, vulnerabilities and configuration errors, make security more difficult
Market Segmentation
DigiTar's markets are rapidly growing and are tied to cyber security demands of today's Information Technology world.
Information security is required at all levels – personal level, corporate level, state and national level. According to the U.S.
Department of Homeland Security, there is a steady rise in the occurrence of cyber attacks. As per a recent survey, cyber
attacks cost businesses more than $ 46.2 billion (2007) in damage and clean up cost, while the cost in 2000 was $17.1 billion.
Some enterprises were forced to shut down whole networks to fix the problem. Thus, there is clearly a sizeable requirement
for DigiTar's cyber security products and services for many years.
Major market segment: Sales of E-mail messaging Protection Services:
A very high demand market for 24/7 services that monitor all domain e-mail traffic and remove Cyber virii and Spam
contents from the transfer data streams between a user's site and any incoming message(s) via the Internet.
Major market segment: Sales of Complete business cybersecurity Protection services:
A major market for business protection services operating 24/7 that extends cyber protection to include all packetswitched data traffic, and private communications between a user and any web site or e-mail host associated with the
world-wide web communication capabilities. Complete enterprise protection provides protection from cyber terrorism,
including intrusion detection & prevention, content filtering, and performance & bandwidth management.
20090622 1.8
25
CONFIDENTIAL
Major market segment: Sales of cyber security equipment and systems that have proprietary DigiTar functionality
integrated as a value-added component.
These products range from cyber filters and software to complete turnkey SOC (Security Operations Centers)
implementations, as customized for specific customers.
Custom market segment: DigiTar “On-Site™ & DSRU Sales & Licensing of custom software and Joint Venture
proprietary security services to international partners and major OEM accounts; and for unique or specific customer
requirements which can be added to DigiTar products and services offerings as standard products for revenue
enhancement and competitive sales advantages.
Market Analysis – TAM Customers/Application
2005
Potential Customers
eMail messaging Protection:
Complete Enterprise Cyber
Protection:
Cyber Security Services:
Proprietary Technology: DSRU
Licensing
MSSP ManSecServices
Other
2006
2007
2008
2009
2010
CAGR
690,000,000 803,850,000 936,485,250 1,091,005,316 1,271,021,193 1,480,739,690
16.5%
15,000,000
19,950,000
26,533,500
35,289,555
46,935,108
62,423,694
33.0%
11,000,000
14,300,000
18,590,000
24,167,000
31,417,100
40,842,230
30.0%
3,405,000
5,771,475
9,782,650
16,581,592
28,105,798
47,639,328
69.5%
1,000,000
100,000
1,200,000
115,000
1,440,000
132,250
1,728,000
152,088
2,073,600
174,901
2,488,320
201,136
20.0%
15.0%
720,505,000 845,186,475 992,963,650 1,168,923,551 1,379,727,701 1,634,334,398
Total:
17.8%
Source: International Data Corporation (IDC)
Target Market Segment Strategy [Spam Market Drivers]
Spam, commonly defined as, “unsolicited commercial e-mail”, is a powerful advertising channel for many products and
services. As a result, spamming has become a profitable business, driven by the low cost of sending e-mail compared to other
direct marketing techniques. The high return on investment for spammers has resulted in an overwhelming volume of
unwanted messages in personal and business e-mail boxes.
Consider this: Conducting a direct mail campaign costs an average of
$1.39 per person, meaning that a response rate of 1 in 14 is
necessary just to break even on a $20 item. Selling the same $20
item via unsolicited spam e-mail costs only $0.0004 per person,
meaning that a response rate of 1 in 50,000 gets the seller back to
break-even; anything above that is gravy.
DigiTar SENTINEL SMS Simply
Stops Spam and Other E-mail
Threats from Entering Your
Networks!
Phishing
Phishing is a specific type of spam message that solicits personal information from the recipient. Phishers use social
engineering techniques to fool recipients into believing that the message originated from a trusted sender. These attacks are
especially dangerous because they often con victims into divulging social security numbers, bank account information or credit
card numbers. In one six-month period, from November 2005 to May 2006, Phishing attacks increased in frequency by 4000%
and the trend continues upward.
Spoofing
Spoofing is an especially deceptive form of Phishing/Spam that hides the domain of the spammer or the spam's origination
point. Spammers often hijack the domains of well-known businesses or government entities to enhance the validity of their
commercial message or scam.
An example of spoofing is an e-mail that appears to come from a bank requesting that users log into their account to update
or correct personal information. When the users follow a link embedded in the e-mail, they are redirected to a site that looks
and behaves like the expected bank website. However, unbeknownst to the soon-to-be identity theft victims, the site is
actually controlled by the scam artists who sent the e-mail. Any and all information entered by the victim can now be used in
a variety of ways, none of them good.
Today's spammers are craftier than ever before and have begun blending elements of both Phishing and Spoofing into their
messages, further spinning their web of deception. The toxic combination of Spoofing and Phishing presents a dangerous
major threat that can trick most anyone into providing personal information to a stranger.
Toothless Legislation
In 2004, President Bush signed into law the "Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003,"
or "CAN-SPAM Act". While well intentioned, CAN-SPAM has done little or nothing to curb the flow of unwanted e-mail. In fact,
an estimated 97% of all spam e-mail sent in 2008 violated the Act, and the United States still dwarfs other nations in terms of
the origin of spam, with research revealing that an astonishing 85.9% of all spam comes from U.S.-based IP addresses. While
CAN-SPAM was designed to decrease the overall volume of spam, the exact opposite has happened: in 2004, spam accounted
20090622 1.8
26
CONFIDENTIAL
for approximately 77% of all e-mail traffic, and Phishing attacks continue to increase exponentially, with studies showing an
increase of 10,000% from November 2006 to May 2008.
Why Anti Spam Software for the Desktop is Not Enough
(See: Symantec Hit by Large-Scale Flaw )
The dramatic increase in spam volume has prompted a corresponding surge in stand-alone anti spam software solutions for
the desktop, all with varying levels of effectiveness. Some anti spam software uses text filtering to screen incoming messages
for known characteristics of spam, while other solutions rely solely on reputation systems, which monitor and categorize email senders by IP address according to their sending behavior. Still other anti spam software uses "challenge/response
filters" to block unapproved mail until the sender responds (manually) to a challenge e-mail sent to their e-mail account to
verify his or her identity.
With so many different methods of filtering spam, no single software-based desktop anti spam solution is capable of
effectively stopping spam before it reaches the inbox. The only way to successfully fight spam is by employing DigiTar's
SENTINEL anti-spam "DNA" technology. SENTINEL's anti-spam engine is tailored to each user's requirements and coupled
with constant updates from global spam definition lexicons plus DigiTar's proprietary spam DNA recognition algorithms. Most
importantly however, is the positioning of an effective anti spam solution, ahead of the e-mail gateway, not at the desktop.
Without protection ahead of the gateway, mail servers waste massive amounts of bandwidth, cpu utilization and storage
space processing every message (wanted or not) and end-users face the unenviable task of deciding what to do with the
countless spam messages that successfully reach them. DigiTar SENTINEL deals with spam and other attacks before they get
inside your network, thereby adding a critical layer of security and separation from the "malware" and your internal
operations.
Take a Consolidated Approach to Anti Spam
Because it takes a person several moments to process a message and identify it as spam, it is critical to automate that human
process, thereby eliminating the impact on employee productivity and business costs in dealing with the removal of spam from
the workplace. In addition to effectively identifying spam, businesses must be assured that legitimate mail is not blocked in
error. Even one false positive, or incorrectly blocked e-mail, can have a significant impact on businesses today. Accurate spam
processing requires a combination of analyses to properly examine various message criteria combined with real-time
intelligence data.
By utilizing DigiTar's advanced DNA message analysis technologies, and placing the Anti-Spam solution ahead of the network
e-mail gateway, an enterprise can retake control of their inbox while improving bandwidth utilization and saving costs.
Global Market Demand [24 Hour/Day Assets Leverage]:
DigiTar supports its’ Global customer demand is via high speed Fiber-Optic connectivity (between DigiTar and the global client
location) and requires a limited number of DigiTar Data Centers. Non-overlapping maximum active user periods yield rolling
regional demand loads of 90% of Regional message traffic occurring between 0900 thru 1100 and 1400 thru 1600 local time.
DigiTar Facility utilization is defined by the demand usage levels (active Users) associated with 24 1- hour Periods/Area; given
12 service Regions (World-Wide) and total client User Base as follows: [Greenwich Mean Time=Z Time]
1
2
3
4
5
6
7
8
9
10
11
12
Area/Region
EEC/United Kingdom
EEC/France\Germany
Mid East/Israel
Mid East/Dubai
India/Delhi\Mumbai
China/HKG\Shang\Beijing
Japan/Tokyo\Osaka\Kyoto\Nara
Australia/Sydney
USA/LAX
USA/DEN
USA/CHI
USA/NYC
∆ to Z Time
+0 Hours
+1 Hours
+2 Hours
+4 Hours
+5 Hours
+8 Hours
+9 Hours
+10 Hours
-8 Hours
-7 Hours
-6 Hours
-5 Hours
Total Users
500,000
2,600,000
100,000
100,000
500,000
1,750,000
3,500,000
300,000
2,500,000
1,250,000
2,500,000
4,500,000
20,100,000
Max Active user Peak Load
250,000
1,300,000
50,000
50,000
250,000
875,000
1,750,000
150,000
1,250,000
625,000
1,250,000
2,250,000
3,510,000(1)
Note(1): Maximum Regional User periods (demand levels) do not align with any other regions; therefore, DigiTar needs
support for a maximum user load of 3.5 M users (Peak Load) of 20.1M clients.
Examples: India client eMessage processing by DigiTar USA requires 800mSecs (0.8 Secs) total message transfer time
(From/Return) plus 200m/Sec processing time at DigiTar Data Center; Total >2.0 Sec message latency time.
Austria client eMessage processing by DigiTar USA requires 400mSecs (0.4Secs) total message transfer time
(From/Return) plus 200m/Sec processing time at DigiTar Data Center; Total >1.0 Sec message latency time.
20090622 1.8
27
CONFIDENTIAL
Business Models: 2010 Global Served Available Market
Active Users:
20,100,000
Peak Users:
Monthly Revenue/User@
3,510,000
$0.58/User(2)
$11,658,000
Gross Annual Revenue
$139,896,000
Note(2): Discounted net revenues to DigiTar after Marketing/Sales regional absorption costs.
Business Models: 2012 Global Served Available Market
Active Users:
58,750,000
Peak Users:
Monthly Revenue/User@
7,000,000
$0.43/User(2)
$25,262,500
Gross Annual Revenue
$303,150,000
Note(2): Discounted net revenues to DigiTar after Marketing/Sales regional absorption costs
20090622 1.8
28
CONFIDENTIAL
What the CyberSec Market Needs:
Network Security Solutions Must Evolve:
Security Challenges and Needs

Solutions that ensure business continuity, network availability, and applications access to secure centralized office
locations as well as distributed remote workers.

Protection against today's complex blended threats and unknown attacks

Proven security that does not require constant increases in security staff to select, deploy and manage security
solutions

Scalable management solutions that contribute to business unit efficiency and meet regulatory compliance

Reduce acquisition, installation, and management costs associated with security functions
Market Trends
DigiTar's markets are rapidly growing and are tied to cyber
security demands of today's Information Technology world.
..steady rise in the occurrence of cyber
attacks (48 % rise 2003, 67% rise in 2005,
76% rise in 2007, 84% rise in 2008)
[US Dept of Homeland Security]
Information security is required at all levels – personal level,
corporate level, state and national level. According to the U.S. Department of Homeland Security recent survey, 2007 cyber
attacks cost businesses more than $ 46.2 billion in damage and clean up cost, while the cost in 2002 was $ 17.1 billion. Some
enterprises were forced to shut down whole networks to fix the problem. Thus, there is clearly a sizeable requirement for
DigiTar's cyber security products and services for many years.
20090622 1.8
29
CONFIDENTIAL
Current Security Trends






The Number of threats is increasing year over year; over 2,600 new vulnerabilities documented in 2003; over 56,000
in 2004, over 552,000 in 2006 and over 3,504,000 in 2008.
Many new vulnerabilities are easy to exploit with many applications and protocol code being made public for scripting
and interface
Sophistication of threats are evolving – severity of vulnerabilities are increasing
Time of infection is now very fast requiring IT to react much faster
Malicious Code which exposes confidential data has increased significantly–Blended attacks against Microsoft have
increased 10,000 fold
The motive and intent is changing – moving from notoriety to financial gain garnered by theft of financial and
personal information
Market Growth
In the first quarter of 2003, there were an estimated 30,000 Internet Service Providers in the United States alone:
In particular;
 5,000 are colleges and universities.
 1,800 are fixed wireless service providers1, including “community” or non-commercial shared networks.
 2,500 are Wi-Fi Wireless network nodes, “hot points,” and similar free-access services.
 15,000 are Multi-Tenant Unit and Multi-Dweller Unit providers, serving apartment buildings, office buildings, college
campuses and other properties2.
 12,300 are dialup and broadband services offered by independent ISP’s using incumbent telephone companies.3
8,000 are rural and independent ILEC telephone companies that offer broadband and narrowband Internet services.4
 1,000 are cable television companies, including cable over-builders, private cable systems, and local and national
cable providers that offer broadband Internet services.
 340 are cyber-cafes, resorts, shopping mass kiosk sites and others offering Internet access.
 100 are competitive local exchange carriers that offer broadband services, wireless or dial-up services.5
 125 are “virtual ISP” services such as the AFL-CIO and the Republican Party, which operate Internet services but
have no infrastructure or support of their own.
 Today (2009) there are an estimated 155,000 of additional global ISP’s, including the remnant “free” services, Fiberto-the-home (FTTH) providers, powerline providers, information services, private ISP’s and virtual private networks,
corporate ISP services, and web hosting companies.
1
Source: In-Stat/MDR, March, 2003.
Source: Broadband Properties Magazine, 2003
Source: Combined data from Verizon, SBC, BellSouth and Qwest
4
Source: US Telecom Association, 2003
5
Source: New Paradigm Resources Group “CLEC Industry Report 2003”
2
3
20090622 1.8
30
CONFIDENTIAL
According to the U.S. Internet Industry Association, the major trends affecting the Internet service provider industry in the
opening years of the 21st Century are:

The growth of broadband. 33 million Americans were online via broadband as of the end of 2003. Broadband
posted a 59 percent growth rate in 2002, while dial-up accounts declined by 10 percent.6 Broadband connections
surpassed dial-up connections in 2007 and virtually will replace dial-up by 2010.7

Evolving Internet services. Traditional Internet services -- email, web browsing and e-commerce – continue to
grow. Email messaging will increase by 40% per year through this decade, according to the Gartner Group. And the
US Department of Commerce notes that retail sales online surged again last year, up 58 percent over 2007. Added to
these traditional applications are a new generation of network services that include peer-to-peer file sharing, instant
messaging, Internet to cell phone integration and text messaging, and Voice-Over-IP telephony. These services will
combine with other telecommunications and video services over broadband to drive growth and profitability.
Email Subscribers: According to Jupiter Research, as of September 30, 2008 the total number of global ISP subscribers was
812.1 million. This number does not include subscribers at work, at universities, or in government.
The US Bureau of Census reports revenue data that covers the 1997 through 2008 periods indicating a 36% CAGR growth of
DigiTar’s initial key market, “Internet access services”, also known as Internet Service Providers [ISP’s]. Estimates of growth
through 2011 and beyond are based on Census data and industry forecasts completed by the U.S. Internet Industry
Association [USIIA], The Internet Security Alliance [ISA] and Jupiter Research.
Source: U.S. Bureau of the Census, Economic Census
NAICS Code:
Title:
Sector:
Definition:
518111
Internet service providers
51
This industry comprises establishments known as Internet service providers. Establishments in this industry
provide client’s access to the Internet and generally provide related services such as Web hosting, Web
page designing, and hardware or software consulting related to the Internet connectivity. Establishments in
this industry may provide local, regional, or national coverage for clients or provide backbone services
(except telecommunications carriers) for other Internet service providers. Internet service providers have the
equipment and telecommunication network access required for a point-of-presence on the Internet.
2007
Product line
code
Description
35550
Internet access services
35551
Internet access services: Narrowband
35552
Internet access services: Broadband
Ten Year Profile & Projection:
518111-35550
2001
2002
2003
2004
Revenue/Yr
$16,170
$20,374
$24,163
$30,108
$x1,000,000
23.90%
26.00%
18.60%
24.60%
Yrly AGR
6
7
Number of establishments
16, 394
3,917
13,620
2005
$38,809
28.90%
2006
$52,392
35.00%
2007
$71,777
37.00%
2008
$99,053
38.00%
2009
$137,683
39.00%
2010
$192,756
40.00%
See http://cyberatlas.internet.com/markets/ broadband/article/0,,10099_1570321,00.html
Study By ARC Group, referenced at http://cyberatlas.internet.com/markets/broadband/article/0,1323,10099_985891,00.html
20090622 1.8
31
CONFIDENTIAL
Value Proposition
DigiTar provides a complete low cost "Turn-Key" solution to its clients including all hardware, software, 24 hour updates to the
virus and spam filters, and all management and reporting of the events and the results of all traffic scanned and/or purged.
No other supplier, to date, has the breath of services or system user benefits comparable to DigiTar.
By providing complete solutions, including custom programs and/or feature sets, the client can remain focused on their own
business activities without the need to expand internal staff and facilities in order to meet regulatory compliance issues or
business data management needs.
Distributing a Service
DigiTar will initially distribute its SMS and CES service products to end users through Independent IT Contractors, VARs and
Internet Service Providers (ISP's). In concert with sales through ISPs, DigiTar will also promote and distribute through its own
web site and allow customers to sign up and pay via credit card for its SMS services. DigiTar's direct distribution sales plan
includes positioning regional agents (commissioned sales) in key metro areas for business development of medium and midsized business firms and enterprises.
DigiTar direct sales of security services will be handled by the Regional ISP’s and Value-Added IT-Contractors and Resellers
and in-country Partner/Agents, both domestic and international.
Development of select USA and certain international markets will be pursued with an objective to form a joint venture
business relationship wherein DigiTar will license its technology, and co-location equipment, to substantive regional partners
who have the market contacts, depth, technical expertise, and financial where-with-all to establish leadership revenues for
DigiTar via franchise and royalty fees commensurate with the served market.
Competition and Buying Patterns
The traditional cyber security industry has been dominated by only a few major manufacturers: Symantec, McAfee,
MessageLabs, and Postini; and then come the low-end players: Spam Assassin, SpamCop, and Barracuda. With the exception
of the high end players, MessageLabs (Purchased by Symantec 2008) and Postini (Purchased by Google 2007) who maintain
their own sales forces, the other manufacturers distribute and sell mainly through authorized dealers, retailers or via their web
site.
Given the rapidly growing cyber security threats, the future will most likely be dominated by the same participants as
described above. While Symantec has been a past leader in the sales of single function per user "boxed" products, McAfee has
emerged as both an innovator, and a leader, in this area as well.
Main Competitors
The cyber security "services" market has been dominated by MessageLabs, and Postini who offer very expensive solutions,
primarily to the large corporations and government agencies business markets. While these services offer extensive features,
they are increasingly ineffective at coping with rapidly changing spam trends and are inflexible to the scaling + specific needs
of the individual customer. Some competitors, (Ironport), offer/require the user enterprise to purchase a combination of
software and hardware products. This makes the integration of security products (hardware) into the user’s network topology
much more difficult and expensive; and requires in-house IT Management personnel.
Customer Benefit-Value Proposition
DigiTar makes it easy for both regional and international Internet Service Providers (ISP’s) to play a larger role in combating
viruses. ISP’s will be offering DigiTar security services that scan all incoming and outgoing mail for viruses and spam; if a
user's machine comes under attack, DigiTar will block the attacking traffic, notify the ISP, and perform automatic disinfection
of the traffic. This kind of resource will allow ISP’s to charge a fee for the cyber security protection which will grow their own
business more quickly and with reduced competitive pressure from other ISP’s who do not offer DigiTar Sentinel competitive
edge services.
No other supplier, to date, has the breadth of services or the reporting systems comparable to DigiTar for the
same cost to the customer.
By providing complete solutions, including custom programs and/or feature sets, the client can remain focused
on their own business activities without the need to expand internal staff and facilities in order to meet
regulatory compliance issues or business data management needs.
Competitive Edge
DigiTar SENTINEL SMS/CES services are easy (transparent) to integrate and utilize within the users existing domain and
networks without need for additional infrastructure or personnel. Because of the "designed-in ability to scale", DigiTar makes
it easy for its clients to grow or diminish in size, and bandwidth processing requirements, without budget impacts for
additional/excess hardware, bandwidth, software and personnel issues.
20090622 1.8
32
CONFIDENTIAL
DigiTar has built-in a proprietary "Auto-Provisioning" technology whereby customers are relieved of draconian bookkeeping
and directory integration tasks that competitive offerings require. DigiTar automatically keeps track of "active" users in the
client domain and charges only for users that utilize our service during the calendar month. This eliminates painful periodic
manual "culling" by the client administrator, as well as capricious and insecure “LDAP” links to internal client directories, in
order to keep costs in line with actual use and maintain maximum client security and separation. This can amount to many
man-hours per month of productivity savings, and incalculable security savings.
DigiTar's technical staff is unequalled in the innovation of cyber security concepts and implementation of unique DNA
algorithms and system constructs. DigiTar will pursue patents and intellectual property rights filings that will differentiate and
protect DigiTar's core technology strengths from competitive offerings.
Joint selling with major VAR & ISP sales managers and training of their sales personnel allows DigiTar to capture the power of
multiple & broadly distributed sales organization(s) throughout the USA, and internationally, without having to directly pay for
these large sales teams before real revenue is achieved from the sales region.
DigiTar has developed the cyber security industry's first secure service solution to voice over internet connectivity (VoIP phone
systems). VoIP is becoming a major growth market, especially in the small-medium sized business markets. Operational cost
of these systems is far below that of standard phone and PSTN tariffs from RBOCs. However these systems (Digitized Voice)
are subject to the same cyber attacks that business computers are. DigiTar plans to exploit the VoIP market with its "secure
VoIP" services in concert with ISPs that are investing in this area in order to expand and differentiate their service offering to
their regional markets.
Marketing Strategy
DigiTar makes it easy for both regional and international Independent IT Contractors and Internet Service Providers (ISP’s) to
play a larger role in combating cyber threats. VAR’s and ISP’s offering DigiTar security services are delivering complete "TurnKey" solutions to its clients including all hardware, software, 24 hour updates to the virus and spam filters, as well as all
management and reporting of the events and results of all traffic scanned and/or purged. No other supplier to date has the
integrated breadth of services or the reporting systems comparable to DigiTar. This kind of resource allows ISP’s to charge a
fee for the cyber security protection which will grow their own business more quickly and reduce competitive pressure from
other ISP’s who do not offer DigiTar Sentinel competitive edge services.
DigiTar provides a deep discount, up to 50%, to resellers of SMS and CES services.
By providing complete solutions, including custom programs and/or feature sets, the client can remain focused on their own
business activities without the need to expand internal staff and facilities in order to meet regulatory compliance issues or
business data management needs. DigiTar's technical staff is unequalled in the innovation of cyber security concepts and
implementation of unique DNA algorithms and system constructs.
DigiTar has extensively modeled the costs associated with providing cyber security services for a broad spectrum of account
sizes. DigiTar has developed an aggressive pricing strategy that saves clients significant costs, as compared to competitive
suppliers, and at the same time delivers gross and net margin to DigiTar well in excess of industry norms. Due to DigiTar's
proprietary technologies, business constructs and the extensive margins built into this business plan, DigiTar will remain
profitable in the face of possible competitive price pressures.
Joint selling with major Resellers, and training of their sales personnel, allows DigiTar to capture the power of multiple &
broadly distributed sales organization(s) throughout the World without having to directly pay for these large sales teams
before real revenue is achieved across the region.
Positioning Statement
Association with prominent Resellers and Internet Service Providers (ISP's) globally wherein DigiTar brings a turnkey ability for
the them to offer advanced cyber security features and capabilities to their existing and competitive customer base. This
spares them the need to spend additional capital, and avoids the expansion of current employment to cover the security
monitoring and systems performance required to provide users with 24/7 cyber security protection from web-based virii,
intrusions, spam mail and secure virtual private connectivity to and through the world wide web cyber business environments.
Pricing Strategy
DigiTar has priced its services based upon value and return on investments criteria. DigiTar has extensively modeled the costs
associated with providing cyber security services for a broad spectrum of account sizes. Distributors & select Resellers can
enjoy up to 50% discounts on list user pricing, which produces excellent margins for the sales organization without the need
for add-on administration or equipment expense.
DigiTar has developed an aggressive pricing strategy that saves clients significant expense, as compared to competitive
suppliers, and at the same time delivers gross and net margin to DigiTar well in excess of industry norms. Due to DigiTar's
proprietary technologies, business constructs and the extensive margins built into this business plan, DigiTar will remain
profitable in the face of possible competitive price pressures.
20090622 1.8
33
CONFIDENTIAL
Promotion Strategy
DigiTar plans to list its services with major internet search services, such as Google, Yahoo, etc., and advertise on these
services also. In complement with the search engine services, DigiTar will directly contact targeted smaller and medium sized
clients, i.e., ISP's, Law firms, Mortgage services, Banks, county and city agencies, Medical clinics and associated regional
facilities, through the use of e-mail-list services and each industry's promotional publications.
Key to the DigiTar plans for enhanced services is a viral marketing campaign targeted initially at technophile cyber
communities and early adopters of paradigm-shifting technology. It is these early adopters that are, by nature, evangelists
that push new technology out towards friends, family and general adoption. We will allure published and recognized
luminaries in technorati circles with the use of DigiTar’s compelling technology, in exchange for testimonials on their channels
to the community.
Examples of such luminaries and their channels are:

Jon Udell – His opinion articles (InfoWorld, et. al.) and blogs are widely read and trusted by the technology
community for his perceived sharpness and attunement to new and useful technology trends.

Joel Spolsky – Spolsky’s blog “Joel on Software” is read by thousands in the Information Technology and
technology-at-large communities. Due to the nature of blogging, his opinions and insights are viewed as uninfluenced
by glitzy marketing and grounded instead in reality. As a result, his influence over his readership is great.

Slashdot – Under recognized as a resource by established vendors, Slashdot is a massively followed harbinger of
successful paradigm-shifting technology. So pervasive is its influence that it has a verb associated with it. To be
“slashdotted” is to have your web site hit by so many visitors as to be effectively overloaded. The verb has its origins
in the fact that almost every site Slashdot references becomes rapidly slashdotted. Google, Flickr and BitTorrent are
but a few of the services and products that have been widely accepted by the early-adopter community after
mention on Slashdot.

There are additional techno luminaries and communities that will be targeted as well. The above list represents the
planned initial contacts.
Distribution Strategy
DigiTar will initially focus on developing VAR and ISP sales channels in order to establish regional blocks of residential and
business end user accounts. This revenue base will be enhanced through the addition of new add-on services that are
proprietary, patented "pay-for-use" incremental charges for benefits unavailable from other suppliers.
Distribution sales channels, particularly with regard to international users, will be established where market development and
expansion can be effected at a favorable cost to DigiTar in return for revenue commitments from these markets over a
contract period of years. DigiTar believes that many USA and international distribution opportunities exist wherein the joint
venture program can more rapidly garner market share for DigiTar services at significantly reduced cost, as compared to
developing said markets directly.
DigiTar has established its web site so as to support direct sales and user add-on services for any end user that chooses to
take advantage of these proprietary services and benefits.
Marketing Programs
To date, DigiTar is focused on the smaller and medium sized business markets, i.e., companies, firms and agencies that have
less than 5000 users per domain. Small firms might only contain 5 to 50 users. Medium sized organizations will have 300 to
2500 users. Depending upon the enterprise, the connectivity provider or ISP associated with the enterprise, DigiTar will
provide cost savings and feature-benefits unavailable from other eMessage security services suppliers. In some cases the ISP
may use DigiTar services as a way to attract hosting and connectivity revenues away from their indigenous competition.
DigiTar Sales/Marketing Channel Strategy:
Sales Strategy: Tailored to the Client
Strategic alliances with regional domestic and international Value Added Resellers and Distributor plus Internet Services
Providers (ISP’s) are fundamental to the initial customer focus sales strategy of DigiTar. Since many potential clients are
serviced by regional ISP’s, DigiTar represents a low-cost/no-cost upgrade to their existing service for their customer base. The
firms have major investments in data transmission infrastructures and message management systems but lack an effective
integrated cyber security solution.
To be able to "bolt-on" DigiTar security services, without major capital outlay or the hiring of certified cyber security
management personnel, is a significant advantage to these regional providers in their continuing competitive battles with the
super large ISP’s such as MSN.com and AOL.com.
20090622 1.8
34
CONFIDENTIAL
Globally there are a large number of small regional phone services companies that are struggling to remain competitive
against the "By-pass" phone companies and the large RBOCs of the Bell System. DigiTar will joint venture with some of these
organizations to enhance their offering to their ratepayers while at the same time providing DigiTar with a captive market user
base within each of these regional communications suppliers markets.
Special Japanese market initial strategic alliance focus includes several organizations in Banking and IT Computer network
products and services.
Commitment to Channel Sales Model
Strategic alliances with regional and Pan-National IT Distributors, Resellers and Internet Services Providers are fundamental to
the strong marketing focus and sales strategy of DigiTar. Since many Global Clients are serviced by regional distributors and
resellers, DigiTar represents a low-cost/no-cost upgrade to their existing sales programs and product offerings to their existing
and new-potential (outsourcing) customer base. High Gross Margins provided by DigiTar makes the Channel decision to add
DigiTar to the profit line, without the requirement for capital expanse, an easy one to support.
VAD:
DigiTar is targeting to have one Value Added Distributor per Territory to develop the Local Markey quickly: with,

A Strong established access to Value Added Reseller base

A Strong established contacts to ISPs and Telcos

Local Channel Management

Local Account Management

The Ability to influence local decision makers

Local PR
VAR:
DigiTar’s target is to have the most active and innovative Value Added Reseller: who already,

Understands how to promote and sell new services

Is Established in the IT-Security business

Has strong access to Enterprise Market

Has strong access to local Government sector(s)
Sample Client List (By Geography and Business Type):
Sample Clients Legend:
USA/Canada
Japan/Asia
Europe
Retail
Universities & Schools
Law Firms
Services
Professional
lylepearson.com
controller.stanford.edu
angstman.com
a-c-accounting.com
agsgps.com
miracle-earcenter.com
evolve.stanford.edu
cosholaw.com
actionbarricade.com
amelio.com
mollyo.biz
family.stanford.edu
daviesmoore.com
adv-bus-networks.com
clearwaterrei.com
olvcaldwell.org
lanecc.edu
goicoechealaw.com
bsmwireless.com
daviesrourke.com
statpads.com
law.stanford.edu
himbergerlaw.com
circlecenergy.com
dct-web.co.jp
tatesrents.com
ml.sakushin-u.ac.jp
jbhhlaw.com
citent.com
digitar-japan.com
wingscenter.com
purchasing.stanford.edu
jesutton.com
datatelco.com
eaglesconsulting.com
rcdb.org
technology.stanford.edu
mgslegal.com
djautotransport.com
eberle.com
wlu.edu
richardsonandoleary.com
dukephotos.com
explorationservice.com
technologylawgroup.com
foto-grafics.com
frontlinegeo.com
Medical
landelapharma.com
Churches
kimvorsemd.com
catholicidaho.org
treasurevalleylawyers.com
ir-m.com
geosourceenergy.net
landofchaos.com
familyradio.org
zarianmidgley.com
m2mcomm.com
gtgcpa.com
mluquemd.com
risenchristboise.org
milliganevents.com
lktechinc.com
valleywidehealth.com
sacredheartboise.org
mk-cpa.net
mathieucomputer.net
Real Estate
Manufacturing
stmarksboise.org
cradlepoint.com
plan-it-services.de
notes.corpinfo.com
colliersidaho.net
stmarksschool.pvt.k12.id.us
cspboise.com
propertybyowner.com
onspirix.com
deltasquare.com
stmarys-boise.org
ef5.nl
quantumpointtech.com
pimtx.com
ettore.com
stisurveys.com
pontiscapital.at
gvcrouchmerc.com
Government
hscc.org
ccidaho.org
flashelement.com
support4domino.com
rmeinc.net
spectra.com
ci.healdsburg.ca.us
hydeelectric.net
thesolution.at
rprwyatt.com
Construction
superiorec.net
idahocenter.com
interstate-electric.com
woodriverlandtrust.org
iddk.com
wyattaerospace.com
brightoncorp.com
stackle.com
syringabank.com
brandroots.com
idhfa.org
thunderspring.com
cfauscorp.com
thaarchitecture.com
vanauker.com
nhcgov.com
olrboise.org
esiconstruction.com
virtualitidaho.com
20090622 1.8
35
CONFIDENTIAL
Strategic Alliances
Establishing key business development relationships with the leading IT market suppliers, SUN Microsystems, Inc. and IBM
Corporation has allowed DigiTar to market worldwide with the partnership advantages that include platinum level systems and
services support in more than 200 countries by trained in-country personnel of SUN and IBM. In addition, DigiTar’s
Partnership status provides advanced access to in-country marketing teams along with joint sales programs that complement
SUN and IBM products. [See the following News Releases]
DIGITAR ACHIEVES ENHANCED STATUS AS A PRINCIPLE PARTNER WITH SUN
MICROSYSTEMS ADVANTAGE PARTNER PROGRAM
Boise, ID (July 15, 2006) – DigiTar AG. (DTAR), a leading IT outsource provider of Security as a Service
(SaaS) and automated Web Content processing solutions, today announced it has been designated by SUN
Microsystems as a “Principal Partner” with SUN Microsystems Advantage Partner program.
SUN Microsystems Advantage Partner program delivers a wealth of offerings and options to DigiTar, in five key
areas:
MARKETING TOOLS: Broadens the reach and increases the efficiency and cost-effectiveness of DigiTar’s
marketing efforts by leveraging Sun’s considerable experience, resources, and market influence.
SALES ENGAGEMENT: Takes DigiTar’s go-to-market efforts to the next level by tapping into Sun’s sales
organization, with privileged access to expertise across the organization and expanded teaming opportunities with
other program participants.
TECHNOLOGY AND PRODUCTS: Cuts the cost and complexity of designing, developing, and deploying DigiTar
SaaS eMessaging and Web 2.0 Services—to shorten time to market and increase the return on investment.
EDUCATION AND INFORMATION: Build technology competence with Sun products and stay abreast of the
latest tools, technologies, and topics of interest in DigiTar’s industry—so as to stay a step ahead of competitors.
PARTNER INITIATIVES: Participate in Sun partner initiatives focused around a specific technology and find
new ways to expand DigiTar business opportunities and revenue streams.
DigiTar’ state-of-the-art, SENTINELMessaging™ and SENTINELComplete™ Enterprise technology provides
Fortune 500 and Fortune 1000 clients unprecedented levels of protection, and allows its clients to maintain
24x7x365 access to their mission-critical systems and cyber communications data without any planned or
unplanned interruptions.
“DigiTar understands that even a few minutes of downtime within a services provider can have a catastrophic
effect on a company’s business operations, corporate reputation, and ultimately, its bottom line,” said Dale
Williams, President and CEO of DigiTar.
“DigiTar has built a world-class eMessaging infrastructure that, combined with a wealth of
industry experience and expertise from SUN, ensures that DigiTar clients always have the
highest level of turn-key CyberSec solution processing performance and reliability necessary to
compete in today’s global marketplace.”
About DigiTar
DigiTar AG. (DTAR) provides outsourced eMessaging and cyber security processing services for world-class IT
communications solutions that accommodate the business needs of large and small, data-intensive enterprise
companies. DigiTar operates a highly reliable and secure Enterprise Data Center facilities that offer “five nines”
(99.999%) availability and highly scalable processing systems in conjunction with managed IT solutions that
secure Fortune 1000 companies’ mission-critical, threat & disaster proof cyber messaging and communications.
DigiTar is a SUN Microsystems Advantage - Principal Partner, which assures DigiTar clients of
leading edge innovation, performance, reliability and support. As a result, DigiTar solutions enable clients to
reduce their operating costs and focus on their core competencies.
For more information about DigiTar, contact www.digitar.com.
20090622 1.8
36
CONFIDENTIAL
From: gsdadmin@us.ibm.com
Sent: Thu 10/12/2006 1:36 PM
To: DigiTar AG.
Subject: Advanced level membership
At this time we’re pleased to inform you that your customer services technology to IBM Lotus
Notes and Domino applications software products was approved for and has qualified you for
the following:
"DigiTar AG. - IBM Advanced Business Partner"
Achieving PartnerWorld Advanced level entitles you to use the IBM Business Partner emblem
and the designation "IBM Advanced Business Partner". Use of this emblem endorses your
relationship with IBM in the minds of your clients and can reinforce their decision to do
business with you. The IBM Business Partner emblem and usage guidelines can be found at:
http://ibm.com/partnerworld/pwhome.nsf/weblook/emblem_welcome.html
In addition, your company is now entitled to a powerful set of marketing, sales, and technical
resources specific to the industries and markets you serve through the PartnerWorld Industry
Networks. Please visit http://ibm.com/partnerworld/industrynetworks to learn more. If you are
interested in a complete listing of all PartnerWorld benefits, they can be found at:
https://ibm.com/partnerworld/mem/manage/mem_ben.html
Congratulations!
Thank you for your interest in IBM. If you have questions regarding PartnerWorld or this email, please contact PartnerWorld Contact Services at:
http://ibm.com/partnerworld/pwhome.nsf/weblook/cpw_index.html
Sincerely,
The PartnerWorld ISV team
20090622 1.8
37
CONFIDENTIAL
Case Studies and letters of Customer endorsement and recommendations:
20090622 1.8
38
CONFIDENTIAL
David Bartlett – Executive Vice President Operations
20090622 1.8
39
CONFIDENTIAL
20090622 1.8
40
CONFIDENTIAL
20090622 1.8
41
CONFIDENTIAL
20090622 1.8
42
CONFIDENTIAL
20090622 1.8
43
CONFIDENTIAL
20090622 1.8
44
CONFIDENTIAL
20090622 1.8
45
CONFIDENTIAL
20090622 1.8
46
CONFIDENTIAL
2006 DigiTar, All Rights Reserved
DigiTar™ case study series - Sentinel Messaging™
RiskSecure, LLC
April 2006
RiskSecure provides a range of cyber security consulting services, including compliance audits, round-theclock vulnerability scanning as well as in-depth security training. Their clients range from small-sized
businesses to companies in the Fortune 50. Through their commitment to improving security and reducing
risk, RiskSecure has established themselves as a world-class provider for security services.
About Troy Taylor
Troy has worked for Fortune 50 clients in roles such as Divisional Information Security Manager for HewlettPackard and has over fifteen years of IT experience. He has started, run and sold several start ups and holds
degrees in Nuclear Physics and an MBA.
The Problem: Spam Overload
To say RiskSecure had a problem with spam might be the understatement of the year. Having collected
many “old growth” domains from the companies that merged to form RiskSecure, the company was a target
for armies of spammers. Many thousands of spams would hit its mailboxes every day.
For a long time, RiskSecure employed the Open-Source Software program SpamAssassin to mitigate the
problem. However, the spammers seemed to always be one-step ahead. The volume of spam processing
kept increasing to the point where hundreds of spams where slipping past SpamAssassin every day.
Additional layers of spam filtering were implemented and eventually even those failed. Something needed to
be done before email became a useless tool. RiskSecure needed a solution to fix the problem and it needed
to happen fast.
The Solution: Sentinel Messaging™
As a longtime information security insider, RiskSecure CEO Troy Taylor was familiar with the many products
and
approaches on the market. So when looking for a new messaging security solution, he was skeptical that he
would find anything that performed better than SpamAssassin.
“To be honest, when I first heard about DigiTar’s Sentinel Messaging™ solution, I had my doubts that it
would perform any better than SpamAssassin. In fact, I was fairly sure they would not get even close to 99%
accuracy. So, RiskSecure was understandably thrilled at the results Sentinel Messaging™ produced within
the first two weeks. We’re consistently seeing accuracies in the range of 99.2% to 99.7%. It’s truly amazing.”
RiskSecure has also enjoyed many unanticipated ancillary benefits of using Sentinel Messaging™:
“DigiTar has reduced the amount of mail hitting RiskSecure’s servers by over 75%. Thus, we can spend
more time working and less time on manually filtering email and save a tremendous amount of time
upgrading our mail infrastructure.
Frankly, the biggest benefit has been DigiTar’s support and service. Anytime RiskSecure has had a question
or needed
assistance, DigiTar worked diligently to address our concerns. The turnaround time has been fantastic.
Refreshingly, this just seems to be the normal way DigiTar runs their business.
Having a technical background, I am used to managing infrastructure in-house, and I was hesitant to give up
control of such a critical part of our business. Since RiskSecure is a security services company, any failure
could be catastrophic to our reputation. DigiTar has consistently delivered on our reliability expectations
and RiskSecure’s ability to handle previously insurmountable mountains of spam. I personally believe their
solution is among the best on the market and certainly the most affordable.
We would without hesitation recommend Sentinel Messaging™ to any of RiskSecure’s customers, including
the Fortune 50 clients. DigiTar has made a believer out of RiskSecure as a company and me personally.”
Moving forward, RiskSecure states they look forward to taking advantage of additional Sentinel Messaging™
features
as their business grows and their disaster recovery and messaging compliance needs expand. The fact that
this will
be a zero hassle, instant deployment event, makes their choice particularly comforting.
DigiTar's mission is to align and elucidate the world's messaging. Our services enhance existing messaging
systems with next generation feature sets, through state-of-the-art technology development. Core to our
philosophy is the commitment that next-generation enhancements should reduce not add to the burden of
those systems. We seek zero configuration principles across our entire service line.
To find out how you can benefit as RiskSecure has, please contact DigiTar Sales via
info@digitar.com.
20090622 1.8
47
CONFIDENTIAL
Stanford Law School
March 2007
The Problem: Processing Overload
Spam was making Bao Tran’s life miserable. As the Technical Services Manager at Stanford Law School
(SLS), availability of his IBM Domino cluster was keeping him up at night. SLS’ server-based anti-spam
and anti-virus packages were buckling under the torrents of e-mail thrown at them…and taking the
Domino cluster down. Further complicating matters, was the hands-off approach the security software
vendors took to addressing Bao’s growing problem.
As a result, Bao started looking for an alternative solution. One that would both increase the accuracy
and effectiveness of SLS’ mail security, while offloading the processing burden. When he chose DigiTar’s
Sentinel Messaging™ service for its superior performance, low administrative overhead and service
commitment, he did not realize how quickly his choice would pay off. While Sentinel Messaging™ had
been chosen by SLS, full deployment was awaiting the completion of a metered activation plan.
Without warning, swarms of e-mail with 7MB attachments started hitting the SLS Domino cluster.
Someone had forwarded a 7MB e-mail to a mailing list subscribed to by many faculty and staff, and it
was grinding the cluster to a halt. So when the massive e-mail storm hit, each server in the Domino
cluster started to grind to halt under spam and virus scanning load.
The Solution: DigiTar Sentinel Messaging™
DigiTar™ was immediately ready to help. After discussion with DigiTar™ messaging engineers, Bao
quickly obtained the necessary SLS approvals to authorize a full Sentinel Messaging™ deployment:
“We didn’t know how to get the situation under control. Our old spam and virus scanning software
was crushing our Domino cluster, and professors were starting to notice that their e-mail was being
heavily delayed. I called DigiTar to find out how fast they could stand up a full-deployment…hoping we
could remove the anti-spam and anti-virus software that was killing us. Imagine my amazement when
they said they could be ready to go in 60 minutes. Normally, a major change like this would have
required weeks of preparation and careful planning.
Without Sentinel Messaging™’s amazing auto-provisioning and veriSYNC™ features, making a move
so quickly would have been unthinkable…even given our dire situation. With any other service, just
getting an accurate user list together would have taken days. To get Sentinel Messaging™ fully
configured and running didn’t require any more effort than saying ‘Yes’.
More importantly, DigiTar™ treated Stanford Law’s problem as if it was DigiTar’s problem from the
minute I called. They had a signed purchase order from us…they didn’t have to go the extra mile.”
Within minutes of activating all of Stanford Law School’s users, Sentinel Messaging™ completely
shouldered the burden of the unexpected Denial-of-Service:
“The SLS Domino cluster returned to stability within minutes of activating Sentinel Messaging™.
Without the amazing service and support we received from the DigiTar™ staff, we could not have
successfully weathered this incident.
Throughout our trial, and now production use, DigiTar has consistently provided a level of service and
concern for our organization that we have never before experienced in IT. You can’t buy that kind of
relationship. ”
Source: Mr. Bao Tran - Technical Services Manager, Stanford Law School; Palo Alto CA
20090622 1.8
48
CONFIDENTIAL
The Problem: Poor Service & Spam Avalanche
December 2006
Colliers International - Boise had a major issue. “Our Office was getting overloaded with spam
on our Exchange server and so we moved to a messaging security service to address the issue.
Unfortunately, the service’s message classification accuracy wasn’t much better, and it also
introduced up to 4-hour delays to our receiving mail. Further, the service wasn’t able to resolve the
fact that many critical messages didn’t arrive at all.”
“In a series of efforts to fix our problems, Colliers first tried GFI MailEssentials anti-spam software
on our Exchange server, which was ineffective against the tide of spam we faced daily. As a result,
we then tried the SecureTide™ messaging security service from AppRiver®. Rather than a cleaner
inbox, Colliers now tolerated mail delays of up to 4 hours, and sometimes mail that simply didn’t
arrive at all. AppRiver’s response of “not our problem” was crippling Colliers from conducting
millions of dollars of business on a daily basis. Fed up with the “not our problem” attitude, Colliers
went looking for a better answer…and a better service relationship.”
The Solution: DigiTar Sentinel Messaging™
Colliers CFO Elaine Holm’s biggest concern was the mail they were missing: “Clients would send emails that just wouldn’t arrive. Best case, it would take a couple of hours for the mail that did
arrive to get to us. In our business, getting mail on time can mean the difference between making a
million dollar deal and getting shutout. We were just hamstrung.”
“Every time we’d talk with AppRiver it was the same story…'we don’t know what the issue is, the
mail delays are normal, ….not our problem'. They didn’t expend any effort to help us resolve the
problems. It was tempting to laugh at our IT solutions provider when they suggested another
service vendor - DigiTar. Needless to say I was stunned at the level of service we received with
DigiTar’s Sentinel Messaging™. It was a night and day difference from AppRiver.”
“From day one with DigiTar, when problems of missing mail persisted, DigiTar assumed the issues
were their problems. They went above and beyond their own systems, spending days tracking
down the issue with our clients’ IT departments. They finally identified the problem as being
caused by our former DNS provider Time Warner Telecom. Even when the problem was positively
identified as not being DigiTar’s responsibility, DigiTar worked with Time Warner on our behalf to
make sure Time Warner resolved the issue. DigiTar made Time Warner’s problem their
responsibility and kept us informed. We didn’t buy a special support contract…this was just
DigiTar’s standard level of service.”
Colliers International – Boise, since then has enjoyed many additional benefits of using DigiTar
Sentinel Messaging™ Services: “The most immediate effect of using Sentinel Messaging™ was that
the mail delays disappeared. Even before Time Warner resolved our DNS issue, our mail started
arriving within seconds of our clients sending it. No longer did we wait 4 hours for an e-mail like
we did under AppRiver™. Also, our spam deluge problem disappeared.”
“If your business relies on e-mail, we can’t recommend DigiTar Sentinel Messaging™ highly
enough. Our relationship is what DigiTar values the most. In addition to DigiTar’s continued velvet
glove service, Colliers is looking forward to upcoming features of Sentinel Messaging™ as our
business grows and our messaging needs become more sophisticated.”
Source: Ms. Elaine Holm - Chief Financial Officer Colliers International – Boise
Operations
20090622 1.8
49
CONFIDENTIAL
Recent News Articles: Cyber Security Trends & Challenges
Report: “Security” Tops CIOs' IT Investment List
By Scott Campbell, ChannelWeb 1:35 PM EDT Wed.
Apr. 15, 2009
Seventy percent of CIOs said they will continue to invest in IT initiatives over the next 12 months,
according to a survey by Robert Half Technology.
Information security was chosen as the top technology, with 43 percent of the 1,400 respondents
expecting to invest in that area. That was followed by virtualization (28 percent) and data center
efficiency (27 percent).
"Although times are lean, many companies are finding that they can't afford to postpone IT
investments that lead to increased security, efficiencies or revenues," said Dave Willmer, executive
director of Robert Half Technology, in a statement. "Organizations also are trying to make sure
they are prepared for growth when conditions improve, and enhancing their IT infrastructure is
part of that process."
CIOs in the financial services and transportation sectors were most likely to cite information
security as an investment in the next 12 months, with 59 percent and 58 percent of respondents,
respectively, citing that technology. Other technologies rounding out the top five investments for
CIOs are VoIP (26 percent) and Software-as-a-Service (26 percent).
"Subscribing to SaaS, rather than purchasing software licenses, is a particularly attractive option
for businesses with tight IT budgets," according to Robert Half Technology. "
Other IT initiatives for which CIOs are planning less investment include green IT (20 percent),
business intelligence (19 percent), and social networking (18 percent).
Glenn Leatherwood, director of IT architecture at Valmont Industries, Valley, Neb., said the
results didn't surprise him. "I would agree that information security is a big focal point right
now.”
20090622 1.8
50
CONFIDENTIAL
MARKET BULLETIN:
CyberSec is at the top of the list of issues deemed important (87 percent) in
2009.
Forrester 2009 Security Trends
Despite Economy, Security Spending To Increase In 2009
Data protection, identity management to get increasing attention in new year's budgets, Forrester
says
By Tim Wilson
Despite a troubled economy, both large and small enterprises are poised to spend a higher percentage of
their IT budgets on security in 2009, a major research firm said today.
According to new reports on IT security trends in large enterprises and small and midsize businesses (SMBs)
released today by Forrester Research, the pressure to cut back on IT spending is not slowing the trend
toward increased security spending.
"Security is getting a larger slice of the IT budget pie," says Forrester analyst Jonathan Penn in the
enterprise study. "Firms are devoting 11.7 percent of their company's IT operating budget to IT security in
2008 -- contrasted with 7.2 percent in 2007 -- and plan to continue nudging up IT security budgets in 2009
to 12.6 percent of the IT operating budget." Security will also account for a higher percentage of budget
allocations for new initiatives this year, going from 17.7 percent in 2008 to 18.5 percent in 2009, the report
says.
Similar increases are expected in smaller companies, Penn says in the SMB report. "SMBs devoted 9.1
percent of their companies' IT operating budget to IT security in 2008 -- down from 9.4 percent in 2007 -but they have plans to bring IT security budgets back up to 10.1 percent in 2009," the report says.
"Allocation of budget for new initiatives mirrors this trend, with security going from 14.9 percent in 2008 to
15.9 percent in 2009. No big swings of the budget axe here."
What are the drivers behind the spending increases? "Protecting the organization's information assets is the
top issue facing security programs," the enterprise report states. "Data security (90 percent) is most often
cited as an "important" or "very important" issue for IT security organizations, followed by application
security (86 percent) and business continuity/disaster recovery (84 percent). Meanwhile, areas like threat
management (81 percent) and regulatory compliance (80 percent) are cited less frequently."
Among SMBs, data security is at the top of the list of issues deemed important (87 percent), with
application security close behind (80 percent), Forrester says.
Among technologies, outsourced security services, data loss prevention, and identity and access
management are at the top of the list to receive more attention in 2009.
"Managed security services are growing, driven by skill needs and cost savings," the enterprise
report says.
"The two top drivers among firms for using a managed security service provider are the
demand for a specialized skill set (29 percent) and the need to reduce costs (28 percent).
While email/Web content filtering is the most popular managed security service today, the
greatest promise for [managed security services] growth in the coming 12 months is in
vulnerability assessment and in host event log monitoring and management."
Pasted from <http://www.darkreading.com/security/management/showArticle.jhtml?articleID=212700661>
20090622 1.8
51
CONFIDENTIAL
Web 2.0 brings set of security concerns
By Tom Sullivan
Security: As companies continue adopting new Web 2.0 technologies including online collaboration, social networking, file sharing, a new report from
Forrester Research found that Web 2.0 security concerns abound.
Web 2.0 security concerns abound
Filed under: Security
A lack of comprehensive security tools designed to stop Web-based threats continues to be a problem among businesses, according to a new survey
published by Forrester Research and Secure Computing on Monday
According to the study -- which was based on interviews conducted by Forrester with roughly 150 IT pros -- companies of all sizes continue to adopt a
larger number of Web-based applications, in particular so-called Web 2.0 technologies such as online collaboration and file-sharing tools, yet few have
done anything to protect themselves against the growing volume of attacks that seek to piggyback on the systems.
First off, even though most companies (97 percent) consider themselves prepared for malware threats, a majority (79 percent) admit that they are still
falling prey to attacks on a "frequent basis," with a relatively large number (68 percent) conceding that they have "room for improvement."
At the same time, companies clearly recognize the potential for Web 2.0 applications to become channels through which they might have sensitive or
valuable data walk out the proverbial door. Roughly 92 percent of the respondents said that outbound data leakage prevention (DLP) is a part of their
Web-filtering strategy, with 58 percent ranking it as an "extremely important" business concern.
In terms of aligning their defenses, companies seem less responsive. Forrester said that "most" enterprises are still dependent on security tools
designed to keep traditional attacks at bay, while few have made the move to begin defending against newer threats.
Overall, only 33 percent of those interviewed for the study said that they have data leakage prevention capabilities in place today, while 57 percent of
those surveyed indicated a belief that restricting access to social networking and rich media sites could "visibly increase" employee productivity.
"We have found that most companies that have implemented any kind of Web protection have only installed URL filtering and signature scanning,"
Chenxi Wang, a Forrester researcher involved with the study said in a report summary. "Malware writers are now using the Web as a primary vehicle to
propagate a plethora of new threats undeterred by traditional security means. The need for more effective Web protection has never been greater."
Among the recommendations offered to companies in the report to help close the apparent gap:
-Employ new technologies that do a better job handling Web 2.0 threats, including reputation services, blended attack protection, behavior-monitoring
tools, outbound content control systems and applications-usage controls.
Pasted from <http://weblog.infoworld.com/zeroday/archives/2007/10/web_20_security.html>
Spammers Giving Up?
By Betsy Schiffman
Bill Gates was wildly optimistic when he said in 2004 that the problem of spam would be "solved" by 2006. The volume of junk e-mail transmitted
worldwide is still enormous. But a remarkable trend is underfoot, according to Brad Taylor, a staff software engineer at Google: The number of spam
attempts -- that is, the number of junk messages sent out by spammers -- is flat for the first time in years. Other experts disagree with Google, pointing
out that overall spam attempts continue to rise. By most estimates, tens of billions of spam messages are sent daily.
Chenxi Wang, an analyst at Forrester Research, scoffs at the idea that spam attempts could be on the decline.
"I'm seeing that the overall trend is up," Wang says. "We're not seeing a drastic increase, though. And we're also seeing an increase of targeted spam
instead of blanket spam that hits everybody in a large population. Today, for instance, you see spam messages on saving (on) prescription drugs
targeted to seniors."
For its part, Yahoo, too, says the overall amount of spam transmitted is on the rise.
Regardless of the overall spam attempts, David Daniels, vice president of Jupiter Research, predicts the number of spam messages that actually reach
a typical inbox will remain roughly flat over the next three years. And for most people, that's what really matters.
"We're forecasting that the number of spam messages that annually reach the average inbox will hit 4,351 in 2007. For 2010, we think that number will
essentially be flat at 4,403. The growth will be very, very small," Daniels says.
New anti-spam technologies are also always under development, and there are new anti-spam services and technologies becoming available to
consumers and enterprises
It's by no means a perfect system, though. And spammers are, if nothing else, persistent.
In a bizarre twist, Daniels thinks that instead of receiving spam offers from penny-stock pushers, mailboxes will increasingly be filled with marketing
messages that we choose to receive, such as promotional e-mails from a favorite clothing store or a bank. He thinks the average number of messages
from marketers that individuals receive annually will grow from 2,715 in 2007 to 3,335 in 2010.
"We expect people to spend as much time on e-mail as they have, but we think people will receive more e-mail from legitimate marketers. So there will
be more competition to get consumers’ attention in the inbox, but it will be more like competition between The Gap and J.C. Penney as opposed to The
Gap and a Viagra salesman."
Pasted from <http://www.wired.com/print/techbiz/it/news/2007/11/google_spam>
20090622 1.8
52
CONFIDENTIAL
WHITE PAPER - Web Security SaaS: The Next Generation of Web Security
April 2008
IDC OPINION
The demand for more comprehensive Web security solutions has been fueled by the increasing sophistication of
Web-based threats that reach far beyond productivity, bandwidth, and liability issues. The Web has become the
new threat vector of choice for hackers and cybercriminals to distribute malware and perpetrate identity theft,
financial fraud, and corporate espionage.
As most organizations struggle to be protected against traditional email-borne malware, the Web has become an
added burden as an additional latest target for hackers to launch various types of malware attacks. As a growing
number of Web 2.0 applications make their way into the enterprise, they bring with them even more security
concerns and attack vectors. A recent IDC study found that two-thirds of organizations are currently using at least
one Web 2.0 application (source: Web 2.0 Applications Are Already in the Enterprise: Key Findings from IDC's
AppStats Survey, IDC #208944, October 2007).
Organizations of all sizes are trying to combat the problem with a multilayered defense. However, the resources
required to manage multiple security products can often overwhelm an IT department in the enterprise business
environment irrespective of size. Many SMB organizations lack the in-house capabilities to keep up with the
evolving threat landscape. These factors are driving the growing interest in security as a service (SaaS)
protection. The adoption of SaaS in the messaging security market has grown explosively over the past few
years. IDC believes many SMB organizations will leverage the same SaaS benefits to address their Web security
needs as well. In fact, a recent IDC survey found that Web security SaaS has the highest planned adoption rate
(approximately 14%) over the next 18 months in business environments.
Above the Clouds: A Berkeley View of Cloud Computing
Electrical Engineering and Computer Sciences-University of California at Berkeley
Technical Report No. UCB/EECS-2009-28 http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.html
February 10, 2009
Executive Summary
Cloud Computing, the long-held dream of computing as a utility, has the potential to transform a large part of the
IT industry, making software even more attractive as a service and shaping the way IT hardware is designed and
purchased. Developers with innovative ideas for new Internet services no longer require the large capital outlays
in hardware to deploy their service or the human expense to operate it. They need not be concerned about
overprovisioning for a service whose popularity does not meet their predictions, thus wasting costly resources, or
underprovisioning for one that becomes wildly popular, thus missing potential customers and revenue. Moreover,
companies with large batch-oriented tasks can get results as quickly as their programs can scale, since using
1000 servers for one hour costs no more than using one server for 1000 hours. This elasticity of resources,
without paying a premium for large scale, is unprecedented in the history of IT.
Cloud Computing refers to both the applications delivered as services over the Internet and the hardware and
systems software in the datacenters that provide those services. The services themselves have long been
referred to as Software as a Service (SaaS). The datacenter hardware and software is what we will call a Cloud.
Thus, Cloud Computing is the sum of SaaS and Utility Computing. People can be users or providers of SaaS, or
users or providers of Utility Computing. We focus on SaaS Providers (Cloud Users) and Cloud Providers, which
have received less attention than SaaS Users.
From a hardware point of view, three aspects are new in Cloud Computing.
1. The benefit of infinite computing resources available on demand, thereby eliminating the need for Cloud
Computing
users to plan far ahead for provisioning.
2. The elimination of an up-front commitment by Cloud users, thereby allowing companies to start small and
increase hardware resources only when there is an increase in their needs.
3. The ability to pay for use of computing resources on a short-term basis as needed (e.g., processors by the hour
and storage by the day) and release them as needed, thereby rewarding conservation by letting machines and
storage go when they are no longer useful.
20090622 1.8
53
CONFIDENTIAL
The following presents excerpts of an eBRIEFING paper published by COMPUTERWORLD - September 2008
COMPUTERWORLD - September 2008
Cyber Security as a Service
MakesSense Today
Trends of the Future: Outsourced Cyber Security Service eliminates
the agony of email and Web threats management.
Key reasons to Adopt SaaS Security
Corporate IT teams are waging a significant security battle on two fronts these days: stopping attacks via the Web and through email. They
are tirelessly trying to protect their networks against known and unknown viruses, spyware and phishing attacks. However, the more
complex these threats become, the more infrastructure companies have to bring in-house, sending capital expenditures through the roof.
It’s a battle that Aaron Zuccolin, manager of information systems at the Canadian law firm Watson Goepel Maledy LLP, estimates that
80% to 90% of his Vancouver, B.C.-based firm’s email is spam.
[Enterprise security] is a fool’s game to manage in-house because you can spend thousands of dollars on hardware, software and personnel and still not lower your risk.”
Aaron Zuccolin - MANAGER of INFORMATION SYSTEMS, WATSON GOEPEL MALEDY LLP
“Trying to manage that volume day-to-day in-house would be ridiculous,” he says. “Enterprise security is highly variable in terms of the
threats you have to deal with, the solutions that are out there to deal with them, and the complexity you want to endure as you scale.
Instead, like many of his peers today, Zuccolin has opted for a security software-as-a-service (SaaS) strategy, a software application
delivery model where applications are hosted on the Internet and clients pay for usage rather than infrastructure and licensing. By
offloading his email security to a provider, Zuccolin says he can focus his team on developing policies and procedures that mitigate the
overall data privacy risk.
Chenxi Wang, principal analyst at Forrester Research Inc., says that SaaS offerings will become more prevalent over the next few years as
services continue to mature and organizations see SaaS as viable for more than just legacy business applications. “Companies are getting
more comfortable with SaaS in general—it’s becoming more of a norm. They’re realizing the benefit of outsourcing commoditized solutions, like security, to specialists so they can stay focused on their core business,” she says.
In fact, companies are seeing drawbacks to owning and managing their own security infrastructure. For instance, on-premise security
software and appliances can create a single point of failure. They can also be hard to scale as threats increase, slow to respond to new
threats, and a drain on internal IT resources.
[Companies] are realizing the benefit of out-sourcing commoditized solutions, like security, to specialists so they can stay
focused on their core business.”
CHENXI WANG - PRINCIPAL ANALYST, FORRESTER RESEARCH INC
Security SaaS solves Benefits of Outsourcing Security… and/or why SaaS makes sense:
Provides improved manageability In most organizations today, security revolves around building and managing either hardware and
software or appliances. IT teams must spend a major portion of their time focusing on licensing, updates, performance and availability for a
host of security systems strewn about the enterprise. They also struggle with implementation and setup costs, as well as compatibility
issues. This leaves little time for managing what’s most important—the revenue oriented business processes that enhance corporate growth,
profits and efficiency of the core business.
With SaaS, companies can eliminate the burden of managing infrastructure and focus on developing and enforcing streamlined policies.
They can also direct responses to overall threats via a single console, rather than having to tweak configurations at distributed locations.
Zuccolin says this holistic view has made it easier and more effective for him to combat spam, spyware, virus and phishing threats.
“We’re more strategic now. We’ve gotten rid of the mundane work so we can focus on our overall security policies such as lowering our
risk and disaster recovery,” Zuccolin says; “in fact, we can focus more on business analytics and problem solving.”
Features guaranteed SLAs One of the biggest benefits to SaaS is knowing that the provider has promised to uphold a service-level
agreement (SLA). SLAs traditionally guarantee a higher level of performance, availability, uptime and security than IT teams are able to
deliver in-house. Most SLAs offer a way for companies to access reports that feature details on threat mitigation, throughput and responsetime performance, as well as other key metrics.
SLAs also offer a clear understanding of the different levels of support customers will receive based on the threat priority level. “With
SLAs, you put escalation procedures in place so you know what to expect when an abnormal situation happens. You also know that things
will be taken care of, and when they’re not, who to call,” Wang says.
20090622 1.8
54
CONFIDENTIAL
Affords flexibility and scalability Trying to keep up with the demands of protecting email and Web security can be impossible—literally.
Consider that in most cases, IT teams must physically build out their networks to handle corporate growth. And as the network expands, so
does the need, and additional cost, for IT staff to manage it. SaaS enables IT teams to easily and transparently scale security to match
business needs. For instance, they can quickly add a group of users that resulted from a corporate merger or beef up scanning to protect the
organization from unwanted Web content. They can also make sure that mobile users have the same security on-and offnetwork—a
difficult challenge with on-premise solutions.
Provides high-quality security by Full-Time security experts It would take a larger IT team, than most companies have, to continually
address the security challenges organizations face today, according to Wang. As an example, she points to the fact that 711,912 new
malware threats were reported in 2007, which translates into 1,950 new malware attacks each day.
She adds that the Web is becoming increasingly more dangerous, with growing numbers of search queries resulting in exposure to
malicious attack URL sites. To adequately combat most of these threats, IT teams need immediate and detailed knowledge of emerging
attack vectors. One or two staff members devoted part-time to security can’t possibly detect and mitigate these risks quickly enough to
ward off serious damage.
Wang says that less than half of respondents to a 2007 Forrester survey reported using any kind of real-time
protection such as behavior-based detection, outbound content protection, heuristics detection, content
inspection, reputation filters or URL filtering.
Integrated Threat Management With SaaS, companies don’t have to be security experts. Instead, they can depend on the global based
expertise of a provider that is constantly monitoring and combating new threats to the network. Using signature, behavior and heuristic
analysis in tandem with access and policy controls, a SaaS provider can quickly thwart spam, virus, spyware and phishing attacks within
email as well as detect inappropriate content and malware on Web sites that users visit. And since this protection is in the cloud, CyberSec
providers can eliminate the threat before it impacts the network. Thereby, companies avoid sluggish system performance, reduced
employee productivity and other business disruptions that spam causes. Cloud-based protection also gives providers a holistic view of potential threats so they know how to protect customers from attacks that have affected other organizations.
Zuccolin says security SaaS gives him immediate access to updates without having the typical delay required to download and test a patch.
He considers it the fastest response to zero-day threats.
Reduces bandwidth requirements and improves network performance SaaS is not only a cost-saver, but also a resource-saver, according
to Wang. She says that offloading email and Web security takes a lot of pressure off the enterprise to handle traffic generated by spam. For
instance, if a company builds its network to support 15 million inbound email messages per day and 14 million are purely junk, that’s a lot
of money wasted trying to deal with the volume on-premise. “After you move to an in-the-cloud offering, you only need to support a million messages per day on your own network so bandwidth consumption is drastically reduced,” she says. By ridding the network of that
extra burden, companies can also see a boost in performance along with real cost savings.
SaaS provides defense-in-depth security Security experts recommend that companies have a multilayered approach to security, but buying
and managing the infrastructure required to do that can be cost-prohibitive.
Security SaaS enables IT teams to have a layered approach without all the headaches. Web security SaaS can handle fast processing of
connection-level filtering and provide an on-premise solution delivering more in-depth content analysis. That first layer lightens the load
the on-premise solution has to inspect, enhancing the network’s speed and overall security.
Zuccolin says he uses his email security SaaS as an additional layer to ensure outbound email is free of unwanted content and intellectual
property so his company is seen as a good corporate citizen.
Enhances cost savings surrounding security One of the biggest issues for many organizations is determining if security SaaS adds to the
bottom line. As mentioned previously, by eliminating the need for infrastructure and the personnel to manage that infrastructure, SaaS
offers immediate savings. In a 2007 study, market research firm Gartner Inc. found that SaaS secure Web gateway solutions cost as much
as $40 less per user than appliances. Companies realize these savings by having a subscription model with predictable costs.
Companies can also see cost benefits from needing less storage and bandwidth since a lot of spam and other false content is handled offnetwork. SaaS lowers help desk costs as well because IT teams spend less time fixing damage caused by spam, viruses, malware and other
attacks.
By using a comprehensive security SaaS solution, organizations can avoid the incurred costs of a data breach. A survey by the Ponemon
Institute LLC found that 74% of respondents reported a loss of customers, 59% faced potential litigation, 33% faced potential fines, and
32% experienced a decline in share value.
As these reasons prove, SaaS is definitely the best option for tackling even the toughest Web and email security challenges. Not only do IT
teams get to hand off routine security infrastructure tasks, but they also get instant and scalable access to top-notch security protection
across the entire organization.
20090622 1.8
55
CONFIDENTIAL
DigiTar Technology Scaling & Financial Impact Plans:
Scaling is a function of load balancing ahead of, and after, each major operations phase of the overall processing operation (“Silo”– see
attached Silo overview on Page 8 above). This gives DigiTar’s architecture the ability to accept/add-in additional capability and capacity at any
phase that is becoming saturated without shutting down the operations nor requiring redesign of the process flow. With the addition of
distributed (locally or geographically) data centers, we establish “Back-Hauls” connectivity between the sites and share message loads on
multiple systems. The resource requirements increase as the number of customers increase.
The amalgamation of traffic from all customers is the peak load capacity requirements exhibited at each hour in the 24 hour processing day.
However, the global client base systemically spreads the peaks loads across multiple time zones so that the algebraic sum of all customers
traffic never occurs a “one time”. Rather, there are multiple peak points that occur when first the USA business is “awake” and then tapers off
to be replaced by Asia-Japan-India peaks which are subsequently replaced by European client traffic. After 24 hours, the process repeats
itself.
DigiTar supports a Global business market opportunity, currently from our primary data centers in the USA via Fiber Optic and Satellite
connectivity through cyber space routers that interconnect the bulk of the business markets. In the future, additional data centers in Europe,
Asia and the USA will be interconnected (via Back-hauls) so as to continue the “Designed-in” philosophy of infinite load balancing architecture.
This provides not only capacity as needed and dynamically on demand, but also delivers continuous uptime and reliability of service to the
customer regardless of his actual geographic location.
Globally, the latency of a message from India being processed in DigiTar’s USA facilities and returned to a recipient in India (traveling more
than 25,000 miles round trip) is less than 2 seconds worst case and typically averages 800mSec to 1300mSec including processing time at
DigiTar. This is equal to travelling around the world in approximately 1 second. But since the data is digital bits/bytes between computers,
and not voice between persons, a 1 to 2 second latency is not noticed nor offensive. In local regional processing, the latency averages 100300mSec from sender thru DigiTar and delivery to recipient.
The cost vs message processing rates graphs (shown below) assume a decline over time in ASP (average selling price/user) and the margins
are calculated based upon modeled production capacity resource assets applied, at a needed message rate for the peak loads anticipated,
plus the burden of personnel and corporate allocations associated with R&D, Marketing, Operations and G&A.
We believe DigiTar is uniquely positioned to support uninterrupted growth of the client base and scaling unequaled by the competition. We
also know DigiTar can process faster than the competition by several orders of magnitude.
“How do we know this?”
Message latency! Postini’s message latency in the USA, processing USA clients, averages 30 to 45 sec best case. Several DigiTar clients, in
particular Law Firms, dropped Postini after latencies of 30minutes occurred on a consistent basis.
“Why does this occur?”
Both Postini and MessageLabs use “fixed assignments” of clients to be processed on specific systems. If the assigned system is or becomes
loaded, everyone suffers a massive slow down in their messages. When a client complains about the latency, both Postini and MessageLabs
have to relocate the entire clients’ activity and storage elements to another system which more lightly loaded. This is a scheduled activity
(sometimes delayed several days) that occurs late at night when the traffic is small and the lost messages problem is minimal. Attorneys are
very impatient and DigiTar has heard many “unacceptable Latency” stories from new Law Firm clients who previously used Postini and
MessageLabs.
Lower latency per message means more messages processed on any given resource. More messages processed/sec means more revenue per
production resource assets applied. Hence the focus in the attached graphs on message rates as the key index of everything in this business.
Likewise, Cost per user is a function of the number of eMessages you can process at a time (Messages/Second). At DigiTar we have a very
detailed processing through-put simulation model which calculates the resources required in the processing “Silo” (Equipment, Bandwidth,
Software Support Licenses, People, and more) for a given processing rate planned. We developed this simulation model 3 years ago and keep
it up to date on a Qtrly basis. It changes primarily due to advances in component architecture hardware (SUN, Cisco, Juniper, Brocade, etc.)
and changes in fixed/variable costs such as facilities and Bandwidth utilization. The graphs are the output of a multi-rate-simulation analysis
completed just recently for the update business plan.
Cost per user is a function of the number of eMessages you can process at a time (Messages/Second). At DigiTar we have a very detailed
processing through-put simulation model which calculates the resources required in the processing “Silo” (Equipment, Bandwidth, Software
Support Licenses, People, and more) for a given processing rate planned. We developed this simulation model 3 years ago and keep it up to
date on a Qtrly basis. It changes primarily due to advances in component architecture hardware (SUN, Cisco, Juniper, Brocade, etc.) and
changes in fixed/variable costs such as facilities and Bandwidth utilization. The graphs are the output of a multi-rate-simulation analysis
completed just recently for the update business plan.
20090622 1.8
56
CONFIDENTIAL
20090622 1.8
57
CONFIDENTIAL
20090622 1.8
58
CONFIDENTIAL
20090622 1.8

Cyber Security Services Business Plan

Transcription

Similar documents

Market Overview PDF

VOITTAVA KYBERSTRATEGIA Jarno Limnéll

Sun Sentinel Media Kit

Orlando Sentinel Media Kit

Using the Sun Sentinel to Promote Good Character

AppRiver guards your inbox against unwanted

volume 6 issue 8 August 2015 - Special Forces Association Chapter

ordering instructions mail order

Legally compliant email management

Samsung SPH-a680

saas vs. on-premise security