OX Abuse Shield v2
OX Abuse Shield provides abuse-prevention for Webmail, POP, and IMAP. It is integrated with both OX App Suite and Dovecot Pro to prevent login and authentication abuse as well as protecting against brute-force attacks. OX Abuse Shield release v2 includes:
- Long-term storage of login data in Elasticsearch
- Integration with ELK (Elasticsearch, Logstash, Kibana) stack
- Suspicious login detection
- Compromised account reports
- Pre-configured Kibana reports and dashboards
OX Abuse Shield
New features with v2
- Product Re-Name to OX Abuse Shield
Open-Xchange decided to re-name the product from Dovecot Anti-Abuse Shield to OX Abuse Shield. This name change corresponds to the ability to use OX Abuse Shield in different environments.
- Long-Term Storage of Login Data in Elasticsearch
Storing all login reports in Elasticsearch; this new functionality is used for sophisticated anomaly detection features such as detecting suspicious logins.
- Suspicious Login Detection
Sending email alerts to end-users or webhooks to abuse and operations teams when logins are detected as suspicious due to anomalies from previous logins.
- Compromised Account Reports
Periodic reports, based on long-term data stored in Elasticsearch, sent via webhooks to abuse and operations teams about potentially compromised users and IP addresses abusing the system.