Project: Implementation of Advanced Email Security (DC & DR) via Trend Micro Deep Discovery
Client Overview
RailTel is a “Miniratna” Public Sector Enterprise and one of the largest neutral telecom infrastructure providers in India.1 With a network spanning over 61,000+ route kilometers of optic fiber, RailTel is the digital engine for the Indian Railways.2 Given its strategic importance, RailTel’s email infrastructure handles highly sensitive data, necessitating a sophisticated defense against targeted cyberattacks and corporate espionage.
The Requirements
RailTel required a comprehensive, multi-layered email security solution to protect against modern, “invisible” threats that bypass traditional spam filters.
- Advanced Threat Detection: Ability to block spear-phishing, business email compromise (BEC), and targeted attacks.3
- Zero-Day Protection: A sandbox environment to test suspicious files and URLs before they reach the user.
- DC-DR Redundancy: A mirrored security architecture across both Data Center (DC) and Disaster Recovery (DR) sites for 100% availability.
- Centralized Orchestration: A single console to manage multiple security appliances and correlate logs.
- Inline Inspection: The solution had to sit directly in the email flow (MTA mode) to inspect both inbound and outbound traffic.
Technical Stack & Project Components
Component | Solution / Technology Used | Role in Ecosystem |
Email Inspector | Trend Micro DDEI (4 Virtual Instances) | Real-time Inline Email Inspection |
Sandbox Analyzer | Trend Micro DDAN (2 Physical Appliances) | Zero-day Malware & URL Analysis |
Central Manager | Trend Micro DDD (Virtual Appliance) | Log Aggregation & Orchestration |
Mode of Operation | MTA (Mail Transfer Agent) Mode | Inline Inbound/Outbound Protection |
Infrastructure | DC & DR Site Integration | High Availability & Disaster Resilience |
Solution from IT Wings Infosystem
IT Wings engineered a robust “Security Shield” across RailTel’s primary and secondary sites:
Dual-Site Inline Protection
We deployed 2 Virtual DDEI instances at the DC and 2 at the DR site. These are configured in MTA mode, allowing them to sit inline and scan every single inbound and outbound email for malicious patterns.
Advanced Sandboxing (DDAN)
To catch “Zero-Day” threats (threats with no known signature), we installed Physical Deep Discovery Analyzer appliances at both locations. Suspicious attachments and links are automatically sent to this secure “Sandbox” to be executed and analyzed without risking RailTel’s network.
Centralized Governance (DDD)
We implemented the Deep Discovery Director (DDD) virtual appliance. This aggregates logs from all four email inspectors, providing the RailTel security team with a unified dashboard for threat correlation and response.
Strategic Placement
- DDEI: Positioned precisely between the internet and the internal mail server.
- DDAN: Isolated in a secure zone with high-speed access for rapid file detonation.
- DDD: Integrated into a secure management network for top-level oversight.
The Business Outcomes (Impact Data)
100% Mitigation of Spear-Phishing
The implementation has successfully filtered out targeted phishing attempts that previously posed a high risk to administrative accounts.
Zero-Day Readiness
With physical sandboxing (DDAN), RailTel is now protected against unknown malware, reducing the window of vulnerability to near zero.
Seamless Failover
The DC-DR mirrored setup ensures that even if one site goes down, email security remains active without a single second of exposure.
Consolidated Visibility
The DDD console has reduced “Alert Fatigue” by correlating logs, allowing the IT team to identify and resolve genuine threats 50% faster.
Clean Outbound Communication
By inspecting outbound mail, RailTel’s IP reputation is protected, ensuring their official emails are never blacklisted.
Core Competencies Gained
Through the MCG E-Office project, the IT Wings team refined several mission-critical capabilities:
- Specialized Security Deployment: Expertise in the Trend Micro Deep Discovery suite (DDEI, DDAN, DDD).
- Enterprise Mail Flow Management: Mastering MTA-mode integration in high-volume, national-level telecom environments.
- Physical & Virtual Hybrid Integration: Skillfully combining physical sandbox appliances with virtualized email inspectors for optimal performance.
- Nation-Scale DC-DR Orchestration: Proven ability to synchronize advanced security layers across geographically distant data centers.
Conclusion
At IT Wings Infosystem, our journey through these high-stakes projects—from securing the financial data of millions at EPFO to powering the backbone of Indian Railways at CRIS and RailTel—demonstrates a consistent commitment to excellence.
Our work goes beyond mere hardware installation; we build resilient digital ecosystems. Whether it is migrating complex Oracle databases for MCG, implementing zero-day threat protection for RailTel, or scaling high-density blade servers for CRIS, our approach is always data-driven and security-first.
