VMware Zimbra Security. Protecting Your VMware Zimbra and Collaboration Environment
|
|
- Cuthbert O’Brien’
- 8 years ago
- Views:
Transcription
1 Protecting Your VMware Zimbra and Collaboration Environment Technical WHITE PAPER
2 Table of Contents VMware Zimbra Approach to Security... 3 Open-Source Commitment Flexible, Object-Based Design Adherence to Standards Flexible Deployment Architecture... 4 Tour of the Security Life Cycle... 5 Logging In... 5 Accessing Data Sharing Data and Sending s... 6 Monitoring and Tracking Access and Usage Incident Response Integrated Security and Compliance Functions... 8 Zimbra Security Ecosystem Gateway-Level Integration Zimlet Integration FAQ Technical white paper / 2
3 VMware Zimbra Approach to Security Today s IT organizations must handle competing demands for convenience and security. Users expect to work and collaborate from nearly any location and any type of device. Yet with increasing privacy and security regulations and a continually changing threat environment IT must exercise constant vigilance to protect business information and applications. As an , calendar and collaboration platform, VMware Zimbra is at the heart of the daily collaboration and communications that drive your business. Messaging is a business-critical application for almost every organization. At VMware, we understand that you need a range of options for addressing security and compliance, and that every organization s requirements are unique. This paper describes the security measures inherent in VMware Zimbra Collaboration Server and the many ways in which you can integrate it into enterprise security, compliance and governance solutions and practices. It starts with the technologies and philosophies in Zimbra that shape its approach to security and compliance. These include a commitment to open-source development, an object-based design, widespread compatibility through industry standards and flexible deployment options. Open-Source Commitment Zimbra is an enterprise-class, open-source messaging and collaboration platform. Zimbra Collaboration Server is built using well-known and trusted open-source components, including the Linux file system (message store), Jetty (Web server and Java Servlet container), MySQL (metadata), Apache Lucene (search), Postfix (mail transfer agent), OpenLDAP (configuration data) and others. Each of these technologies draws from the broad open-source community, which imposes its own consistent level of quality assurance (QA) and scrutiny to the code. VMware contributes code to the Open Source Software (OSS) community. Not only does this give back to the OSS community that provides so much value it also helps Zimbra customers by validating and enhancing the architecture through the community. The open source commitment protects your investment in collaboration/ messaging technology and you can always revert from the commercial version to the Open Source Edition of Zimbra Collaboration Server; although you will lose much of the rich additional functionality provided by the Zimbra Collaboration Server, the core functionality will remain. Flexible, Object-Based Design A basic design precept in Zimbra is that everything (account, domain, mail folder, calendar, etc) is an object within a hierarchy, and every object has an associated Access Control List (ACL). This design enables very granular permissions to be defined and can be used to create a class-of-service. A class-of-service (COS) is a Zimbra specific object that defines for example the default attributes and features that are enabled or disabled for an account. These attributes include default preference settings, mailbox quotas, message lifetime, password restrictions, attachment blocking and server pools for creation of new accounts. Each account is assigned a COS and a COS is used to group accounts and define the feature levels for those accounts. For example, executives can be assigned to a COS that allows the Calendar application that is disabled for all other employees. By grouping accounts into specific type of COS, account features can be updated in block. If the COS is not explicitly set, or if the COS assigned to the user no longer exists, values come from a pre-defined COS called default. A COS is not restricted to a particular domain or set of domains. Delegated administrators can be setup using COS for decentralized role based access control. The Zimbra security model enables Zimbra to accommodate a wide range of business scenarios while keeping the deployment simple and requiring minimal administration. Technical white paper / 3
4 Adherence to Standards Zimbra uses widely adopted industry standards, including: Secure Sockets Layer/Transport Layer Security (SSL/TLS) Simple Mail Transfer Protocol (SMTP) Secure/Multipurpose Internet Mail Extensions (S/MIME) Security Assertion Markup Language (SAML) 2.0 Federal Information Processing Standard (FIPS) Commitment to standards enables Zimbra Collaboration Server to work with nearly any desktop or mobile client and to operate within a wide partner ecosystem. You can either build your own integration solutions or link Zimbra Collaboration Server to third-party security and compliance tools. Flexible Deployment Architecture Zimbra Collaboration Server uses a modular architecture that supports flexible, secure deployments, with client-facing components deployed separately from the back-end components. For example, you can run the Zimbra Proxy Server and Message Transport Agent (MTA), which handle external traffic, within the DMZ. The Lightweight Directory Access Protocol (LDAP) and Mailstore Server components can reside within another firewall, with private, non-routable addresses between them. By protecting the server side and offering end-to-end encryption, Zimbra enables you to deliver secure messaging and collaboration to end users everywhere, even on their home computers. Figure 1. Components of Zimbra System Technical white paper / 4
5 Tour of the Security Life Cycle To implement defense in depth, you need layers of protection in every phase of the solution. To describe the security layers inherent in the Zimbra solution, we ll follow the application-access life cycle, starting from the user s perspective with the login (authentication). Figure 2. Zimbra s layered defense, from initial access to incident response Logging In Authentication allowing access to the application is the first step in Zimbra security. Zimbra offers four authentication options. Native Zimbra Authentication Zimbra supports authentication using its own internal directory. This is the simplest configuration. Administrators can define password policies with varying requirements for password length, strength and age. Zimbra Collaboration Server 7.2 and above supports two-factor authentication using smart cards, including the U.S. Department of Defense Common Access Cards, as a physical authentication factor. By supplementing the password (something you know) with a smart card (something you have), multi-factor authentication reduces the potential for unauthorized access using stolen credentials. Technical white paper / 5
6 Single Sign-On (SSO) You can use Zimbra with existing Identity Management systems including Microsoft Active Directory or other Lightweight Directory Access Protocol (LDAP) compliant directories using Kerberos or a pre-authentication key. This way, users have a single, secure login for authenticating to multiple enterprise services, and you can manage access and identity from a single, central directory. Identity Federation Zimbra also supports SAML-based identity federation. Using this approach, a user authenticates with a SAML identity provider. The provider and the Zimbra server exchange security certificates and identity assertions before Zimbra grants access. VMware Horizon Application Manager is an example of a SAML identity provider that works with Zimbra. Zimbra supports other federated identity solutions that use the SAML 2.0 standard. Zimbra also supports OAuth, an API-level authentication protocol popular with large consumer service providers. Mobile Authentication For certain mobile devices, Zimbra Collaboration Server can ensure that the device complies with mobile security policies before allowing access. These policies might include timeouts, personal identification numbers (PINs) and local device wipe. For example, the user must enter a PIN to unlock the device; if a preconfigured number of incorrect PINs are entered, a local program wipes the content on the device. Accessing Data After users connect to Zimbra, authorization processes control which data they can see and which functions they can perform. For example, most users can use their own and calendars, and some may be able to check someone else s calendar. Everything in Zimbra (including accounts, domains, mail folder, contacts, calendar, tasks and briefcase folder) is an object with attributes that can be secured with object-level permissions. Administrators can easily create groups and assign access permissions to them to support specific business objectives. Zimbra supports highly granular and secure authorization frameworks, using a class-of-service model. You can define specialized and unique classes of service that fit your specific business requirements. Each class of service controls everything from specific features within Zimbra to storage policies and access to third-party integration solutions using the Zimlet extensibility framework. Sharing Permissions Zimbra offers flexible sharing permissions for shared mail folders, contacts, calendars, tasks lists and briefcase folders. You can grant internal users or groups permission to view, edit or share folders or items. You can also grant external users read-only or password-based access to shared objects. For example, you might give a colleague the permission to create, accept or delete meetings for your calendar but not to share your calendar with other users. Delegated, Role-Based Administration Zimbra lets you delegate administrative tasks with highly configurable permissions. An administrator s role can be as simple as managing a distribution list or resetting forgotten passwords for a specific group of users. You can create roles for nearly any attribute and task in Zimbra. Zimbra also provides predefined roles for domain administrators and distribution-list managers. Sharing Data and Sending s After users connect to their accounts, they will probably start sending or receiving , scheduling meetings or collaborating with others. These interactions can occur within the Zimbra server (with other users in the group) or with external users, and with devices that are mobile or outside enterprise control. Zimbra offers several strategies for protecting the privacy of data as it moves through the application and between users and devices. Technical white paper / 6
7 Encrypting Messages In Zimbra Collaboration Server 7.2 we introduced support for S/MIME that enables encryption and decryption of messages even when a Web-based client is used. Zimbra can work with public certificate authorities or certificates issued via an internal public-key infrastructure (PKI) deployment. Data Privacy in Transit VMware recommends that you use TLS, which supercedes SSL, for all communications between the Zimbra servers and the client (whether it is a browser-based client or a mobile application). You can set this as a default value in the Zimbra Collaboration Server administration console. Zimbra uses TLS/SSL to encrypt communications with mobile devices using ActiveSync and Zimbra Mobile and with Zimbra Collaboration Server 7.2 and above, there is an additional layer of security with the content being encrypted with S/MIME. Data Privacy at Rest Data in our message store is also encrypted with S/MIME in Zimbra Collaboration Server 7.2 and above. The data is stored encrypted in our message store until the person with the appropriate private key opens the . Third-party solutions can also be used to encrypt the file system containing Zimbra data. For example, you might use hardware-based encryption embedded in the file-system storage. FIPS In an environment that requires operating in a FIPS140-2 compliant mode, Zimbra s cryptography libraries and desktop clients can be configured to operate in and enforce FIPS140-2 compliant algorithms and key strengths. Digital Signatures S/MIME also enables you to digitally sign messages to provide authentication and nonrepudiation for legal purposes. When you use digital signatures, recipients know that a message came from you, not from someone spoofing your address. Protection from Outage or Disaster You can protect the broader Zimbra deployment from outages or disasters, transparently to the application. For example, you can Use data replication to remove single points of failure from your storage environment Use backups to provide disaster site resilience Implementing high availability and site resiliency are simple if you are running Zimbra in a VMware vsphere environment. Monitoring and Tracking Access and Usage While the user is busy sending and receiving , scheduling appointments and collaborating with others, Zimbra is constantly auditing and tracking all access and usage. Zimbra logs a wide range of activities, including: User and administrator activity Login failures Slow queries Mailbox activity Mobile synchronization activity Database errors You can set different levels of logging. The Zimbra Collaboration Server supports the syslog format and Simple Network Management Protocol (SNMP). Log events, alerts and traps can be forwarded to log-management and event correlation systems to create centralized policies and notifications based on your security and compliance requirements. These logs can support forensic analysis, which is useful for our next step: incident response. Technical white paper / 7
8 Incident Response Even with the layers of security we ve defined so far, you may need to take action to respond to a problem or mitigate risk. For example, A user s account credentials have been stolen An executive left his or her smartphone in a taxicab Log analysis reveals problematic activity on an administrator account Zimbra supports incident response in several ways. Remote Device Wiping If a tablet or smartphone that uses Zimbra is lost or stolen, the administrator can remotely wipe the data from the device. This mitigates the risk of someone accessing the Zimbra data remotely, and of data on the device itself being compromised. Account Lockout You can configure a policy that automatically locks an account after a specific number of failed login attempts. The administrator can also immediately disable any account at any time. An administrator with appropriate access privileges can also view the messages of the suspect account to help determine if the account has been compromised. If you are using a federated identity management solution (SAML-based SSO) with Zimbra Collaboration Server or integrating Zimbra Collaboration Server to implement SSO with internal directories such as Active Directory you can disable access from the central directory or identity store to prevent authentication to the Zimbra account. Integrated Security and Compliance Functions Zimbra Collaboration Server comes with embedded antivirus, antispam and archiving capabilities to offer essential protection for messaging. Antivirus ClamAV is an award-winning open-source antivirus software with threat definitions (for worm, virus and phishing) updated multiple times each day. You can run ClamAV in combination with other antivirus solutions; Zimbra offers a plug-in framework for supporting antivirus. Antispam Zimbra Collaboration Server also has built-in antispam filtering on the server using the open-source SpamAssassin and DSPAM tools. These tools support ongoing spam-filter training (i.e., teaching the filter what is spam and what isn t), enabling organizations to optimize performance in their own environments. Users can train spam filters by moving messages in and out of their junk folders. Archiving and Discovery Zimbra Archiving and Discovery is a feature of the Zimbra Collaboration Server. With this integrated solution, you can select which users messages to archive and set retention policies for both archive and live mailboxes. Zimbra Archiving and Discovery offers powerful search indexing in a simple, cost-effective platform. You can also integrate third-party archiving solutions with Zimbra Collaboration Server. Technical white paper / 8
9 Zimbra Security Ecosystem You may want or need to integrate Zimbra with broader enterprise security and compliance solutions, or extend security and policy capabilities with third-party solutions. Zimbra integrates easily with many other solutions and supports a wide partner ecosystem. VMware maintains the VMware Ready Mail Security program for partners that deliver complementary solutions in areas including: Data-loss prevention Antivirus and antispam archiving and discovery With an open partner ecosystem, you can invest in and deploy the measures that are most appropriate for your specific business environment. Zimbra Collaboration Server supports two levels of integration with third-party solutions: Gateway-level integration Zimlet integration You can find a complete list of partners at mail-security.html. Gateway-Level Integration Through its support for SMTP protocols, Zimbra Collaboration Server offers gateway-level integration with a wide range of third-party solutions. For example, Zimbra Collaboration Server can be configured to send all messages to an SMTP gateway, which can then provide archiving, content filtering and data-loss prevention, message policy enforcement, messaging security, spam and virus prevention, and so on. Zimlet Integration Tight integration with Zimbra Collaboration Server is supported by the Zimlet framework. Zimlets let users interact with third-party applications from the Zimbra Web client. VMware partners such as Proofpoint have used Zimlets to build tight integration between their messaging-security solutions and Zimbra Collaboration Server. You can also build your own Zimlets to add custom functionality to your deployment. Zimlets (both third-party and community-developed) are available from the Zimbra Gallery ( FAQ This section answers a few of the more common questions about security and Zimbra. Q Does Zimbra support digital signatures? A Zimbra Collaboration Server 7.2 and above support digital signatures through S/MIME. You can both send and receive digitally signed messages. Q Do you support certificate encryption? A Zimbra Collaboration Server supports certificate encryption through S/MIME or through a partner such as Proofpoint. Q Does Zimbra provide content filters? A Zimbra itself does not do content filtering, but our partners do. See Q Which encryption standards does Zimbra support? A Zimbra Collaboration Server 7.2 supports S/MIME 3.2, S/MIME 3.1 and TLS/SSL. Technical white paper / 9
10 Q How does Zimbra support two-factor authentication? A Zimbra Collaboration Server 7.2 and above support multi-factor authentication natively using PKCS#11 compliant tokens storing X.509 certificates, such as smartcards. Zimbra can also be configured to use SSO where authentication to the Identity Management system, either locally or through a secure access gateway, requires multi-factor authentication. Q How does Zimbra support federated identity? A Zimbra supports identity federation using the SAML 2.0 protocol. VMware Zimbra can be used with a SAML 2.0 Identity Provider such as VMware Horizon Application Manager or Microsoft Active Directory Federation Services. Q How do I get Zimbra to work in the FIPS mode? A Using Desktop Operating Systems and web browsers that support FIPS140-2 mode, configure the client machine to operate in FIPS mode. Zimbra will respect and enforce using FIPS140-2 compliant algorithms and key lengths. Q Do I need Java for the S/MIME functionality? A Yes. Zimbra uses a Java applet to access local keystores and cryptography libraries on client devices for security, cross platform, and multi-browser compatibility. Q Does Zimbra support SPNEGO? A Yes. Zimbra uses SPNEGO with supporting browsers to negotiate Kerberos Authentication. Acronyms ACL Access Control List ADFS Active Directory Federation Services COS Class-of-service FIPS Federal Information Processing Standard LDAP Lightweight Directory Access Protocol MBS Mailstore Server MTA Message Transfer Agent OSS Open source software SAML Security Assertion Markup Language S/MIME Secure Multipurpose Internet Mail Extensions SMTP Simple Mail Transfer Protocol SSL Secure Socket Layer SSO Single sign-on TLS Transport Layer Security ZCS Zimbra Collaboration Server Technical white paper / 10
11 VMware, Inc Hillview Avenue Palo Alto CA USA Tel Fax Copyright 2012 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. Item No: VMW-TWP-ZIMBRA-SECURITY-USLET /12
Protecting Your Zimbra Collaboration Environment. Zimbra Security and Privacy White Paper
Protecting Your Zimbra Collaboration Environment Zimbra Security and Privacy White Paper Table of Contents The Zimbra Approach to Security and Data Privacy Open Source Commitment Adherence to Open Standards
More informationSecurity Overview Enterprise-Class Secure Mobile File Sharing
Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationEnsuring Enterprise Data Security with Secure Mobile File Sharing.
A c c e l l i o n S e c u r i t y O v e r v i e w Ensuring Enterprise Data Security with Secure Mobile File Sharing. Accellion, Inc. Tel +1 650 485-4300 1804 Embarcadero Road Fax +1 650 485-4308 Suite
More informationHow To Control Vcloud Air From A Microsoft Vcloud 1.1.1 (Vcloud)
SOC 1 Control Objectives/Activities Matrix goes to great lengths to ensure the security and availability of vcloud Air services. In this effort, we have undergone a variety of industry standard audits,
More informationIntegrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER
Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER Table of Contents Introduction.... 3 Requirements.... 3 Horizon Workspace Components.... 3 SAML 2.0 Standard.... 3 Authentication
More informationZimbra Collaboration Suite Administrator s Guide. Release 6.0
Zimbra Collaboration Suite Administrator s Guide Release 6.0 Network Edition Rev: July 2010 Legal Notices Copyright 2005-2010 Zimbra. All rights reserved. No part of this document may be reproduced, in
More informationvsphere Security ESXi 6.0 vcenter Server 6.0 EN-001466-04
ESXi 6.0 vcenter Server 6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions
More informationGoogle Identity Services for work
INTRODUCING Google Identity Services for work One account. All of Google Enter your email Next Online safety made easy We all care about keeping our data safe and private. Google Identity brings a new
More informationConfiguring Single Sign-On from the VMware Identity Manager Service to Office 365
Configuring Single Sign-On from the VMware Identity Manager Service to Office 365 VMware Identity Manager JULY 2015 V1 Table of Contents Overview... 2 Passive and Active Authentication Profiles... 2 Adding
More informationPerceptive Experience Single Sign-On Solutions
Perceptive Experience Single Sign-On Solutions Technical Guide Version: 2.x Written by: Product Knowledge, R&D Date: January 2016 2016 Lexmark International Technology, S.A. All rights reserved. Lexmark
More informationvcloud Director User's Guide
vcloud Director 5.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of
More informationFileMaker Security Guide The Key to Securing Your Apps
FileMaker Security Guide The Key to Securing Your Apps Table of Contents Overview... 3 Configuring Security Within FileMaker Pro or FileMaker Pro Advanced... 5 Prompt for Password... 5 Give the Admin Account
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationVMware Zimbra Collaboration Server Administrator s Guide
VMware Zimbra Collaboration Server Administrator s Guide ZCS 8.0 Open Source Edition August 2012 Legal Notices Copyright 2005-2012 VMware, Inc. All rights reserved. This product is protected by U.S. and
More informationCA Performance Center
CA Performance Center Single Sign-On User Guide 2.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is
More informationUnderstanding Enterprise Cloud Governance
Understanding Enterprise Cloud Governance Maintaining control while delivering the agility of cloud computing Most large enterprises have a hybrid or multi-cloud environment comprised of a combination
More informationFeature and Technical
BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 4 Feature and Technical Overview Published: 2013-11-07 SWD-20131107160132924 Contents 1 Document revision history...6 2 What's
More informationFTA Computer Security Workshop. Secure Email
FTA Computer Security Workshop Secure Email March 8, 2007 Stan Wiechert, KDOR IS Security Officer Outline of Presentation The Risks associated with Email Business Constraints Secure Email Features Some
More informationVMware Horizon Workspace Security Features WHITE PAPER
VMware Horizon Workspace WHITE PAPER Table of Contents... Introduction.... 4 Horizon Workspace vapp Security.... 5 Virtual Machine Security Hardening.... 5 Authentication.... 6 Activation.... 6 Horizon
More informationConfiguration Guide BES12. Version 12.2
Configuration Guide BES12 Version 12.2 Published: 2015-07-07 SWD-20150630131852557 Contents About this guide... 8 Getting started... 9 Administrator permissions you need to configure BES12... 9 Obtaining
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to Dropbox
Configuring Single Sign-on from the VMware Identity Manager Service to Dropbox VMware Identity Manager SEPTEMBER 2015 V1 Configuring Single Sign-On from VMware Identity Manager to Dropbox Table of Contents
More informationShareFile Security Overview
ShareFile Security Overview ShareFile Company Policy All ShareFile employees undergo full background checks and sign our information security policy prior to beginning employment with the company. The
More informationBlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Feature and Technical Overview
BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2 Feature and Technical Overview Published: 2010-06-16 SWDT305802-1108946-0615123042-001 Contents 1 Overview: BlackBerry Enterprise
More informationMicrosoft Exchange 2013 Ultimate Bootcamp Your pathway to becoming a GREAT Exchange Administrator
Microsoft Exchange 2013 Ultimate Bootcamp Your pathway to becoming a GREAT Exchange Administrator Introduction Microsoft Exchange with its inherent high level of security features, improved assistant,
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to WebEx
Configuring Single Sign-on from the VMware Identity Manager Service to WebEx VMware Identity Manager SEPTEMBER 2015 V 2 Configuring Single Sign-On from VMware Identity Manager to WebEx Table of Contents
More informationSymantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management
Mobile Application Management and Protection Data Sheet: Mobile Security and Management Overview provides integrated mobile application and device management capabilities for enterprise IT to ensure data
More informationMobile Admin Security
Mobile Admin Security Introduction Mobile Admin is an enterprise-ready IT Management solution that generates significant cost savings by dramatically increasing the responsiveness of IT organizations facing
More informationAlwaysMail. Sector 5. Cloud E-Mail
AlwaysMail Sector 5 Cloud E-Mail INDEX INDEX 2 SECTOR 5 COMPANY PROFILE 3 Background Company Name & Address 3 1. SECTOR 5 HOSTED E-MAIL OFFERING 4 2. MICROSOFT HOSTED EXCHANGE 5 3. HOW WE MIGRATE COMPANIES?
More informationAdvanced Administration
BlackBerry Enterprise Service 10 BlackBerry Device Service Version: 10.2 Advanced Administration Guide Published: 2014-09-10 SWD-20140909133530796 Contents 1 Introduction...11 About this guide...12 What
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,
More informationMySQL Security: Best Practices
MySQL Security: Best Practices Sastry Vedantam sastry.vedantam@oracle.com Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes
More informationConfiguration Guide BES12. Version 12.3
Configuration Guide BES12 Version 12.3 Published: 2016-01-19 SWD-20160119132230232 Contents About this guide... 7 Getting started... 8 Configuring BES12 for the first time...8 Configuration tasks for managing
More informationFlexible Identity Federation
Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationFortiMail Email Filtering. Course 221 (for FortiMail v4.2) Course Overview
FortiMail Email Filtering Course 221 (for FortiMail v4.2) Course Overview FortiMail Email Filtering is a 2-day instructor-led course with comprehensive hands-on labs to provide you with the skills needed
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More informationACE Management Server Deployment Guide VMware ACE 2.0
Technical Note ACE Management Server Deployment Guide VMware ACE 2.0 This technical note provides guidelines for the deployment of VMware ACE Management Servers, including capacity planning and best practices.
More informationConfiguration Guide BES12. Version 12.1
Configuration Guide BES12 Version 12.1 Published: 2015-04-22 SWD-20150422113638568 Contents Introduction... 7 About this guide...7 What is BES12?...7 Key features of BES12... 8 Product documentation...
More informationvsphere Security ESXi 5.5 vcenter Server 5.5 EN-001164-04
ESXi 5.5 vcenter Server 5.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions
More informationMail Services. Easy-to-manage Internet mail solutions featuring best-in-class open source technologies. Features
Mail Services Easy-to-manage Internet mail solutions featuring best-in-class open source technologies. Features Enterprise-class mail server High-performance Postfix SMTP services Scalable Cyrus IMAP and
More informationProject Title: Judicial Branch Enterprise Document Management System RFP Number: FIN122210CK Appendix D Technical Features List
FEAT891 Medium Recoverable using backup The solution shall be recoverable from backup storage media storage media. FEAT893 Desired Medium Support Load Sharing High Availability The solution should utilize
More informationBlackBerry Enterprise Solution v4.1 For Microsoft Exchange Life is now
BlackBerry Enterprise Solution v4.1 For Microsoft Exchange Life is now EXTENDING EXCHANGE WITH SECURE WIRELESS SOLUTIONS BlackBerry Enterprise Server software integrates with Microsoft Exchange and your
More informationAn Overview of Samsung KNOX Active Directory and Group Policy Features
C E N T R I F Y W H I T E P A P E R. N O V E M B E R 2013 An Overview of Samsung KNOX Active Directory and Group Policy Features Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationBlackBerry Enterprise Service 10. Version: 10.2. Configuration Guide
BlackBerry Enterprise Service 10 Version: 10.2 Configuration Guide Published: 2015-02-27 SWD-20150227164548686 Contents 1 Introduction...7 About this guide...8 What is BlackBerry Enterprise Service 10?...9
More informationHow To Secure Mail Delivery
FortiMail Identity Based Encryption A Business Enabler WHITE PAPER FORTINET FortiMail Identity Based Encryption - A Business Enabler PAGE 2 Contents Business Need Secure Mail Delivery... 3 Challenges with
More informationFortiMail Email Filtering. Course 221 (for FortiMail v5.0) Course Overview
FortiMail Email Filtering Course 221 (for FortiMail v5.0) Course Overview FortiMail Email Filtering is a 2-day instructor-led course with comprehensive hands-on labs to provide you with the skills needed
More informationFortiMail Email Filtering. Course 221 - for FortiMail v4.0. Course Overview
FortiMail Email Filtering Course 221 - for FortiMail v4.0 Course Overview FortiMail Email Filtering is a 3-day instructor-led course with comprehensive hands-on labs to provide you with the skills needed
More informationWhite Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0
White Paper Enterprise File Serving 2.0 Anywhere, Any Device File Access with IT in Control Like it or not, cloud- based file sharing services have opened up a new world of mobile file access and collaborative
More informationConvenience and security
Convenience and security ControlSphere is a computer security and automation solution designed to protect user data and automate most of authentication tasks for the user at work and home environments.
More informationVMware Zimbra Collaboration Server Administrator s Guide. Release 7.1
VMware Zimbra Collaboration Server Administrator s Guide Release 7.1 Open Source Edition May 2011 Legal Notices Copyright 2005-2011 VMware, Inc. All rights reserved. This product is protected by U.S. and
More informationSecurity Architecture Whitepaper
Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer
More informationSupplier Information Security Addendum for GE Restricted Data
Supplier Information Security Addendum for GE Restricted Data This Supplier Information Security Addendum lists the security controls that GE Suppliers are required to adopt when accessing, processing,
More informationMDaemon Vs. Microsoft Exchange Server 2013 Standard
Comparison Guide Vs. The following chart is a side-by-side feature comparison of and. Flex Licensing Maximum Accounts Unlimited Unlimited SMTP, POP3, DomainPOP, and MultiPOP POP3 & SMTP Only SSL / TLS
More informationNCSU SSO. Case Study
NCSU SSO Case Study 2 2 NCSU Project Requirements and Goals NCSU Operating Environment Provide support for a number Apps and Programs Different vendors have their authentication databases End users must
More informationvsphere Upgrade vsphere 6.0 EN-001721-03
vsphere 6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document,
More informationCA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam
CA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam (CAT-140) Version 1.4 - PROPRIETARY AND CONFIDENTIAL INFORMATION - These educational materials (hereinafter referred to as
More informationRSA Authentication Manager 7.1 Security Best Practices Guide. Version 2
RSA Authentication Manager 7.1 Security Best Practices Guide Version 2 Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com. Trademarks
More informationTop 7 Tips for Better Business Continuity
Top 7 Tips for Better Business Continuity With Hosted Fax www.biscom.com sales@biscom.com (+1) 800-477-2472 or (+1) 978-250-1800 Introduction Biscom s Secure File Transfer (Biscom SFT) solution enables
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to ServiceNow
Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow VMware Identity Manager AUGUST 2015 V1 Configuring Single Sign-On from VMware Identity Manager to ServiceNow Table of Contents
More informationSetting Up Resources in VMware Identity Manager
Setting Up Resources in VMware Identity Manager VMware Identity Manager 2.4 This document supports the version of each product listed and supports all subsequent versions until the document is replaced
More informationZimbra Connector for Microsoft Outlook User Guide 7.1
Zimbra Connector for Microsoft Outlook User Guide 7.1 March 2011 Legal Notices Copyright 2005-2011 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual
More informationnexus Hybrid Access Gateway
Product Sheet nexus Hybrid Access Gateway nexus Hybrid Access Gateway nexus Hybrid Access Gateway uses the inherent simplicity of virtual appliances to create matchless security, even beyond the boundaries
More informationConfiguration Guide. BlackBerry Enterprise Service 12. Version 12.0
Configuration Guide BlackBerry Enterprise Service 12 Version 12.0 Published: 2014-12-19 SWD-20141219132902639 Contents Introduction... 7 About this guide...7 What is BES12?...7 Key features of BES12...
More informationPCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP
solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility
More informationZimbra Collaboration Suite Administrator s Guide. Release 5.0
Zimbra Collaboration Suite Administrator s Guide Release 5.0 Network Edition Rev 4 June 2008 Legal Notices Copyright Zimbra, Inc. 2005-2008. All rights reserved. The Zimbra logo and logo types are trademarks
More informationBlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Administration Guide
BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2 Administration Guide Published: 2010-06-16 SWDT487521-1041691-0616023638-001 Contents 1 Overview: BlackBerry Enterprise
More informationBUILT FOR YOU. Contents. Cloudmore Exchange
BUILT FOR YOU Introduction is designed so it is as cost effective as possible for you to configure, provision and manage to a specification to suit your organisation. With a proven history of delivering
More informationZimbra Connector for Microsoft Outlook User Guide ZCO 8.0
Zimbra Connector for Microsoft Outlook User Guide ZCO 8.0 August 2012 Legal Notices Copyright 2005-2012 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and
More informationThe Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency
logo The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency Understanding the Multiple Levels of Security Built Into the Panoptix Solution Published: October 2011
More informationTrustedX - PKI Authentication. Whitepaper
TrustedX - PKI Authentication Whitepaper CONTENTS Introduction... 3 1... 4 Use Scenarios... 5 Operation... 5 Architecture and Integration... 6 SAML and OAuth 7 RESTful Web Services 8 Monitoring and Auditing...
More informationOVERVIEW OF TYPICAL WINDOWS SERVER ROLES
OVERVIEW OF TYPICAL WINDOWS SERVER ROLES Before you start Objectives: learn about common server roles which can be used in Windows environment. Prerequisites: no prerequisites. Key terms: network, server,
More informationVMware Identity Manager Integration with Active Directory Federation Services 2.0
VMware Identity Manager Integration with Active Directory Federation Services 2.0 VMware Identity Manager J ULY 2015 V 2 Table of Contents Active Directory Federation Services... 2 Configuring AD FS Instance
More informationRSA Authentication Manager 8.1 Administrator s Guide
RSA Authentication Manager 8.1 Administrator s Guide Contact Information Go to the RSA corporate website for regional Customer Support telephone and fax numbers: www.emc.com/domains/rsa/index.htm Trademarks
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationZimbra Connector for Microsoft Outlook User Guide ZCO 7.2
Zimbra Connector for Microsoft Outlook User Guide ZCO 7.2 April 2012 Legal Notices Copyright 2005-2012 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and
More informationMedia Shuttle s Defense-in- Depth Security Strategy
Media Shuttle s Defense-in- Depth Security Strategy Introduction When you are in the midst of the creative flow and tedious editorial process of a big project, the security of your files as they pass among
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,
More informationWeb Hosting. CMS Development. Domain registrations. DNS Pointing. Website Publishing. SMB Starter Package. Static Website Development
Domain registrations DNS Pointing Website Publishing Web Hosting SMB Starter Package Static Website Development 5 Mailboxes 250MB each Domain Registration Logo Design Website Publishing SMB Package Dynamic
More informationHow Reflection Software Facilitates PCI DSS Compliance
Reflection How Reflection Software Facilitates PCI DSS Compliance How Reflection Software Facilitates PCI DSS Compliance How Reflection Software Facilitates PCI DSS Compliance In 2004, the major credit
More informationwww.novell.com/documentation Installation Guide GroupWise 2014 R2 November 2015
www.novell.com/documentation Installation Guide GroupWise 2014 R2 November 2015 Legal Notices Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation,
More informationData Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment
White Paper Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment Cisco Connected Analytics for Network Deployment (CAND) is Cisco hosted, subscription-based
More informationVMware vsphere Data Protection 5.8 TECHNICAL OVERVIEW REVISED AUGUST 2014
VMware vsphere Data Protection 5.8 TECHNICAL OVERVIEW REVISED AUGUST 2014 Table of Contents Introduction.... 3 Features and Benefits of vsphere Data Protection... 3 Additional Features and Benefits of
More informationFBLA Cyber Security aligned with Common Core 6.14. FBLA: Cyber Security RST.9-10.4 RST.11-12.4 RST.9-10.4 RST.11-12.4 WHST.9-10.4 WHST.11-12.
Competency: Defend and Attack (virus, spam, spyware, Trojans, hijackers, worms) 1. Identify basic security risks and issues to computer hardware, software, and data. 2. Define the various virus types and
More informationPortWise Access Management Suite
Create secure virtual access for your employees, partners and customers from any location and any device. With todays global and homogenous economy, the accuracy and responsiveness of an organization s
More informationCOMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING
COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING INFORMATION TECHNOLOGY STANDARD Name Of Standard: Mobile Device Standard Domain: Security Date Issued: 09/07/2012 Date Revised:
More informationSmart Card Certificate Authentication with VMware View 4.5 and Above WHITE PAPER
Smart Card Certificate Authentication with VMware View 4.5 and Above WHITE PAPER Table of Contents.... About This Paper.... 3 Introduction... 3 Smart Card Overview.... 3 Getting Started... 4 Authenticating
More informationComparing VMware Zimbra with Leading Email and Collaboration Platforms Z I M B R A C O M P E T I T I V E W H I T E P A P E R
Comparing VMware Zimbra with Leading Email and Collaboration Platforms Z I M B R A C O M P E T I T I V E W H I T E P A P E R Introduction Email is indispensable few applications are more critical to the
More informationThe Essential Security Checklist. for Enterprise Endpoint Backup
The Essential Security Checklist for Enterprise Endpoint Backup IT administrators face considerable challenges protecting and securing valuable corporate data for today s mobile workforce, with users accessing
More informationDJIGZO EMAIL ENCRYPTION. Djigzo white paper
DJIGZO EMAIL ENCRYPTION Djigzo white paper Copyright 2009-2011, djigzo.com. Introduction Most email is sent as plain text. This means that anyone who can intercept email messages, either in transit or
More informationLync SHIELD Product Suite
Lync SHIELD Product Suite The Natural Solution For Securing Lync Connectivity For today s mobile enterprise, the need to connect smartphones to the corporate network has become a vital business requirement.
More informationSecurity Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2
BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution
More informationSymantec Enterprise Vault.cloud Overview
Fact Sheet: Archiving and ediscovery Introduction The data explosion that has burdened corporations and governments across the globe for the past decade has become increasingly expensive and difficult
More informationSecurity Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0
Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features
More informationetoken TMS (Token Management System) Frequently Asked Questions
etoken TMS (Token Management System) Frequently Asked Questions Make your strong authentication solution a reality with etoken TMS (Token Management System). etoken TMS provides you with full solution
More informationVMware vsphere Data Protection 6.0
VMware vsphere Data Protection 6.0 TECHNICAL OVERVIEW REVISED FEBRUARY 2015 Table of Contents Introduction.... 3 Architectural Overview... 4 Deployment and Configuration.... 5 Backup.... 6 Application
More informationNew Security Features
New Security Features BlackBerry 10 OS Version 10.3.1 Published: 2014-12-17 SWD-20141211141004210 Contents About this guide... 4 Advanced data at rest protection... 5 System requirements... 6 Managing
More informationFrequently asked questions
Frequently asked questions For more information, visit Usher.com info@ Toll Free (US ONLY): 888.656.4464 Direct Dial: 703.848.8710 1 What is Usher? Usher is a mobile identity platform designed to provide
More informationMS 10135B Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010
MS 10135B Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010 Description: Days: 5 Prerequisites: This course will provide you with the knowledge and skills to configure and manage
More informationVMware Identity Manager Administration
VMware Identity Manager Administration VMware Identity Manager 2.4 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationDirectory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA 94107. info@okta.
Directory Integration with Okta An Architectural Overview Okta Inc. 301 Brannan Street San Francisco, CA 94107 info@okta.com 1-888-722-7871 Contents 1 User Directories and the Cloud: An Overview 3 Okta
More information