Email Security Solutions



Similar documents
Tumbleweed MailGate Secure Messenger

Secured Enterprise eprivacy Suite

Implementing Transparent Security for Desktop Encryption Users

W H I T E PA P E R. Providing Encryption at the Internal Desktop

PineApp TM Mail Encryption Solution TM

White paper. Why Encrypt? Securing without compromising communications

The syslog-ng Store Box 3 LTS

The syslog-ng Store Box 3 F2

1 Product. Open Text is the leading fax server vendor in the world. *

The SparkWeave Private Cloud & Secure Collaboration Suite. Core Features

Trend Micro Encryption (TMEE) Delivering Secure . Veli-Pekka Kusmin Pre-Sales Engineer

White Paper Instant Messaging (IM) HIPAA Compliance

Symantec Messaging Gateway 10.5

Encryption Services

redcoal SMS for MS Outlook and Lotus Notes

Securing enterprise collaboration through and file sharing on a unified platform

SECURE YOUR DATA EXCHANGE WITH SAFE-T BOX

How To Secure Mail Delivery

Enterprise Vault.cloud Deployment Checklist

RSA SecurID Two-factor Authentication

Policy Based Encryption E. Administrator Guide

Policy Based Encryption E. Administrator Guide

Symantec Messaging Gateway 10.6

Troubleshooting BlackBerry Enterprise Service 10 version Instructor Manual

Copyright 2013, 3CX Ltd.

Professional Integrated SSL-VPN Appliance for Small and Medium-sized businesses

Symantec Encryption Solutions for , Powered by PGP Technology

Secure User Guide

syslog-ng Store Box PRODUCT DESCRIPTION Copyright BalaBit IT Security All rights reserved.

Symantec Enterprise Vault for Microsoft Exchange

Encryption Services

Mobile Device Management Version 8. Last updated:

Titus and Cisco IronPort Integration Guide Improving Outbound and Inbound Security. Titus White Paper

BUILT FOR YOU. Contents. Cloudmore Exchange

Copyright 2012 Trend Micro Incorporated. All rights reserved.

CIPHERMAIL ENCRYPTION. CipherMail white paper

Policy Based Encryption Z. Administrator Guide

Symantec Enterprise Vault for Microsoft Exchange

eprism Security Appliance 6.0 Release Notes What's New in 6.0

NETWRIX EVENT LOG MANAGER

Securing enterprise collaboration through and file sharing on a unified platform

GFI Product Guide. GFI Archiver Evaluation Guide

EMC Security for Microsoft Exchange Solution: Data Loss Prevention and Secure Access Management

Problem. Solution. Quatrix is professional, secure and easy to use file sharing.

Evaluation Guide. eprism Messaging Security Suite V8.200

RSS Cloud Solution COMMON QUESTIONS

MCSE SYLLABUS. Exam : Managing and Maintaining a Microsoft Windows Server 2003:

Optus SMS for MS Outlook and Lotus Notes

F-Secure Messaging Security Gateway. Deployment Guide

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

FortiMail Filtering. Course 221 (for FortiMail v5.0) Course Overview

SecureAge SecureDs Data Breach Prevention Solution

The SparkWeave Private Cloud & Secure Collaboration Suite. Core Features

Where is your Corporate Data Going? 5 tips for selecting an enterprise-grade file sharing solution.

MassTransit vs. FTP Comparison

Account Restrictions Agreement [ARA] - Required by LuxSci HIPAA Accounts

VMware Virtual Desktop Infrastructure (VDI) - The Best Strategy for Managing Desktop Environments Mike Coleman, VMware (mcoleman@vmware.

PROVIDING IT SOLUTIONS FOR THE HEALTHCARE INDUSTRY

When Data Loss Prevention Is Not Enough:

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

Dispatch: A Unique Security Solution

IronPort C300 for Medium-Sized Enterprises and Satellite Offices

A NATURAL FIT. Microsoft Office 365 TM and Zix TM Encryption. By ZixCorp

DJIGZO ENCRYPTION. Djigzo white paper

SSL VPN vs. IPSec VPN

Protecting Your Data On The Network, Cloud And Virtual Servers

Symantec Enterprise Vault for Microsoft Exchange Server

Axway SecureTransport Ad-hoc File Transfer Service

Top 7 Tips for Better Business Continuity

Propalms TSE Deployment Guide

SECURITY AND PRIVACY ISSUES IN A KNOWLEDGE MANAGEMENT SYSTEM

The GlobalCerts TM Secur Gateway TM

FortiMail Filtering. Course 221 (for FortiMail v4.2) Course Overview

Whether your organization is small, medium or large, OpenText RightFax meets these

DMZ Gateways: Secret Weapons for Data Security

A Buyer's Guide to Data Loss Protection Solutions

IBM Lotus Protector for Mail Encryption

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS ADMINISTRATION TOOLS NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

A New Standard in Encrypted . A discussion on push, pull and transparent delivery

F5 and Microsoft Exchange Security Solutions

INSTANT MESSAGING SECURITY

GFI Product Manual. GFI MailArchiver Evaluation Guide

V1.4. Spambrella Continuity SaaS. August 2

Veritas Enterprise Vault for Microsoft Exchange Server

Fileweave. Large File Transfer. Seamless Microsoft Outlook add-in. Simple drag and drop functionality

REDCENTRIC MANAGED ARCHIVE SERVICE SERVICE DEFINITION

System Compatibility. Enhancements. Operating Systems. Hardware Requirements. Security

ISI Unified Communications Intelligence Tools: Infortel Select and Microsoft Lync : Driving ROI From Your Lync Investment

Djigzo encryption. Djigzo white paper

Encryption Services Buyers Guide

MCSA Objectives. Exam : TS:Exchange Server 2007, Configuring

Transcription:

TECHNOLOGY REPORT Email Security Solutions

1 TECHNOLOGY REPORT SUPPLEMENT EMAIL SECURITY TECHNOLOGY REPORT IF YOUR EMAIL IS SO CRITICAL, CAN YOU BE SURE IT S REALLY REALLY PRIVATE? FIND THE FULL RESULTS ONLINE The test results for each solution, which include both functionality and performance data, are online at along with full white paper test reports, buyers guides and other product information. Certification data and confirmation can be found at www.check-mark.com. With email usage at an alltime high, and an increasing need to comply with the myriad of industry and government regulations, organizations are facing a series of significant email security challenges. Legislation frequently requires that any breach of data privacy, including any email-based breach, be publicly disclosed. Previous disclosures have resulted in loss of corporate reputation, combined with litigation aimed at both company and individuals, and regulatory penalties and fines. However, recent statutes and regulations, including Sarbanes-Oxley, HIPAA, GLB, and the Data Protection Act (UK) are not the only drivers that companies should take into account. The need to communicate securely while protecting sensitive or confidential business data is also a concern in its own right. Organizations increasingly need to both protect and ensure the integrity of their intellectual property, the financial and personal data relating to both customers and employees, and their own internal and private communications in general. While different approaches exist, the central and essential features in any bestof-breed solution should certainly include the ability to robustly encrypt and decrypt not only the text of an email but also its entire contents, or the ability to send and receive email via an equally secure mechanism. With these features in mind, this WEST COAST LABS TESTING TEAM All West Coast Labs tests are carried out by fully trained information security test engineers. Particular thanks go to Matt Garrad, Rob Tanner, Michael Parsons, Richard Thomas, Chris Elias and Gary Samuel. technology report evaluates each solution under test to ensure that any email message can be sent and received in an end-to-end encrypted state, then decrypted and read in plain text by the intended recipient. To summarize the methodology, numerous network traffic analyzers were configured to capture all relevant email activity on the test network. Any appropriate client software was installed on the test machines and any necessary key exchanges performed between users of email accounts set up on those machines. West Coast Labs then produced a number of different emails, which were sent to internal and external recipients in both unencrypted and encrypted forms. The two sets of data were then compared by examining the output from the network traffic analyzers to ensure that encryption had taken place and that there were no obvious data patterns present. Having confidence in the encryption and decryption abilities of an email security solution is essential. But, typically, ease-of-use and deployment, the methods of encryption, the methods and related security of any key exchanges, appropriate reporting and auditing features, and the general administration tasks all play an important part. Therefore, this technology report includes an independent analysis of these specific areas, providing an holistic overview of each solution under test. Full details of all tests and methodology are available at West Coast Labs Photos Copyright Girts Gailans: www.gailans.com. Art editor: Sarah Lloyd, Sub-editor: Alison Walley

TECHNOLOGY REPORT SUPPLEMENT 2 SECURED EMAIL EPRIVACY SUITE DEVELOPER S STATEMENT: Secured email products are based on a concept new to the encryption world: the Simple Encryption Platform. SEP provides highest levels of security, along with ease of use, making the act of securing data while at rest, or in transit, a very simple process. Manufacturer Contact details Secured email www.securedemail.com Secured Email eprivacy Suite for Enterprise has been awarded the Checkmark Email Security Certification. The Simple Encryption Platform (SEP) by Secured email is a unique set of modular, enterprise-grade software components. These components are designed to redefine, simplify, and reduce the cost of the more traditional PKI based approach that is commonly utilized within contemporary email encryption systems - whilst maintaining maximum security. SEP offers ease-of-use for both end-users and Administrators alike, with robust encryption, flexible deployment options, and a powerful policy engine all combining to successfully ensure that organizations meet or exceed compliance, regulatory, and corporate security demands. SEP actively supports compliance with a number of regulatory and legal initiatives, including SOX, GLBA, HIPAA, and the EU Data Protection Directive. In addition to the core functionality of email encryption, SEP also provides a convenient and simple mechanism for encrypting potentially sensitive data found in files and folders on hard drives or removable storage media, such as USB devices. SEP is easily deployed within existing email infrastructure, being compatible with all major SMTP servers, as well as Lotus Notes and Microsoft Outlook email clients. West Coast Labs quickly and easily deployed SEP within an existing network infrastructure, installing the Enterprise Server and Admin Tool components on a Microsoft Windows Server 2003 operating system, whilst using Microsoft SQL Server 2005 as one of the data stores. The SEP eprivacy client software was installed on a number of client machines running Microsoft Windows XP Professional and Microsoft Outlook 2003. The system may also be deployed on different hardware and software including some lower specification options such as the free SQL Server Express Edition. SEP may also integrate with existing LDAP based directories. Once SEP is installed, it proves to be a simple task to remotely manage users, policies, licensing, SQL database options, and secure user groups, using only the intuitive built-in Admin Tool. All system logs and audit trail data can also be viewed via the Admin Tool and the interface also has the ability to remotely push out organization-wide policies and updates. It is straightforward, fast, and intuitive to send and receive both encrypted and unencrypted emails from the standard Microsoft Outlook email client once the solution is installed. The key feature of SEP from an end-user perspective is certainly the inherent simplicity of use. To send and receive secure emails is as simple as writing an email and optionally attaching files, as normal, then clicking the 'Send Secured' button on the same screen. Upon first use for external emails, the user is prompted to create a Shared Secret - made up from random text, a phrase, or numbers - and then prompted to communicate that Shared Secret with the intended recipient, preferably via a separate offline method, such as telephone, fax, or SMS. The Shared Secret need only be communicated once between sender and recipient and from that point on, all email communications - between both sender and recipient - may be carried out over a secure channel, in an easy and controlled manner. Throughout the comprehensive test process, West Coast Labs verified that all email routed through SEP that required secure transport was one hundred percent encrypted and could only be successfully decrypted by the intended recipients. The solution passed all stages of testing without exception. THE VERDICT A powerful, tried and tested solution that combines ease-of-use and cost effectiveness with proven encryption, to deliver a fresh approach to email security. With built-in centralized policy management, organizations can be confident that their email security needs will be met or exceeded.

3 TECHNOLOGY REPORT SUPPLEMENT TUMBLEWEED MAILGATE SECURE MESSENGER DEVELOPER S STATEMENT: MailGate Secure Messenger allows organizations to inspect and protect outbound email at the network gateway, while providing universal Web-based delivery of encrypted messages without installing client software or digital certificates. Manufacturer Contact details Tumbleweed www.tumbleweed.com MailGate Secure Messenger from Tumbleweed has been awarded the Checkmark Email Security Certification. The Email Firewall Appliance by Tumbleweed is designed to address the unique security needs of a diverse range of organizations. The appliance provides a transparent, easily deployable, secure email facility for the communication of encrypted messages and content. Located at the network perimeter, it can be seamlessly integrated within an existing email infrastructure and can also take advantage of any existing PKI, LDAP or identity management solutions. The appliance supports multiple secure communication methods, including S/MIME, PGP, TLS, and HTTPS web-based delivery. It is compatible with all SMTP based servers, as well as the most common email clients, including Microsoft Outlook and Mozilla Thunderbird. Being a single, integrated email security platform, any organization adopting the appliance will not need any additional specialized hardware to get up and running. The appliance is rack mountable and contains dual CPUs, dual power supplies, and dual 1Gb network interfaces for built-in redundancy. The appliance uses Microsoft Windows Server 2003 as the base operating system and Microsoft SQL Server as the underlying application database. This is a sensible choice as it is in widespread use throughout the business world. Consequently, West Coast Labs were able to successfully backup and restore the database with complete ease and total effectiveness. With the appropriate IP address assigned, a remote desktop session was easily established to connect to the appliance and continue the installation process. Using a standard set-up wizard to specify parameters relating to the SMTP server, the associated network, and the underlying SQL Server database, it proved to be an intuitive, quick, and simple task to complete the initial application set-up. With the overall installation process completed, West Coast Labs were able to carry out all subsequent administration tasks via a standard web browser from the well-designed dashboard application that was configured during set-up. A comprehensive set of customizable reports, logs, and configuration options are easily accessible through this interface, providing Administrators with all the necessary tools to make email security easier not only for themselves but also their internal and external end-users. This functionality is achieved without compromising their organization s compliance and corporate governance responsibilities. A key feature that helps render the appliance transparent to the end-user is the integral policy engine. This allows Administrators to create rules for email users and traffic. These rules or policies are then automatically and appropriately matched to email messages as they pass through the appliance and any predefined, corresponding action is then automatically executed. For example, any outbound email message inspected by the appliance and found to contain a specific type of confidential information can be redirected to a secure channel. This feature helps to eliminate the need for the end-user to make a security decision about individual emails by providing a corporate-wide policy that is automatically enforced. Ultimately this leads to a reduction in the need for extensive end-user training in this area, while also protecting against potentially costly, end-user errors in judgment. During testing, West Coast Labs were able to inspect and ensure that all email passing through the appliance, requiring secure delivery, was one hundred percent encrypted and could only be successfully decrypted by the intended recipients. Multiple secure delivery methods, including S/MIME, PGP and HTTPS, were verified across multiple secure usage scenarios. The appliance also supports S/MIME Gateway- Gateway, which allows a secure email tunnel, analogous to a VPN, to be established between partner organizations and can also deliver email over an encrypted HTTPS channel. In this instance, the end-user only requires a standard web browser installed. This feature would be of particular value to organizations that have customers who are not in possession of secure email client software or digital certificates. THE VERDICT A well-designed and proven email security solution that successfully addresses the diverse and demanding requirements of multiple industry sectors. As well as being transparent to the enduser and easy to administer, it resolves challenges raised by regulations like the European legislation on Data Protection, GLBA, HIPAA & SOX.

THE TRUSTED EXPERTS WORLDWIDE PRODUCT TESTING, EVALUATION & CERTIFICATION SERVICES West Coast Labs provides a superior product testing, validation and certification service for both technology developers and end users. Through its testing centres of excellence in both the USA and Europe, West Coast Labs operates through established, industry accepted standards, servicing a global client base of the world's leading information security vendors. West Coast Labs Services include: Advanced product testing and validation Product feature and performance analysis Product-design review and development Beta testing and evaluation Custom testing Certification Marketing your technology message to a global buying market For full details of West Coast Labs' product testing, evaluation and certification services contact Mark Thomas, Sales Manager: mthomas@westcoast.com

THE TECHNOLOGY REPORT In the dark when it comes to choosing the right AV, Trojan, Spyware, Spam, Content, Firewall and VPN Solution? Check for the Checkmark The Checkmark System independently tests and certifies that security products genuinely achieve internationally recognised standards. West Coast Labs independent testing laboratories have a worldwide reputation for accuracy and reliability. The Checkmark System tests products regularly, in some cases as frequently as every six weeks, to ensure that the product maintains compliance with the international standards. If the product your using doesn t have one, maybe you should ask why. To find out more about the Checkmark visit our website at www.check-mark.com