October 2001
RESOURCES TO SECURE YOUR BUSINESS ENTERPRISE
IronMail
CipherTrust
www.ciphertrust.com
Price: $12,500-$25,000
The
top e-mail-borne Internet threat is Trojan horses. The problem is
understood, the danger is recognized and the technology to fix things
has been available for more than 10 years. However, protocol and
product interoperability, scalability and usability have left many
users wondering if protecting their e-mail is really worth it.
Of
those problems, users remain the biggest stumbling block. Take out the
variables of user’s sophistication level, the e-mail client used
(either user or corporate preference) and the insecurity of some user
e-mail settings and behavior, and you might be able to come up with a
reliable e-mail security solution. The problem typically is doing all
of this while still keeping your users happy and productive.
CipherTrust recently released the IronMail e-mail security network
appliance, which potentially resolves these pesky problems. Placed
between an enterprise’s Internet firewall and e-mail servers, IronMail
provides protection of both e-mail messages and infrastructure in five
key areas: e-mail server integrity, misuse protection, confidentiality,
policy abuse and virus screening.
Many Internet system break-ins occur because of poorly configured
systems (running unnecessary services on a special-purpose box) or weak
security (easy-to-guess passwords). The IronMail appliance isn’t a
multipurpose server, but an e-mail security gateway built on a hardened
FreeBSD platform. The corporate e-mail server–Notes, Exchange,
Sendmail, etc.–is “behind” the IronMail system and the corporate
firewall. The IronMail appliance strictly controls and filters ESMTP
commands to adhere to the RFC specifications, and to disallow insecure options.
Open
relays–e-mail relays that forward e-mail from anywhere to
anywhere–are widely used by spammers. IronMail enforces a configurable
relay policy, so that only authorized e-mail is relayed to or through
the corporate e-mail server.
E-mail is vulnerable to eavesdropping in transit. Virtual private networks (VPNs) protect such traffic, but are often difficult to set up, and even more difficult to manage on mobile PCs. IronMail uses Transport Layer Security (TLS) to encrypt e-mail traffic between
IronMail gateways. IronMail will also attempt to encrypt the e-mail
session to any e-mail server. Many PC-based e-mail software products
already support TLS for e-mail transmission, which immediately gives
IronMail a high degree of interoperability with existing systems.
IronMail allows e-mail policy configuration based on addresses, message
size and time of day. Bulk mailings of large presentations to your
sales force can be relegated to the after-midnight hours. E-mail
messages to competitors can be captured or blocked. Certain types of
attachments–such as executables masquerading as Word documents รก la
SirCam–can be stripped before getting onto the corporate e-mail server.
IronMail
provides e-mail virus protection with a Sophos AV application running
on the appliance. It also works in conjunction with other major
antivirus solutions, such as Norton, McAfee and Trend Micro.
Management
is via a secure, strongly authenticated Web-based interface. It also
automatically generates pager messages and daily summary reports of the
system logs.
E-mail will continue to be the top Internet application and the highest avenue of threat. The IronMail solution is transparent to users, e-mail client and server agnostic, and potentially a valuable addition to an enterprise’s defense-in-depth e-mail security.
The
rack-mountable IronMail appliance comes in two versions: the $12,500
IronMail 110, a 1U 733 MHz Pentium III; and the $25,000 IronMail 210, a
2U box with dual 733 Pentium III processors and a cryptographic
coprocessor.
-Fred Avolio