October 2001


Price: $12,500-$25,000

The top e-mail-borne Internet threat is Trojan horses. The problem is understood, the danger is recognized and the technology to fix things has been available for more than 10 years. However, protocol and product interoperability, scalability and usability have left many users wondering if protecting their e-mail is really worth it.

Of those problems, users remain the biggest stumbling block. Take out the variables of user’s sophistication level, the e-mail client used (either user or corporate preference) and the insecurity of some user e-mail settings and behavior, and you might be able to come up with a reliable e-mail security solution. The problem typically is doing all of this while still keeping your users happy and productive.

CipherTrust recently released the IronMail e-mail security network appliance, which potentially resolves these pesky problems. Placed between an enterprise’s Internet firewall and e-mail servers, IronMail provides protection of both e-mail messages and infrastructure in five key areas: e-mail server integrity, misuse protection, confidentiality, policy abuse and virus screening.

Many Internet system break-ins occur because of poorly configured systems (running unnecessary services on a special-purpose box) or weak security (easy-to-guess passwords). The IronMail appliance isn’t a multipurpose server, but an e-mail security gateway built on a hardened FreeBSD platform. The corporate e-mail server–Notes, Exchange, Sendmail, etc.–is “behind” the IronMail system and the corporate firewall. The IronMail appliance strictly controls and filters ESMTP commands to adhere to the RFC specifications, and to disallow insecure options.

Open relays–e-mail relays that forward e-mail from anywhere to anywhere–are widely used by spammers. IronMail enforces a configurable relay policy, so that only authorized e-mail is relayed to or through the corporate e-mail server.

E-mail is vulnerable to eavesdropping in transit. Virtual private networks (VPNs) protect such traffic, but are often difficult to set up, and even more difficult to manage on mobile PCs. IronMail uses Transport Layer Security (TLS) to encrypt e-mail traffic between IronMail gateways. IronMail will also attempt to encrypt the e-mail session to any e-mail server. Many PC-based e-mail software products already support TLS for e-mail transmission, which immediately gives IronMail a high degree of interoperability with existing systems. IronMail allows e-mail policy configuration based on addresses, message size and time of day. Bulk mailings of large presentations to your sales force can be relegated to the after-midnight hours. E-mail messages to competitors can be captured or blocked. Certain types of attachments–such as executables masquerading as Word documents รก la SirCam–can be stripped before getting onto the corporate e-mail server.

IronMail provides e-mail virus protection with a Sophos AV application running on the appliance. It also works in conjunction with other major antivirus solutions, such as Norton, McAfee and Trend Micro.

Management is via a secure, strongly authenticated Web-based interface. It also automatically generates pager messages and daily summary reports of the system logs.

E-mail will continue to be the top Internet application and the highest avenue of threat. The IronMail solution is transparent to users, e-mail client and server agnostic, and potentially a valuable addition to an enterprise’s defense-in-depth e-mail security.

The rack-mountable IronMail appliance comes in two versions: the $12,500 IronMail 110, a 1U 733 MHz Pentium III; and the $25,000 IronMail 210, a 2U box with dual 733 Pentium III processors and a cryptographic coprocessor.

-Fred Avolio