SMG2 Overview of System Features
The GlobalCerts SecureMail Gateway solutions provide comprehensive email protection designed to meet today’s data security challenges head on.
The gateways are simple to use appliances that help organizations overcome the technical hurdles traditionally associated with complicated encryption solutions. Most importantly, the appliances incorporate sophisticated inbound and outbound content inspection features that secure the email path from unwanted viruses, spyware or spam.
Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people. Decryption is the process of converting encrypted data back into its original form, so it can be understood.
In order to easily recover the contents of an encrypted signal, the correct decryption key is required. The key is an algorithm that "undoes" the work of the encryption algorithm. Alternatively, a computer can be used in an attempt to "break" the cipher. The more complex the encryption algorithm, the more difficult it becomes to eavesdrop on the communications without access to the key.
S/MIME (Secure Multi-Purpose Internet Mail Extensions) is a secure method of sending e-mail that uses the Rivest-Shamir-Adleman encryption system. S/MIME is included in the latest versions of the Web browsers from Microsoft and Netscape and has also been endorsed by other vendors that make messaging products. RSA has proposed S/MIME as a standard to the Internet Engineering Task Force (IETF). An alternative to S/MIME is PGP/MIME, which has also been proposed as a standard.
GlobalCerts uses the S/MIME v.3 standard. One of the enhancements of S/MIME version 3 worth noting is "triple-wrapping." A triple-wrapped S/MIME message is one that is signed, encrypted, and then signed again. This extra layer of encryption provides an additional layer of security. When users sign and encrypt messages with the GlobalCerts SecureMail Gateway solution, the message is automatically triple-wrapped.
Digital signatures and message encryption complement one another and provide a comprehensive solution to the security issues that affect SMTP-based Internet e-mail.
Email content monitoring facilities are capable of allowing you exceptional control over all incoming and outgoing messages. The service allows you to control where the messages are sent to or how they should be filtered depending on the criteria you specify. This allows messages from certain clients to be automatically forwarded to the relevant departments or potentially harmful messages filtered out before they reach the desks of your users.
Custom rules are used to manage content and can be created and applied to incoming and / or outgoing emails. Each rule has a ‘condition set’ and an ‘action’
Content filtering fills the largest security hole in a company’s network. Statistics (CSI) state that 70 to 80% of all security breaches occur from within the organization. Content monitoring can monitor for and stop the accidental or intentional disclosure of a companies Intellectual Property, confidential information or other non public content, that can be accessed or disclosed electronically.
- Content filtering uses screen captures of each violation with user name, date, time, application and violation stamp, to assist as part of a solution to provide the forensic data needed to protect the company.
- Content monitoring is ideal for establishing an employee awareness program. When inappropriate data is discovered, organizations can choose to make users aware of the policy or notify employees by blocking the offensive content. Utilization of the Policy Central application results in full disclosure of the organization’s policy to all employees so it remains non-repudiated.
- Does not require the daily updates to keep the database effective and current.
Content filtering does not filter out the good content with the bad. Content filtering libraries have been developed to distinguish the difference between pornographic and sexually explicit material vs. material that is scientific and medical in nature. Content filtering also eliminating the need to block out vast amounts of educational material to stop small amounts of pornographic material found on a particular site.
Large organizations focus on building value for their customers and shareholders. Unfortunately that value can easily be undermined by lawsuits (harassment, misconduct, employee dismissal) and loss or misuse of private corporate information form corporate computers via the Internet, E-mail, Attachments, Chat, Instant Messaging or any Windows application. Site Blocking, a common first generation solution, only addresses 30% of the problem, HTTP traffic. Organizations serious about security need to compliment or replace Site blocking with a content monitoring solution that can monitor, filter, warn, and block in all applications, not just HTTP traffic.
A spam filter is a program that is used to detect unsolicited and unwanted e-mail and prevent those messages from getting to a user's inbox. Like other types of filtering programs, a spam filter looks for certain criteria on which it bases judgments. For example, the simplest and earliest versions (such as the one available with Microsoft's Hotmail) can be set to watch for particular words in the subject line of messages and to exclude these from the user's inbox. This method is not especially effective, too often omitting perfectly legitimate messages (these are called false positives) and letting actual spam through. More sophisticated programs, such as Bayesian filters or other heuristic filters, attempt to identify spam through suspicious word patterns or word frequency.
The continuing increase in spam has resulted in rapid growth in the use of spam filter programs: software that examines incoming email, separating spam from genuine email messages. Unwanted e-mail can be filtered at the desktop, the network email server/email gateway, or the Internet Service Provider's email gateway. While network managers and ISPs can choose hardened email security appliances, services or software designed to interdict both spam and viruses, desktop users are frequently limited to a software-based solution.
A number of commercial spam filtering programs are readily available, but many freeware and shareware spam filters are also available for easy downloading and installation. Spam filters are currently included as standard features in nearly every available email client, though the quality of these built-in filters can be low; for some users, this may necessitate the use of a higher quality filtering solution.
Antivirus (or "anti-virus") software is a class of program that searches your hard drive and floppy disks for any known or potential viruses. The market for this kind of program has expanded because of Internet growth and the increasing use of the Internet by businesses concerned about protecting their computer assets.
Antivirus software consists of computer programs that attempt to identify, thwart and eliminate computer viruses and other malicious software (malware).
Antivirus software typically uses two different techniques to accomplish this:
- Examining (scanning) files to look for known viruses matching definitions in a virus dictionary
- Identifying suspicious behavior from any computer program which might indicate infection. Such analysis may include data captures, port monitoring and other methods.
Most commercial antivirus software uses both of these approaches, with an emphasis on the virus dictionary approach.
To learn more about the GlobalCerts™ SecureMail Gateway™, call (855)614-CERT.