HOME | | SITE MAP | | SEARCH
Home :: SSS tools :: SecureIT
Mailsweeper
MIMEsweeper for SMTP v5
MIMEsweeper for Web
Tools
ASTPS
JMC`s Toolsection
SSS tools
StopIT
LDAPtIT
ReleaseIT
 
SecureIT
Reporting
RFC`s
FAQ`s
Test threats
Scripts
Links
Contact
   
 
 
   

SecureIT

SecureIT for Clearswift MAILsweeper™ for SMTP gives you transparent and easy to use policy based S/MIME signing and encryption of e-mail at the content security gateway.

 

SecureIT gives you all the e-mail content security benefits of MAILsweeper but ensures that:

 

• Message content remains confidential during transmission over the public network

• Recipients can be certain about the authenticity and integrity of messages they receive

• Control and management of the Public Key Infrastructure (PKI) necessary for this process is maintained at a single point

 

Encryption provides privacy for content as it passes across the public network. Digital signatures provide proof that a message is from who it appears to be from and that it has not been tampered with during transmission. But these processes can create problems like exposure to content threats, orphaned data that can’t be decrypted, unauthorised transfer of confidential information and the complexity of managing and synchronising all the public and private keys necessary to run the process.

 

SecureIT provides encryption/decryption and signing/signature verification to S/MIME standards at the gateway. This avoids the high cost, complexity and security pitfalls associated with desktop solutions.

 

SecureIT requires only a single software installation and automates the process for establishing and maintaining links to other S/MIME gateways. This guarantees security policy is always applied and makes the set up and operation of links transparent to end users and administrators. 

 

SecureIT is an extension to MAILsweeper’s powerful, policy-based content security engine. This helps to prevent damage from threats that might be hidden in the content of encrypted e-mail.

 

Because SecureIT is integrated with MAILsweeper for SMTP lexical analysis can be used to trigger encryption and signing policy. For example, if “For Internal Use Only” appears in any part of a message, SecureIT can prevent transmission unless the message travels over an encrypted link.

 

SecureIT provides encryption with a choice of: RC2 (40, 64 and 128-Bit), DES (56-Bit), Triple DES (168-Bit) and AES algorithms with X9.31 PRNG. 

 

Digital signing uses RSA with MD5 and SHA-1. Both clear signing and opaque signing are supported.

 

SecureIT supports X.509 v3 certificates with key lengths of 512, 1024, 2048 or 4096-Bit. These can be issued by any of the major Certificate Authorities, such as: Verisign, Entrust, Thawte, and Baltimore, or self-signed certificates can be generated by SecureIT. Private key import from PKCS#12 containers and storage in an encrypted vault.  Public key import from P7C, P7B, CER, PEM and PKCS#12 containers and LDAP directories is supported. It has full support for Certificate Revocation Lists (CRL) and automatically changes the status of revoked certificates.

 

SecureIT permits:

·          More than one active certificate per domain

·          Different certificates for signing and encryption

·          Different signing and encryption algorithms for each site to site link

·          Multiple internal domains with their own certificates

·          Automatic retrieval of replacements for expired certificates

 

For large dynamic networks, SecureIT automates site-to-site link set up and maintenance via periodic reference to an authoritative LDAP directory. Certificates and other data obtained from the directory are cached locally. For smaller static networks SecureIT provides simplified manual link set up.

 

Link policy is stored, updated and disseminated centrally.

 

Detailed signature verification and decryption status indicators are reported and can be used to create very meaningful error messages for recipients. Messages failing encryption/signature policy can be annotated (message text prepended and appended) or encapsulated (added to an informative message as an attachment). 

 

SecureIT supports S/MIME v3 capabilities.

 

Licensing

SecureIT is licensed on a per user basis.

 

The number of users licensed for SecureIT must be the same as the number licensed for MAILsweeper for SMTP.

 

SecureIT runs on the same machine as MAILsweeper for SMTP, and may be spread across as many machines as needed to support the licensed number of users. 

 

Software prerequisites                                                                   MAILsweeper version 4.3 and above.

 

SecureIT is a product of:

Scientific Software and Systems Limited

New Zealand

Telephone +64 4 917-6670

e-mail: info@sss.co.nz   

web: http://www.secureit.co.nz/http://www.releaseit.co.nz/http://www.sss.co.nz/

 

Click here to download a PDF-Version of this Document.
 
Site News
   
 
To Top