Solved

Looking for e-mail encryption appliance

Posted on 2010-11-16
7
1,056 Views
Last Modified: 2012-05-10
My organization has about 300 Exchange mailboxes.  I am looking for an appliance which will automatically encrypt outbound e-mails based on policies.  My vision is that the recipient would be sent a link to login to the appliance via a browser to view the message.  An Outlook plug-in would be nice and a way to encrypt when using OWA would be a requirement.

I've read about the Cisco Ironport box but that's designed for 5000+ users.  We have neither the volume or money for that type of a solution.  What other products are out there?  A software based solution is also a consideration.
0
Comment
Question by:damien1234
7 Comments
 
LVL 1

Accepted Solution

by:
fred3rd earned 167 total points
ID: 34147376
There are several appliance-based email services that will encrypt and decrypt email for you through your Exchange server, but the one I like and use is one from Zix (http://www.zixcorp.com)
0
 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 167 total points
ID: 34155668
cisco ironport will scale down to 300 users or less - but it IS overkill compared to zixcorp (zix is a similar, oracle based solution though, where the company itself is a single point of security failure; if security on their key oracle is compromised, so are all mails ever sent though the system)

What would be ideal is a solution where the mail is not encrypted, but is instead removed, held locally, and an email notification sent to the recipient to visit a https site to read it - on the first visit, the user can then set up his own user/pass pair, and use that on subsequent visits.  Unfortunately, I am not aware of one currently available and "enterprise class", although there are a couple of open source projects along those lines.
0
 
LVL 1

Assisted Solution

by:clawrimore
clawrimore earned 166 total points
ID: 34169411
ZixMail from ZixCorp sounds like the right soluetion for you.  I use it for my 200 user infrastructure and provide it as a service to my customers as well.  Logging, ,audit trail, custom policies, and rock solid security were what brought me to this product.  The key security isn't something you should worry about: Zix hold the private key and your VPM appliance holds the public key, neither works without the other.  You can buy one applicance or multiple and they are all identically configured from one console.  There are also two different types of secure Email delivery for non-Zix recipients, but utilize a portal and client-administered password for picking up the Email or their own private key for unlocking the one Email.  Deployment is not that difficult and you can even smart-host and TLS by sending domain.  I shopped IronPort, Code Green, and a few others and this product was the best suited and most flexible solution.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 33

Expert Comment

by:Dave Howe
ID: 34171674
 Unfortunately, key security IS something to worry about. The Zix server holds access to all message keys (although not the messages themselves) and a security failure on that server (or lawful access under warrant by a Law Enforcement Agency) could leave all your mail laid bare to parties who really shouldn't have access to that information.

  Zix is considered "good enough" to satisfy due dilligence for HIPAA audits though, so I doubt in practical terms there is anything to stop you going forward with it as a solution, you will just have to note (in any security audits or reports) that your security is entirely in the hands of a third party - which is fair enough, lots of companies farm out security, firewall admin etc to specialized providers rather than provisioning in-house resource.
0
 
LVL 1

Author Closing Comment

by:damien1234
ID: 34174430
You guys have really helped.  I'm going to dig a little deeper into Zix and see where that leads me.
0
 
LVL 1

Expert Comment

by:clawrimore
ID: 34178504
Damien: I'm glad you were able to get something useful from our contributions.  Tell them I sent you and...well, you may not get a price break, but I might get a trip to Hawii! :-)

Dave: since the Zix VPM does not store ANY Email itself, I think that this alone would make gaining access to previously sent Email is impossible.  Even mail that is queued to be delivered to a non-subscriber is held at the Zix datacenter, where the public key lies.  The user's private key is encrypted and is held on my ZIXWeb portal server.  Likewise, my Email domain's private key is held on my ZIXVPM while the public elsewhere, and no Email is archived as this is not a feature or within the capacity of the VPM.  Additionally, if you were to review the details of their SAS70 and encryption techniques (these are likely restricted to VAR and Partners), it would probably make you feel a little better about the security.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 34179521
clawrimore:

Did a review of their system as part of the bidding process for one of our customers. According to the material I was sent (I have no access to the material on their site, that's for subscribers only. I nearly dropped them from the bidding process after that, but one of their sales staff, terrified of being dropped from a really obscene amount of potential profit sent me a bunch of them) the mail is encrypted to the user, and the user's private key is held on the Zix server (encrypted to their password, once they have one). each user has only one keypair, no matter how many correspondents they have in the Zixmail system, and the Zixmail central server acts as an oracle - it grants access to the key to the user, based on their login details, and that key is never given to the sender under any circumstances (otherwise you could hack your own zix server after sending an email to - say - the CEO of another company, and theoretically extract their key to unlock mail you have intercepted)

During the key-in process where a new recipient has not yet set up an account at zixmail, the mail is encrypted symmetrically and the symmetric key for that one email is held at the sender's appliance; once the recipient has created his new keypair, the public key is sent to the sender, who responds by encrypting the "queued" mail's symmetric key with the new public key and sends that to Zix to allow decryption of the mail by the recipient.

The weakness (common to all oracle based systems, including the cisco solution) is that if the zix server were compromised, a hacker could modify the system to reveal the secret key for users to a third party. It is also assumed (but no mechanism has been revealed, for obvious reasons) that zixmail's own ability to "recover" lost passphrases and grant lawful access to law enforcement agencies on production of a warrant means they have some way to remove the protection from the secret key when this is needful. A hacker therefore could, if he could compromise that system, gain access to *all* secret keys for all recipients.

This could of course be out of date (been a few years since I reviewed this, and as I say, Zix don't allow access to the applicable information unless you are a customer) but given you can still access historic mail using their servers, I doubt it has changed much.  A possible variant (but one patented by disappearing inc, so they would need to licence that patent) is for the sender's appliance to hold all the symmetric keys, regardless of the oracle status of the recipient, and supply them on-demand when the user needs to read a particular message. The downsides there are:

1) if your server is unavailable on the internet, none of your recipients can read their own mail
2) if your server is unrecoverable due to hardware failure, all your recipients lose all their historic mail (backups would fix this of course, but that opens a completely different can of worms)
3) there would need to be some way to grant legal discovery access - although (again) that could be done at the central server, lawyers have a horrible habit of demanding *you* do things when you hold the data, and whatever access route this has would be yet another gate into your security.

0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now