M86 Security MailMarshal Secure Email Server

Overview:

M86 MailMarshal Secure Email Server (SES) enforces security policies automatically and uses email monitoring and filtering technology to meet regulatory compliance standards and protect from data loss. It provides enhanced Public Key Infrastructure with advanced functionality for key generation, certificate harvesting, automated maintenance and centralized authentication directories. M86 MailMarshal SES is ideal for environments where secure communication needs to be established and maintained among groups of organizations, while allowing for the flexibility to easily change membership and credentials.

Highlights

	Secures Communications and Prevents Data Loss M86 MailMarshal SES ensures the content within confidential emails and attachments remain private. It confirms the email sender's identity and integrity of the message content and automatically manages encryption and decryption according to an organization's policy and compliance standards.
	Easy to Use/Automatic M86 MailMarshal SES provides a single point of control to manage encryption for an entire organization, making email encryption easier to deploy and maintain and reducing training requirements. The entire process is automated and transparent for end users, requiring no effort on their part. It also streamlines administration and automatically maintains secure email best practices.
	Ensures Regulatory and AUP Compliance Through integration with M86 Security's content monitoring and filtering solutions, M86 MailMarshal SES can analyze encrypted message content to confirm that communications comply with regulatory requirements and organizational policies.
	Versatile and Flexible Compatible with other S/MIME gateway solutions, M86 MailMarshal SES integrates easily with other organizations. It works with independent Certificate Authorities and operates with standard S/MIME clients such as Microsoft Outlook easily.

Features and Benefits:

Features

• Dedicated solution providing policy-based email encryption and digital signing
• Public Key Infrastructure (PKI) with S/MIME encryption standards up to Triple-DES (168-bit) strength cryptography
• Works with M86 MailMarshal SMTP, or other S/MIME gateways, to provide content monitoring and filtering of confidential messages, ensuring compliance with industry requirements and government legislation
• Secure certificate generation technology and comprehensive support for third-party Certificate Authorities
• Extensive certificate management including support for Certificate Revocation Lists, automated certificate harvesting, sorting and storage
• Centralized certificate updates through directory (LDAP) synchronization with established authentication servers
• Extensive reports and auditing for secure communications
• Cost effective and easy to deploy with almost zero ongoing manual administration

Key Benefits:

Security and Compliance

• Enables confidential communication
  Ensures the content of confidential emails and attachments remain private between you and your intended recipient. No other party can access the content of the message.
• Confirms email sender’s identity and integrity of message content
  Authenticates the identity of the email sender via Digital Signing and verifies that the message is genuine and has not been tampered with. Prevents email spoofing or forgeries where a third party can fake the address of the sender and impersonate them. Also ensures that a third party has not altered the content of a message, changing its meaning or critical details, before it has reached the recipient.
• Ensures consistent application of security policies
  Automatically manages encryption and decryption according to your organization’s policy and compliance standards. As a centralized, server-based solution, no confidential message that needs to be encrypted can be accidentally or intentionally transmitted in an unencrypted format. This removes the potential for human error and ensures that policies are always adhered to.
• Meets compliance requirements
  Through integration with Marshal’s content monitoring and filtering solutions, MailMarshal Secure Email Server can analyze encrypted message content to confirm that communications comply with regulatory practices and meet organizational policies.
• Provides peace of mind
  Offers optional levels of encryption strength up to Triple-DES 168-bit. This level of security ensures that even the most determined attempts to break encryption will take enormous effort and resources.

Ease-of-Use and Automation

• Allows centralized control of encrypted communication
  As a server-based solution at the email gateway, MailMarshal Secure Email Server provides a single point of control to manage encryption for your entire organization. This makes email encryption easier to deploy and maintain. It also reduces training requirements and ensures that all outgoing and incoming encrypted communications comply with organizational policies. There is no requirement for any additional software for workstations or end user training. The entire process is automated and transparent for end users, requiring no effort on their part.
• Self-maintaining with low Total Cost of Ownership
  MailMarshal Secure Email Server automatically searches for, harvests, sorts and stores relevant digital certificates for later use. Depending on who a specific email message is addressed to, MailMarshal Secure Email Server will select and apply the relevant public key for the appropriate recipient.
• Streamlines administration and automatically maintains secure email best-practices
  MailMarshal Secure Email Server takes full advantage of information-rich certificates to provide automatic updates and notifications when certificates/keys are due to expire. This allows for keys to be set to automatically expire periodically without introducing undue administrative burden. MailMarshal Secure Email Server can automatically retrieve and deploy updated/replacement certificates from centralized servers via Lightweight Directory Access Protocol (LDAP). Via LDAP synchronization, MailMarshal Secure Email Server is able to automatically update contact details and credentials with secure email partners.

Versatility & Integration

• Compatible with other S/MIME gateway solutions
  MailMarshal Secure Email Server provides easy integration with other organizations. It can work with third party S/MIME gateways that are capable of policy-based email routing.
• Works with independent Certificate Authorities
  MailMarshal Secure Email Server complies with industry standards for certificate validation, allowing it to automatically communicate with major Certificate Authorities.
• Easily operates with standard S/MIME clients such as Microsoft Outlook
  MailMarshal Secure Email Server provides gateway-to-gateway and gateway-to-desktop encryption delivery options, allowing you to securely communicate with organizations and individuals.

Smarter, More Advanced Public Key Infrastructure

Using email to communicate confidential information is not ideal. It is an open medium and vulnerable to interception and manipulation.

Public Key Infrastructure (PKI) provides a robust system for securing confidential data. It also provides a high degree of trust that verifies parties are who they claim to be and that messages arrive intact and unaltered.

The challenges with PKI in a business environment are scalability and ongoing management requirements. When multiple secure email partners are involved the complexities and costs of managing certificates and authentication have long been touted as major shortcomings which detract from the viability of PKI for secure enterprise email.

MailMarshal Secure Email Server is specifically designed to address these challenges and offers a solution that is cost effective, simple to operate and can streamline any ongoing maintenance tasks.

Ideal Solution for Secure Business Communication

MailMarshal Secure Email Server is ideally suited to environments where secure communications need to be established and maintained between groups of organizations with flexibility for changing membership and credentials.

This can apply to a range of scenarios, including:

• Between healthcare providers and insurance companies sharing confidential patient records and medical information
• Between manufacturing and construction contractors working on sensitive project plans, schedules, budgets and designs
• Between government agencies sharing private information or collaborating on government business
• Between legal service providers and corporate customers working on contracts, agreements and other confidential legal material
• Between organizations and external experts or consultants such as accountants, stock brokers or business analysts sharing privileged information.

In these scenarios, a platform of trust needs to be established with organizations that must communicate, collaborate and share information securely. A workable solution needs to provide versatility and flexibility to enable other organizations or specialized contributors to easily join the secure network without undue costs.

MailMarshal Secure Email Server is the perfect and proven solution for this requirement.

Technical Overview:

Content Monitoring and Filtering

MailMarshal Secure Email Server is designed to work with Marshal’s email content security solution MailMarshal SMTP and can also be configured to work with MailMarshal for Exchange. Integration with MailMarshal SMTP allows full content analysis of encrypted communications including text, attachments, anti-virus and anti-spyware scanning as well as pornographic image detection. This means MailMarshal Secure Email Server can block threats in encrypted messages and protect against legal liability and inappropriate content.

Message Archiving

MailMarshal Secure Email Server can classify and store encrypted messages along with relevant keys to ensure that messages can be decrypted later and audited for compliance purposes.

Policy-Based Security

When used with MailMarshal SMTP (or MailMarshal for Exchange), MailMarshal Secure Email Server can use message cues to trigger policies for automated encryption and/or signing before delivery.

For example, MailMarshal Secure Email Server can use the presence of a phrase such as “Private & Confidential” in any part of the message body, subject line or attachment(s) to trigger automatic encryption. MailMarshal Secure Email Server can also link this condition with additional conditions such as the sender’s rights to transmit outbound confidential material and the intended recipient’s authorization to receive confidential messages.

MailMarshal Secure Email Server will automatically select the appropriate public key needed to encrypt the message for the intended recipient. You can define encryption policies around additional requirements.

This can include minimum standards for cryptography strength and levels of trust for certificates such as reference checks through Certificate Authorities or Certificate Revocation Lists.

Certificate Management

MailMarshal Secure Email Server automatically detects, harvests and catalogs digital certificates. All a new secure email contact needs to do is email you a digitally signed message and MailMarshal will retrieve and store the attached certificate. You can also use trusted authentication servers or independent Certificate Authorities to validate certificate credentials.

MailMarshal Secure Email Server makes full use of information-rich certificates to store data such as update locations, CRL locations, and expiry dates. Five days prior to expiry of a certificate MailMarshal Secure Email Server will automatically retrieve a replacement certificate (if available) and notify network administrators via email.

Certificate Revocation List (CRL) support enables MailMarshal Secure Email Server to check, if certificates have been revoked by their issuer and are therefore invalid or not to be trusted.

Technical Specifications:

Documentation:

Download the M86 Security MailMarshal Secure Email Server Datasheet (PDF).