How do I access my work Lotus Notes from home?

eMail and Internet Usage Monitoring

• Our company operates an eMail and Internet Usage Policy to manage best use of both facilities. We use Lotus Notes 5 for all eMail and all Internet access is via central located router/firewalls. We operate a number of LAN's across the country and the sites operate a Lotus Notes server locally. However, all external eMail and Internet access is via a central point. We currently employ Mailsweeper centrally to manage external eMail (i.e. internet eMails), and Mailsweeper enforces the necessary policies to minimise the level of personal/dubious eMails entering/leaving via the Internet. We operate firewalls to protect internal assets but do not have an Internet Policy enforcer package in place. We currently analyse eMails to a small extent manually using downloads to Excel - this is unsatisfactory and only captures external eMail (i.e. eMail sent/received through our Mailsweeper system). We do not analyse Internet usage at all due to the sheer volume of data involved. We are looking for software products (probably one for eMail analysis and a separate product for Internet usage analysis ?) which will simplify the analysis and reporting on use of both eMail and Internet. In addition, the Internet usage analysis product should also provide us with a Policy enforcement element (e.g. enable use to maintain a list of blocked sites, blocked subjects etc.) The intention of using the eMail and Internet Usage analysis tools is to enable us to analyse eMail and Internet usage to minimise personal and/or inappropriate use and enforce our IT Policies. In summary, the software products we source should provide at least the following : eMail Analysis : - all internal and external eMails to be analysed - overall company totals (i.e. no. of eMails internally, externally, by time, by date/week/month, peak use times, personal vs. business etc.) - summary and detail by user (as above) - summary and detail by site (i.e. by LAN/Notes Server with above minimum analysis) - analysis of large eMail users - analysis of users with largest attachments / bandwidth usage Internet Usage Analysis : - provide facilities to enforce policies by Department or User (e.g. banned sites, banned functions such as downloads of music,.EXE files, graphics etc.) - overall company summary (top sites visited, traffic by date/week/month, time spent at sites, peak us times) - summary by user (summary and detail of sites visited, time spent on sites, attempts to visit barred sites as per policy enforcer, peak times of use, downloaded files/images/programs etc.) - analysis of large Internet/bandwidth users - analysis of banned site access attempts - analysis of downloaded files We are currently evaluating Mailmeter (from Waterford Technologies in Ireland) as a potential eMail analysis tool - seems very good. Also we have attempted to use Surfcontrol to help manage/report on Internet usage in the past but never got the product to work properly - could be lack of application on our part ! For the Answer to this Question, can you please : - highlight the main products/industry leaders we should evaluate for (i) eMail analysis, and (ii) Internet Policy enforcer and usage analysis - give us your views on the relative merits and pricing of each Thanks for your help, Regards, Pat Rowan

• Answer:

  ithead-ga: Thank you for your Question regarding e-mail and Internet usage monitoring/filtering software for your corporate environment. In line with your instructions and clarifications, the following is an analysis of the leading products for: i) e-mail monitoring and filtering in a Lotus Notes environment ii) Internet usage monitor and policy enforcement for a single external gateway environment iii) products that provide both i) and ii) Summary: -------- The most secure e-mail monitoring and filtering solution available is the hardware-based IronMail solution from CipherTrust. By using a dedicated, hardened appliance to enforce anti-spam and e-mail usage policy, no additional workload is placed on your existing infrastructure. For software-based solutions to external e-mail monitoring and filtering, the leading products to consider are 'SurfControl E-mail Filter', Elron Software's 'Message Inspector' and 'GFI MailEssentials/MailSecurity'. Given your Lotus Notes/Domino environment, though, your best option is still the CSL Mailsweeper package that you are already using. The latest version, used in conjunction with the new Mailsweeper - Antispam Edition, would give you the monitoring and policy enforcement you seek, along with protection against spam. The field of Internet usage monitoring and policy enforcement is led by WebSense Enterprise. Other products that perform well in this role include 'SurfControl Web Filter', Wavecrest Computing's 'Cyfin Reporter/Cyblock Web Filter', and Elron's 'IM Web Inspector'. All of these work by using an 'approved list' of websites, along with active monitoring of traffic to detect and block maliscious or nonpermitted content. As both WebSense and SurfControl offer evaluation versions, and since you have already tried SurfControl, I suggest obtaining an evaluation copy of WebSense Enterprise 5.0.1 to see if its approach suits your needs better. For a single-source, all-encompassing product line, SurfControl has the best overall portfolio to offer, followed by Elron Software. Details and Links: ------------------ -> E-mail Monitoring & Filtering CipherTrust IronMail: The IronMail approach to e-mail policy enforcement and filtering uses a dedicated, hardened appliance that stands between your e-mail server and the outside world. By using a dedicated-design device, there is lower likelihood that the system can be bypassed or compromised due to a security bug. For Lotus Notes/Domino environments, the IronMail appliance fully supports secure external access using the Lotus Notes client or the web browser interface (if enabled on the Domino server). The IronMail appliance is placed in the DMZ of the corporate network, allowing the Domino servers to stay safely behind your firewalls, dealing with a single, known gateway. The IronMail system provides strong filtering capabilities for e-mail content, attachments, and encryption standards. The spam filtering function uses both an automatically updated blacklist, DNS reverse lookup, user quarantine review and whitelists, and content scanning. For your needs, and depending on the volume of mail your company sends and receives, a dedicated e-mail security appliance may be overkill. However, it may be worth having CipherTrust evaluate your needs to see how much this option would cost you. http://www.ciphertrust.com/technology_and_services/ --------------------------------------------------- SurfControl E-mail Filter: SurfControl E-mail Filter provides the best available software-based monitoring and filtering package for SMTP mail traffic. The challenge is in the configuration and administration of this powerful package. Once set up, though, SurfControl's adaptive learning capability helps keep maintenance to a minimum. When used in conjuction with the other SurfControl Filter applications (Web, IM), you will have a total filtering and monitor solution through a single vendor. Note that SurfControl E-mail Filter acts either as an SMTP gateway, or integrates with an Exchange Server. For a Lotus Notes environment, SurfControl cannot analyze traffic internal to the Notes/Domino server. It is worth the time and effort to train the application properly so that its capabilities are truly exploited for SMTP mail. Try the latest version (4.7) that was just released on August 11th, they claim improved and superior spam control. Downloading and installing the latest rules dictionaries will help with this. http://surfcontrol.com/products/email/ http://surfcontrol.com/support/bulletins/rules.aspx --------------------------------------------------- GFI MailEssentials/MailSecurity: GFI MailEssentials provides highly-regarded e-mail policy enforcement and anti-spam capabilities. When integrated with GFI MailSecurity, the unified package provides complete enforcement and security capabilities for any SMTP mail environment. Notable features include HTML exploit protection. GFI also offers 'DownloadSecurity for ISA Server' to provide protection for files downloaded using HTTP or FTP through the Internet. GFI MailEssentials does offer the ability to use external blacklists (such as SpamCop and ORDB), something that SurfControl does not readily support. Often, the use of external blacklists helps keep the administrative work down, but does increase the possibility of a false positive. Personally, for my personal e-mail solution, I do use both the SpamCop and ORDB blacklists, and have not encountered a false positive situation yet. Like SurfControl, GFI MailEssentials can only act as either an SMTP gateway, or as an integrated module on an Exchange Server. So, the same limitations with regards to analyzing and managing your internal mail applies. http://www.gfi.com/mes/ --------------------------------------------------- CSL Mailsweeper for Domino: CSL Mailsweeper integrates with your Domino server to provide policy enforcement and security for both external mail as well as internal mail. With the recent release of 'CSL Mailsweeper - Antispam Edition', the portfolio now also includes protection against spam, but currently is only available for users of 'CSL Mailsweeper for SMTP'. If anti-spam filtering is not as important (or if you are willing to use a second product, such as 'CSL Mailsweeper - Antispam Edition' running separately to manage spam), then CSL Mailsweeper for Domino is still the best option for you as far as an all-traffic mail management system goes. Adding 'CSL Remotemanager' to your toolkit will make managing Mailsweeper even easier. http://www.mailsweeper.com/products/msw/domino/default.asp http://www.mailsweeper.com/products/antispam/Msw/default.asp --------------------------------------------------- Waterford Technologies' Mailmeter for Domino: Like CSL Mailsweeper, Waterford's Mailmeter supports direct integration with Domino servers. However, there is no actual anti-spam capabilities, short of reporting on suspected spam. So, while Mailmeter is a great tool for managing the mail system, it does not have good capabilities for helping to manage the actual mail. If this is not important to you, then still consider that CSL Mailsweeper is already working for you, and will more than likely incorporate antispam support into their Domino version in the near future. http://www.waterfordtechnologies.com/content.cfm?t=Domino%20Business%20Benefits --------------------------------------------------- Elron Message Inspector: Primarily an anti-spam solution, the centrally-managed aspect of Elron's 'Message Inspector' application makes it a viable policy enforcement and monitoring tool as well. However, in comparison to your existing Mailsweeper installation, Message inspector does not offer anything that makes it truly worth converting over. http://www.elronsoftware.com/productfamily/msginspector.shtml =================================================== -> Internet Usage Monitoring & Filtering WebSense Enterprise: WebSense's approach to Internet usage monitoring & filtering is to use a constantly updated, online database of websites, categorized by content and function. You choose which categories, and what enforcement level, you want to control, and the application manages the rest. WebSense Enterprise also supports local settings to override the information in the external database. The package is regularly updated, but is a complex system to set up. Maintenance is relatively simple through an easy control panel interface. There are also optional, special purpose online databases ('Premium Groups') that you can subscribe to to lower your configuration work requirements. http://www.websense.com/ -------------------------------------------------- Wavecrest Cyfin Reporter/Cyblock Web Filter Cyfin Reporter and Cyblock Web Filter are compatible with ISA Servers and MS Web Proxy servers. The weakness of the web filtering capability is the need to set up and maintain the local database of blocked sites. Otherwise, the reporting capabilities are similar to that of the other packages in this field. http://www.wavecrestcomputing.com/products/index.html -------------------------------------------------- SurfControl Web Filter: Advertised as the first web filter product to be certified by ICSA Labs, SurfControl has received its fair share of accolades from industry. While the online database for SurfControl is not as large as WebSense's 10 million+ claim, it is still more than adequate for most corporate environments, when used with dynamic filtering. SurfControl's reporting capabilities are also top-notch, as long as traffic on your network is correctly routed through the SurfControl application. Server compatibility is extensive, and integration with SurfControl's E-mail and IM Filters does make for a good, all-in-one package with common user interfaces. http://www.surfcontrol.com/products/web/ -------------------------------------------------- Elron Software's Web Inspector: Web Inspector is an Internet usage monitoring application that also provides basic enforcement and website blocking capabilities. This package requires little work to begin monitoring how your Internet bandwidth is being used, but does require some work to set up proper site blocking if you choose to do so. http://www.elronsoftware.com/productfamily/webinspector.shtml ================================================== -> Other Symantec Enterprise Security Manager 5.5: While not quite an Internet usage monitoring & filtering application, Symantec's ESM is worth mentioning for its ability to ensure that your gateway devices and your key network components are properly configured to prevent your security policies from being bypassed. http://enterprisesecurity.symantec.com/products/products.cfm?productid=45&EID=0 -------------------------------------------------- TruSecurity ICSA Labs As in most maturing industries, the Internet filtering industry has started to create certification programs to attempt to set a standard for performance. The ICSA Labs have created a set of criteria for Internet filtering software, which might be useful to you in evaluating your own needs. This work is still ongoing, so check periodically for updates: http://www.icsalabs.com/html/communities/sift/certification/criteria/criteria.shtml ================================================== I hope that this information helps you in selecting the best solutions for your firm. Please take full advantage of the various vendors' sales channels to set up a comparison of the products' relative perfomance in your environment. If you require clarification for any part of this Answer, please do not hesitate to let me know. Please note that I will not be online between August 26th and Sept. 4th, but will endeavour to response to any clarification requests as soon as possible. Regards, aht-ga