IronPort Encryption Appliance
Overview
Comprehensive email encryption platform. Proven, enterprise-class scalability and reliability.
The IronPort Encryption Appliance™ is the most comprehensive email encryption gateway on the market. Whether driven by compliance requirements, improving customer/ partner trust, or protecting intellectual property, the IronPort Encryption Appliance provides the flexibility and scalability to support all secure messaging requirements on a single platform — making it the ideal email solution for data leakage prevention.
Regular email is not a secure or confidential communication medium. The IronPort Encryption Appliance is an easy-to-deploy solution to protect email, while remaining transparent to senders and offering the easiest- to-use secure delivery methods for all recipients. A complete portfolio of secure delivery methods, integrated key management, and the power of business-class email provide the comprehensive functionality necessary to protect email in even the most complex enterprise environments.
Download Encryption Appliance Datasheet
The most comprehensive email encryption gateway on the market
Features
Secure Delivery Methods
The IronPort Encryption Appliance offers a wide range of options for secure message delivery, providing the flexibility to support all email encryption requirements. Delivery methods may be automatically selected, by policy, for each message recipient.
IronPort PXE Encryption is a highly secure, envelope-based "push" technology which combines universal reach, ease-of-use and the lowest Total Cost of Ownership (TCO) of any email encryption technology. Encrypted messages can be received by any email user — independent of email client or operating system — without installing any software or requiring the sender to pre-exchange encryption credentials with the recipients.
IronPort Secure Mailbox is a secure "pull" or webmail technology. IronPort Secure Mailbox securely stores messages behind the enterprise firewall and allows recipients to access them online via a secure website. Recipient authentication as well as message retrieval and composition are secured using SSL (HTTPS). Recipients can be notified via email when new messages are available. IronPort Secure Mailbox supports a full set of Web-based email features including inbox, folders and address books.
IronPort Public Key Encryption provides support for S/MIME and OpenPGP encryption, signing and decryption, allowing organizations to leverage existing S/MIME and public key infrastructures in a system that also incorporates other IronPort® secure delivery models. IronPort Public Key Encryption supports both gateway-to-gateway and gateway-to-user models, utilizing standard PKI certificates (X.509 v3) and OpenPGP asymmetric keys. This feature also provides advanced certificate harvesting, proxy key generation, and other specialized key management functionality — including the ability to integrate with popular certificate authorities and key directories.
Business-Class Email
In addition to securing email content, IronPort PXE Encryption and IronPort Secure Mailbox technologies enhance visibility and control over email. Due to limitations of the underlying standards, these features are not available for IronPort Public Key delivery.
Guaranteed read-receipts enable users to know exactly when a message was viewed by each recipient.
Message expiration and locking prevent mistakenly-sent messages from being opened and automatically secures old messages. Messages may be locked at any time, keeping the message from ever being opened again.
Large attachment handling seamlessly and securely delivers email attachments, which can clog groupware servers. Attachments above a configurable threshold are stripped from outbound email messages, stored securely on the IronPort Encryption Appliance, and replaced in the email message by a link which allows the recipient to retrieve the attachment in a more user-friendly fashion than secure FTP or other common alternatives.
Integrated Key Server and Management
The IronPort Encryption Appliance integrates all required functionality to manage recipient registration, authentication, and per-message encryption keys for both Iron- Port PXE Encryption and IronPort Secure Mailbox technologies.
Authentication and key delivery is typically via a password. Multiple-factor, chained and single sign-on authentication methods are also supported for advanced applications. On successful authentication of a recipient, the key for that message is released (with IronPort PXE Encryption) or access to the recipient's secure webmail account provided (with IronPort Secure Mailbox).
Enrollment management is enabled for firsttime recipients as they are guided through a single screen enrollment, creating an account on the key server. This account may be used to receive any future messages. Recipients may also be pre-enrolled, or an existing directory (Active Directory/LDAP) used, to provide credentials. First party (recipient), second party (sender) or third party authorization can be configured to prevent automated or man-in-the-middle attacks.
Message management is provided by IronPort PXE Encryption and IronPort Secure Mailbox. These advanced businessclass email features, including message locking/ expiration and guaranteed read-receipts, are accessed via a Web user interface by both individual users and authorized administrators - displaying status and enabling locking of individual messages.
Benefits
Ensure Compliance Guarantee that sensitive messages are handled in compliance with regulatory legislation, such as HIPAA, SOX, GLB, PIPEDA and the European Union Data Directive.
Foster Customer and Partner Trust Raise the levels of service to customers and partners, illustrating commitment to keep business transactions and communications confidential.
Protect Intellectual Property Safeguard sensitive business information and intellectual property contained in email outside the firewall — both in transit on the Internet and in storage on destination email servers.
Improve Customer Service Communicate securely with customers using the channels that they prefer.
Business-Class Email Enable a new class of email, leveraging the IronPort PXE Message™ to access unprecedented visibility and control over email.
Specs
| Chassis / Processor | |
|---|---|
| Form Factor | 19" Rack-Mountable, 2U rack height |
| Dimensions | 3.5" (h) x 19" (w) x 29" (d) |
| CPU | One Intel Multi-Core Processor |
| Power Supplies | Hot-plug redundant, 750 watts, 100/240 volts |
| Storage | |
| RAID | RAID-1 configuration; dual-channel hardware with battery-backed cache |
| Drives | Two hot-swappable, 146 GB serial attached SCSI |
| Capacity | 70 GB queue capacity, 110 GB discretionary capacity (reporting data, logs, configuration, archives) |
| Database | |
| Onboard | PostgreSQL database |
| External | Oracle, Microsoft SQL Server, IBM DB2 |
| Connectivity | |
| Ethernet | Two Broadcom Gigabit BaseT Ethernet ports |
| Serial | One RS-232 (DB-9) serial port |
| Interfaces / Configuration | |
| Web Interface | Accessible via HTTPS |
| Command Line Interface | Accessible via SSH or Telnet; Installation Wizard or command-based |
| File Transfer | SCP or FTP |
| Configuration Files | XML-based configuration files archived or transferred to cluster |
| Cryptographic Algorithms | |
| Message encryption | ARC4 (160 bit), AES (192 bit), 3DES |
| HTTPS | ARC4 |
Summary
The Ultimate Email Encryption Gateway
As proven by an unmatched list of success stories in the Global 2000, the IronPort Encryption Appliance is the only secure messaging gateway flexible enough to meet the evolving secure communications requirements of businesses today. Universal reach, flexible delivery methods, and enterprise-class scalability and reliability enable expanded use of the Internet as an efficient, reliable, and low-cost channel for continued growth.
Contact Us
How To Get Started With IronPort
IronPort sales representatives, channel partners and sales engineers are ready to help evaluate how IronPort products can make your corporate network infrastructure secure, reliable and easier to manage. If you believe that your organization could benefit from IronPort's industry-leading products, please call 650-989-6530 or visit us on the Web at www.ironport.com/leader.
