The Natural way for Secure Mobile Email v.1.4
description
Transcript of The Natural way for Secure Mobile Email v.1.4
![Page 1: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/1.jpg)
The Natural way for Secure Mobile Email
v.1.4
www.AGATSolutions.com
![Page 2: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/2.jpg)
Slide 2
ActiveSync Shield overviewSecure Mobile Email solution for over the air connecting
device to Exchange.Server side solution with no client install requirementsNatural Bring Your Own Device (BYOD) solution
Compatible with any mobile device -iOS (iPhone, iPad), Android, Windows Phone, Nokia etc.
Uses favorite device's familiar native mail client.Low enrollment and implementation costs
![Page 3: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/3.jpg)
Slide 3
Security issues addressed• DLP-Data Leak Prevention- Content protection• Mobile Access Control- Two Factor AuthenticationActive Directory protection- Network security• Antivirus scanning- Malware protection
• Available either as an add-on to the Microsoft Forefront security server family (ISA/TMG/IAG/UAG) or with a proprietary pluggable Reverse Proxy platform (Bastion).
![Page 4: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/4.jpg)
Slide 4
Main featuresActiveSync Protocol filtering – manage content syncingTwo Factor AuthenticationWebmail - DLP solutionContent inspection and manipulation
Virus inspectionAttachment encryption
Self registration & admin enrollment/ auditing site
![Page 5: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/5.jpg)
Slide 5
Content filtering featuresManage dynamic content filtering rules by:
AD group membershipDevice type (iPhone, android..)Device mail client (such as Touchdown)
Regular expression rules Manage rules priority orderEach rule can hold different content policy
Minimize content leaving network to minimum required and to necessary users.
![Page 6: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/6.jpg)
Slide 6
Content filtering features (cont.)
Filter all Exchange objects:MailAttachmentsEventsTasksContacts.
![Page 7: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/7.jpg)
Slide 7
Content filter features (cont.)
Filter attachments in mail and calendar eventsManage a list of permitted attachment file typesAllow specific file types per ruleFilter by words in subject and body of mail and calendar
events Checks entire message body, even if client doesn’t initially
request full message
![Page 8: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/8.jpg)
Slide 8
Content filter features (cont.)
Allow meeting requests to be received even when email is blocked
Filter by the sender's domain nameBlock internal mail leaking out
Filter by mail headers
![Page 9: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/9.jpg)
Slide 9
Protector Basic - Architecture
![Page 10: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/10.jpg)
Slide 10
Content inspection - Antivirus Check mail content by Anti Virus before reaching
Exchange and before reaching device via ICAP protocol
![Page 11: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/11.jpg)
Slide 11
Content manipulation- Encryption serverStrip attachments out of messageSend to external encryption serverAttach files back into message
Encryption server
Exchange server
ActiveSync Protector
Mobile Device
![Page 12: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/12.jpg)
Slide 12
DLP- ActiveSync WebmailUnique DLP solution avoids storing content on device by
converting email body to web displayUses native email clientContent immediately blocked in
case of stolen or lost deviceAttachments are converted to
linksNo remote wipe technical issues
and personal data issues
![Page 13: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/13.jpg)
Slide 13
DLP- ActiveSync Webmail (cont)Mail content dynamically fetched upon request and not
stored on ActiveSync Shield gateway serverActive Directory password not stored on gatewayIntegrated with Mobile Access
Control filter for secure authenticationAccess control layer requiring web login
Authentication timeout can be configured.
![Page 14: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/14.jpg)
Slide 14
Two Factor authenticationBased on Device ID sent by protocolAdditional device identification factor:
Solution places a unique key on device, which is verified with each sync
Several registration/ enrolment options to enforce access control policy based on matching phone and user.
![Page 15: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/15.jpg)
Slide 15
Access Control – EnrollmentSupport several access control policies:
Automatic Registration – Device ID is registered upon first use of account.
Two steps registration process: Two Step Registration – User registers on internal site and
then must sync within a defined time frame to complete registration.
Admin Manual Enrollment – Admin management of user list using training mode and rejected auditing list.
![Page 16: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/16.jpg)
Slide 16
Two Steps Registration
![Page 17: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/17.jpg)
Slide 17
Access Portal admin View approved & blocked usersBlock specific usersProduct settings
Allow duplicate users per deviceTwo level admin- local domain adminReportsSearch
![Page 18: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/18.jpg)
Slide 18
Admin user management
![Page 19: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/19.jpg)
Slide 19
Active Directory ProtectionCustom Login– User creates credentials on internal site
for use on device instead of Active Directory credentials.Use cases:Avoid using internal credentials outside organizationAvoid storing and using Active Directory credentials on device.Active Directory password lockout protection.Solution for organizations using smart card login
![Page 20: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/20.jpg)
Slide 20
Product componentsMobile Access ControlProtectorConsumerAccess PortalBastion reverse proxy
![Page 21: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/21.jpg)
Slide 21
Two step registration Architecture
![Page 22: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/22.jpg)
Slide 22
Custom Login/Webmail- Architecture
![Page 23: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/23.jpg)
Slide 23
Bastion Reverse proxy forwarding traffic to the configured
backend serversPluggable filtering architectureFilters HTTP(S)Scalable Event-Driven ArchitectureCan publish multiple servers in parallel Highly efficient asynchronous architecture Bi-directional content filteringCross-platform
![Page 24: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/24.jpg)
Slide 24
Bastion (cont) Geared towards full-featured HTTP filtering
Most reverse proxy solutions are geared towards web acceleration
Supports many HTTP features and scenariosChunked, gzip and deflate Transfer-Encodings.Pipelining
Supports filtering content, blocking content or generating proxy responses anytime during the filtering chain (unlike TMG and UAG, for instance).
![Page 25: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/25.jpg)
Slide 25
AGAT Security suite - OverviewActiveSync Shield is part of AGAT Security suite.AGAT Security suite is a set of unique components that
allow extending Forefront (ISA/TMG IAG/UAG) functionality to solve complex architectures and requirements, typically implemented in large, complex and well secured networks.
To learn more about our solutions please visit our website at http://www.agatSolutions.com
![Page 26: The Natural way for Secure Mobile Email v.1.4](https://reader036.fdocuments.in/reader036/viewer/2022062500/56815006550346895dbdd9d0/html5/thumbnails/26.jpg)
Slide 26
END
www.SecureMobileEmail.com
See more products athttp://www.agatsolutions.com