SecretSweeper Secure Email

More Info on this Product:
Suite Features
News
Anti-Spam Solution
MAILsweeper for SMTP
Web RemoteManager
MAILsweeper Exchange 2000
MAILsweeper for Domino
MIMEsweeper for Web
White Papers
Case Studies
Webinar/Demo Request

Subscribe to NewsBrief

Product Areas

Mailbox Size, Quotas, Retention

Beyond SPAM & Pornography

E-Discovery & Archiving

Privacy, Email Encryption

Availability, Metrics, Alerting

OWA & I-Notes Tools

Virus, P2P, Worm, Spyware

Solutions By Platform

About Us

White Papers & Reviewers Guides

Spill The Beans

Contact Us

SECRETSWEEPER

Corporations are rightly concerned about the security of sensitive data in transit to their remote offices, partners and suppliers. A solution is to employ encryption and PKI application, but this has problems of its own.

Companies are finding that rolling out these PKI schemes to desktops across the enterprise is costly in education of users, key management and the cost of lost or compromised keys. In addition, encryption can be a double-edged sword. While on one level encrypting emails provides privacy by ensuring they can be read only by the intended recipient, it also means security checks on the content of email are made more difficult.

SECRETsweeper addresses both of these issues by allowing encryption of email to partners, suppliers and remote workers at the email gateway and by managing the content of desktop-encrypted email.

Site-Site Encryption

SECRETsweeper is an encryption gateway which enables companies to encrypt mail to specific sites or recipients using a single, corporate key. This allows secure communications between organizations who need privacy of their exchanges but cannot afford to invest in a total PKI solution. SECRETsweeper thus allows corporations to roll-out PKI slowly while still gaining the privacy that encryption technologies allow.

Desktop Encryption

If you've already implemented a policy-based Content Security solution, how can you be sure that email encrypted at the desktop is safe? SECRETsweeper recognizes S/MIME encrypted email and decrypts and validates encrypted email or identifies and classifies inaccessible, enciphered messages.

Need to understand more about encryption? - check out the FAQ for SECRETsweeper.

System Overview:

Policy Management

determines which users can send and receive encrypted and/or signed messages
prevents unauthorized encryption or signing
blocks unrecognized keys and certificates

Site-to-site encryption / signing

encrypts plaintext messages going to defined sites using keys taken from the remote certificate
signs plaintext messages meeting defined policy with a "corporate" key
avoids need for individual PKI-training and ownership of keys
leaves previously signed messages untouched

Client-based encryption / signing

manages client-encrypted email if sending or receiving SECRETsweeper is bcc'ed on the email
allows and adds encryption and/or signing by mobile and out-of-office users

Open strategy

supports S/MIME message encoding standard
supports DES, Triple DES and RSA encryption algorithms
supports LDAP directories for dynamic lookup of certificates
supports leading Certificate Authorities, including Verisign, Entrust, Thawte, IBM Vault Registry, Baltimore Unicert and Security Dynamics Keon

System Security

separates Key Management and MAILsweeper administration functions
provides effective revocation at the boundary; if the administrator revokes a certificate, any message subsequently using the certificate (or a key from the certificate) will be blocked at the MAILsweeper / SECRETsweeper boundary
blocks messages created by unauthorized encryption keys

SecretSweeper 2.1

SECRETsweeper 2.1 is fully compatible with the MAILsweeper for SMTP 4.2_5 for content checking of encrypted or signed (authenticated) e-mail, toprevent confidential data loss and the circulation of viruses or offensive material. SECRETsweeper 2.1 also features, Lexical analysis to trigger signing and/or encryption, PKCS#12 support, CRL support, and Windows 2000 support.

MIMEsweeper and SecretSweeper are trademarks of Clearswift Technologies Ltd.