The Award Winners from this Category

Enterprise Messaging Solution By Dan Backman Message Backbone Switch By Joel Snyder Messaging Client By Dan Backman Message Security Product By Dan Backman Workgroup Messaging Server By Dan Backman

Other Categories

Enterprise Security By Greg Shipley Infrastructure By Joel Conover Electronic Commerce By Brian Walsh Operating Systems & Network Services By Gregory Yerxa Services & Peripherals By Dave Fetters Development By Richard Hoffman Network/Systems Management By Bruce Boardman Wide Area Systems & Services By Dave Willis

Company Directory

Browse our directory to get data, starting with a particular company.

Reader Service

Allows you to request additional product information from our advertisers.

Print This page

ClickHere

E-mail this URL

ClickHere

Buy the Book

While Internet mail clients are often employed by individual users to access personal e-mail boxes, their entrance onto the corporate desktop raises new management concerns. The IMAP protocol closely mimics some proprietary mail-access protocols by managing server-side messages and folders. But effective support is lacking for users on the road, or those who access their mailboxes from various workstations. Although IMAP has effective central storage of messages and folders, preferences such as a user's name, address book and other settings reside on the client. ACAP (Advanced Configuration Access Protocol), a standard aimed at enabling remote access of individual preferences, is in the works, but it's unclear when we'll see products that support it.

The best alternative for supporting roaming users is to deploy a Web-based messaging client. Now standard in most messaging systems, these Web interfaces are usually driven by server-side logic, and consist of an HTML interface that closely mimics native clients. In groupware systems, Web clients offer an advantage over IMAP or POP clients, providing access to calendars and other groupware features not available over Internet mail clients. However, these HTML clients are best used as a convenience. Browser interfaces, while functional, are no match for a native client.

The native clients that are integral to groupware solutions are expensive compared with basic POP and IMAP e-mail. But while we can hear the drumbeat for outsourced message management growing louder, there's no question that these behemoths have their place. Many companies dislike the idea of jettisoning groupware in favor of less expensive solutions. With groupware, you get what you pay for--functionality, reliability and security. Although personal e-mail services can deliver the lowest common denominator of messaging service (a Web-based mailbox with a small amount of disk quota), outsourcing the corporate inbox means delivering SLAs (service-level agreements) for availability and reliability, as well as delegated user, alias and mailing-list administration.

Apart from these baseline requirements, many companies still will want to take advantage of groupware features, shared calendars and resource scheduling, as well as support customized messaging-based applications (such as custom workflow). Likewise, outsourcing may not serve companies with confidential or internal information to protect.

Despite these limitations, several vendors are offering carrier-class messaging servers designed to handle extremely high message volumes and enable delegated administration. For instance, Netscape's latest Unix-based enterprise messaging system, Messaging Server 4.0 (originally code-named Troopers), can now be partitioned into multiple logical servers--each with delegated administrative access. This allows an outsourcing agency to manage the server itself and hand off tasks such as user management to individual clients.

As more IT departments assume a service-provider role within their organizations, these features take on added importance. An IT department can offload local tasks while maintaining responsibility for managing the actual messaging infrastructure. In this case, support for a general-purpose enterprise directory service, Netscape's Directory Server 4.0 or Novell's NDS, for example, is a clear benefit, integrating messaging management with existing directory-management strategies.

Secure Messaging
Security is always a concern in messaging and there's progress on that front. Secure messaging protocols are readily available in the form of Network Associates' PGP and RSA's S/MIME. However, IETF standards that work for S/MIME version 3 and OpenPGP are not yet complete.

Nearly every platform supports SMTP/MIME MTAs (message transfer agents). SMTP traditionally has been a lowest common denominator protocol, but this is changing with the addition of MIME and ESMTP (Enhanced Simple Message Transfer Protocol). ESMTP is an extension model that supplants much of the simplicity of plain old SMTP. The question remains whether ESMTP/MIME message transfer lives up to the full functionality of existing (proprietary) message transfer protocols like those used within Microsoft Exchange, Novell GroupWise or Lotus Domino sites. For instance, SMTP doesn't offer a ubiquitously supported message-retraction protocol, and some protocols, such as DSN (Delivery Status Notification), are immature and not implemented across all servers throughout the Internet. For the foreseeable future, most companies using groupware or proprietary products would be wise to stick with native messaging transports between servers.

One of the major issues in the migration from proprietary messaging protocols to SMTP/ MIME is the lack of security. For example, groupware systems such as Notes and Exchange offer internal message-encryption standards only for messages within the enterprise. Implementing an effective cross-platform secure messaging solution remains an elusive, and expensive, proposition. Although S/MIME offers an effective, interoperable solution, its weak link is PKI. Because it is merely a consumer of an external X.509 infrastructure, it is throttled by issues of key revocation, distribution and infrastructure management.

But there is hope. Systems such as Entrust offer the best of both worlds via the interoperability of S/MIME. This solution delivers integrated PKI management, certificate revocation checking, trust management and key recovery, and simplified enrollment. But its use of S/MIME formatting makes it compatible with non-Entrust messaging clients (such as Netscape Communicator, Microsoft Outlook98 and Outlook Express). While some products allow server-side encryption to enable so-called "e-mail VPNs" by encrypting messages between servers, such solutions leave messages vulnerable at the message store. Messages should only be unlocked when opened by the user--at the client level. Secure messaging should only be implemented on the server if being used for policy enforcement.

While little has changed in the world of S/MIME, both Microsoft and Netscape continue to improve their S/MIME offerings in their messaging clients and Web-browser suites. Most notable is Microsoft's inclusion of S/MIME within its Outlook98 product, which (in conjunction with Microsoft's own Certificate Authority) makes S/MIME an option for Exchange Server environments.

So what's next? One gap between e-mail and the telephone--the ability to see if someone is online so you know your e-mail will be seen quickly--will soon be filled. In the coming year, products such as Lotus's SameTime, which tell you who's online and also provide whiteboard and scheduling capabilities, will become more popular.