We installed the Windows NT Server version of both products. MSMQ runs exclusively on NT, while MQSecure runs equally well on a number of platforms, including MVS, various Unix flavors, OS/2 and Windows NT Server. NT Server offered us a level playing field on which we could compare features, usability and performance. The message server was a Gateway NS-8000 with dual 333-MHz Pentium II processors, 512 MB of RAM and three 9-Gbps SCSI RAID drives. Among the 25 messaging clients was a variety of platforms, including NT Workstation, Windows95, OS/2 Warp and Macintosh System 7.

MQSecure emerged from our tests as a clear winner, earning our Editor's Choice designation as the best MOM security product. It offers broad support for multiple platforms and protocols, a simple programming interface, easy administration and a wealth of security features.

One footnote to our testing: Had Open Horizon not shut down, its Ambrosia Event Management System would have earned an honorable mention for its tight security in a Java-based environment. Unfortunately, Open Horizon notified us that Ambrosia is going to disappear along with the company.

Candle Corp.'s MQSecure 100
MQSecure impressed us with its digitally signed end-to-end message security across the full range of our client and server platforms. Employing RSA's RC2 technology to encrypt our messages, MQSecure protected the IBM MQSeries queued missives from the moment one application sent them to the time the other application received them. MQSecure didn't offer the use of DES (Data Encryption Standard) or other cryptographic technology.

We found messages to be completely unintelligible when we used the Sniffer to examine their content in transit. And MQSecure encrypts the user ID portion of each message, so that spoofing a bogus message (inserting a faked message onto the wire) proved impossible. MQSecure rejected all our attempts to defeat it as we filled and emptied our MQSeries queues.

In the lab, the Candle Corp. product gave us the security we needed and expected for a business-oriented Internet application. MQSecure's authentication of the message's source thwarted our attempts to spoof--or, for that matter, repudiate--that source.

Validation of the received message ensured that it was unaltered, while encryption kept the message contents secret. Our tests showed MQSecure to be an appropriate tool for secure three-tier, security gateway and peer-to-peer messaging.

MQSecure let us choose between two levels of security: channel and application. Channel security protected data only over the wire, during its travels across the network, while application-level security guarded the data as it sat in the MQSeries message queues. We selected the appropriate level of security in our programming.

Incorporating MQSecure into an MQSeries-aware application required a few simple programming steps. Through a flexible set of APIs, we programmed our test software with MQSecure message exits, callable functions and, indirectly via MQSeries programming techniques, MQPut and MQGet calls. In one test, we implemented the network-level security merely by invoking MQSecure's MQS_EXIT utility as an MQ channel exit. On the sending computer, this approach provided a digital signature for each message; on the receiving end, it authenticated and validated the signature.

In another more involved test, we programmed the test software to identify ourselves to MQSecure with a user ID and password. We then used MQSecure's callable functions to achieve end-to-end message security, which encompassed the entire life cycle of the message, from its creation inside the sending application, through its time in the queue and on the network, to its reception at the target. MQSecure end-to-end security protected messages both in over-the-wire transit and temporary storage in the message queue. In contrast, channel security encompassed only the over-the-wire message transit, leaving queue contents vulnerable.

We had no problem administering MQSecure, but it was a text-mode, non-GUI affair. After using the MQS_ADM software component to initialize a public/private administrative (server) RSA key pair, we instructed it to import public keys from our clients and then create public/private key pairs for each client. The software presented us with a list of users from which we exported public keys and user account IDs. We installed the resulting file of digitally signed public keys on the messaging server and were ready to send and receive secure messages.