Re: Edge appliance (firewall) that filters/monitors/records instant messenger?

[Victor Williams <bwilliam13 () windstream net>]

FYI,

Secure Computing's solution acts as an IM proxy, which requires DNS 
changes (a zone for every DNS host that *might* be serving as an IM 
gateway for whatever service; Yahoo, MSN, AOL, etc).  I'm more or less 
looking for a solution that will automagically detect IM traffic at the 
perimeter.  SC's solution doesn't do that (by itself).  You have to 
forcefully re-direct packets to the appliance some kind of way...either 
through DNS or using it as a Socks proxy (which doesn't actually work) 
or some fancy policy routing or...

I am going down the road now of just setting up an internal IM solution 
(either Live Communications Server 2007 or Openfire) and using the 
public IM options in each of them, with full auditing turned on, and 
making the public IM gateway(s) of the Openfire server the IronIM 
appliance (which we already have one of).  Openfire literally sets up in 
a few minutes, which is nice.  LCS 2007 has more options that integrate 
more with their whole Exchange 2007 stack and whatnot.  For right now, I 
will probably go the Openfire route until we've fully deployed VoIP and 
Exchange 2007 and have it integrated with our PBX and voicemail.

ArkanoiD wrote:
> SC's IronMail should be capable as well. They used to have a separate
> product (called IronIM or something), but now it is integrated into
> IronMail.
>
> You may also block it using pretty generic firewall rules (except
> web gtalk which is tricky to block if you still need gmail to work)
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () listserv icsalabs com
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
>
>
>   


_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards