FaceTime IMAuditor

Secure, Log and Archive IM and Unified Communications

FaceTime IMAuditor™ ensures security, management and compliance for unified communications - from presence and instant messaging to conferencing and voice. The adoption and growing use of both public IM and Unified Communications in the enterprise is posing both inbound and outbound security threats that can result in security breaches, productivity loss and information leakage. Whether for regulatory, e-Discovery or corporate compliance, IMAuditor provides organizations with the ability to secure, log, archive and easily retrieve IM and web conferencing chat conversations.

IMAuditor is used by the world's largest firms to secure and manage real-time communications and ensure that instant messaging can be safely used to enhance business productivity and responsiveness without endangering network security. IMAuditor supports all public IM clients, Unified Communications platforms Microsoft Office Communications Server and IBM Lotus Sametime, as well as industry-focused IM communities such as Bloomberg, and Web conferencing applications such as WebEx. Deployed behind the firewall, it provides a single enterprise-wide IM management solution that gives IT visibility into and control over all real-time communications through a single interface.

IMAuditor also maintains an integrated trust relationship with Unified Security Gateway allowing organizations to easily add security and control over P2P, Skype, spyware and other Web 2.0 applications. Together they deliver end-to-end security, management and compliance for real-time communications in the enterprise.

Security Challenges

Despite the availability of enterprise-class instant messaging, on the desktop through collaborative environments such as Microsoft Office Communications Server (OCS) or IBM Lotus Sametime, users continue to download and install consumer-based IM networks such as Yahoo, AIM, GoogleTalk, Windows Live or Skype resulting in a typically heterogeneous environment consisting of sanctioned and unsanctioned applications.

Not only are more attacks entering the network over real-time channels than email, but the attacks themselves are becoming more damaging. These infections are designed to bypass traditional security measures, and these real-time channels only makes that task easier.
Just as malware is moving to real-time communications to bypass existing security measures, spam is moving beyond the email inbox into the IM stream, further increasing the risk of accidental malware infection as well as increasing traffic.
Proprietary information can be transferred outside the company network using unmonitored IM and Unified Communications (UC) channels

Key Features:

Comprehensive Management and Control

Control mobile workers use of popular IM applications on Blackberry devices
Manage file transfer, collaboration, and other client-level activities for all real-time communications services
Associate employees ID in the corporate directory with IM buddy names
Support for AOL Identity Services (including Triton) and MSN Connect
IP-based access controls enforce policies based on endpoint IP addresses
Real-time usage reports and graphical monitoring of statistics
Secure, intuitive Web-based access to configuration controls

Security

Scan transferred files, including LCS file transfers, using existing anti-virus
Protect real-time communications channels against zero-day worm and virus attacks
Block SpIM using a combination of patent-pending techniques
Prevent loss of intellectual property and confidential information using data leak controls
Backed by FaceTime Security Labs, the world's largest IM security research facility

Information Leak Prevention

Scans contents of all popular file types including Microsoft Office and other leading software applications
Allows policy enforcement through restricted phrase matching
Detects and blocks encrypted files
Controls the types of files that can be sent internally or externally

Compliance Workflow and Archiving

Log and archive all real-time communications, including WebEx chat text, in tamper-resistant binary form
File transfer archival support for EIM networks
Reporting of PIM conversations conducted over EIM clients
Administer ethical boundaries to enforce communication compliance standards between groups
Web-based access to compliance workflow for reviewing and annotating conversations
Combine with Unified Security Gateway to deliver the industry's only TrueCompliance™ solution

Extensions and Integration

Leverages existing anti-virus, firewalls and proxies
Improves reliability and availability of EIM infrastructure
Integrates with corporate database applications, email compliance and WORM storage systems, archiving, and anti-virus installations
APIs for exploiting and extending real-time event management capabilities to other applications

Enterprise-Grade Deployment

Flexible deployment architecture with availability on Windows and Linux
Compatible with Microsoft Server solutions and Oracle database
Multiple-language support enables reviewers to see conversation transcripts in native languages
Co-exists with standard IT infrastructure including load balancers and proxy servers
Load-balance among redundant/stand-by directory servers, database servers, and corporate proxy servers

Supported Applications:

Enterprise Instant Messaging: Microsoft LCS/OCS, IBM Sametime, Antepo, Jabber, Parlano MindAlign
Professional Community Networks: Bloomberg, Communicator Inc., PivotSolutions, Reuters
Web Conferencing: WebEx
Public Instant Messaging: MSN, AIM, Yahoo, GoogleTalk and more

Deployment:

Securing and Enabling Unified Communications

IMAuditorTM supports the full range of public IM clients, leading UC platforms, professional community networks, and Web conferencing applications, meeting the security, management and compliance requirements of organizations and guaranteeing compliance support for all major federal and industry regulations.

IMAuditor protects real-time communications channels against viruses and other malware through integral support for existing anti-virus installations, effectively closing the zero-day gap. Patentpending anti-SpIM (Spam over IM) keeps IM networks free of bandwidth hogging spam, and intelligent, granular content filtering and logging of all electronic conversations ensures an audit trail for information leak prevention, compliance and e-Discovery.

TrueCompliance™ Checklist:

Compliance Feature	FaceTime	Competive System
Message anti-tampering check sums (non-repudiation)	Yes	No
Real-time ethical boundaries	Yes	Partial
Real-time content filtering with advanced pattern matching, blocking and scanning	Yes	Partial
Full binary message captrue to hidden messages	Yes	No
Guaranteed Strict Logging	Yes	No
Guaranteed Message Order Preservation	Yes	No
Guaranteed delivery to the message database and archive system	Yes	No
Guaranteed non-circumvention	Yes	No
Blocking of unauthorized IM while enabling authorize IM	Yes	No

Screenshots:

IMAuditor Dashboard
(Click to enlarge)

IMAuditor Management
(Click to enlarge)

IMAuditor Reporting
(Click to enlarge)

System Requirements:

Software Requirements:

Microsoft Windows 2000/2003/2008 Server or RedHat Enterprise Linux 3.0 or ES 4.0
Microsoft SQL Server 2000, SQL Server 2005, SQL Server 2008, or Oracle 9i, 10g or 11g (on a separate machine)
Also supported on VMware

Hardware Requirements:

Pentium 4, 2 GHz CPU or higher recommended
Network Interface Card (10/100BaseTx or Gigabit)
2 GB of RAM
40 GB of available hard disk space

Documentation:

Download the FaceTime IMAuditor Datasheet (PDF).