IM Management: Akonix Covers Messaging and P2P

By Paul Rubens | Mar 14, 2006 | Print this Page
http://www.enterprisenetworkingplanet.com/netsysm/article.php/3591611/IM-Management-Akonix-Covers-Messaging-and-P2P.htm

Editor's Note: Paul Rubens' look at Akonix' instant messaging management offerings begins a short series of profiles on the IM management and security market.

Akonix was founded six years ago in San Diego, CAL, to develop products that would tame instant messaging so its use could be easily managed and controlled, with minimal security risks, in an enterprise environment. Since then a significant amount of regulations relevant to instant messaging have been introduced that companies must comply with, so regulatory compliance is also a key driver for the development of Akonix’s products.

The company’s approach has been to offer two key software applications – L7 Enterprise, an IM gateway which sanitizes and logs authorized IM activity, and L7 Enforcer, which detects and blocks unauthorized IM activity. These two applications run on standard Windows hardware.

In addition, Akonix offers the L7 CM5000 IM security appliance which runs L7 Enterprise and L7 Enforcer as a plug-in solution.

Although Akonix is primarily concerned with IM, the company’s products also control unwanted P2P traffic from applications such as BitTorrent and Kazaa, which can seriously impact network performance (and are often used for illegal purposes)

L7 Enterprise
Akonix's IM gateway serves a number of management, security and compliance functions such as the following:

  • Logs, archives and reports on all public and enterprise IM activity
  • Blocks or allows file transfers, games, video conferencing and other IM features
  • Protects against IM-borne worms, viruses and other attacks
  • Enforces real-time content filtering for appropriate use of IM
  • Blocks spam over IM (SPIM) through auto policies and blacklists
  • Integrates with leading email and content archiving systems
  • Logs Reuters, Bloomberg and other enterprise messaging systems
  • Dynamically updates rapidly-changing IM protocols
  • Virus scans all file transfers through integration with leading AV providers

Most of this functionality is fairly standard, but Enterprise does have a few unique smarts. For example, most threats from IMs are actually carried in the form of malicious URLs which, when clicked, cause malicious code to be downloaded and executed, says Don Montgomery, Akonix’s marketing vice president. To protect against this, Enterprise has a security feature called multilayer containment. Any URL contained in an IM which is not Enterprise’s whitelist or blacklist is flagged with a warning message. If the user wishes to click on the URL they must first pass a challenge-response test by answering a simple question, designed to frustrate bots.

If the URL still turns out to be malicious and unleashes a worm onto the network, the next layer of security kicks in: message rate throttling. Many worms propagate using the IM buddy list, so if more than three messages per second are being sent from an IM client, the URL is blacklisted and the session killed.

Akonix intends to add a final layer, called IM Sentry, but the company would not provide more information on the upcoming addition.

L7 Enforcer
For policy and regulatory enforcement, L7 Enforcer is meant to lock down the network by performing the following tasks:

  • Blocks unauthorized access to AOL, Yahoo!, MSN, Google Talk and ICQ - including browser-based clients
  • Blocks unauthorized access to eDonkey, IRC, BitTorrent, Kazaa, iMesh, Grokster, Morpheus, LimeWire, and other P2P applications
  • Logs and reports on IM and P2P activity by user and protocol
  • Dynamically updates P2P and IM protocol adapters
  • Passively monitors network traffic with no impact on network performance or reliability

Essentially then, Enforcer is Enterprise’s mean little sidekick which enforces IM (and P2P) policies in a very flexible manner. By linking it with the corporate directory, it is possible to set it up so that, for example, only staff in the marketing department can use MSN, and only sales staff can use Yahoo! for instant messaging. Most IM services change their protocols regularly to avoid firewalls, but as a certified partner Akonix gets access to these protocols in advance so that it can detect them by packet sniffing and allow or prevent them as required. “Enforcer is designed to work in tandem with Enterprise so that anything coming from Enterprise is allowed, and anything not will have the proper policy applied – which is usually to divert it through to Enterprise,” says Montgomery.

L7 Remote Security Agent
While L7 Enterprise and Enforcer aim to make IM usage secure within the enterprise, L7 Remote Security Agent is Akonix’s way of addressing the problem of remote workers with corporate laptops using IM services at home, at client’s offices or at public Internet access points. Essentially it’s a bit of hidden and hard to disable software which sits in the laptop and detects IM activity. It then diverts it back to L7 Enterprise if the laptop is on the corporate network or connected via a VPN, or else simply blocks all IM activity. In other words, IM from corporate laptops goes through the corporate IM gateway or doesn’t go at all.

With Akonix L7 Remote Security Agent, remote laptop users are:

  • Protected against IM attacks
  • Logged to meet compliance requirements
  • Prevented from any unauthorized use of public IM
  • Limited to IM applications and features permissible by IT
  • Defended against SPIM and other unwanted instant messages

Key features include:

  • Support for all public IM – AIM, Yahoo, MSN, ICQ, and Google Talk
  • Remote configuration
  • Automatic and scheduled updates
  • Tamper proof to prevent disabling
  • Small footprint (< 50kb)
  • Transparent to end user
  • As yet there is no way to stop employees IMing from their corporate cell phone or PDA, but Montgomery says that a solution to control this is on Akonix’s road map for the long term.

Appliance-Based Future Akonix is essentially a software developer, and new versions of its applications will be released in the coming months. But just as firewalls and email security have become increasingly appliance based, Montgomery believes that IM security will be the third wave of security appliances and the company plans to introduce several new ones during the year. “Akonix is moving from software to appliances, and two years from now we will be an appliance company,” he says.

Akonix L7 Enterprise pricing and specifications
Pricing $3500 per server license plus $20 to $40 per user.

SYSTEM REQUIREMENTS
Operating Systems

  • Windows 2000 Server (SP4+)
  • Windows 2003 Server

Databases

  • MS SQL Server 2000
  • MS SQL Server 7
  • MS Data Engine (MSDE, included)

Hardware

  • Intel Pentium III, 800 MHz +
  • 1+ GB RAM
  • 1+ GB free disk space

IM SUPPORT
Enterprise IM Systems

  • Microsoft Office Live Communications 2003, 2005 Server 2003
  • IBM Lotus Instant Messaging (formerly Sametime)
  • Reuters
  • Bloomberg
  • Communicator, Inc.
  • Parlano

Authorized IM Partnerships

  • AOL AIM
  • AOL ICQ
  • MSN
  • Yahoo!

Public IM Networks

  • Google Talk

INTEGRATIONS

Directory Support

  • Active Directory
  • IBM Lotus Domino
  • Windows NT 4.0
  • Sun ONE/iPlanet Directory Server(v4.1+)
  • Novell eDirectory v8

Firewall Integrations

  • Check Point FireWall-1 NG with updates
  • Check Point FireWall-1 v4.1 w/SP
  • Microsoft ISA Server 2000 with (SP1+)

Content Archive Systems

  • Frontbridge
  • iLumin Assentor
  • Iron Mountain
  • KVS Enterprise Vault
  • Legato EmailXtender
  • Veritas
  • ZANTAZ Digital Safe

Akonix L7 Enforcer pricing and specifications

Pricing: $2,000 per server license plus $4 to $10 per user

SYSTEM REQUIREMENTS

Operating Systems

  • Windows 2000 Server (SP1+)
  • Windows 2003 Server

Databases

  • MS SQL Server 2000
  • MS SQL Server 7
  • MS Data Engine (MSDE, included)

Hardware

  • Intel Pentium III, 800 MHz or faster
  • 1+ GB RAM
  • 1+ GB free disk space
  • Network card (promiscuous mode - allows all network traffic)
  • Non-modular hub that does not perform switching or switch with monitor port

VLAN Standards

  • 802.1Q, 802.1P

IM SUPPORT

  • AOL (AIM, AIM Express (web-based), Trillian, Apple iChat, SameTime Connect, GAIM)
  • ICQ (ICQPro, ICQ Lite, ICQ2GO (web-based), GAIM Microsoft (MSN Messenger, Windows Messenger, Trillian, GAIM)
  • Yahoo! (Yahoo! Messenger, Yahoo! Web Messenger (web-based), Trillian, GAIM)
  • Google Talk (Google Talk, Trillian, GAIM)

P2P SUPPORT

  • BitTorrent (BitTorrent, Shareaza, Personal Torrent Collector, BitTornado, Bee Tee Plus Plus, Azureus, Effusion)
  • eDonkey (Mldonkey, eDonkey 6.1, eDonkey 2000, Overnet, Shareaza)
  • FastTrack
  • Grokster, Kazaa, KazaaLite, iMesh
  • Gnutella (BearShare, Gnucleus, LimeWire, Morpheous, NeoNapster, Phex, Shareaza, Swapper, XoloX)
  • IRC
  • OpenNapster
  • WinMX

Akonix L7 CM5000
Pricing: $9,995 per appliance (includes appliance hardware and server licenses for L7 Enterprise and L7 Enforcer), plus L7 Enterprise and L7 Enforcer per user fees as above 1-U rack mountable server with an Intel P4 processor, 1GB memory and redundant hard drive

Akonix L7 Remote Security Agent
Pricing: $2 per user if business has L7 Enforcer, or $7.50 per user without L7 Enforcer

  • Small footprint (< 50kb)
  • Supports Windows XP, 2000 & 2003

Note: The following information was changed after this article's initial publication: Pricing and license fees for Akonix L7 Enterprise, Akonix L7 Enforcer, Akonix L7 CM5000 and Akonix L7 Remote Security Agent.