Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12

Thread: IM security risk

  1. #11
    Senior Member
    Join Date
    Jan 2003
    Posts
    686

    Post Here's a thought...

    Ok I'm no big admin, I just run a coyote box with a bunch of computers on a switch. But I have noticed that AOL has an "enterprise" edition of their aim. Here's the link: http://www.aim.com/get_aim/enterprise/enterprise.adp

    and a basic copy paste of their site (for those who would not view the link otherwise):

    -------------------------------------------

    Updated 4 November 2002


    New! Enterprise AIM Services

    Enterprise AIM Services Drive Business Value
    The majority of interactions in the workplace are quick exchanges of information such as updates, questions, and escalations. Using the power of presence and real-time communications, Enterprise AIM Services enable employees to immediately learn the availability status of a colleague and benefit from fast, highly valued "virtual hallway conversations" wherever and whenever they are needed. These quick and coordinated exchanges also increase opportunities for collaboration and boost employee connectivity.

    Enterprise AIM Services Address Key Enterprise Requirements:


    +Control to restrict use of instant messaging by all or part of the employee population
    +Security to guarantee the identity of users and compatibility with existing virus checking
    software
    +Centralized management to maintain consistent user identities across corporate
    communication tools
    +Logging and auditing services to copy and store messages to and from all or select users for
    subsequent auditing by keyword patterns, date ranges, and names
    +Reliability to ensure dependable, continuous service

    AIM Enterprise Gateway
    Now available, AIM Enterprise Gateway increases the value and manageability of AIM for organizations. Deployed onsite, AIM Enterprise Gateway acts as a proxy between users inside the corporate firewall and those on the public AIM network, enabling enterprises to manage and control employee usage of AIM services. AIM Enterprise Gateway provides Identity Management Services that enable administrators to control access, routing, and permissions. AIM Enterprise Gateway also features Archive and Audit Services that monitor AIM usage, log and audit messages, and create reports.

    Optional features include Private Domain Services that allow an enterprise to create friendly Screen Names that follow the structure: user@company.com and Federated Authentication that enables an enterprise to manage user Screen Names from the corporate directory.

    AIM
    The AIM Enterprise Gateway supports AIM on the desktop. AIM features high ease of use and other well-known AIM features including privacy controls, file transfer, custom away messages and preference settings. It enables enterprise users to communicate with employees inside an enterprise or with partners and customers outside the organization. When deployed with AIM Enterprise Gateway, messages between employees are automatically routed locally rather than sent over the IM network. This ensures that AIM conversations within the enterprise stay behind the corporate firewall. With combined wireless support through partnerships with wireless carriers, mobile employees can also use their wireless devices that support SMS (Short Messaging Service), WAP (Wireless Application Protocol) or embedded clients to connect with AIM.



    AIM Enterprise Gateway enables Administrators to set
    permissions at the enterprise, group or user level.

  2. #12
    Junior Member
    Join Date
    Feb 2003
    Posts
    6
    Unfortunately, they're not really all that easy to block. AIM is one of the worst. It will scan for a way out. If it can't get out on its normal port, it will try another and another until it does. I've gotten it to work going out port 23, 22 and just about anything else that's open through the firewall. You can block those ports and force the use of a proxy, but it may make some folks very unhappy.

    I'm looking at control, rather than flat-out denial. Two things I'm considering are:
    1. Yahoo! IM Enterprise Edition - I can bring the Yahoo! IM in-house, and allow portals to the outside. This includes controls over content and to whom the users can talk.
    2. Exchange 2k now has a chat feature. It won't give them outside chat facilities, but it will give them the ability to use chat as a production tool. Then they won't have the legitimacy to claim they actually need it for work.

    -- Director

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •