Secure IM with AIM Enterprise Gateway V.2.0

Secure IM with AIM Enterprise Gateway V.2.0

Category: Secure instant messaging
Name of tool: AIM Enterprise Gateway V.2.0
Company name: America Online
Price: 60-day evaluation free, pricing varies (approx. $20 per seat up to 2500 seats)
URL: http://enterprise.aim.com/docs/aimeg

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.


Platforms supported: Linux Red Hat and Windows Server 2000 running Microsoft SQL Server or Oracle 9i with appropriate service packs

Strom-meter:
** = Very tough to install and use but has some value

Key features

Pros:
Valuable proxy for AIM clients in the corporate setting to monitor and control messages

Cons:
Setup is painful, particularly with SQL Server and the crypto features

Description:

The brave new world of IM -- instant messaging -- is upon us. The technology that has been adopted as the defacto teenage communications media is now firmly entrenched in corporate America. The only question is what are you going to do about it?

IM makes it easy to chat, but it is a means of communication that can't easily be recorded and screened. This is a problem for several reasons: First, you offer viruses another gateway to your network. Second, your company may have policies in place that prevent unrecorded conversations with clients, such as brokerage firms. Finally, you may wish to limit IM to people on the internal network and prevent the outside world from sending messages to your staff.

You could just keep your digital head in the sand and allow your users to use IM freely. Or you could block all IM traffic at your corporate firewall, which probably isn't going to win you any votes either. A better course of action is to install a tool to control and monitor IM. One such product is AOL's AIM Enterprise Gateway.

The gateway has its problems, though. Its documentation is severely lacking and assumes familiarity with crypto, database administration and directory services. While it works on both Linux and Windows 2000 Servers, it does require some effort to get going. It is also more of a AIM proxy server than a gateway, and you'll have to adjust each user's AIM client configuration to point to the machine running your gateway before you can take advantage of its features. To encourage people to use the gateway, you'll probably also want to block port 5190 (the standard AIM port) at your firewall. This is all several days of work at best.

On the Linux side, you'll need Red Hat 7.2 and Oracle 9i Version 9.0.1.1. On the Windows side you'll need either Windows 2000 Server or Advanced Server with Service Pack 3 and either Oracle or SQL Server 2000. The database is used to store the message traffic recorded by the gateway, along with other information required by the program. You'll also want to make sure that the AIM Gateway machine itself is protected properly, as it can be a vulnerable point of entry on your corporate network if it isn't.

Still, once you get it running you'll find several nice features. You can record all or selected IM conversations that originate from within your network. You can add disclaimer messages (telling them that their messages are being recorded) to every conversation at selected times as well. You can also support encrypted conversations, once you install the crypto features (these are new to Version 2.0). To enable the crypto features, you need to be running the Windows 5.2 AIM client -- no other clients will currently support encrypted conversations. Finally, the gateway integrates with various directory servers, although I didn't test this but saw that it could also be an effort to get working properly.

I would recommend that corporations that already have a significant AIM culture consider this product, despite its flaws, and be prepared to step up some of their support efforts to deal with managing AIM. If you haven't gotten involved yet in AIM, I would consider some of the open-source products, such as Jabber, that might be more manageable and cost less to support.

Strom-meter key: **** = Very cool, very useful
*** = Hey, not bad. One notch below very cool.
** = A tad shaky to install and but has some value.
* = Don't waste your time. Minimal real value.

About the author

David Strom is the technology editor for VARBusiness magazine. He has tested hundreds of computer products over the past two decades working as a computer journalist, consultant and corporate IT manager. Since 1995 he has written a weekly series of essays on Web technologies and marketing called Web Informant. You can send him e-mail at dstrom@cmp.com.

For more information on this topic, visit these resources:


This was first published in August 2003

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

Back to top