Messaging and Directory Server software used around the world in the Government, Military, Aviation and Commercial sectors.
2008 News
-- November 8th, 2008 --
Using
Security Labels to Control Message Flow in XMPP Services
XMPP is widely used by military and government organizations with stringent
security requirements, where it is critical to ensure that sensitive
information is not sent to inappropriate individuals or domains. Security
Labeling is the mechanism of choice for handling sensitive information
in high security environments. This paper looks at the use of Security
Labels in conjunction with XMPP services, and how Isode plans to enhance
M-Link to provide Security Label based controls for user-to-user messaging
and for Multi-User Chat.
-- September 23rd, 2008 --
XMPP,
M-Link and Directory
Isode provides both directory and XMPP server products, and the approach
for M-Link (Isode’s XMPP Server) and associated management tools
is to make maximum use of directory. This paper describes how M-Link
makes use of directory, and explains why this close integration of XMPP
and directory is beneficial.
-- September 3rd, 2008 --
Directory
Replication by Email and over 'Air Gap'
Directory replication is an important feature of most directory services,
commonly achieved by use of directory protocols. There are a number
of situations where using directory protocols to perform replication
does not work well, these include: HF Radio and other constrained links,
system boundaries where only email traffic is allowed, directory gateways
performing security checks and tactical directories with irregular network
access. This paper looks at these scenarios, shows how directory replication
over email and 'air gap' can address them and describes the architecture
and key features of Isode's solution.
-- August 28th, 2008 --
Messaging
Protocols for HF Radio
Messaging is important for military and other deployments of HF Radio.
Formal Military Messaging (STANAG 4406) over HF Radio is described in
a previous
Isode White Paper. This paper looks at how to optimize STANAG 4406
messaging for point to point HF networks and how to provide Internet
Messaging over multi-node and point to point HF networks.
-- August 26th, 2008 --
Isode
Security Policy, Security Label and Security Clearance Infrastructure
This paper describes the Security Policy, Security Label and Security
Clearance infrastructure developed by Isode for use in its products.
The first product to use these capabilities is M-Vault, as described
in the Isode white paper Using
Security Labels for Directory Access Control and Replication Control.
Isode has developed this functionality as an independent module and
plans to use this infrastructure in other products.
-- June 10th, 2008 --
Measuring
MMHS Performance over HF Radio and Satellite: STANAG 4406 Annex E Encoding
and Compression
This white paper is the first of a set of papers reporting on measurements
made of MMHS (Military Message Handling Systems) operating over HF Radio
and Satellite. This paper looks at the encoding and compression of STANAG
4406 Annex E messages, which is common to both HF Radio and Satellite
transmission.
Measuring MMHS
Performance over Satellite
This white paper is the second of a set of papers reporting on measurements
made of MMHS (Military Message Handling Systems) operating over HF Radio
and Satellite. This paper looks at operation over Satellite networks,
and compares the performance of STANAG 4406 Annex E which is designed
for constrained bandwidth networks with STANAG 4406 Annex A, which is
intended for high speed networks.
-- May 7th, 2008 --
Measuring
the False Negative Rate for Isode's M-Switch Anti-Spam
A key feature of any anti-spam solution is how effective it is at removing
spam. A perfect anti-spam system would have a zero false positive rate
and a zero false negative rate. In practice, this is not usually achieved,
and systems will invariably trade off the two measurements. This paper
describes how false negatives can be measured and looks at false negative
rates for Isode's M-Switch Anti-Spam.
-- April 17th, 2008 --
Using
Security Labels for Directory Access Control and Replication Control
This paper looks at how Security Labels can be used to provide security
and management benefits to directory services. It shows how Security
Labels can be used to control access to data based on the Security Clearance
of the user accessing the directory, and how Security Labels can be
used to control access to directory services and selective directory
replication.
-- April 9th, 2008 --
HF
Radio & Network Centric Warfare
Modern military communications are a key component of Network Centric
Warfare. HF Radios are used extensively for military communications,
and, although very slow, provide effective long distance communication
in a wide range of situations. This paper looks at how HF Radio fits
with Network Centric Warfare, and looks at approaches for integrating
HF Radios to maximize their effectiveness.
-- April 2nd, 2008 --
Instant
Messaging & Presence for Secure Environment
Instant Messaging (IM) and Presence applications are used widely. This
paper considers their application in secure environments, such as Government
and Military, where security is of paramount concern.
-- March 18th, 2008 --
Managing
and Securely Determining Security Clearance
Access controls based on Security Labels are made by matching the Security
Label against the Security Clearance of the user or location for which
the access control check is being made. This paper looks at how to ensure
that the correct Security Clearance is used, and the role of directory
in achieving this.
-- March 8th, 2008 --
New
Whitepaper: Directory
Deployment Planning Checklist
This document has been written to help those planning a directory deployment,
and in particular Isode partners working on directory deployments for
their customers and prospects. As the specifics of the approach taken
will depend on the deployment requirements this paper does not attempt
to be prescriptive, there are no "right answers". Instead,
a series of questions that (may) need to be asked are listed. Notes
on those questions help define the answers and explain the implications
of choices made. References to other material are provided where appropriate.
-- February 14th, 2008 --
New
Whitepaper: Military Messaging over HF Radio and Satellite using STANAG
4406 Annex E
Military Messages often need to be transferred over low bandwidth networks,
in particular HF Radio and Satellite Networks. The two military specifications
for this type of messaging environment are NATO's STANAG 4406 Annex
E and ACP 142 developed by the CCEB (Combined Communications-Electronics
Board - AU, CA, NZ, US, UK). This paper describes scenarios that require
these special technologies, and then gives an overview of the technologies
and how they address the technical problems.
New
Whitepaper: The Architecture of Isode's STANAG 4406 Annex E Solution
Military Messages often need to be transferred over low bandwidth networks,
in particular HF Radio and Satellite Networks. Isode provides ACP 142
and STANAG 4406 Annex E as a part of its M-Switch X.400 product. This
paper describes Isode's approach to implementing these protocols, and
how this addresses basic and advanced operational problems, management
approaches and integration with other components as part of a larger
solution.
New
Whitepaper: STANAG 5066: The Standard for Data Applications over HF
Radio
STANAG 5066 is a NATO specification for running data applications over
HF Radio. STANAG 5066 operates over an HF modem, and provides an interface
for data applications to use and share an HF modem. STANAG 5066 provides
core services to enable applications to operate efficiently over HF
radio, and specifies a protocol that enables a clean separation between
applications and modem/radio level. This paper describes STANAG 5066,
and shows why it is key to deploying applications over HF Radio.
New
Whitepaper: Why IP over HF Radio should be Avoided
HF Radios are important for military communications. IP is widely used
and is the basis for most network communication. This paper looks at
use of IP over HF Radio and the efficiency of different types of application
over IP and concludes that applications intended for regular use over
HF Radio should not use IP and should instead be directly integrated
with STANAG 5066.
New
Whitepaper: Military Messaging over HF Radio: A comparison of ACP 127
and STANAG 4406 Annex E
ACP 127 is the older NATO standard for formal military messaging that
is being replaced by STANAG 4406. Both standards are used over HF Radio,
and for STANAG 4406, this is specified in Annex E. This paper looks
at how both standards work, and shows the benefits of the newer technologies.
-- February 6th, 2008 --
New
Whitepaper: An Introduction to AMHS Security
as flight plan distribution, and is replacing the older AFTN service.
This paper describes the security features of AMHS, the benefits they
provide, and how these services can be deployed.
-- January 31st, 2008 --
New
Whitepaper: Access Control using Security Labels & Security Clearance
Security Labels provide an important mechanism for controlling access
to information in many high security environments, and are also useful
in environments with lower security requirements. This paper provides
a reasonably detailed description of how security labels and clearances
work, while attempting to avoid the high level of technical complexity
seen in many papers in this area.
