David Strom: Hello and welcome to webinformant.tv. I'm your host and reviewer David Strom. Today, we take a look at Sendmail's Sentrion messaging product. It's so much more than an email server. We're looking at the main dashboard that shows you a good overview of your messaging infrastructure, top virus infections, and as we scroll down the screen we can see if all your associated services are up and running. If we click on the System Monitoring Overview menu item we can view any critical alerts in the past hour and view the status of multiple hosts as well.
While we're looking at the Reporting Section, I should mention that there are dozens of reports that are available such as various virus and spam reports and the top threat senders by host that we're looking at, here, and we can export those in various formats as well.
We can also schedule reports to automatically by going to this screen and adding a particular task and the report will be delivered to the email address that I specify. The real strength of this product is being able to set-up some very complex and sophisticated mail routing and processing policies that can provide data leak protection, sender reputation management, and compliance enforcement for your inbound and outbound messages. Sentrion integrates with Voltage's encryption solution. If we scroll down to the Corporate Governance section and choose the second Voltage policy here you'll see a series of conditions that are used to automatically encrypt outbound documents according to certain rules.
But what happens if one of your employees is using their own unauthorized encryption to hide their personal activities? We can set-up a policy that flags these messages. If we scroll down to the unauthorized encryption policy, open up the specifics, we see here that we've set things up that any decryption failure will quarantine the message, log it and send notification to the System Admin for follow-up.
You'll notice that there's programmable logic here with if-then-else and Boolean operators included that enable all sorts of customization. Each condition is evaluated in the order displayed.
What if we have a small collection of corporate trade secret documents that we want to tightly control? We can use the Protective Documents feature to restrict their transit of the messaging system. We go to Protected Content and manage the trade secrets documents and then click on add a new document where we can either upload it to Sentrion to manage or cut and paste a selection that we are particularly worried about here.
We can also scan outbound messages to see if any confidential information is being sent. At the bottom of the Policy Screen is a list of global dictionaries that are used by these policies. Here, we're looking at the dictionary that defines the scan, looking for word such as company confidential or company restricted. We can then use this scan as part of a logic to look for messages that contain trade secretes. If we go into that policy we'll see how the protected content documents and word list are used in our message conditions.
For another example, we're looking at the attributes of Social Security numbers with this screen here, and under the Display Options choice we can allow for further customization to replace key words within the message body or create the threshold scores.
Here we're showing the attributes that are used to detect financial terms that are subject to Gramm-Leach-Bliley Act. You'll see this is a rather long list as we scroll down. Let's take these two lists together and see how Sentrion makes detecting privacy leaks easier. The news is filled with the inadvertent disclosure of personal information such as credit card numbers or customer birth dates.
Here we're looking at a policy to prevent these actions and you can see that contains a verity of conditions to examine the message body for Social Security and GLBA terms using the earlier algorithms. When the policy finds an allowable message with private data it is automatically encrypted with a special disclaimer footage added.
If the recipient isn't authorized the message is bounced back to the sender. The policies, as you can see here, can get very sophisticated and this is both good and bad news. You'll need some training and assistance to set-up things properly. To ensure that the polices are working the way you intended, Sentrion has a policy test feature that allows you to process messages and report back on what happens.
If we go to the test results queue page, you can click on one of the previous tests that we've done here. I also like the button at the top right of the screen that shows you if you've made changes to your configuration, but haven't yet saved them to take effect. You can even send events to various third party incident response tools using a common programming interface. Here we're looking at Archer Technologies Compliance Incidents Response interface.
Finally, I like the change control version numbers that show you exactly the revisions history as you update the configuration on your box or rollback changes without effecting mail processing. If you go to the Policy Revision screen you see that history and there are other places in the controls that have similar displays.
Sentrion isn't your father's Sendmail server. There are lots of features under the hood for careful message management that can be used by small and large enterprises and offer a wider array of tools and controls.
Thanks for watching webinformant.tv. You can go our website to other screencast reviews and feel free to send me email comments at david@strom.com.
Transcription by:
Scribe4you Transcription Services