IM Manager, a Logical Choice for Enterprise IM
IMlogic IM Manager: Enterprise-level IM monitoring and control system that supports public, private, and hosted IM services by capturing all IM conversations and offering the tools to review them
Almost every enterprise has instant messaging (IM) users, and probably lots of them. Whether this presents a security problem or a competitive opportunity depends on an organization's ability to manage IM traffic. To that end, IMlogic's IM Manager provides a well-organized set of server-based tools to control, record, and review IM conversations. Its thrust is toward heavy-duty enterprise use of IM, but the product is scalable (as is its price) for midsize businesses.
Although various modules comprise IM Manager, it is marketed not as suite of products but as a complete package with all the key elements of IM control and review. The collection of modules include: Relay Service (a routing component), Content Logging Service, Database (support for Microsoft SQL Server), Message and Recovery Queues, and Content Query Web Interface (for administration and review).
Because an IM control server sits between clients (users with usually pre-existing IM software) and public or private services, support for specific clients and services is very important. This is one of IM Manager's strong points. It supports three types of clients and services: public (e.g., AOL Instant Messenger, MSN Messenger, and Yahoo! Messenger), private (e.g., IBM Sametime, Microsoft Live Communications Server, and Microsoft Exchange 2000 IM), and hosted (e.g., Reuters Messaging). IMlogic calls its support "certified platform." The meaning of certified may be elastic, but it does reflect a policy of keeping up with the version changes -- including the ability to detect outdated IM clients.
Installation for Scale
As should be expected from any monitor and control type of server, the installation and configuration of IM Manager involves many connections and fairly complex network administration. This is especially true for heavy-load installations where multiple servers are required. Proof of IMlogic's commitment to enterprise-level installations can be found in an excellent section of the documentation called "Sizing and Scaling," which contains very useful information (including performance figures) about throughput for various segments of the IM Manager configuration. Anyone evaluating or planning an installation should check this resource out.
We found the actual installation of the software to be straightforward, and it took place without a hitch. IM Manager operates in a strongly Microsoft environment: It requires Windows 2000 or 2003 Server, SQL Server 2000, Microsoft Core Services XML 4.0, and Microsoft Message Queue, and it supports only Microsoft SQL Server as a database manager. IM Manager supplements the usual message caching with its own cache (ranging from a default of 256 MB to one half of the system memory) to provide a kind of failover protection, should the connection to the archiving database be lost.
Products in this category tend to emphasize one of two configuration approaches: as a proxy server, where clients address the IM management server directly, or as a DNS router that monitors IM ports and reroutes traffic for management processing. The proxy server approach is arguably more secure, but it requires all users' client programs be configured individually (which from a maintenance perspective is time consuming). IM Manager primarily supports the DNS approach, but it can also do the proxy approach.
This is consistent with IMlogic's assertion of being designed for large-scale enterprise IM environments i.e., those supporting more than 50,000 users. As the number of users rises, not only is server performance (scalability) important, but the ability to administer a large number of users is important as well.
Although our testing didn't encompass tens of thousands of users, we could see that IM Manager's well-designed administrative "Web Application" has all the tools needed for that level of work. User registration (and de-registration), always a bugbear in a large-scale environment, can be handled by bulk upload from files, manual entry by an administrator, users registering themselves, and, perhaps most importantly, LDAP directory registration. LDAP support (particularly for Microsoft Active Directory) is excellent; it allows for not only the management and authentication of user lists (at the group or individual level), but also the incorporation of other LDAP directory information (e.g., in the creation of group-based rules).
The directory connection isn't seamless, however. We spent quite a bit of time synchronizing our test-bed systems, but the approach it takes is a necessary one, given it is an enterprise IM offering.
Policy management, where rules concerning user authentication, and message content, as well as other business rules, are created and managed, also takes place in the Web Application. IM Manager supports three roles: Administrator, Reviewer, and User. This isn't particularly fine-grained, but it allows for sharing of the workload monitoring IM traffic for policy violations can be a lot work. Reviewers log into the IM Manager Web Application and then select the Reviewer's Console; this provides access to select (filter), read, edit (with permission), and annotate conversations. This version of IM Manager features a group-based rules engine, another component that simplifies management by applying rules to individual or groups of users.
Also new in this version is a system monitor "dashboard" report, which isn't slick in terms of graphics: It's a grid with text and numbers (although it shows colors for changes in status) that provides useful information, such as traffic statistics. On the whole, we'd rate the review and reporting features of IM Manager as good due to their utilitarian appearance but useful nature.