Akonix L7 Enterprise: Enterprise-level IM Gateway server with a family of products to secure, monitor, and manage IM traffic.
Akonix was one of the first companies to tackle instant messaging management. The enterprise-level IM gateway server supports a family of products to secure, monitor, and manage IM traffic. With this space heating up, will Akonix’ experience be advantageous?
Short of blocking all instant messaging (IM), what’s a company to do about employees using this fast growing — but insecure — method of Internet communication? Use Akonix Systems L7 Enterprise, for one. It’s an IM gateway management server that provides security and control and has the potential to turn a potential problem into an advantage. Akonix L7 and its companion products provide all of the necessary pieces that comprise a reasonably well-integrated system. Its strength lies in detailed and flexible control over the use of IM. Couple this with its ability to route messages internally through an intranet, and enterprises can not only control but also benefit from IM as a form of corporate communication.
Like most IM gateway products, Akonix supports all of the major public IM services (AOL — both AIM and ICQ, MSN Messenger, and Yahoo! Messenger) as well as the major private IM systems (Microsoft Live Communication Server, IBM/Lotus SameTime, Reuters Messaging, and Jabber). For security reasons, Akonix has opted not to support some of the extensions of public IM, such as whiteboarding, shift to telephone, video, and application sharing. Other IM gateway products do support these features, however.
In the Akonix offering, the core program is L7 Enterprise (touting a patented IMX technology), which monitors, secures, and manages IM conversations. Supporting modules include: Akonix Enforcer, which monitors and manages IM and Peer-to-Peer traffic across a broad range of ports and services, and Compliance Manager, which runs on a Microsoft IIS Web server and provides reviewers and auditors with Web-based access to the L7 Data Warehouse. L7 isn’t an IM network traffic cop, which is why Akonix Enforcer is required. The Compliance Manager is most useful for installations where compliance with HIPAA, SEC, and other regulations is an immediate issue.
Piece-by-Piece Installation
Akonix L7 Enterprise itself has many components: L7 Gateway Server, Authentication Server, Enterprise Manager, L7 Service Recovery Module, L7 HTTP Tunneling and Relay modules, L7 Data Warehouse, and L7 Enterprise Reporter. These modules provide multiple configuration options, placing, for example, modules on separate server machines to improve performance.
L7 supports native server clustering. To reap the maximum benefits, an enterprise must take the time to plan the installation and set up. The Akonix documentation does a good job of explaining possible configurations and requirements. We tested two of the more complex installations and were thankful for the Initialization Wizard, connection testing support, and (especially) the tracing facility that logs technical details about the communication between the L7 server and other participating computers. Although these installations require considerable network savvy, Akonix is ahead of the pack in its support.
Akonix offers three ways to set up L7: as a proxy server, where each client IM application must directly address the server; using a DNS server to route IM traffic to L7; and via a relationship with Check Point FireWall 1 or Microsoft Internet Security and Acceleration (ISA) server. In addition to these basic approaches, L7 provides for working through a firewall with two (optional) modules — HTTP Tunneling for inside the firewall and HTTP Relay on the outside. There are pros and cons to each approach, and Akonix outlines these.
One feature worthy of highlighting is L7’s patent-pending Message Reflection technology. With this, Akonix can route messages internally without crossing the firewall to the public services. When properly configured, Message Reflection provides fast, secure, and useful intranet IM service for corporate communications.
The logging of IM conversations with the L7 Data Warehouse module requires a database connection (this is also required for the Compliance Manager and Akonix Enterprise Reporter modules). Akonix supports Microsoft SQL Server (2000 or 7) and Microsoft Database Engine (MSDE), which is provided with L7 as an evaluation or “database lite” option.