• The Secure Messaging Gateway (SMG) acts as a "Messaging Firewall"
• Provides additional controls and security for delivery of messages within a private network and to other networks
• Uses "Closed User Group" techniques for message delivery authorisation
• Uses "Route Authentication" to ensure validity of traffic originating from remote MTAs
• Prevents rogue or hostile remote MTAs over-loading the SMG communications
• Alarms system provides an immediate indication of notable or critical events, including Security violations
• Alarms may be monitored remotely by the Route400 Central Management Station
• Accounting and Archiving provides a record of all message traffic for billing and audit purposes
• The optional Document Converter allows built-in implementation of security, confidentiality and virus checks

Based on "Closed User Group" techniques, internal security is maintained whilst enabling communication with the outside world. Messages are vetted by the SMG to check their authorisation before they are sent on to their destinations. Only authorised messages are allowed through the gateway, any unauthorised messages being rejected. A complete audit trail is provided together with an alarm function which gives the system administrator immediate warning of an attempted security violation. It is also possible to inspect the contents of all messages passing through, for example to reject messages containing viruses. Using these various methods, the SMG acts as a messaging firewall.

All of the security features which are a part of the SMG are enabled automatically during installation. They are available as separate optional items, but are more useful if combined as a total package. The SMG is available on Windows 3.1, 95 and NT, OS/2 Warp and all Route400 supported UNIX platforms.

Access Control/Security

• Closed User Groups (CUGs) are defined to control which users within and outside the network may exchange messages through the SMG
• A CUG consists of one group of originators plus one or more groups of recipients. A message is authorised if both the originator and recipient belong to the same CUG
• CUGs are configured through the standard, user friendly, Configuration Manager interface
• The SMG will generate non-Delivery Reports (if requested) for unauthorised originator/recipient pairs
• Route Authentication provides a further check to ensure that the originator address of a message received from a remote MTA is compatible with the configured address details for that MTA, validating the authenticity of the message
• The Route Authentication feature prevents a remote MTA masquerading as an authentic message source
• The Closed User Group feature prevents unauthorised messages entering or leaving the secure network

• Prevents a rogue or hostile remote MTA from "flooding" the communications capacity of the SMG
• Provides a maximum number of simultaneous incoming associations allowed for a remote MTA to be configured on a global or individual MTA basis
• Additional incoming association attempts are rejected (on a temporary basis) allowing the MTA capacity to be shared evenly between all incoming requesters

• Provides an immediate indication of a range of notable or critical MHS events particularly with regard to security in the SMG
• Complements CUGs and Route Authentication for which specific alarms are raised
• Alarms raised for other Security violations e.g. MTA validation, and User authorisation errors
• Alarms raised for Resource problems e.g. lack of disc space, loss of file system, internal resources etc
• Alarms raised for Interworking/OSI problems e.g. communications failures or protocol errors
• Alarms raised for Configuration problems e.g. unrecognised MTA names or passwords
• Alarms raised from application programs outside the MTA can also be integrated within the SMG alarm system
• Each alarm has a unique reference number (i.e. 001-255)
• Up to 255 alarms may be outstanding at any one time
• Outstanding alarms are remembered between SMG restarts
• Outstanding alarms can be cleared by the administrator
• Alarm information may be accessed remotely by the Central Management Station

• Provides detailed trace of all messages passing through the SMG
• Can be used as part of a security audit system, as well as for billing and performance evaluation
• Accounting record generation is administrator configurable
• Directory which will be used for accounting may be specified
• Maximum size for each accounting log file may be specified
• The number of days that the logs will be preserved for inspection or archiving before auto-deletion may be specified
• The format of Collection, Delivery, Non Delivery, Header, Association, Bind, Unbind and MS Operation records may be specified using freeform text
• The frequency with which new account log files are created from daily to hourly may be specified
• Accounting information markers may be specified within the configuration of accounting records to request the required information, e.g. Message ID, Time, O/R Address
• Example billing program is provided that scans files produced over a specified number of days and produces billing/costing reports
• Calculates the total number and "cost" of message bytes transferred for each originator
• The example billing program source code is provided for administrator modification

• Provides selective archive of all messages passing through the SMG
• Message archive is administrator configurable
• All messages entering the system or those originating at or destined for specific MailBoxes may be archived into a file
• Archive of whole messages or just message envelopes may be configured
• If archiving file space is exhausted a critical alarm is generated
• Special accounting markers are provided to track and locate archived messages from the accounting records
• The archive directory and archive file size is configurable

• The optional Route400 Document Converter may be used to inspect the content of selected or all messages
• Private encryption/decryption programs may be applied to message contents
• Security/confidentiality scans (of message content) can be performed
• Virus checks can be imposed
• Where it is necessary to run a Windows program to perform the content check (and the selected SMG platform is not Windows-based), the optional Route400 Document Conversion Accelerator may be used

• Versions successfully conformance tested to OSTC, UK GOSIP and US GOSIP
• Interoperability tested to all major X.400 suppliers within EuroSInet, including Bull, Digital, HP, IBM, ICL and Unisys
• In service operation connected to public ADMD services such as AT&T, BT Gold 400, France Telecom Atlas 400, IBM Mail Exchange, Mercury and Sprint International
• Accounting conforms to IAOG requirements

• Windows 3.1 and later, Windows 95 and Windows NT
• OS/2 Warp
• UNIX
  • Digital Alpha OSF/1
  • DG Aviion
  • HP-UX v9 and v10
  • IBM AIX v3 and v4
  • ICL NX SPARC and x86
  • SCO v4 and v5
  • Sun Solaris SPARC and x86
  • Stratus XA/R and Continuum
  • Tandem S4000-Puma + FT
  • Unisys UX
  • Unixware v1 and v2