Professional Documents
Culture Documents
1. Partner Information
Partner Name CertifiedMail.com Inc.
Web Site www.CertifiedMail.com
Product Name CertifiedMail Secure E-mail Server
Version & Platform 2.0 (Intel)
Product Description E-mail travels over the Internet in plain text, and has the same security as
a postcard. It also lacks accountability, since return receipts are
unreliable. For sending important information such as legal documents
and business plans, e-mail is insufficient. Health industry regulations
(HIPAA) even impose fines and jail time for sending patient information by
standard e-mail.
For one-click security from your e-mail client, a “Send Certified” button is
provided for Microsoft Outlook and Lotus Notes. Integration with
enterprise applications via XML provides automated sending of secure
messages and statements. Confirmation that a message was opened,
and the ability to retract messages (“Oops button”) is also provided. The
CertifiedMail Server integrates with RSA SecurID and your Ace/Server to
provide strong authentication of all or selected users.
Product Category E-mail & Office Automation
CertifiedMail RSA SecurID Ready Implementation Guide Page 2 of 10
Internet
CertifiedMail via browser.
Optional SecurID login.
(2-way secure communication
via 128-bit SSL)
Network Switch
DMZ Firewall
Implement
SD
SD
PROLIA NT
8000
P ROLIA NT
8000
E SC
ESC
two-factor
authentication with:
SD
SD
DLT
D LT
Send CertifiedTM
Browser access to CertifiedMail
button with SecurID Login
SD
P ROLIA NT
8000
SD
SD
statements to thousands or
millions of customers
CertifiedMail XML Engine
and Database
For more information, visit us at http://CertifiedMail.com
2. Contact Information
Pre-Sales Post-Sales
Name Sales Department Support Department
E-mail sales@CertifiedMail.com support@CertifiedMail.com
Phone 800-672-7233 800-672-7233
Web www.CertifiedMail.com www.CertifiedMail.com
3. Solution Summary
Feature Details
4. Product Requirements
The CertifiedMail Server is preconfigured and ready to install into your DataCenter or
co-location facility. It contains the following software and hardware components:
Software
Operating Windows NT Advanced Server, Windows 2000 Advanced Server or Windows
System 2000 Datacenter Server
Database MS-SQL 7, MS-SQL 2000 or Oracle (Unix, Linux, Windows NT, Windows 2000)
Web IIS 4.0 or IIS 5.0
SMTP MS-SMTP or uses your existing SMTP server
Hardened OS, SSL transport encryption, WTLS wireless encryption, encrypted
Security
database
Hardware
2 to 32 Intel Pentium III+ CPUs per server. 1Gb+ RAM. (If Oracle database is
Server
used, an appropriate Linux, Solaris or Unix hardware platform required.)
Clients can access the CertifiedMail Server with any Internet browser including cell
phones with WAP browsers. Please note however that SecurID authentication is only
supported on standard HTML-based browsers (Netscape Navigator and Microsoft
Internet Explorer, e.g.)
Before attempting to configure CertifiedMail for SecurID authentication, make sure the
following constraints have been satisfied:
•= The CertifiedMail Server, and the web administration console, are properly
installed and configured.
•= Users can successfully perform a standard CertifiedMail login and access their
messages. Consult the CertifiedMail Administrator’s Guide for information on
how to do this.
•= You have made the machine running CertifiedMail a “Net OS” client of the
ACE/Server and copied the sdconf.rec file to the %SystemRoot%\system32\
directory.
Install the RSA ACE Agent on the Windows NT/2000 Server that is running Microsoft
Internet Information Server. This is the same computer running the CertifiedMail web
server.
Once IIS is running and the RSA ACE/Agent is installed, use the Microsoft Management
Console to protect the SecurID.asp page for CertifiedMail. Once you have “locked
down” the login page, users will then be SecurID-challenged when attempting to access
these resources. For more information on how to SecurID protect virtual servers and
directories, consult the RSA ACE/Agent v 4.4 for Windows NT Administrator’s Guide
For maximum flexibility, SecurID login can be selected for one or more CertifiedMail
users. Login options available to users include SecurID, UserName and Password, or
other authentication devices that may be installed (e.g. biometric). To enable SecurID,
login to the CertifiedMail Server from your web browser as the CertifiedMail
Administrator. Then, from the Member Center, select the Admin Console. Select a user
from the list and edit their properties. To enforce SecurID access for this user, make
sure that the user’s Login Name matches the “Default login” of their ACE/Server
account. Then select “Require SecurID to login” (figure 1):
CertifiedMail RSA SecurID Ready Implementation Guide Page 5 of 10
When the user performs a CertifiedMail login by entering their User Name and SecurID
Passcode, the CertifiedMail Server will redirect their browser to the SecurID.asp page.
If their login credentials are correct, they will be transparently logged into their
CertifiedMail account. If their login is not correct, or there are any special cases such as
New Pin Mode, then the appropriate SecurID HTML pages will be displayed to the user.
CertifiedMail RSA SecurID Ready Implementation Guide Page 6 of 10
When users attempt to logon to CertifiedMail, they will be presented with the following
SecurID login screen:
Upon successful login, the user is granted access to their secure e-mail account:
6. Certification Checklist
Indicate here the tests that were run to ensure the product is SecurID Ready:
Slave ACE/Server P
No ACE/Server P
7. Known Problems
None