INTERNAL X400 MAIL MONITORING

I have a legal and authorised requirment to monitor internal company
emails using x400 on seperate sites.

Is anyone aware of any products that will sniff traffic off the wire
and store all emails?
I say sniff off the wire because the mere thought of installing
software onto the exchange servers bring the security guys into a
sweat.

I have located a large number of software packages but they restrict
themslves to POP and SMTP. I have some guys trying to write an in
house solution but the decode and GUI efforts are being problamatic.

Thanx in advance

Re: INTERNAL X400 MAIL MONITORING

bazjenner@hotmail.com wrote:

> I have a legal and authorised requirment to monitor internal company
> emails using x400 on seperate sites.
>
> Is anyone aware of any products that will sniff traffic off the wire
> and store all emails?
> I say sniff off the wire because the mere thought of installing
> software onto the exchange servers bring the security guys into a
> sweat.
>
> I have located a large number of software packages but they restrict
> themslves to POP and SMTP. I have some guys trying to write an in
> house solution but the decode and GUI efforts are being problamatic.
>
> Thanx in advance
>

http://www.microsoft.com/exchange/partners/archivingandcompl iance.asp

you are not clear what you are trying to monitor. Are you trying to
monitor the functionality/health of the server or the messages that are
going through it?

AK

Re: INTERNAL X400 MAIL MONITORING

Apologies for the confusion.

I am trying to collect all email traffic for later anaylsis of the
content (looking for breaches of company security) on a number of
different networks without having to modify the exchange server (add
software) in any way but use a switches' span port or in line tap as a
point of entry.

A product very much like any@mail but for x400.

Re: INTERNAL X400 MAIL MONITORING

BazJ wrote:

> Apologies for the confusion.
>
> I am trying to collect all email traffic for later anaylsis of the
> content (looking for breaches of company security) on a number of
> different networks without having to modify the exchange server (add
> software) in any way but use a switches' span port or in line tap as a
> point of entry.
>
> A product very much like any@mail but for x400.
>
What's to stop your users from using one of the free mail services that
don't flow through your exchange servers to send out sensitive
information? FTP uploads using encrypted files? Floppies? CDs? USB drives?

Just a thought.

--
NetworkElf: Super Genius, Computer Guy, Harley Owner!
Blindly serving the covert purposes of the criminal-minded maniac behind
Spews since 2003. Certified since 2005. 99.9% annoyance free.

Re: INTERNAL X400 MAIL MONITORING

Nothing!! There are numerous methods that may be employed to remove
data from the company.

But I wish to see what is being transmitted at any given time and to
whom to ensure that the comapnies "sensitive" information is not being
passed, inadvertantly or otherwise, to non priveralged personnel.

I am fully aware that there are "many ways to skin this cat" but I am
soley interested in this particular aspect; that is pulling the traffic
from the wire and monitoring messages going to and from the server.