Home
Affiliations
Resources
Contact
Products A-Z
Products by Category
How to buy
On-LineStore.htm
Texas CISV Catalog

C2C Systems Inc

C2C is a leading provider of E-mail Lifecycle Management solutions for Exchange: e-mail archiving, capacity and data management; content management, security, compression and auto-zipping software.

Product Overview

Features and Benefits

Technical Overview

View Product Datasheet

View an ePolicy whitepaper

View a white paper  Reducing the Risk from E-mail within Microsoft Exchange / Outlook

 

         

Exchange Security Risk Auditor (ESRA)

 

Product Overview

Mailbox and folder security. Who is reading your email?

This theme has been ignored by many organizations up until now, who have concentrated on securing their external boundaries.

However, there are now real business imperatives driving companies to ensure that their confidential internal data cannot be compromised.

With the majority of company executives relying on Outlook as their main data store, security of access has to be an issue. The thought that e-mail access could be compromised is probably far from the minds of most company officers but these people are the most likely targets of mailbox hackers.

Finance and Human Resources executives are most likely to be targeted. In your company a hacker can be anybody who

  • feels they've been mistreated
  • seeks insider trading information
  • wants the inside story on their colleagues to benefit their career path
  • is merely curious.

The consequences of their actions can be devastating.

C2C has heard of employees finding they have access to a department's public folders, and changing permissions or even deleting whole trees of content, impacting months or even years of work.

So how real is the threat to mailbox or public folder permissions?

In reality, and particularly in medium to large organizations it's not uncommon to find errors in permissions granted at set-up or more likely during routine administration. Also, system and department configurations tend to change over time, so users may be inadvertently granted access when these alter, or users may carry historical permissions with them into different departments.

Product Features and Benefits

Why Choose ESRA?

Exchange Security Risk Auditor (ESRA) provides you with an easy-to-use application for finding, auditing and changing folder and mailbox permissions.

The objective of ESRA is to enhance the security of your Exchange System, by giving your Administrator the ability to review and change permissions quickly and accurately.

How to find a needle in a haystack?

How is an Exchange administrative team able to both guarantee and demonstrate that all permissions are appropriate to the security policy? There are generally a huge number of permissions and the small number of anticipated exceptions make the task impossible manually.

ESRA enables an automated audit of all permissions associated with an Exchange mailbox or public folder, and performs relevant changes.

Regain Control

ESRA should be used both for

  • Routine systems maintenance e.g. when a user leaves the organization, all their permissions are changed
  • Regular security audits

Features of ESRA

  • List permissions associated to a user
  • Find deleted and anonymous users
  • Mass updates
  • Ability to deselect actions from mass update process
  • Ability to search by User
  • Ability to search by Permission
  • Ability to search by Location
  • Ability to search by users, distribution lists or folders across multiple servers
  • Search all or parts of the Information Store
  • Change permissions only on types of folders (e.g. calendars)
  • Export output for further analysis
  • Simple and intuitive interface
  • Identify and remove ‘Zombies’
  • Prepare for migration.

     

Who will benefit:

  • Exchange Administrators
  • Group IT Security

Technical Overview

ESRA Technical Overview

Exchange Security Risk Auditor (ESRA) allows the monitoring and controlling of permissions in an Exchange system. In most Exchange systems there can be at least tens of thousands of permissions. It is virtually impossible to ensure that all permissions are correct, giving you the appropriate security you require.

Three permissions areas are checked by ESRA:

  • Mailbox Access Permissions - Checks which Exchange users have access to which mailboxes. Incorrectly set mailbox Access Permissions can lead to users being able to read mail of other users. 
  • Send On Behalf Of Permissions - Shows which user can send mail on behalf of another – send on behalf of (SOBO) rights are dangerous, as messages appearing to come from one user can have huge consequences for corporations. 
  • NT rights associated with mailboxes - Illustrates which users have NT rights allowing them to enter the mailbox of another user and assume that Exchange user's identity and security rights

Security Auditing


ESRA makes it easy to find all objects over which a user has rights across the whole Exchange system

The information store can be searched for specific permissions or roles, or for all the roles that are assigned to specific users or groups of users. This makes ESRA the ideal tool for an Exchange security audit. Who does have access to the board of directors' e-mail accounts? Are the secure public folders as secure as we need them to be? The application has been designed to be operated by professionals concerned with the security of corporate e-mail.

Permission Maintenance

Not only is ESRA an ideal tool for the security audit, it is also an invaluable tool for day to day permissions maintenance. For example, cleaning up the rights and permissions of deleted users is no longer a problem. With ESRA, the deleted user can be described and located anywhere in the Exchange public or private information stores.

Other tasks such as reassigning rights is easy as you do not need to know where the original user had rights, only that the new users will have the same ones.

Once a permission is located it can be changed in a simple fashion.

If you have chosen to alter permissions in any way then ESRA will highlight the changes before any update is performed, meaning that you are always in control of permissions updates. You will also be able to export the results of a permissions search directly to Excel.

Deployment and support

ESRA is a standalone application (not requiring a service) that is controlled using a standard MMC Snap-in. It is run on NT, 2000 and XP operating systems and supports both Exchange 5.5, 2000 and 2003.

C2C Systems suggests that the application be installed on a desktop machine as opposed to being installed on the same machine as the Exchange Server.

It uses Windows messaging (minimum Outlook 98 required on ESRA machine) to access the Exchange server and sufficient permissions will be needed by the user both installing and operating ESRA. The specific permissions that are needed are outlined in the ESRA manual.

Download 30 Day Free Evaluation Copy

Before downloading the software, please fill in the small form below.

For the form to be accepted you must complete the fields which are indicated in bold type.

 Note: This software is designed for corporate business and is not appropriate for individual use

Reason for downloading    
Name  
Job Title/Responsibility  
Other (please specify):
Company Name  
Email Address  
Address  
City  
Post / Zip Code  
County / State  
Country  
Telephone Number (including country code)  
No. of mail servers  
No. of mail boxes  
How did you hear about us?  
Other (please specify):
    

 

  Copyright 2003 Messaging Solutions LLC Last updated: 01/26/2008 04:32:38 PM -0700  |  Contact Info | Privacy Policy