>
SecureView - Attachment Viewing Support for Outlook Web Access
Everywhere Networks
Everywhere Networks has focused
on providing manageable solutions for making business networks
accessible for diverse groups of users, from anywhere, securely and
affordably in order to make businesses more productive. Their
success in the marketplace has validated their vision and they
continue fully committed today.
What good is Outlook Web Access without attachment support? Many
organizations are faced with just that but what is their alternative. Leaving
attachment support turned on opens the organization to serious risk that
important documents are being left behind in public kiosks and non-trusted
systems? Ouch! What a dilemma.
Typical Problem Scenario
When using Outlook Web Access and users open attachments a download of the
attachment actually takes place to the remote workstation. The operating system
then calls the associated editor and displays the document on that workstation.
Even if the user realizes this and deletes it after use the document is still
easily retrievable from the systems trash folder and from the browsers cache.
More often these documents are simply left behind in a temp directory forever.
Sensitive documents fall into the wrong hands
Attachment support is required for productivity
Email today is less about sending messages and more about sending files and
documents as attachments. Deploying OWA with attachment support turned off is
really limiting one of the main benefits Outlook Web Access. When users are away
from the office access to attachments is more important then ever.
SecureView for OWA Enterprise 3.0 closes
Outlook Web Access vulnerabilities. Users can View & access OWA attachments
securely, never leaving any trace of the documents behind on non trusted
systems.
View Never Cached -
Documents never get cached on remote non trusted systems so there is nothing
to clean up afterwards. Some technology are based on Java and Active X cache
cleaners while great in theory they fail to work on many public systems
leaving the user with out email.
View-only Admin Controls Settings -
View-Only security controls, shut attachment downloads off on
non-trusted or non-asset systems. SecureView can check for asset tags and
electronic keys on remote systems to determine if trusted or not.
Additionally trusted I address zones can to set up
Easy Integration and Setup -
Integrates to Exchange front-end server for easy deployment to any
size enterprise. Weather you have 1 or 100 Exchange Front-end servers
SecureView Enterprise can easily integrate into any complex environment. The
simplicity of SecureView’s architecture is that its does not interface
directly with the backend Exchange systems. Even if there are multiple
Front-end servers only one SecureView Server is needed. More can be deployed
for performance.
Proven Product - Deployed
and proven in the largest global enterprise customers, please contact us for
reference.
Super Fast Viewing with SmartCache
Technology - Ultra Fast Viewing of over 375 document types.
Users will load attachment views faster then any other technology due to our
SmartCache view engine. The list of supported document types is impressive
and includes all common MS, Corel, database, development and graphics
formats.
Works securely on all browser types -
SecureView for OWA maintains all original file formatting
and graphics when using standard view. Or view using Text-only which is
maintains basic formatting and is perfect for slower web connections. It
also supports all browser types including Explorer, FireFox, etc. There is
no need for ActiveX or Java client.
Viewing is better - Add
user Productivity. SecureView for OWA is a great for user productivity and
offers much more then security. Many times a view is faster then downloading
a document and evoking the appropriate editor if available.
Works with Other Security Technology
SSL VPN integration, including MS ISA 2004. Many customers and SSL VPN
manufactures have worked with to interoperate behind their VPN technology.
Supports all Versions of Outlook Web Access
Full for supports OWA 5.5, 2000 and 2003, and combinations in same
enterprise. Many of customers have legacy Exchange systems deployed and need
to support a mix of systems on mixed legacy server OS platforms.
Right-click user Menus -
Users can right-click on mouse to select type of conversion Rich text, text
or graphics.
Support for Multi-language -
Documents in all OWA languages are supported and convertible.
Server-side Conversion and transformation
- 100% client-less no ActiveX or Java applets are used are
required with the browser, as attachment file transformation is performed at
the SecureView server.
Fully Searchable HTML View -
Users may search text within any SecureView file View.
Automatic Table of Contents Created -
A table of contents is automatically created and hyperlinked
so users can quickly navigate through the document.
Viewing performance enhancer (option) -
Attachments sent to multiple users from the same sender will
be converted once to improve the performance of viewing of these attachments
to all the users who view them.
IP Based Access Control -
Access to attachments can be restricted based on the clients IP address.
Fail-safe & multiple redundancy back-ends
- Multiple SecureView back-end servers can be shared from
different front-ends and thus operation will not be interrupted should one
or several of these back-end servers be down or taken off line for
maintenance.
SecureView for OWA 3.0 will integrate in to the existing Enterprise. The
following diagram illustrates one possible scenario.
Figure 1. Network Topology
The existing network architecture remains in-tact, with the addition of a
Transform Engine preferably running on a separate server.
SecureView for OWA v3.0 software is installed on each Exchange Front-End
where the viewing technology will be made available to the end users. No
additional modifications are required.
2. Process Overview
Document conversion through the end-users OWA takes place by the processes
outline below in figure 2.0. The conversion process does not begin until after a
user has logged in to OWA and clicked on a “Secure View” link next to an email
attachment.
Step 1
Exchange Front-End requests a copy of the attachment from the users
mailbox located on the Exchange Back-End.
Step 2
Exchange Back-End makes the attachment available to the Front-End.
Step 3
Exchange Front-End sends the file or file reference to the
Transformation Server.
Step 4
The Transformation Server converts the document in to HTML and makes it
available to the Exchange Front-End.
Step 5
The converted document is displayed in the end users browser in manner
that prohibits client side caching of the file.
Figure 2. High-level
process overview
3. Component Overview
SecureView for OWA v3.0 consists of three components. These are:
Front-End User Interface
Conversion Request Component
Transformation Engine
The following diagram, figure 3, illustrates the respective
locations of each of these components.
Communication between the Front and Back-End Exchange servers is
performed by the Front-End User Interface. All traffic between the
Front-End and Back-End exchange servers takes place over the same
channels it did before SecureView for OWA was installed.
Communication between the Front-End Exchange Server and the
Transformation interface is executed by the Conversion Request
component.
Figure 3. Component Overview
4. Front-End to Transformation
Engine Connectivity
Communication between the OWA Front-End and the Transformation Engine is done
exclusively through the Conversion Request Component.
Figure 4. Transform Engine
connectivity
The Conversion Request Component and the Transformation Engine use the SOAP
protocol to communicate over a user-definable port number.
5. Load Balancing and
Scalability
The bulk of the processing is done by the Transformation Engine. There are a
variety of systems in place to allow load balancing and scalability.
Transformation Management
The Transformation Engine runs a manager which spawns agent processes to
execute the actual transformation. The number of agents and time
restrictions for each agent are configurable on the Transformation
Engine.
Document Caching
Recently converted documents are stored in a cache on a per user basis
so that the same document will not be converted twice if viewed multiple
times.
Multiple Transformation Engines
Where the user base is very active multiple Transformation Engines can
be used transparently by the end user. Conversion requests will be sent
seamlessly to different transformation engines to split up the load.
6. Flexible Modular Design
Conversion Request Component -
The modular nature of the components in the document conversion
process will allow transformation requests to come from various sources.
By tying in various interfaces from across the enterprise is will be
possible to use the Conversion Request Component, in various environments,
for future projects.
Transformation Engine -
Everywhere Networks can make additional interfaces available to the
Transformation Engine. Existing infrastructure can remain intact while new
services continue to be offered.
7. Requirements
The following software requirements are necessary for SecureView 3.0
Front-End • Windows 2000 Server or Windows 2003 Server
• Microsoft Exchange 2000 or 2003
• Microsoft .NET 1.1
Back-End • Windows 2000 Server, Windows 2003 Server
• Microsoft Exchange 2000 or 2003
Transformation Engine • Microsoft Windows 2000 or 2003
• Microsoft .NET 1.1
8. Server Upgrade Considerations
When upgrading from Exchange 2000 to 2003 on the Front-End the User Interface
component of SecureView 3.0 will need to re-installed, and the installer will
automatically make the appropriate changes.
No modification is required to an Exchange Back-End to make SecureView work,
so Back-End upgrades should not pose any concern.