Marshal Software released its Secure Email Server. In summary:
- Sits at the Internet boundary.
- Opens incoming encrypted email, checks that it conforms to policy, and sends on to the user (if necessary re-encrypting).
- Encrypts outgoing email based on policy, and sends on to recipient.
- Uses public key cryptography.
- Works with third-party email gateways that can detect encrypted email and route based on policy, such as Clearswift and Tumbleweed.
- Aimed at organizations that want to have policy-controlled encrypted email within a community.
- Main competitors include Tumbleweed and Cisco/IronPort/PostX.
- Marshal sees its main strengths as turning around automated certificate management; for example, automatic warnings to admins when a certificate is due to expire, automatic processing of certificate revocation lists, and automatic harvesting of certificates of inbound email.
- Sample pricing: for 100 users, around $11/seat per license for existing Marshal customers plus maintenance; if not a customer around $22/seat per license plus maintenance.
More details on the PKI side:
- For outgoing mail, recipient certificate is picked up from local or remote repository.
- For incoming mail, decryption is normally done via receiving organization's organization-wide private key; it can also be done by the recipient's own private key if this applies.
- Typically most users have an organization-wide private key, and a few users have their own private key (e.g., execs dealing with sensitive financial information).
... David Ferris