SCMag Group Test: Instant Messaging

In what is a very timely article for me Ian Parsons does a bake-off of Instant Messaging security products. And sadly that may be the last nice thing I say about the article.
The introduction just doesn’t make sense. He starts out assuming that the reader thinks they have bigger security fish to fry. Better places to spend their money. And that is true in my case. I am wondering if the big money these people want for IM Security is worth it when at the end of the day (this is one time its ok to use that phrase because I mean it literally) the user will go home and use the same computer on their home network and potentially download viruses. Of course the same thing can happen with email and the same thing can happen with http. So why put money into IM Security instead of instituting a massive lockdown and reduction of rights. Or perhaps go with a HIPS product that can handle zero day attacks. The author never explains that. Instead he makes some weird connection between email, internal newsservers, discussion boards and IM. I dont get what his point was unless it is that any place where data is interchanged between users, you want to have a server or network layer of antivirus. And IM is a growing catagory of exploitation.
Ok, but enough with criticizing the intro, lets look at the evaluation itself. The first thing I noticed was the absence of IMlogic. Since they are the biggest name in IM Security I would expect to at least see a footnote stating IMLogic wouldn’t provide eval software.
Next, he didn’t really set out what he was trying to secure. Are we talking about public IM only? Are we talking about Entrerprise IM only or a mix of both?
Next, some of the applications included seemed kind of out of place. Akonix RougueAware seemed more like a monitor. Facetime and IMLogic both have free software that does the same thing and both of them do it better. Why not include them if you are going to include the monitor only software.
Gordano just sets up its own enterprise server. I would think if you wanted an enterprise server, you’d have gone with Sametime, Jabber or LCS.
The inclusion of Surfcontrol also seemed odd, as it was really a threat shield installed on the client. That seems like its a different catagory of product.
Facetime was the overall winner with a honorable mention of the Blue Coat Proxy. I’ve got Facetime coming in Thursday morning and I’m looking forward to learning how they would secure the IM environment (and at what cost).