| MailSafe CA can act as a Root or Sub CA |
|
The Reflex MailSafe CA (RMCA) is capable as acting as a root CA for secure e-mail. It can also be used in a chain of CAs with either a RMCA as root or a third party CA acting as root |
| Use with MS Exchange as automated RA |
|
When used with MS Exchange RMCA can be configured to use the information contained within MS Exchange to permit the issuing of a signed certificate and thus perform the roll of an RA. This action can be fully automated. |
| Certificate & CRLs automatically checked. |
|
The user is not required to take any decision with regard to the acceptability or otherwise of the sender or recipient's certificates since this check is performed automatically by the client software and to predefined criteria. |
| S/MIME V3+ & S/MIME V2 supported |
|
Reflex MailSafe is fully compliant with both S/MIME V3 & V2 standards. Thus permitting it to be backward compatible with any legacy secure e-mail system. |
| Supports X.509 Digital Certificates |
|
Conforms to the RFC 2459, RFC 2587, RFC 3039, RFC 2527, RFC 2510, RFC 2560, RFC 2511, RFC 3161, RFC 2797, RFC 3161 and RFC 2585. |
| Client plug-in supports MS Outlook 97/98/2000/2002 |
|
Allows deployment in a mixed MS Outlook installation. |
| Supports both RSA & DSA/DH algorithms for key exchange up to 4096 bits. |
|
By supporting both RSA and Diffie-Hellman Reflex MailSafe caters for both commercial and government requirements. |
| Message and attachments encrypted to 168 bit 3DES algorithm as standard. |
|
When encrypting an e-mail both the message body and any attachment are encrypted automatically. |
| Supports certificate management protocols PKCS#7 & PKCS#12 |
|
Standard protocols for the import and export of certificates. |
| Integrated Anti-virus support with active content blocker. |
|
The Reflex Sherlock anti-virus scanner is included and integrated so that all e-mail both inbound and outbound is checked for viruses. To further protect the user from malware it also blocks any active content. |
| Support for third party AV Software. |
|
Automatically detects and hooks third party desktop AV products to provide matrix scanning of in/outbound e-mails. |
| Independently tested for interoperability with other PKI vendors. |
|
UK Government sponsored trials reveal that Reflex MailSafe interoperates with many other PKI vendors products to the highest degree. |
| Renders auto-send e-mail borne malware useless. |
|
By requiring the user to "sign" e-mails before sending it is impossible for such auto-send malware to propagate. |
| Supports security labelling of messages |
|
Supports RFC 1457 allowing messages to be classified. |
| Provides secure and time stamped receipts |
|
By requesting a signed and time stamped receipt it is possible to know exactly when an e-mail has been received and decrypted by the recipient. |
| Centrally managed by use of Reflex MailSafe Configuration server. |
|
The security settings of the clients can be configured and controlled by the Configuration Server, thus forcing policy. |
| Automated Certificate requests to third party CAs. |
|
By supporting email delivered certificate requests, third party or external CAs can be automatically communicated with. |
| Support for LDAP, Active Directory, HTTP & FTP for CRL & Certificate look-up. |
|
Ensures the most flexible way to configure these look-up tables. |
| Silent network installation |
|
Using install scripts Reflex MailSafe client can be rolled out across a network using tools such as Reflex Deployment Server or MS SMS. |
