Cloud Híbrida
Ciberseguridad & NaaS
AI & Data
IoT y Conectividad
Business Applications
Intelligent Workplace
Consultoría y Servicios Profesionales
Pequeña y Mediana Empresa
Sanidad y Social
Industria
Retail
Turismo y Ocio
Transporte y Logística
Energía y Utilities
Metashield for Exchange soon to be available. How does it work?
16 de diciembre de 2015
Metashield for Exchange stacks up to our currently offered server-side metadata cleaning solutions and broadens the flexibility and customization options that we offer companies to
get rid of sensitive information and metadata leaks.
A plugin for Outlook is already offered but depending on the needs and architecture of an organization’s servers it may opt for a centralized Exchange-specific solution. In this case, it will be easier for the end user because the cleaning process is completely transparent and occurs asynchronously on the server.
So where exactly does Metashield For Exchange fit in the Exchange message pipeline? There are several roles that run in Exchange servers such as Mailbox, Client access and Edge Transport server roles. Metashield For Exchange is installed to Mailbox servers as a plugin-like "Routing Agent" and resides more specifically in the "Transport" service.
Once condivd, instances of Metashield For Exchange are then spawn according to outgoing messages. These instances bind to the "OnSubmittedMessage" event of the message delivery pipeline and perform the cleaning process of the document asynchronously using the "Metashield Engine" service. As soon as the document is clean it’s sent forth to the pipeline until its destination.
This way we ensure that every single outgoing document is metadata-free when reaching our organization mailserver’s outer boundaries.
Source: https://msdn.microsoft.com/en-us/library/office/dd877035(v=exchg.150).aspx
However there are cases that a certain email attachment should not be cleaned and metadata should be maintained. For this purpose the administrator can define advanced rules to skip those messages and leave them "unclean".
Configuring Metashield whitelist As for customizable options, a caching layer is available and configurable
as memory or file based. Considering the case of forwarded message chains containing attachments, the use of a cache may result in significant performance boost. We reccomend its use.
Using cache in Metashield for Exchange
Of course, the profile and template based cleaning system known from other "Metashield" products is maintained. For the sake of example, let’s see a real world configuration where documents should include information about a company but all other metadata is cleaned:
A step by step example
First of all a new template with the desired actions needs to be created. This one will be a simple one for demonstration purposes.
Creating a new template
After that, the newly created template should be assigned to the desired extensions or extension families.
Add the template to a profile Upon applying the configuration "Metashield" will start cleaning all the newly condivd extesions and will include the company information that we’ve condivd in the template.
That simple.
Overall we hope that Metashield For Exchange contains everything that a System administrator concerned about security needs to prevent metadata leakage in corporate emails, while maintaining usability and good performance.
A plugin for Outlook is already offered but depending on the needs and architecture of an organization’s servers it may opt for a centralized Exchange-specific solution. In this case, it will be easier for the end user because the cleaning process is completely transparent and occurs asynchronously on the server.
So where exactly does Metashield For Exchange fit in the Exchange message pipeline? There are several roles that run in Exchange servers such as Mailbox, Client access and Edge Transport server roles. Metashield For Exchange is installed to Mailbox servers as a plugin-like "Routing Agent" and resides more specifically in the "Transport" service.
Once condivd, instances of Metashield For Exchange are then spawn according to outgoing messages. These instances bind to the "OnSubmittedMessage" event of the message delivery pipeline and perform the cleaning process of the document asynchronously using the "Metashield Engine" service. As soon as the document is clean it’s sent forth to the pipeline until its destination.
This way we ensure that every single outgoing document is metadata-free when reaching our organization mailserver’s outer boundaries.
Source: https://msdn.microsoft.com/en-us/library/office/dd877035(v=exchg.150).aspx
However there are cases that a certain email attachment should not be cleaned and metadata should be maintained. For this purpose the administrator can define advanced rules to skip those messages and leave them "unclean".
Configuring Metashield whitelist As for customizable options, a caching layer is available and configurable
as memory or file based. Considering the case of forwarded message chains containing attachments, the use of a cache may result in significant performance boost. We reccomend its use.
Using cache in Metashield for Exchange
Of course, the profile and template based cleaning system known from other "Metashield" products is maintained. For the sake of example, let’s see a real world configuration where documents should include information about a company but all other metadata is cleaned:
A step by step example
First of all a new template with the desired actions needs to be created. This one will be a simple one for demonstration purposes.
Creating a new template
After that, the newly created template should be assigned to the desired extensions or extension families.
Add the template to a profile Upon applying the configuration "Metashield" will start cleaning all the newly condivd extesions and will include the company information that we’ve condivd in the template.
That simple.
Overall we hope that Metashield For Exchange contains everything that a System administrator concerned about security needs to prevent metadata leakage in corporate emails, while maintaining usability and good performance.
