January 2-5, 2007

Weekly Summary of News

Spam: Can-Spam Act Analysis More Commtouch "2006 Spam Trends Report: Year of the Zombies" Analysis More PCSecurityShield Spam Shield 4.0 Analysis More Content Security and Viruses-by-Email: Alt-N Technologies SecurityPlus for MDaemon Analysis More Content Filtering Market Analysis More Barracuda Web Filter v3.1 Analysis More IT Security "Internet Security Trends for 2007" Analysis More IT Security "Intrusion Detection System Essentials" Analysis More Kaspersky Anti-Virus 5.6 for Microsoft ISA Server 2004/2006 Standard Edition Analysis More Instant Messaging & Presence Information: Akonix Systems Predictions for Corporate IM in 2007 Analysis More Securing IM Analysis More Interactive Networks Instan-t Express Analysis More Pivot Solutions IMTRADER v3.4 Analysis More SMS, MMS and Wireless Email: iAnywhere "The Top 5 IT Considerations for Secure Wireless Email" Analysis More Other Email: StrongMail Systems "The New Era of Email Marketing" Analysis More Vicito Analysis More Document and Content Management: AIIM "Managing Content's Lifecycle" Analysis More AIIM Enabling Information Sharing with ECM Analysis More Voice Integration with Collaborative Applications: VoIP in 2007 Analysis More Vontoo 2007 Voice Messaging Forecast Analysis More Vendor Finances & Equity: Cisco Acquisition of IronPort Systems Analysis More M2M Holdings Acquisition of KNOVA Software Analysis More Other Collaboration: Parlano MindAlign Analysis More

Quick Links to Insights & Observations

Ferris Research is an analyst firm specializing on the business use of email and collaborative technologies. Our clients are IT professionals or vendors active in this field.

Main topics we cover:

• Email retention/archiving, regulations compliance, e-discovery
• Spam & malware control
• Mobile messaging
• Email upgrades & migrations
• Instant messaging and presence
• Team workspaces
• Content management
• Email encryption
• Calendaring & scheduling
• Consumer messaging
• ISP messaging

Our main services are:

• Information service for IT professionals. See here
• Information service for vendors of email and collaborative technologies. See here
• Educational white papers, written for vendors. See here

UPCOMING WEBINARS

Sender Authentication
Free Webinar. Wednesday, February 21, 2007
8:30am Pacific, 11:30am Eastern, 4:30pm UK, 5:30pm CET. One hour.

Sender authentication (AKA sender authorization) is an important addition to the email standards set. It helps email recipients determine if a message has been forged. Senders currently have two main ways to vouch for the authenticity of their messages: Sender Policy Framework (with the related Sender ID Framework) and Domain Keys Identified Mail. In this webinar, speakers from Microsoft, Datran Media, and Sendmail discuss the different methods of sender authentication and offer suggestions for its use.

To register for this webinar, click here. For more information, click here.

CALL FOR SPEAKERS AT FERRIS WEBINARS

• Email Disaster Recovery, Mar 21. Solutions are now becoming available to keep email going in the event of disasters, such as fires and earthquakes. We discuss the main product/service offerings and how the technology is evolving.
• Emerging Messaging Technologies, May 16. Short presentations from interesting new firms with promising and innovative technology. Industry leaders and messaging managers comment on the technologies that have the greatest potential.

News Items

Mainly Spam

• Article discussing the Can-Spam Act, which nears its third anniversary, and how it hasn't been a deterrent to junk e-mailers. Top
• Commtouch released "2006 Spam Trends Report: Year of the Zombies." Key highlights: zombies have spread to all geographies, spam level soared 30% in 2006, and zombie activity accounts for 85% of the spam circulating the Internet, among others. Available immediately. Top
• PCSecurityShield released version 4.0 of Spam Shield, its anti-spam solution for Outlook and Outlook Express. Key enhancements: improved overall protection levels, enhanced installation, and more frequent data updates, among others. Available immediately. Top

Mainly Content Security and Viruses-by-Email

• Alt-N Technologies announced SecurityPlus for MDaemon, its antivirus and anti-spam solution. Integrates anti-virus protection from Kaspersky Lab and Recurrent Pattern Detection for Anti-Spam and Zero-Hour Virus Outbreak Protection from Commtouch into a single email security solution. Top
• Article discussing the projected growth in the world content filtering market with security and compliance being the two driving forces. Top
• Barracuda Networks announced version 3.1 Barracuda Web Filter, its content filtering, application blocking, and anti- spyware solution. Key enhancements: soft blocking feature which enables network administrators to monitor usage or issue warnings upon visits to questionable web sites, new reports, and more comprehensive reporting functions, among others. Available immediately. Top
• IT Security released "Internet Security Trends for 2007," its white paper. Key topics: Technological Innovation by Criminals: Money and Mayhem, Trends, Investigative Report, and Winning the Fight with Best Practices. Available immediately. Top
• IT Security released "Intrusion Detection System Essentials," its compilation of three documents covering the latest developments in the market and comparing leading vendors. Documents: "Top 5 Reasons You Need an IDS," "Intrusion Detection Buyer's Guide" and "Comparison of Leading IDS Systems." Available immediately. Top
• Kaspersky released version 5.6 of Kaspersky Anti-Virus for Microsoft ISA Server 2004/2006 Standard Edition. Provides antivirus protection for files transferred using the HTTP and FTP protocols via Microsoft Internet Security and Acceleration Server. Available immediately. Top

Mainly Instant Messaging & Presence Information

• Akonix Systems published its top five predictions for enterprise IM in 2007. Key predictions: investment in archiving technologies for IM will soar in 2007, spyware, worms, viruses and other malicious attacks will continue to exploit the unprotected IM vector, and 2007 will see a dramatic increase in legal actions against employers for hostile workplace and sexual harassment claims stemming from inappropriate use of IM at work, among others. Available immeditely. Top
• Article discussing ways to keep IM systems secure. Top
• Interactive Networks released Instan-t Express, its web-based IM client developed using AJAX technologies. Offers the basic features currently found in any IM client along with interoperability with MSN, AIM, ICQ & Yahoo Messenger. Available immediately in a beta version. Top
• Pivot Solutions announced version 3.4 of IMTRADER, its instant messaging network and trading tool for brokers and fund managers. Key enhancements: trade international equities via IM, sweep pools for hidden liquidity by clicking on an IM buddy ID, and track and manage message blasts, among others. Top

Mainly SMS, MMS and Wireless Email

• iAnywhere released "The Top 5 IT Considerations for Secure Wireless Email," its whitepaper. Key topics: protecting mobile assets, adhering to compliance regulations, and handling the constant refresh of information, among others. Available immediately. Top

Mainly Other Email

• StrongMail Systems will host "The New Era of Email Marketing," its webinar on Thursday, January 18, 2007, at 2:00 p.m. GMT. Will provide email marketers with key strategies for improving deliverability and managing sender reputation. Top
• Vicito launched Vicito, its web-based group messaging service. Allows members to join groups and receive messages via e-mail, cell phone text message, or IM. Available immediately. Top

Mainly Document and Content Management

• AIIM will host "Managing Content's Lifecycle," its webinar, on Wednesday, March 21, 2007 from 2:00-3:00 P.M. EST. Will discuss the value of information lifecycle management, which is the set of strategies for using storage to handle information from its creation though its final use within an organization. Top
• AIIM will present Enabling Information Sharing with ECM on Jan 11, 2007 at the Key Bridge Marriott in Arlington, Virginia. Paul Garrett, Special Assistant to the CIO, U.S. Department of Justice, will discuss how enterprise content management plays a significant role in keeping over 18,000 law enforcement agencies connected and informed. Top

Mainly Voice Integration with Collaborative Applications

• Article discussing VoIP in 2007, moving from simply saving money on communications to improving productivity. Top
• Vontoo released its 2007 forecast for automated voice messaging, predicting tighter regulation of calls and growing acceptance of the medium by both marketers and consumers. Top

Mainly Vendor Finances & Equity

• Cisco announced a definitive agreement to acquire IronPort Systems, a provider of messaging security appliances, focusing on enterprise spam and spyware protection, for approximately $830 million. The acquisition is expected to close by April 2007. Top
• M2M Holdings announced it has signed a definitive agreement to acquire KNOVA Software, a provider of intelligent customer experience applications, for approximately $47 million. The transaction is expected to close in 1Q2007. Top

Mainly Other Collaboration

• Article discussing Parlano's MindAlign persistent group chat tool as an enterprise-ready alternative wikis and blogs. Top

Insights & Observations

Spam Control Market Consolidation Continues -- Cisco Buys IronPort. Today, Cisco announced that it has acquired IronPort Systems for $850 million in cash and stock. Cisco's offer should make the investors happy. It's a fair and good price. It should also stimulate strong IronPort growth.

Cisco is, of course, well-known for its "growth by acquisition" strategy, and was notably lacking in solutions for email hygiene. It makes sense for it to buy an appliance vendor. It also makes sense for IronPort. Despite having good technology, the company has consistently had difficulty achieving and maintaining profitability. We estimate IronPort's revenues have hovered around in the $50M-$75M mark for some time, which must have been frustrating for investors. IronPort has 408 employees.

IronPort had hoped to go public over the last couple of years; given its financial performance, the acquisition route makes much better sense.

IronPort and Ciphertrust have been the appliance market leaders for some time (albeit challenged by the appliances launched by large, conventional software vendors such as Sophos and Symantec). Ciphertrust was bought by Secure Computing in 2006, thus leaving Cisco with an obvious choice.

Will we look back at 2007 as the year of spam control market consolidation? We've certainly seen some significant M&A activity in previous years, but there's still plenty of scope for your vendor to be acquired or run out of VC money. ... David Ferris and Richi Jennings

Top

Mobile Data Usage - RIM vs. Microsoft. Research In Motion (RIM) has sponsored Rysavy Research to create an interesting white paper, which compares mobile data usage of RIM's BlackBerry solution and the Microsoft Direct Push technology. While the paper was sponsored by RIM, the test results show significant network efficiency when using the RIM solution.

Rysavy says it created a controlled environment so that it could monitor the mobile data usage of each device. Rysavy used a wireless network emulator for wireless connectivity to the mobile devices. The wireless network emulator uses exactly the same protocols as commercial networks and made it easy to analyze the data communicated to and from the mobile device.

The Microsoft Direct Push test environment consisted of a server running Microsoft Exchange 2003 Service Pack 2 and a T-Mobile MDA device. The BlackBerry test environment consisted of a server running Microsoft Exchange 2003 Service Pack 2, BlackBerry Enterprise Server installed on the same server, and a BlackBerry 7290 device. Rysavy established a VPN with the RIM Network Operations Center, for communication between the BlackBerry Enterprise Server and the RIM NOC.

The following is a short summary of the results of the findings:

• Data usage for a 5KB message with no attachments was 244% the original message size to the Windows Mobile device and only 63% to the BlackBerry mobile device.
• Data usage for a 20KB message with no attachments was 103% the original message size to the Windows Mobile device and only 56% to the BlackBerry mobile device.
• Data usage for a 5KB message with a 500KB Word attachment was 116% the original size to the Windows Mobile device and only 11% to the BlackBerry mobile device.

The BlackBerry communication protocols, the BlackBerry Enterprise Server, and the file viewers of the BlackBerry devices are all mentioned as well-optimized components of the BlackBerry solution. Interestingly, the BlackBerry solution in almost all test cases sent less data over the air than the original size of the test message.

The obvious gains from mobile data efficiencies are lower data charges and better use of the network for service providers. Beyond the obvious benefits, Rysavy also claims that more efficient usage of the network will result in faster message receipt and better battery life on mobile devices.

While it would be nice to see a little more independent review, the numbers and results are believable, and quite telling. The functionality may be slightly less rich with the BlackBerry platform, but the potential for cost savings and better battery life are certainly big benefits with the BlackBerry solution. ... Colin R. Bush

Top

Jingle Will Become Key for VoIP. XMPP (eXtensible Messaging and Presence Protocol) is an open standard for IM and presence, often referenced as Jabber. It is the likely standard to provide integrated, open, and distributed global IM and presence systems.

When making a VoIP call over the Internet, you need to determine where your partner is (presence) and then negotiate call setup. SIP (Session Initiation Protocol) is the most widely used standard to do this.

For a system using XMPP for IM and SIP for VoIP, there is quite a bit of duplication. Jingle is a new open standard specification that uses XMPP presence and provides the call initiation capabilities for VoIP. Jingle's adoption by Google for GoogleTalk is an important step for this technology.

Jingle also has a cool name, which reflects its role in ringing the remote buddy's "handset" -- the user-visible part of connection setup.

The benefits of using a single presence service are compelling -- people would like a single view of their buddies for IM and for VoIP. The future for Jingle looks good, perhaps even replacing SIP eventually. ... Steve Kille

Top

ZANTAZ Acquires Singlecast. Convergence in the archiving arena continues. ZANTAZ's acquisition of Singlecast, announced earlier this month, represents a strategic move as the company seeks to win over the highly regulated securities industry.

Broker-dealers and securities traders are governed by NASD 3010(d)(1) which requires active supervision of all electronic correspondence with the public (e.g., email, instant messaging). Singlecast provides data classification, policy management, and supervision capabilities that will complement ZANTAZ's archive offerings.

Due to the extremely small and specialized needs of this market, only a handful of niche vendors provide solutions suitable for NASD 3010. Orchestria appears to be one of the few left standing. ... David Sengupta

Top

Trust for Electronic Presence Involves Identity Management. There's a growing need to be able to trust electronic entities. For example, if we can be sure that an email is from someone we know, then it's less likely to be spam.

Identity management is a technology that, among other things, helps keep different system directories in sync -- it helps to ensure that a consistent view of users and their access privileges is held across a range of different systems.

Identity management has mainly been used behind organizations' firewalls. In 2006, identity management vendors started to pitch their offerings as the first step necessary to allow people to collaborate in virtual space, with trust. That makes sense. Email support staff have some role in the growing issue of Internet-based trust; so do other IT groups. ... Sameer Karmarkar

Top

"Pump and Dump" Spam. The Pump and Dump (or stock kiting) scam involves using some form of promotional tool to artificially pump up the price of a given stock. The perpetrators, having purchased the stock prior to promoting it, dump their holdings once the price has been pumped up. It's not unique to spam or even to the Internet -- telemarketing, faxes, and postal mail have also been used to perpetrate the scam.

Spam is an ideal delivery mechanism for this scam. Spammers now have the ability to reach large numbers of people and the cost of sending the spam is very small. Botnets and image spam are resulting in a higher deliverability of spam, which is making it an even more effective tool. This type of spam now accounts for at least one-quarter of all spam email, showing a dramatic increase over the past few months. The beauty of pump and dump spam is that there is no need for a Web link to be contained within the spam message -- this benefits the perpetrator, as the lack of an html link makes it harder for spam control products to identify these messages.

As with the majority of online fraud, most observers claim that there are heavy ties to organized crime. The problem is that it seems to work. SecurityFocus monitored the stock price for 93 companies for which they had received pump and dump spam. The researchers found an average 1.7% increase in the stock price on the days that the pump and dump spam messages were received.

The SEC continues to crack down on people using this scam and has published guidelines for protecting yourself on its Web site. ... Colin R. Bush

Top

Email Archiving Will Integrate With Content Control. Email archiving solutions ought to integrate with content control solutions. One major reason is that policy is often set for risk mitigation purposes: If something might be sensitive, then you flag it and give it special processing. For example, you might send it to HR for review, or you might have it archived.

Right now, we're just beginning to see integration between these two capabilities. AXS-One and MessageGate are to be congratulated on their recent partnership. Orchestria and IBM have also been early players. ... David Ferris

Top

Fingerprinting Provides Refinements to Outbound Content Filtering. Code Green Networks is a new entrant into the emerging content inspection market.

Delivered as an appliance, the embedded software employs the usual mix of regular expression technology combined with standard content policy rules. "Deep content fingerprinting" -- based on compressed hashes of existing documents -- is designed to provide easy identification of partial document matches. Document fingerprinting also removes the dependence on language recognition suffered by solutions using only regular expressions.

The appliance monitors FTP, SMTP, HTTP, and IM traffic, reassembling data packets and comparing the results against the existing fingerprint database. It supports more than 370 data formats ranging from source code through Office documents and PDF files.

Code Green's competitors include PortAuthority, Reconnex, Tablus, and Vontu. The company hopes its fingerprinting and language independence will differentiate it from the competition. ... John Stanners

Top

Preparing Children to Be Online. The holidays this year found many of us shopping for high-tech gadgets that will put our children online. Whether it be a new game console or a fancy computer, online communication for today's youth comes naturally.

Email, instant messaging, and sites such as MySpace have become standard collaboration tools for working on school projects or simply chatting with friends. With online communication comes the anonymity of the Internet and the many potential threats. Viruses, phishing, and online predators are real threats and we need to ensure youth are properly informed and protected before venturing onto the Internet.

If you are considering getting your kids online, I would encourage you to prepare them to do it safely. The following Web sites provide some guidelines and tips for educating and facilitating children online:

• Disney Surf Swell Island
• Web Wise Kids
• Microsoft Security At Home

I believe that there is significant value in allowing our youth to use the Internet for collaboration. However, as we did while they took their first few steps, we must educate, protect, and monitor to ensure that they are safe. ... Colin R. Bush

Top

Important Steps for IT Managers to Support Legal Discovery. On December 1, 2006, new amendments went into effect in U.S. law for electronically stored information (ESI). IT managers who are responsible for managing ESI (e.g., email, documents, databases, IM, VoIP, etc.) must be prepared to search electronic records for legal discovery. Here are some important recommendations to become better prepared:

1. Get to know your organization's legal experts. Whether they are in-house or external (or both), these are the personnel you will work with in the event of a legal discovery request; so get to know them now.
2. Determine the location, the amount, and the type of your organization's ESI. For legal discovery, you must be able to locate, access, and produce records of ESI in a timely manner. Your ability to perform discovery promptly is very important for the potential legal and cost implications.
3. Finally, work with your legal staff to learn how a typical legal discovery request is carried out. Find out how the search will be performed, and how the data will be produced and delivered to the opposing party. It is better to understand this ahead of time before a legal action strikes and you are left with no time to prepare.

Now is the time for IT managers to learn how to manage electronically stored information for legal discovery. ... Bob Spurzem

Top

Got some news you want to share with us? Send press releases and conference announcements relevant to messaging to releases@ferris.com.