Is GMS secure?
The GMS is an inherently secure product. Great care has been taken to make sure that you can install the product and be assured that it is secure from the outset.
Defaults for all settings are chosen with security very much in mind. For instance, relaying is disabled by default, the proxy server is disabled by default, and so on.
There are a number of different aspects to security when considering software that is to be publicly accessible on the Internet which is normally the case with a messaging server.
Firstly there is the security of the software itself. Is it secure from any attempts to "hack" into the software, and is it secure from any attempted Denial of Service attacks.
- Hacking attacks frequently mean that attackers look for weakness in the code used to develop the software. For example, they will look for and attempt to take advantage of buffer overflows, which can lead to them being able to run abitrary code on the server. To defeat this GMS incorporates bounds checking at every stage of all protocols. Each command is limited in both what it can do and the length of the command that can be run.
- Denial of Service attacks are normally where an attacker will attempt to use up all your available connections, or use up CPU, in order that the legitimate use of your server is curtailed. To defeat this GMS incorporates a large number of security items, including Artificial Intelligence which will monitor traffic levels on your server and will kick in if any abnormal traffic levels are found.
- Trap monitoring has been in GMS for a number of years buts its usefulness is only now being discovered by other software developers. This allows GMS to be self healing, each of the services are constantly monitored looking for any activity that would cause a trap, and if any is found the trap is "caught" and the thread that caused it is automatically restarted.
Secondly there is security within the design for both the configuration of the software and the users data. For instance if the machine running the software were to suffer a fatal fault such as hard disk failure can the system be completely recovered.
- GMS provides the option of saving a System Recovery file on a regular basis. This file contains the complete configuration information for your installation. If the server suffers a fatal failure a new server can be up and running very quickly using the exact configuration of the failed server.
- All user data can be recovered down to folder level from backups of user’s accounts.
- The security of data can be further enhanced using the comprehensive recording options available. For instance, GMS Archive & Recovery can take a copy of every message passing through the sysem and automatically mail it to an offsite location for archiving. These messages can then be retreived as necessary from the archive.
- Every action carried out on the server is carefully logged as well as each message transaction
Thirdly the software was designed in such a way as to prevent basic configuraton errors by any administrator. For example, all settings throughout the product come with sensible defaults, being secure to unauthorised relay might be the most obvious example which is often not the case with other messaging systems. Every configuration page in the administration interface comes with a "Set to Default" button which allows these defaults to be quickly restored if a setting is mistakenly changed. Context sensitive help is also provided at all points in the interface to ensure help relevant to the task in hand is always available.
- What is a hacker?
- How are traps handled?
- How do I force the use of #GMSSSL# when posting to remote servers?
- What is Anti-Virus?
- What is a buffer?
- Does GMS comply with Internet standards?
- Can I provide secure access to email?
- What security does GMS provide for SMEs?
Keywords:Secure security Denial of Service DoS hacking hacker attack