Instant Messaging, IM, is a tool that offers direct and instant communication between users. This has rendered IM the place as one of the most important office tools today together with phone and e-mail communication. IM offers, in contrast to email, real-time communication between its users. It is possible to directly see who else is on-line and it becomes natural to directly contact other people to ask questions and discuss various topics. Project meetings and open and closed conferences are easy to set up by individual users when needed.

Most companies do not have their own IM system in place and with the growing popularity of instant messaging, users are forced to rely on external IM servers on the Internet for exchange of, often internal, information. This is quickly becoming a security threat in many organizations that have no alternative to offer their users.

The AppGate IM server is an add-on module to the AppGate Security Server that can be used to offer users a secure IM system, which is controlled by the own organization.

The system offers the following functionality:

• Private chats and file transfers between users.
• Group chats, i.e. creation of “chat rooms” or group conferences between more than two users.
• Chat rooms can be created when needed by any user in the system. The creator can decide who is allowed to enter the room by assigning it a password.
• Chat rooms can be configured to be “on invitation only”, i.e. a user must explicitly be invited to be able to participate.
• Chat rooms are normally deleted when the last user leaves the room.
• Persistent chat rooms can be created where the room exists for several days and the owner explicitly must delete it from the server.
• Moderated chat rooms where some users (participants) are able to post messages and other users (visitors) just can read what is being said.
• Possibility to log a conversation in a chat room. Logging is controlled by the creator of the room.





Security
All communication over the network is encrypted. This is important for both local and remote users when they connect to the system over insecure networks and when they need to know who the other participants are. Access to the IM system can be granted to all or just to selected users, for example based on their role as defined in the AppGate Server’s authorization database. Once connected to the AppGate Security Server, the user does not have to be re-authenticated when connecting to the IM service (i.e. secure single sign-on.)


Easy to set up and use
The AppGate solution enables organizations to take control of Instant Messaging. Instead of having users connect to external servers on the Internet, the AppGate Secure IM server makes it possible to set up a secure internal IM system. The protocols being used are open, public, and easily understandable by firewalls. The AppGate client is written in Java to support the largest possible range of systems, everything from Windows and Unix/Linux systems to hand-held devices is supported and, in addition, other third party clients can be used if desired. All user administration is done at the AppGate server where access to the IM application is handled just like access to any other application in the network. The additional administration the IM system introduces is therefore virtually none.
The AppGate IM solution is based on the well-known Jabber protocol (www.jabber.org). The use of open standards also ensures that other third party clients will work with the system.

The law firm installed a separate AppGate server which provides their clients with a secure environment for IM discussions. When many persons are involved in a discussion, they open up a “chat room” with protected access. During the session documents can be securely shared among the participants.