+++ press release +++

DFN-CERT secures e-mail lists of European IT security experts with Zertificon Solutions

Berlin, 22. February 2005

Encrypted e-mail communication based on the Z1 SecureMail Gateway

The Computer Emergency Rescue Team (CERT) for the German “Forschungsnetz” (research network) has decided to adopt the Z1 SecureMail Gateway by Zertificon Solutions for implementing encrypted mailing lists.

By providing processed information about new security risks and support in case of attacks, CERT makes an important contribution to raising security standards in the field of information technology. The basis for implementing preventive measures and swiftly reacting of critical situations is the timely availability if authentic information.

The key word her is “information sharing”. Thus, in the framework of the German CERT network as well as the European CERT community, the DFN-CERT engages in a continuous expansion of mutual cooperation amongst the teams. Within this environment, a sensible exchange of information can only take place on a firm basis of trust. Information about new security risks, means and ways of attacks and results of analyses have to remain confidential for the time being so as to protect all participants from hacker exploit. In order to minimize the potential damage, the manufacturer of software must be given the time required to upgrade his product as well.

Experience has shown that bulky and unwieldy encryption solutions limit the amount if information exchange. With the Z1 SecureMail Gateway, encrypted mailing lists now become availiable, facilitating, amongst other things, the exchange of confidential information significantly.

In practice, it works as follows: an IT security specialist sends an e-mail, encrypted with PGP or S/MIME, to the mailing list. The message is received by the Z1 SecureMail Gateway, gets deciphered automatically, and passed on to the mailing list software which in turn sends the message to a predefined group of users. Subsequently, the Z1 SecureMail Gateway encrypts the outgoing e-mail automatically, according to the security policy employed. As it “unpacks” and/or “envelopes” the electronic mail, the Z1 SecureMail Gateway is also referred to as a virtual mail room.