sign in sign up
<<
Home , AIM (software)

ARCHITECTURE OVERVIEW

WHISTLER BY FAIRWORDS

1 | Page

2 | Page

TABLE OF CONTENTS

Architecture Overview ...... 4 Data storage ...... 4 Cloud ...... 4 Installation Summary ...... 4 and Instant Messanger ...... 4 Email Setup ...... 5 On – Premise Exchange 2010 ...... 5 Outlook ...... 6 Instant Message Setup ...... 8 AIM ...... 8 On – Premise LYNC ( For Business) 2013 ...... 10 Traditional Skype (Version 6 and higher) ...... 11 ICE (IceChat) ...... 13

3 | Page

ARCHITECTURE OVERVIEW

DATA STORAGE

CLOUD

All data is securely archived in the cloud:

• Data stored in secured archives, best-in-class, long-term storage • Advanced Encryption Standard (AES) 256-bit symmetric keys and supports secure transfer of your data over Secure Sockets Layer (SSL) • Up to 40TB of data at once, SEC Rule 17a-4(f) and CFTC Reg 1.31(b)-(c) complaint • WORM • Recording of all parties accessing the data • Access to audit logs anytime • Asset (data) security • Super-owner notified in an event of data being accessed

INSTALLATION SUMMARY

EMAIL AND INSTANT MESSANGER

Details on the installation process and how data are fetched for Exchange 2010, AOL Instant Messenger, and Lync 2013, are described below. Configuration happens usually in under an hour, and then, depending on the amount of data, complete data transfer takes place over the subsequent couple of days. However, no IT team is needed to for that process, which runs in the background, and data transfer does not interrupt day to day operations. After configuration and transfer are complete, every inbound and outbound written message will be monitored and archived in real-time.

4 | Page

EMAIL SETUP

ON – PREMISE EXCHANGE 2010

ARCHITECTURE

1. Whistler needs "Exchange Journaling" to be enabled in order to forward all inbound and outbound through our automatic surveillance system. To do this, we use a secure TLS connection with Username and password authentication to forward all email domains in the Exchange Store.

2. The session is initiated by sending the server a message to establish the connections security. The server then selects a digital certificate containing a public key.

3. Whistler responds with an encrypted message containing its public key and other information including a random number that only the server can decrypt.

4. Whistler and the server then generate key material for encryption and decryption and the secure session is initiated and the data can be exchanged.

5. Whistler opens the Envelope, analyzes the header and routes the email to the appropriate Archive, with full support for BCC, SMTP Mail FROM and distribution list email.

6. The Whistler system can unify multiple domains, domain aliases, instant messaging (IM) and import legacy email with no message size limitations.

7. Whistler supports unlimited domains and Customers. Once Exchange Journaling is configured, email for any new domain added to the Exchange Store will be automatically forwarded to the Whistler Archive.

5 | Page

OUTLOOK

ARCHITECTURE

1. Login to FairWords which will then require information from Office 365. FairWords redirects you to the Azure AD authentication endpoint.

2. You authenticate and give consent. FairWords will be preset to only request the services you actually require, and specify the least level of permissions in each service that still enable required functions to be performed. Permission levels are additive; there is no need to request multiple permission levels for a given API, as the more expansive permission level already includes the more restricted permission. For example, for the Mail API, the Send email as a user permission already includes the Read and write access to users' email permission.

3. FairWords is configured with restricted access rights. Azure AD issues an authorization codes which are used to request access codes for specific resources.

6 | Page

4. After FairWords has the authorization code, the application can request access and refresh tokens. FairWords passes the authorization code the Azure AD token issuance endpoint. Azure AD returns access and refreshes tokens.

5. FairWords can then use the access and refresh tokens to access the Office 365 API endpoints and return data. FairWords can then present these tokens, on behalf of the user, to the Office 365 API service(s).

7 | Page

INSTANT MESSAGE SETUP

AIM

ARCHITECTURE

1. AIM gives users the option to change the server address it connects to during sign in. Here, Whistler will change it to our hostname and port. Please note the following below: a. To stop the AIM client from possibly bypassing Whistler IM Gateway, the block port will be assigned to all inbound/outbound traffic other than the Whistler IM Gateway b. Hosts files or DNS ‘A’ records can no longer be used to configure AIM, because AIM clients 6.x and higher use encryption that requires a strict SSL certificate check at connection, and as a result, redirection causes the SSL connection to not pass because it is not what is identified in the SSL certificate.

2. To begin configuration, we will remove existing AIM entries from users’ Hosts files. After that we will: a. Launch AOL Instant Messenger. b. Go to the Options menu, and then select Settings. c. Click on the Connection tab.

3. In the “Server” section, Whistler will enter our Host aimhost.fairwords.co and Port, 5190

4. Click Save.

5. After we have configured the AIM client, we then have to disable the Auto-Update and Auto-Upgrade feature in AIM. This allows us to ensure users won’t use unsupported versions of AIM without our knowledge, and guarantees the IM client’s settings are not overwritten.

8 | Page

6. To disable the Auto-Update and Auto-Upgrade in AIM: a. Launch AOL Instant Messenger. b. Go to the Options menu, and then select Settings. c. Click on the Sign In/ Sign Out tab. d. Make sure the Automatically download and install upgrade when AIM starts option under “AIM Upgrades” is not selected.

7. Click Save.

9 | Page

ON – PREMISE LYNC () 2013

Whistler can capture and securely IM’s between two or more parties via Lync (Skype for Business) messaging to help companies adhere to compliance regulations, and serve e-discovery and audit inquiries.

Since Lync / Skype for business provides a mechanism for logging conversations (via Archiving server Database), Whistler can provide software to be installed locally which directly extracts these conversations, converts them to an intermediary markup language, and delivers them to Whistler repository.

The repository maintains in their original format, along with detailed summaries (including usernames, number of messages, number of participants, etc.), and then time-date stamped, serialized, indexed, and preserved on tamperproof storage with write-verification.

Some firms have groups of employees whose messages require special archiving procedures due to security, compliance, or retention concerns. For example, a firm may use a dedicated archive to store the messages of its traders separately from other employees. Whistler integrates with your Active Directory to provide granular control over which users’ messages are archived and in which repository they are preserved.

ARCHITECTURE

1. Whistler for Lync/Skype for Business service is installed on the client’s server.

2. As users create IM conversations, Microsoft Archiving Server’s LCSLog database logs these messages.

3. Whistler then extracts all messages contained in Microsoft Archiving Server database, turns them into an email, and forwards them to Whistler Archiving via IMAP or SMTP.

10 | Page

TRADITIONAL SKYPE (VERSION 6 AND HIGHER)

ARCHITECTURE

Some companies have settled upon “traditional” skype, i.e. not skype for business. Traditional Skype can also be configured to be compliant via Whistler’s customized connectors, without the need to transition users to Lync / Skype for Business. To enable traditional Skype for compliance:

1. Back up old logs to an archive file. a. The last 30 days of your conversation history are stored in the cloud, so you can access it when you’re signed in to Skype on any device. b. History older than 30 days is saved on your hard drive, according to your history settings. c. You can back up your history if for any reason you need to uninstall Skype, or if you want to transfer your history from one computer to another – for example, from a Windows PC to another Windows PC, or a Windows machine to a Mac. You just need to copy the main database file in your Skype Name folder.

2. To save and transfer your conversation history:

3. Press and hold the Windows key on your keyboard, then press R to bring up the Run window.

4. Type %appdata%\Skype into the Run window and press OK.

5. Open the folder named after your Skype Name.

6. Find the main database file in the folder (it will be called main ormain.db), copy it and save it to an external media device.

7. On your new computer, install and sign in to Skype so that the necessary folder is created, then sign out of Skype again.

8. Replace the existing main database file with the main file that you saved in step 4.

9. Sign in to Skype. Your chat history will be there when you browse through your conversations.

10. To keep ongoing logs for each user, the below needs to be performed on each user’s machine (ideally pointed to a network or shared drive, where Whistler can pick up and import the archives) To change how long you keep your Skype history on your computer a. In the menu bar, select Skype and then select Privacy:

b. Under Keep history for, choose from the drop-down forever, 3 months, 1 month, 2 weeks or no history.

11 | Page

11. Click save at the bottom of the Options box

12 | Page

ICE INSTANT MESSAGING (ICECHAT)

ARCHITECTURE

By default, ICE generally stores the logs on its cloud server, but this storage is not SEC 17a or CFTC 1.31 compliant. For Whistler to keep these logs in compliance, companies should elect to have their logs sent to them nightly via FTP, which can then be pulled into Whistler’s system. Below shows the form from ICE to be completed.

Once completed, email [email protected] with the below information to have the system begin ingesting ICEChat logs into the archive:

• FTP Site (e.g. domain1.customername.com) • Hostname • Username • Password • Port • Credentials for read-only access (e.g. fw_readonly / passpass) • If it’s a key based authentication, then Whistler will send a public key for the server from which we will be accessing logs

Once Whilster has logged the files, we’ll process it and populate the Whislter dashboard with that data

13 | Page