XOmail has been
designed and implemented as a
Multi-Level Secure system operating
under control of a certified Security
Kernel (“Trusted Computing Base”). All
messages have a Security Label assigned
to them. Individual interfaces are
assigned security label ranges and
status (e.g. MLS, System-High with or
without advisory Labels).
cryptographic devices can be utilized to
ensure that classified messages are
transmitted on authorized channels only.
Logs, journals, and audit information
are automatically generated and stored.
Server initiated virus control can be
are implemented according to STANAG 4406
using the S/MIME-based PCT-protocol.
Digital Signatures are used to ensure
can be verified by the recipient
originator can have a proof of
used to carry the signature and optional
privileges. A Smart Card is typically
used to hold a user’s Private Key.
Certificates are handled by a
replaceable Public Key Infrastructure
Multi-Level Security characteristics,
XOmail is able to serve as a secure
gateway between networks with different
A local server
configuration may have one or more
segments at different levels, and both
classified and non-classified external
connections. The secure server will
ensure that security is under no
and re-labelling of messages (“Security
Review & Release”) from System-High
domains are built-in to allow release of
messages below the System-High level in
a trusted manner. A trusted by-pass
option can be used between domains
operating with the same policy.