TechWeb

Instant Messaging Is Moving From Isolation To Federation

Aug 28, 2005 (06:08 PM EDT)

Read the Original Article at http://www.informationweek.com/news/showArticle.jhtml?articleID=170101680


Instant messaging traffic continues to mushroom. According to an in-depth study in July by the Radicati Group 867 million IM accounts exist, primarily on the public networks where IM first planted its roots. Radicati estimates that 280 million IM accounts for enterprise IM vendors will be federated with public IM networks and business users of public IM services by the end of 2005.

Other sources estimate 60 to 360 million IM users in 85-90 percent of enterprises. According to Peter Shaw, CEO of Akonix, a provider of enterprise IM solutions, more than 90 percent of IM in business still is through general-public systems. But according to Radicati, IM management is becoming increasingly critical in enterprises as they seek security against relentlessly increasing spim, viruses, and worms, as well as the need to archive and log messages in the face of regulatory requirements.

Meanwhile, the emerging issue is how to herd together and federatethe disparate internal and external IM systems that are so pervasive in enterprises. The objective is to enable all users within the enterprise to use instant messaging to communicate all externally and internally.

Think It Through

As the above diagram suggests, enterprise IT professionals need to think through whether user needs require a private or public IM system, and whether to require a system that runs on internal servers or is hosted on third-party servers. For example, AOL, Yahoo!, and MSN will host IM needs on their public servers, while Omnipod will do so on their private servers. Meanwhile, Akonix installs on internal servers through their public resources, while IBM Lotus, Jabber, Inc., and Antepo install and run privately on your internal systems.

Until recently, the prevailing wisdom was that enterprises required third-party, business-class solutions installed on their own systems for security. But Peter Quintas, CTO at SilkRoad technology a provider of enterprise content management and collaboration software, says bridging corporate IM to public networks will drive more IM deployment.

Meanwhile, Maxime Seguineau, CEO of Antepo, whose Open Presence Network provides enterprise IM and presence capabilities, advises that you should ensure that your IM vendor offers comprehensive federation features with other vendors using XMPP and variations of SIP/SIMPLE.




In the quest for a federation solution, AOL has emerged as the leader in federation strategies through its AOL Enterprise Federation Partner program (EFP). AOL's EFP provides enterprises authorized connectivity to the AOL Federation Gateway, something that's been an issue in the past as third parties attempted to tap their IM solutions into AIM. EFP provides partners with authorized connectivity to the Gateway, which routes and translates traffic among SIP/SIMPLE, XMPP, and AOL’s proprietary messaging systems. Partners can offer enterprises certificate-based, encrypted access to AIM, ICQ, Netscape, and Apple Chat.

Brian Curry, Vice President of Premium Services for Business Services at AOL, explains that the value of his company’s federation is that partners can continue to provide their own services while AOL handles the protocols among the partners, such as proprietary protocols to link with Microsoft’s IM network. Throughout our interview, Curry gave high marks for Microsoft’s IM initiatives.

The EFP currently includes six partners, whose products range across both the public-private and installed-hosted axes in the accompanying diagram.

  • Antepo: The company'sAntepo Open Presence Network offers a migration path for enterprises from the free AOL IM client to AIM connectivity. XMPP and SIP/SIMPLE support helps to ensure adaptability to the moving target of IM’s future.

  • Jabber, Inc: Five million users can’t all be wrong. the Jabber Extensible Communication Platform (XMPP) commercial server provides a foundation for various real-time, presence-empowered applications, including enterprise IM.

  • Microsoft: Live Communications Server 2005Public IM Connectivity assists existing LCS users in connecting to AOL, MSN, and Yahoo! IM service providers.

  • Omnipod:Professional Online Desktop offers a framework to consolidate many communication capabilities in a secure, presence-based messaging infrastructure. Those capabilities include, among others, persistent chat, online conferencing, and file sharing and transferring.

  • Parlano: MindAlign provides presence management, secure IM, persistent group chat, and AOL Buddy List control.

  • Reuters: The company provides an IM system to distribute information and enable communications in the financial services, media, and corporate marketplaces.




Asked about the key issues facing AOL’s federation today and their solutions, Curry cited the “significant variations” between competing IM standards. But, perhaps optimistically, he feels that the “technical elements” will be resolved by the end of summer. Another key issue that he raises is the need to help enterprises determine the most appropriate partners for their needs. Given the diversity of IM in corporate environments and the foggy road ahead, both of Curry’s concerns are on target.

Weighing in on the same questions, Gideon Stein, CEO of Omnipod, was succinct: “The key issue is allowing users to communicate safely over public IM networks.” The following are among the salient issues in IM federation, according to Stein.

  • A single client for both internal (pod-to-pod) and external (pod-to-AOL) communications.
  • Central security and administration of all messages.
  • Elimination of advertising on corporate desktops.

Paul Guerin, CEO of Jabber, Inc., offers his own list.

  • Presence
  • Identity management
  • Support for public to private networks (such as Jabber to AOL)
  • Support for private to private networks (such as Jabber to LCS 2005 or Lotus IBM Sametime)
  • Wireless integration

Guerin candidly notes that AOL and Microsoft aren’t federating out of the goodness of their hearts. “Customers demand it and are the big winners.” He adds, “Customers want federation -- similar to phone calls and email -- interoperably. Federation is the key to the needs of business.” He offers kudos to AOL “for finding a way to place themselves at the center of presence and identity management.” Finally, Guerin rhetorically asks, “Who owns the presence?” The related database indeed is key.

Not to be left out, Antepo’s Seguineau suggests, in addition to observation of others, that “network hygiene” is important. He applauds the efforts of enterprise IM vendors and AOL for agreeing on implementation requirements. “The result is a robust architecture based on access control, mutual trust, encryption, and content control.

Perhaps optimistically, he says that this has created a “good citizen” ecosystem in which rogue behavior is quickly detected and eliminated. The bottom line, according to Seguineau, is that AOL’s federation is “a safe, cost-effective, and innovative way to allow enterprises to reduce friction in their core communication processes.”




When asked about future issues for the AOL federation and their solutions, Curry emphasizes “more and more feature-rich applications,” moving from IM to IP telephony and multimedia. Guerin concurs. Curry envisions a full-featured desktop app. Presence issues are high on his agenda, and he observes that the federation is opening new opportunities for AOL across the spectrum of presence arenas.

Omnipod’s Stein sums up most of his concerns about future issues for the AOL federation in two words: security and reliability. He notes the pragmatic importance of handling these features outside an enterprise’s firewall and expresses a desire for AOL to expand its services to others. Universal collaboration clearly is the lynchpin of the success of corporate IM.

Meanwhile, looking into his crystal ball Seguineau hits the mark by noting that business and regulation issues likely will supercede security and “hygiene“ related issues. He raises some interesting questions. Will companies be content with a universal “dial-tone-only” presence or require more granularity and feature-rich data exchange, and how will vendors converge on feature sets while seeking a competitive advantage? These are tantalizing questions that as yet have no answers.

Seguineau’s crystal ball raises other pertinent questions related to policy management across organizations. First, in industries where regulations govern which professions are or are not allowed to communicate, how will limitations be enforced outside a company's policy circle? If policies are enforced at the edge of the network, they are left to enterprise IM vendors' implementations and rely on companies' identity and entitlement systems.

Typically, such systems are not shared. Access control and policies based on domains are insufficient, as each domain may contain groups of users with different policies. Will the IM industry agree on extended standards? Second, Will specialized verticals, such as financial, automotive, and pharmaceutical, create their own protocol extensions and work with vendors on industry-specific protocol taxonomy? Alternatives to the AOL Federation

Seguineau sums up the perspective of many in the industry that the AOL federation is a powerful infrastructure that permits enterprises to safely and cost-effectively work with their “external business ecosystem.” But he observes two alternatives worthy of consideration.

One is a direct federation between any two enterprise IM systems that share standards and infrastructure settings. Another is a lrge scale, secure, and remote access into an internal IM system. He notes, however, that this may be cost prohibitive in terms of the scale of identity and security policy management

AOL Alternatives

When asked about alternatives to the AOL federation, Curry emphasizes his pleasure with Microsoft’s LCS 2005 initiatives, which enables its users to communicate with AIM, Yahoo! Messenger, and MSN Messenger, and the early marketing success that it has received. Stein concurs that LCS will be strong in the marketplace, but notes that it must be installed in-house, as distinguished from the AOL federation system, which requires no installation. The installation is expensive, with hundreds of hours to set up, he adds. In contrast, he notes that Omnipod provides service at a base monthly rate with no other charges, at $5/seat or lower. Stein believes IBM Lotus Sametime will be successful in IBM Lotus-oriented enterprises.

One of the latest developments in IM is Google’s long-anticipated Google Talk product . But according to the Internet search behemoth’s director of product management, Georges Harik, “We’re not going to force others to interoperate with us.” He also says, “We’re not going to arbitrarily break into their protocols.” Given Google’s pervasive place in the marketplace, the role of this new entry into the IM arena will be interesting to follow.




Art Gilliland, director of product management for IM management and security provider IMlogic, offers a counterpoint to the snowballing acceptance of enterprise federation. The following are among his arguments against federation:

  • Federation exposes organizations to security and spam risk. Federation connects users to the outside world, which opens a highway for viruses and worms. It also gives corporate users easily determined online identities that makes targeting of a corporation easier than with the names of AOL, MSN, and Yahoo! users.

    Messaging Pipeline editor John Dickinson thinks much the same thing and said so more than a year ago in his blog (See Federated IM Is The Last Thing We Need).

  • Federation is complicated. An IT manager has to manage access control and protection of individuals. “You don’t want all parties from federated organizations to see the status or presence of the executive team. Control and management of access is critical.”

  • Organizations need to implement policies based on whether an individual is internal or external.

J.W. Olsen has been a full-time author, editor, and freelance book project manager with more than 1000 editorial credits for IT publishers since 1990, and has provided computer, Web site, and editorial services to other clients since 1985. He welcomes feedback via the email response form at www.jwolsen.com. [[tag appropriate?]]