AOL Launches Federated Enterprise IM

Instant messaging, the sometime consumer-driven technology for sending and receiving text messages in real time, now rivals e-mail in its rate of adoption among business users. For some organizations, IM has become a cornerstone communications technology. Companies that once complained about the IM assault on the corporate networks now encourage their employees to use it to interact with customers, partners and suppliers. “I could give up my phone before my Blackberry,” a San Francisco exec told AppTrends.

The latest trend in this space, federated IM, pulls several services together to work as one. That model got a big boost last week with the launch of America Online’s Federation Gateway, a new interface designed to handle the routing and translation of traffic between enterprise systems using the SIP/SIMPLE or XMPP protocols and AOL’s proprietary messaging system.

SIP is the industry standard Session Initiation Protocol (SIP). Products written using SIP allow end users to speak with one another across different platforms. SIMPLE, which stands for SIP for Instant Messaging and Presence Leveraging Extensions, is a protocol that describes how to pass messages between communications networks. The Extensible Messaging and Presence Protocol (XMPP) is the base XML streaming protocols for instant messaging and presence developed within the Jabber community.

At the same time, AOL launched its Enterprise Federation Partner program, through which participating companies will be able to provide their enterprise customers with certificate-based and encrypted access to the AOL Messaging Network, including the AIM and ICQ services, as well as Netscape and Apple iChat users, worldwide. Enterprise users will be able communicate with users outside their organizations on AOL without having to use an AOL screen name, and without giving up the security and management controls of their enterprise IM systems.

AOL announced four new partners in the program: IM providers Antepo, Jabber, Omnipod and Parlano. As part of the agreement, these companies will develop real-time communications solutions for enterprise customers that employ AOL technology. AOL is reportedly testing technology that would also allow these systems to communicate with each other.

The good news is that the partner program puts AOL’s considerable weight behind the federated IM model, which is something companies seem to want. Analysts at Nemertes Research found that 70 percent of IT executives want vendors to begin focusing on interoperability.

It’s also a positive development for companies, providing more secure IM options, and a viable alternative to Microsoft’s Live Communication Server.

The downside, says Nemertes analyst Melanie Turek, is that the federated model is more vulnerable. Federated IM increases malware risks, which are on the rise and growing more complex every day. Spam, viruses and phishing scams are all showing up on IM systems, and companies that open their networks to more users need more powerful and sophisticated security solutions.

In her recently published report, “Increased Federation Brings Increased Risks,” she writes, “As more people swap IM over federated networks, more viruses and other malware will enter those networks—and rampantly infect users’ systems.”

Turek cites the recent shutdown of the Reuters IM network by a variant of the W32/Kelvir worm as an example. That was a private network; the public IM packages are infamous as vehicles for introducing malicious software to enterprise networks. AOL operates one of the nation’s largest public IM networks and is the IM provider for about 14 million at-work users.

Turek recommends that IT managers take security precautions with IM so as not to repeat the tough lessons learned from corporate e-mail. “If you’re not protecting the use of IM in your enterprise, you’re asking for trouble—sooner rather than later,” she says.

About the Author

John K. Waters is a freelance writer based in Silicon Valley. He can be reached at [email protected].