> How does EverLink assure secure communications over the Internet?
> How does EverLink protect my internal network from intruders?
> What platforms does EverLink support?
> What Internet Standard protocols does EverLink support for e-mail?
> What is Secure Sockets Layer (SSL) Protocol?
> What is digital certificate?
> What is a Java Virtual Machine?
> What is a firewall?
> What is encryption?
> What is a key?
> What is an end-to-end connection?

How does EverLink assure secure communications over the Internet?

EverLink verifies passwords and authenticates EverLink Owner Certificates before it allows communication.  To eliminate the danger of interception once communication is established, all Internet access is via an end-to-end Secure Sockets Layer (SSL) channel.

EverLink's server application, EntryGuard™, protects your internal network from unauthorized access while allowing authorized users to communicate with specific sites inside the firewall of your internal network. EntryGuard not only controls which outside computers will have access to which behind-the-firewall computers, it also keeps the internal network invisible to outside computers. From the viewpoint of the outside computer, the communication is with another outside-the-firewall computer.

EverLink currently runs on the following platforms:

• Microsoft Windows NT®
• Windows® 95/98
• Solaris™
• Macintosh®
• IBM OS/2®
• Linux™.

These platforms all support Java™ Virtual Machine technology.  For more information regarding Java Virtual Machine, visit the Sun Microsystems or Java Sun web site.

EverLink supports SMTP, POP3 and S/MIME protocols.

Developed by Netscape Communications Corporation, Secure Sockets Layer is a protocol the EverLink Client and web browsers use to encrypt messages sent over the Internet. It provides a high level of security for Internet communications and is based on public key cryptography technology from RSA Data Security Inc. RSA public key cryptography is widely used for authentication and encryption in the computer industry. Encryption levels range from 40-bit keys, the lowest standard encryption level, to 168-bit keys.

A digital certificate is a statement guaranteeing the identity of a person or the security of a web site. EverLink uses a web site certificate, which states that an EverLink site is secure and genuine. It ensures that no other site can assume the identity of the original secure site.

Certificates are dated when they are issued. When you try to open a site, EverLink (or your browser) verifies that the site address stored in the certificate is correct and that the current date precedes the certificate's expiration date. If the information is not current and valid, EverLink (or your browser) will display a warning.

A certificate has a unique non-forgeable fingerprint. The finger print consists of digits and letters "a" to "f" (case insensitive). A certificate also has non-forgeable secret stored in the EverLink installed folder. This secret scrambles the information going out of your site so that only the intended receiver can understand the information. Any "information thief" who steals information sent out from your site to the Internet by EverLink cannot understand the information.

When you connect to a remote site for the first time, the Owner Certificate of the remote site is sent through the Internet for you to review. The certificate guarantees a secure connection to the site.  You can have the owner of the remote site send you his or her Owner Certificate fingerprint. If the certificate has a correct fingerprint, you can accept it.

After you have accepted the remote site certificate, the certificate will thereafter be verified automatically by EverLink every time you connect to the site.

If the Owner Certificate in the remote site has changed, such as if the period of validity  expires, the new certificate is also sent through the Internet for you to review. The same verifying procedure as the first time connection should be used to check a changed certificate.

Java Virtual Machine is the software implementation of a "CPU" designed to run compiled Java code. This includes stand-alone Java applications, as well as Java "applets" that are downloaded and run in web browsers. Java Virtual Machine is portable and provides cross-platform solutions. For more information regarding Java Virtual Machine, visit the Sun Microsystems or Java Sun web site.

A firewall is a system of hardware and software designed to prevent unauthorized access to internal corporate networks.

Encryption technology uses mathematical algorithms to encode data to make it unintelligible to anyone without a decryption key. Encryption levels range from 40-bit keys, the lowest standard encryption level, to 168-bit keys. For additional information about encryption, please visit the RSA Data Security Inc web site.

A key contains data, sometimes called a cipher, used by the encryption algorithm to encrypt and decrypt messages.

A public key is the component of your cipher other computers use to encrypt messages sent to your computer.

A private key is kept secure and is used by your computer to decrypt messages sent to you. Without your private key, the message is indecipherable to anyone who intercepts it.

Files and e-mail sent using conventional Internet protocols are routed to servers for relay or downloading. It is relatively easy to intercept the message at the server.

With an end-to-end connection, e-mail and files are sent directly from one computer to another, minimizing opportunities for interception.