"Proofpoint" integration with Shibboleth.

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

"Proofpoint" integration with Shibboleth.

ekinseyjr
Has anyone here had experience integrating a product called “Proofpoint Protection Server” from a company called “Proofpoint Essentials” with Shibboleth, or know someone who has?  I’m trying to get some information to augment what I’ve gotten from the vendor so far; contact with someone who’s already done this would probably fill in the remaining gaps in my knowledge.

Thanks,
Ernest K. Kinsey, Jr.
Central Piedmont Community College
Charlotte, NC



________________________________

This e-mail, including any attachments, is intended only for the addressee's use and may contain confidential and proprietary information. If you are not the intended recipient, you are hereby notified that any retention, dissemination, reproduction, or use of the information contained in this e-mail is strictly prohibited. If you have received this e-mail by error, please delete it and immediately notify the sender. Thank you for your cooperation.
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: "Proofpoint" integration with Shibboleth.

Cantor, Scott E.
> Has anyone here had experience integrating a product called “Proofpoint
> Protection Server” from a company called “Proofpoint Essentials” with
> Shibboleth, or know someone who has?  I’m trying to get some information
> to augment what I’ve gotten from the vendor so far; contact with someone
> who’s already done this would probably fill in the remaining gaps in my
> knowledge.

I did it a few weeks ago (assuming it's the same product), during the course of which I verified they had a comment injection vulnerability that they subsequently patched. They don't support encryption and that has continued to be a sign that you're probably 50/50 going to find them vulnerable.

I haven't done a write up of it. There wasn't anything unusual that I recall, apart from the bug, it was self-service configuration via web interface.

-- Scott

--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]