Monday, December 25, 2006
Thoughts on Zimbra
The notion of software as a service is intriguing to me as the ability to focus on the core business problems within IT without getting distracted by infrastructure is compelling. It seems as if Zimbra's value proposition is to displace Microsoft Exchange which is noble as having a choice is always good for users.
In terms of analysis, the product begs answering of the following questions:
- Open Source: What is the definition they are using? The most popular definition of open source can be found here. I cannot tell whether it complies with all ten principles.
- Provisioning: In terms of a hosted model where an enterprise already has an identity store, am I required to create yet another User ID / Password for every one of my users? Can I at least automate provisioning of an email inbox via an industry standard protocol such as SPML by using my identity management toolset?
- SSO: How do I implement Single Signon via the hosted model? Does it support SAML and more importantly WS-Federation? Is Zimbra working on exposing additional use-case profiles to make SAML better?
- Entitlements: I would love to use an industry standard markup language such as XACML to specify what other users such as my administrative assistant can do with my inbox and calenar. Where is XACML on the roadmap?
- Encryption: I may need to stay compliant with HIPAA and decide to encrypt sensitive outgoing emails based on lexical constructs. Is there an open source equivalent to Zix or a way to use identity based encryption such as Voltage?
- Retention: How do I specify my unique retention policies in order to comply with SEC guidelines in a hosted model?
- Analysts: Which industry analyst firms provide the deepest coverage of your product? Are you on the radar of Raven Zachary and Macehiter Ward-Dutton?
I wonder if Conrad Damon, Kevin Henrikson, Satish Dharmaraj or Scott Dietzen would be able to provide their perspective on the above questions in a future blog entry...