Notes is a database program. Some links that describe Notes

Its been around since 1987. The reason its been around so long is that it works better than systems costing 10 times as much.These links describe how powerful the HCL Notes client is.

Web browsers are sometimes referred to as dumb clients. Without a network connection and server, browsers are useless. Websites use all sorts of different navigation menus, so each website requires some training.

HCL Notes is a smart client. It can process and protect data while disconnected. The concept of ‘form’s’ and ‘views’ are used for every basic notes client database application, reducing training by a factor of 10.

From the HCL Notes wiki Security Section

HCL Notes was the first widely adopted software product to use public key cryptography for client–server and server–server authentication and for encryption of data.

Until US laws regulating encryption were changed in 2000, IBM and Lotus were prohibited from exporting versions of Notes that supported symmetric encryption keys that were longer than 40 bits. In 1997, Lotus negotiated an agreement with the NSA that allowed export of a version that supported stronger keys with 64 bits, but 24 of the bits were encrypted with a special key and included in the message to provide a "workload reduction factor" for the NSA.

This strengthened the protection for users of Notes outside the US against private-sector industrial espionage, but not against spying by the US government.[12][13] This implementation was widely announced, but with some justification many people did consider it to be a backdoor.

Some governments objected to being put at a disadvantage to the NSA, and as a result Lotus continued to support the 40-bit version for export to those countries.

Under current US export laws, IBM Notes supports only one version of the Notes PKI with

  • 128-bit symmetric keys,

  • 4096-bit public keys, and

  • no workload reduction factor.

The Domino server includes security tools support S/MIME, SSL 3.0 with industry standard key sizes for HTTP and other Internet protocols, X.509 client certificates, and an integrated certificate authority.

HCL Notes and Domino also uses a code-signature framework that controls the security context, runtime, and rights of custom code developed and introduced into the environment.

Notes 5 introduced an execution control list (ECL) at the client level. The ECL allows or denies the execution of custom code based on the signature attached to it, preventing code from untrusted (and possibly malignant) sources from running.

Notes and Domino 6 allowed client ECLs to be managed centrally by server administrators through the implementation of policies. Since release 4.5, the code signatures listed in properly configured ECLs prevent code from being executed by external sources, to avoid virus propagation through Notes/Domino environments. Administrators can centrally control whether each mailbox user can add exceptions to, and thus override, the ECL.

End snip

HCL Notes security cannot be matched by any competing product.

Is it very expensive? Compared to what?

Plain mail vs Notes Mail – A better value for personal time management.

Personal Information Management – Contacts/Calendar/Workflow – integration and protection of your data is at the core of HCL Notes.