Network Email Security Review and Recommendations
Last Reviewed - May 2011
Barracuda Networks is a security and networking vendor with a range of cost effective and reputable point solutions. Barracuda’s Virus and Spam Firewall gateway is one of their oldest and flagship products. The product is available in both appliance and virtual platforms. We have tested and deployed Barracuda Virus and Spam Firewall in real network environments. The solution is a solid product and provides granular features. We enjoyed setting up the appliance and configuring the feature set because it is easy to use and understand. The appliance performed excellent at detecting malicious threats and accuracy was near perfect. Although some security professionals regard Barracuda as a cheap and cheerful solutions vendor we receive positive feedback from customers of Barracuda Spam and Virus Firewall and we think they may be competitively priced but offer a solid competitive email security solution. The only downside to Barracuda Virus and Spam Firewall is the interface seems a bit congested. Barracuda have a great support team and we were able to resolve a number of issues on different occasions within the same day.
Cisco is a leading networking vendor and have a strong security portfolio. Cisco Ironport anti-spam solution seems to consistently receive nothing less than excellent feedback and delivers an all round excellent solution. Our research is based on feedback from other IT security professionals.
Clearswift specialise in email and web security gateway solutions. We have tested and deployed both Clearswift's MIMEsweeper For SMTP software and their gateway email security appliance. MIMEsweeper For SMTP is a software based email security solution that runs on top of Windows platform and integrates with Microsoft snap-in console. The software provides excellent and granular content filtering features. Some features such as TLS are not supported on the software platform and so Clearswift offer a cut down version of their appliance version as an Edge product. The Edge product will be able to block spam and viruses as well as provide features such as Grey Listing and TLS encryption, while the software platform can be used for defining content filtering policies and more. The downsides to the software based product is because it is based on a Windows platform it is more prone to support issues.
Clearswift's Email Gateway appliance version is a powerful appliance which is feature rich and comes with a graphical user interface that is both easy to use and administer. We have tested the appliance under heavy usage and provides superb spam detection rates. Speaking to many customers of Clearswift products for both software and appliance email solutions speak very highly of the service received. We have seen a tiny percentage migrate to competitive solutions from Clearswift, but this decision has always been based on cost savings.
We have dealt with Clearswift support on numerous occasions and and both support teams from the UK and US provide an excellent service.
FortiMail by Fortinet is a dedicated e-mail security gateway appliance. Fortinet is a market leader in UTM and have other point solution security products. FortiMail is built for small and enterprise networks and can be configured as a mail server and archiving solution also.
We have tested and deployed FortiMail in real network environments and have tested the solution against an old domain prone to a large amount of spam. We found Fortigate to be a complex but feature rich solution. Out of the box Fortigate will not provide adequate level of protection and so does require an understanding of the solution and some fine tuning before it is fully responsive and accurate. When we adjusted the anti spam settings and configured other parts of the system such as per user quarantine settings we were impressed at the performance and accuracy. The rich feature set and flexible deployment options gives Fortinet an edge, however when drilling into some of the settings it can also be overwhelming and does take time to understand some of the advanced options within the product. We would recommend FortiMail for medium and enterprise networks because it does give you the flexibility that is typically required in larger networks.
Mcafee Email Security Gateway can be combined with the Web Gateway as a single console. It can also integrate with their endpoint management console for further central management capabilities.
Installing Mcafee Email Gateway is a 7 step installation process via a wizard. SmartStart configuration which is another wizard helps you further configure the product such as configuring software updates, domain settings, email servers, relays hosts, routing config, reports, further admin users, and so on. We found installing and configuring the product straight forward and liked the idea of both installation and configuration wizards helping us achieve this. Looking around the interface, bulk of the settings were configured. We liked that the solution has a configure able dashboard you can customise to your own preferences. You can configure a certain page as your home page such as a page you use most often, for example Queue Manager for quarantined messages. The layout and design of the interface is very organised where you have major menus at the top such as Anti-Spam, Queue Manager, IntrusionDefender, Compliance, Dashboard and when one you open one of these tabs you see the relevant configuration menu for these categories on the left. The GUI is also interactive and easy to follow. We liked flexibility in searching for messages and configuration of a separate central quarantine server appliance which will hold all quarantine emails more suited for larger networks and we liked the content analysis functionality and the tools used to identify confidential documents using tools such as fingerprints, clustering and lexical analysis.
Sophos is an IT security vendor with a portfolio of network and endpoint security products. We have tested Sophos Email Security and Data Protection a VMware platform. Installing the product is an absolute breeze and administering the interface is almost just as easy, yet delivering a great feature set. In a nutshell Sophos seem to develop products with ease of use as their primary focus. Sophos after sales support is also excellent.
Symantec Messaging Gateway is a dedicated appliance and virtual appliance email security gateway solution. When installing the product we used an install wizard and once that was completed we were able to log into the GUI. The interface looks similar to that of Mcafee's. It has menu items across the top of the GUI with categories such as Status, Reports, Spam, Virus, Content and so on, and if any of these are selected you can see the relevant settings menu for the category on the left hand side menu. The actual configuration settings and reporting is in the centre of the screen. The GUI is well organised, easy to follow and understand. We weren't too sure about the policy based encryption using push and pull functionality. This require a separate encryption licence and Symantec use external technology partners to execute this ability. This is not a problem most of the time as if it works then it's great, but it is adding another layer of complexity when it is technology from elsewhere. We noticed the DLP functionality on the email gateway are taken from their Vontu DLP solution which is a positive move as Symantec's full blown DLP is rated amongst the best in the market. Overall the product is great, there is plenty of features to play with in all sections of the GUI and we would recommend Symantec because they have a huge focus on their security products, an excellent reputation in detecting malware, Symantec is an international vendor with a strong presence worldwide and are improving and integrating their security solutions often.
Webroot deliver email security as a cloud service. After seeing a demonstration of the interface we definitely would recommend. Most appealing was Webroot's powerful reporting functionality and the ability to adjust features right up to per user level. The interface is tidy, responsive and user friendly. You will not find many of the standard anti-spam functionality such as fine tuning spam scores because it is a hosted service. That is all fine tuned for you. If you do experience false positives or false negatives the Webroot team will do that part for you.