There are lots of good reasons for considering a separate security appliance rather than running antivirus and spam filtering applications on a mail server. To start with, appliances are easier to install, with no compatibility or interoperability worries. And whereas add-on applications may adversely affect mail server performance, an independent appliance has no such impact. Indeed, by filtering out viruses and spam before they get to the server, overall throughput can be greatly enhanced.
What you get
The number of anti-virus/spam appliances has mushroomed lately, with solutions to handle mail servers of all sizes. All are based on industry-standard server hardware, typically running a security-hardened Unix/Linux OS to provide the platform for the mail-screening software.
Most of the time, the target mail server will be either Microsoft Exchange or Lotus Notes -- although that’s not a prerequisite, and any SMTP mail server can be used. Indeed, in most cases all you have to do to do is forward port 25 (SMTP) traffic to the appliance address. In some cases DNS changes may also be required, but most can be up and running in just a few minutes.
Management is via a browser, with tools to monitor activity and manage the antivirus/spam rules, custom black/white lists and other filtering options. Blocked or quarantined messages can also be examined via the GUI with some products allowing end users to do this themselves.
What we tested
We looked at four products aimed at medium-sized businesses. All provided the same basic tools to screen out viruses and block spam, mostly using well known software. However, only two were able to filter outgoing as well as incoming mail; the products from Barracuda and Tumbleweed could only handle incoming messages.
All four appliances are designed to keep themselves up to date and, in terms of their ability to trap viruses and block spam, there wasn’t a great deal to choose between them. They did, however, vary considerably on configuration and management, from the ridiculously easy Tumbleweed MailGate 2.2, with hardly any options, to the Barracuda, which was stuffed full of them.
The MailGate appliance also lets users manage their own black/white lists and quarantined messages and, because of its simplicity, it’s a good choice for the smaller company with limited technical resources. For the larger organisation, however, an appliance that allows greater control over the filtering process is preferable. In this respect the Barracuda Spam Firewall is hard to beat, and we recommend it if you only want inbound filtering. Otherwise, the more expensive RazorGate has the most to offer, including its unique MailHurdle technology with which you can really slam the door in the face of spammers.
|Email security appliances compared|
|Barracuda Spam Firewall 400
||Mirapoint RazorGate 100
||SurfControl RiskFilter E-mail E10
||Tumbleweed MailGate 2.2
|Format||1U rackmount||1U rackmount||1U rackmount||1U rackmount|
|Processor||AMD Athlon 64 XP 2400||2.4GHz Intel Xeon||2.8GHz Intel Pentium 4||3.06GHz Intel Pentium 4|
|Network interfaces||1 x 10/100Mbps||2 x 10/100Mbps (1 for admin)||1 x 10/100Mbps||1 x 10/100Mbps|
|Virus scanning||yes||yes||yes||yes (optional)|
|Antivirus engine||proprietary||Sophos||McAfee||McAfee and/or Kaspersky|
|Spam engine||SpamAssassin||SpamAssassin (CommTouch from end of 2004)||SurfControl||proprietary|
|Mail security features|
|Proxy POP3 server||no||yes||yes||no|
|Proxy IMAP server||no||yes||yes||no|
|Proxy HTTP server||no||yes||yes||no|
|Per-user black/white lists||yes||end of 2004||yes||yes|
|User quarantine control||yes||end of 2004||yes||yes|
|Price (ex. VAT)|
|Number of users||unlimited||100||500||1,000|
|Subsequent annual costs||£873 (Energizer updates)||£500 (100 users)||50% of purchase price||20% of purchase price|