Review: A Virtual Solution To Spam
Smaller networks seem to be more vulnerable to the effects of spam due to tighter budgets and less sophisticated technology. Yet, larger networks are not immune to the problem, struggling under its burden despite rollouts of more costly security technologies.
Controlling spam has become a delicate balancing act of allowing legitimate communications to arrive at the proper destination and keeping unsolicited e-mails out of the system, all while maintaining user productivity and network performance.
What's more, spammers are using new techniques to bypass traditional filtering technologies and also are using spam to deliver spyware, adware, key loggers and other malware used to steal information. Solution providers aiming to stay ahead of these attacks will need to follow through with new ideas and more creative products.
Cupertino, Calif.-based Proofpoint is heeding that call and is ready to arm the channel with a new way to fight spam in the form of its Messaging Security Gateway Virtual Edition. The product combines the strengths of software-based antispam solutions with the ease of use associated with an appliance by using virtual technology. In other words, the product runs as a virtual server on a host running VMware's virtual server software.
By moving what was once based on a dedicated hardware appliance over to a virtual appliance, Proofpoint has solved all of the problems associated with proprietary hardware. Issues such as costly upgrades, lack of business-continuity capabilities and short product life cycles have become a thing of the past with Proofpoint's virtual offering.
Proofpoint's Messaging Security Gateway Virtual Edition offers a plethora of security features, including antispam, antivirus and outbound content control capabilities. The product uses a high-performance mail transfer agent (MTA) to handle both inbound and outbound e-mail at the gateway level, which prevents malicious code from entering the network to be processed.
Overall, CRN Test Center engineers found the installation of the product quite easy. Product installation is surprisingly straightforward, considering the lack of a physical appliance to plug in.
On the downside, solution providers will have to be knowledgeable about VMware's virtual server architecture to maximize performance and scalability.
On the upside, increased performance takes little more than moving the virtual appliance over to more robust hardware. That usually can be accomplished by simply copying the Virtual Hard Drive (VHD) from an existing system to a new system running VMware. That same capability bodes well for backup and disaster recovery: a simple copy of the VHD allows an enterprise to recover quickly from a hardware failure.
For e-mail filtering products, integration capabilities reign supreme. After all, the ability to integrate any e-mail product into an existing infrastructure is critical. Considerations such as user directories, existing MTAs and other network elements must be addressed.
The product's quick-start wizard was more than up to the task of identifying and integrating with existing network capabilities. Although the quick-start wizard made simple work of the initial configuration, installers will have to know intimate details about the existing network directories, mail servers and so on.
Engineers also found the product's browser-based management console to be well designed and easy to navigate, despite the overall complexity of the product. That complexity is simplified by presenting the numerous options in sections and subsections for easy configuration.
Next: The Bottom Line During the initial configuration phase, many global policies are created automatically, which speeds deployment and prevents common attacks. More granular policies, including spam rules, are easily added and can be based on groups or individual users and their attributes.
Testing of the product showed that it was quite effective at identifying spam and taking the appropriate action as defined by configured rules. Proofpoint provides over 50,000 rules that are updated on a weekly basis and can address the latest threats delivered from spam.
The product was also successful in identifying and quarantining image-based messages, the latest development in spam. Testing encountered no false positives and only two spam messages out of approximately 500 were able to bypass the filters. Those two messages were targeted at a specific user and offered traditional information. Although the messages were unsolicited, they were not harmful.
For those following compliance rules, a compliance module adds the ability to inspect inbound and outbound mail for defined text, numbers or regular expressions, and confidential information, such as credit-card numbers.
The product inspects each message in multiple ways, ranging from structural analysis to reverse DNS query. What's more, the software also detects foreign language spam. Over time, the product becomes more effective as it learns from the actions taken by users on quarantined mail.
An embedded e-mail firewall offers protection from buffer overruns, directory harvest and other connection-level attacks. The company also offers zero-day virus protection, thanks to the inclusion of F-Secure's antivirus engine.
For those exploring product effectiveness and ROI, the company offers over 30 pre-defined reports. Reports can be generated to include in-depth information and even published to a URL, making tracking the effectiveness of the product that much easier.
The company offers all of the expected services for their channel partners. Prospective partners will find variable margins based on products and volume, along with the opportunity to realize margins on upgrades and subscription extensions.
The company offers dedicated support to channel partners and ample training and marketing tools. While the there is nothing unusual about Proofpoint's channel program, most solution providers will find that all of their basic needs will be met, and a profitable relationship with the company can be easily realized.