The BorderWare Security Platform (v7.1), running on the SP-800 appliance, had the worst false positive performance of any product tested, and by a large margin: nine critical false positives and 171 bulk false positives. Its filtering rate was 96 percent of spam caught, an acceptable number but below the median. To reduce the false positives, you’ll need to count on a training period of several weeks during which users inspect the quarantine carefully and whitelist the senders from whom they want to receive e-mail.

The Bottom Line Borderware Security Platform 7.1 on SP-800 Appliance BorderWare Technologies, borderware.com Good  7.9 criteria score weight Effectiveness 7 30% Manageability 9 30% Scalability 8 20% Setup 7 10% Value 8 10% Cost: $34,400 for hardware; $34,400 for 1,000 users for 1 year Bottom Line: BorderWare had a good spam catch rate in the test, but was a distant last in avoiding false positives. Initial setup, especially LDAP configuration, is unnecessarily complicated. The appliance has top notch content management features, and excellent anti-phishing and anti-spyware functionality. Nice extras include mail server, Web, and IM firewall. About our Reviews and Scoring Methodology

The BorderWare SP-800 is capable in some areas, but difficult to configure. Although LDAP configuration looks organized, it is hard to get right, exacerbated by help examples that are more often misleading than useful. The procedure is extremely clumsy: the initial screens don’t suggest proper syntax, so you have to iron out the query in test mode (where help screens do provide useful info), then edit it again in the initial LDAP setup until it finally works. Further, the LDAP settings are not carried over from one part of LDAP to another; you need to configure five different queries to set up for domain, users, mail, aliases, and so forth. Another annoyance, which can’t be changed, is that the admin interface times out after 30 minutes.

[ Compare spam filtering statistics for the mail security appliances tested. Compare their features. Return to “Test Center guide: Mail security appliances.” See reviews of the appliances from Barracuda, BorderWare, Cisco, Mirapoint, Proofpoint, Secure Computing, Sendio, Symantec, and Tumbleweed. ]

On the upside, the BorderWare interface is clean and easy to navigate, with context-sensitive help that is generally useful. The content management features were extensive and capable, with pre-built lists of phrases available in several categories and the capability of applying weights so that it takes three or more offensive words from one list, or two or more from another list to trigger the filter, for instance. The SP-800 can also inspect zip archives and hold encrypted e-mail for inspection. The integrated URL filter intended to stop phishing and spyware by blocking downloads and access to malicious sites worked reasonably well, but blocked legitimate sites while allowing access to some bad ones. It stopped 77 percent of phishing messages and blocked 8 legitimate messages from banking sites.

BorderWare offers extensive enterprise-class features such as access control by user, group, or domain; good reporting and notification controls; policy-based encryption; centralized management of multiple devices; clustering; IM protection; policy-based rules; and the capability to integrate with F5 load balancers. 

Pricing for the SP-800 is at the high end of the field, although not out of line for the rich feature set. However, considering the middling filtering accuracy and high rate of false positives, most administrators will want to look at some of the alternatives first.