I’ve reviewed many security products, but it’s rare for me to be so impressed with a product that I want to keep and use it after the review. Barracuda Networks’ Spam Firewall is my favorite keeper so far this year.
In my experience, perimeter solutions usually rank just behind Internet-hosted service offerings in accuracy, with end-point solutions having the worst rates. This is not the case with Barracuda — it’s among the more accurate anti-spam products I’ve tested, even when compared with seemingly more intelligent hosted solutions. In a crowded field, Barracuda Spam Firewall stands out for being packed with features, easy to use, accurate, and relatively low-cost.
Filter-friendly
The Spam Firewall 300 is a 1U appliance running Linux on an AMD Athlon XP 1900+ processor with a 40GB hard drive and 512MB of RAM. It is designed to be placed as a front-end MTA in front of SMTP servers, but unlike most Linux appliances, the Spam Firewall rarely if ever requires you to delve into the world of command-line prompts because administration is performed via almost any JavaScript-enabled browser. Although there are more than 100 features that can be enabled or customized, the default settings are fine for most environments.
Installation is fairly easy. Administrators set the correct IP address and then follow a simple four-page document to complete the setup, leaving the advanced options, such as Exchange LDAP interaction, for another configuration session. The defaults are accurate enough to capture most spam, so you can customize and strengthen the settings later when you are more familiar with the system.
If you’ve read about an anti-spam feature, the Spam Firewall 300 probably has it. Functionality includes keyword blocking, whitelists, internal and external blacklists, Bayesian filtering, subject and header filtering, and reverse DNS lookups, as well as content and URL fingerprinting.
The Spam Firewall has true Bayesian filtering, so the administrator must train and fine-tune the filtering engine between spam and nonspam e-mails. Barracuda recommends marking 200 messages as spam and nonspam to train the filter. Ironically, this was a bit of a problem in my tests because the Spam Firewall is so accurate in stopping spam for other reasons — attached viruses, bad domains, incomplete messages, sender time-outs, and so on — that it was tough to get enough real spam past the first stage of blocking and into the logging area to be marked as spam.
I tested the Spam Firewall 300 and 200 models for several months with tens of thousands of messages received. The population of spam e-mail to legitimate e-mail ranged from 30 percent to 60 percent during the testing period.
The result? Only a few legitimate spam messages got by and fewer than a handful of false positives were tagged. The few legitimate spam messages that did get through the Spam Firewall were correctly marked as possible spam. A few false positives came up as possible spam, but in my small-site setup, only two messages out of tens of thousands were marked as definite spam when they were not.
To tag and route potential spam, the Spam Firewall administrator sets rating thresholds for scanned messages and determines which scores result in blocking a message versus quarantining it. Ratings are determined by noting common spam characteristics and generating an overall score for each message; a rating of 0 means the message is not spam.
| Test Center Scorecard | ||||||
|---|---|---|---|---|---|---|
 |  |  |  |  |  | |
| 25% | 25% | 20% | 20% | 10% | ||
| Barracuda Spam Firewall | 8 | 9 | 8 | 8 | 10 |
8.5
Very Good
|
This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.
Download now »
Server virtualization is a popular option for dealing with mounting datacenter costs. Another equally promising approach is the use of an Application Delivery Controller. Citrix NetScaler provides a low-cost way for organizations to reduce their server count and accrue cost savings from a reduction in space, cooling, power and personnel.
Download now »
The emergence of WLANs has created a new breed of security threats to enterprise networks.
Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation
Effectively address data protection challenges, implementing solutions that help store and protect business–critical data while cutting costs and improving efficiency and reliability.
Download now »
Sign up to receive Security Resource Alerts
This white paper provides guidance on how to develop a strategic approach to managing and monitoring logs, a key function required for compliance with many regulatory mandates and a critical defense against security threats.
Download now! »
Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM. The series examines different options for implementing SIM and gives you evaluation criteria for selecting the best option for your organization.
Download now! »
Learn the strategies, actions, and capabilities that Best-in-Class organizations employ and technologies they choose to obtain superior performance against various security performance metrics. This report provides guidelines for identifying which security solutions to consume as a MSS and defines best practices for choosing and managing MSSPs.
Download now! »
Recommend This
