There’s just no stopping it: Spam continues to get worse, and more of it is now targeted at obtaining financial or corporate information rather than just selling herbal remedies or porn. Phishing, or trying to get users to go to Web sites that seem legitimate but are actually forgeries intended to capture users’ information, is an increasing threat, too.
Internet Security Systems, now owned by IBM, is attempting to take on both of these plagues and more. The Proventia Network Mail Security System MS3004, version 1.0 appliance I tested provides e-mail security (including anti-virus, anti-spam, and anti-phishing capabilities), a firewall, intrusion prevention, and an SMTP server. The appliance format makes it easy to set up, and it does a good job on the IPS front, but I found that the MS3004’s anti-spam abilities weren’t as solid as those of other solutions I’ve reviewed.
Focus on phishing
 Click for larger view. |
Unfortunately, if the message is not caught as spam, it is usually not caught as a phishing attempt either. For example, out of 151 fraudulent PayPal messages received during testing, 148 were marked as spam and with the “Fraudulent Message” phishing warning. The three that were not caught as spam were also not marked as phishing attempts.
Similarly, out of 43 fraudulent Bank of America phishing attempts, 42 were caught as spam and flagged with the phishing warning, and one was neither labeled as spam nor with the warning. Because the phishing filter does not catch all phishing attempts, users may incorrectly assume that messages not caught are legitimate e-mails.
The anti-spam catch rate was 91 percent, which is average, but the critical false positive rate was among the worst I’ve seen in the past couple of years, at 0.16 percent. By contrast, the best products had a false positive rate of 0.01 percent. The noncritical false positive rate was moderate, at 1.4 percent. Anti-virus filters worked fairly well, missing only three out of 219 viruses received.
Almost plug-and-go
The MS3004 is easy to install and configure. Initial network setup can be done via the front-panel LCD, a serial terminal, or a browser pointed at the default IP address. The rest of the configuration is done via browser, and the layout is clean and easy to navigate. I did, however, find the Java-based tools slow — working on a 3.4GHz workstation with 2GB of RAM, I experienced delays as long as five-seconds after clicking an item through either Firefox or IE7.
| Test Center Scorecard | ||||||
|---|---|---|---|---|---|---|
 |  |  |  |  |  | |
| 25% | 25% | 20% | 20% | 10% | ||
| IBM Proventia Network Mail Security System MS3004, version 1.0 | 8 | 7 | 7 | 8 | 8 |
7.6
Good
|
Sign up to receive Security Resource Alerts
A comprehensive security management solution can help you streamline, as well as grow, your current or evolving business. In this way, a strategic security approach can help you increase your competitiveness in these challenging market conditions.
Download now! »
Find out how you can effectively collect, normalize and archive enterprise-wide, security-related data that is invaluable for security investigation and compliance reporting.
Download now! »
This session focuses on the intersection of role management and identity compliance, and addresses the importance of identity compliance in enterprise governance and the challenges that organizations may face in achieving it.
View now! »
Recommend This
