Many products claim to filter out 99.9 percent of spam, but the Sendio I.C.E. Box 3.0 is the first I've tested that actually did so. Sendio claims zero false positives as well, but that isn't accurate. Because Sendio's challenge/response mechanism requires a human from the sender before mail will be delivered, any bulk e-mail sent via an automated process (with no means to reply to the challenge) will be quarantined until released by the enduser. Products that truly avoid false positives, such as Cisco IronMail and Symantec, spare endusers the hassle.
The I.C.E. Box works differently from any other appliance in this test. Rather than filtering e-mail based on the content of the message, the system sends a challenge to any sender it doesn't recognize. The sender simply replies to the challenge e-mail, and then the original e-mail is allowed through. This places the burden on the sender, which may be your customer or partner, rather than on the appliance or the recipient. As long as you don't have a problem with this, the system is very effective against spam, though at the cost of quarantining bulk e-mail.
A lot of the initial configuration of the I.C.E. Box has to be done via a commandline interface over a KVM connection, using an ugly, ugly interface. There's much more of this initial configuration than with most systems, before you can connect via Web browser to complete the . Login to the browser GUI is not "admin" but "admin@icebox" which not the real domain but an arbitrarily longer login. Things aren't a lot better once you get the to Web interface; administration through the GUI is clumsy. When clicking on a tab, then on an action, the cursor doesn't end up in the data entry box by default – you have to click on the field. Some actions can't be taken until other fields are set, but there's nothing to indicate which fields have to be set first; they're all grayed out.
You can't change the default verification message sent to unrecognized senders without sending the revised text to Sendio and giving t port 22 (SSH) access to the box so they can install a new version. Sendio says it will change this in a future version.
After the system is set up, you'll need to whitelist a lot of bulk e-mail. Unfortunately, it takes a lot of clicks to whitelist any message. The view of quarantined messages filters out bulk mail by default, which doesn't make a lot of sense, considering bulk messages will make up the lion's share of quarantined messages that you'll want to release. In my case, changing the view to show bulk revealed the number of quarantined messages to be 2,503, which included 81 false positives – second worst in the test.
The I.C.E. Box also imposes a limit of 5,000 messages in the quarantine, which can only be changed by a Sendio tech via SSH at the moment. Sendio has committed to changing this approach going forward.
filtering 99.9 percent of spam and effectively blocking viruses, the I.C.E. Box doesn't offer much in the way of other features. It provides no compliance filtering, no attachment scanning, no reporting tools just logs with minimal search tools. There is anti-phishing functionality, but phish that appear to be from addresses that have been whitelisted get through. The I.C.E. Box doesn't look further than the from address, so spoofed addresses are accepted.
At a hardware cost of $1,995 and a low peruser cost, the I.C.E. ox is very inexpensive. It also stops a very high percentage of spam, as long as you're willing to make your customers and partners prove they are who they say they are, and to manually whitelist all the bulk e-mail you want to receive.
| Test Center Scorecard | ||||||
|---|---|---|---|---|---|---|
 |  |  |  |  |  | |
| 30% | 30% | 20% | 10% | 10% | ||
| Sendio I.C.E. Box v3.0 | 9 | 7 | 8 | 7 | 9 |
8.0
Very Good
|
This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.
Download now »
Server virtualization is a popular option for dealing with mounting datacenter costs. Another equally promising approach is the use of an Application Delivery Controller. Citrix NetScaler provides a low-cost way for organizations to reduce their server count and accrue cost savings from a reduction in space, cooling, power and personnel.
Download now »
The emergence of WLANs has created a new breed of security threats to enterprise networks.
Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation
Effectively address data protection challenges, implementing solutions that help store and protect business–critical data while cutting costs and improving efficiency and reliability.
Download now »
Sign up to receive Security Resource Alerts
This white paper provides guidance on how to develop a strategic approach to managing and monitoring logs, a key function required for compliance with many regulatory mandates and a critical defense against security threats.
Download now! »
Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM. The series examines different options for implementing SIM and gives you evaluation criteria for selecting the best option for your organization.
Download now! »
Learn the strategies, actions, and capabilities that Best-in-Class organizations employ and technologies they choose to obtain superior performance against various security performance metrics. This report provides guidelines for identifying which security solutions to consume as a MSS and defines best practices for choosing and managing MSSPs.
Download now! »
5 Recommendations
