Lab test: Symantec Mail Security

For the third year in a row, Symantec Mail Security (v7.5) is the best overall performer in my tests. It didn't have the best score in false positives (it came in a close second), and it was fourth in catch rate, but considering both counts, along with feature set, pricing, and maturity, it comes in first. The Symantec product shows a level of sophistication and ease of use that only comes from being a class leader for a long time, and having all the sharp edges rounded off.

The Symantec Mail Security appliance (I tested the SMS 8340) is very easy to configure, with an LDAP configuration that everyone else should steal. A few clicks are all it takes, and it automatically fills in all the necessary query strings and nomenclature to pull user data from Active Directory or other directories. The administrative interface is clean and easy to navigate, with everything clearly marked and well documented, including online help that has good examples. Further, very little needs changing other than the host name and network settings. Unlike some of the other appliances, there are few settings to change and few needed, considering the SMS caught 96.4 percent of spam with no critical false positives and four bulk false positives out of the box.

[ Compare spam filtering statistics for the mail security appliances tested. Compare their features. Return to “Test Center guide: Mail security appliances.” See reviews of the appliances from Barracuda, BorderWare, Cisco, Mirapoint, Proofpoint, Secure Computing, Sendio, Symantec, and Tumbleweed. ]

The SMS offers a full set of enterprise-class features, including clustering, central management of multiple units, IM protection, and sophisticated content management. Content protection includes no pre-built word lists (some are available at extra cost), but importing lists from other sources is very easy, and there are a large number of pre-made templates for regulatory policies, including GLBA and HIPAA. The SMS provides attachment scanning and forwarding of suspicious e-mails to the admin or a designated person, and it has the most effective anti-phishing engine in the test, though only 82 percent of phishing attempts were blocked.

Symantec also provides great reporting, logging, and alerts, and very granular granting of administrative rights to different users. Admins will like the very flexible policy-based rule sets, while users will appreciate a very accessible Web interface to the message quarantine and a great Outlook plug-in.

In addition to great ease of use and performance, the SMS 8340 is the third least expensive system in the test. Although not in the sub-$5,000 class of the Barracuda, it costs less than comparable, high-end systems. Further, unlike many of the other enterprise-oriented systems, the entry point is very low: The 100-user SMS 8230 starts at less than $1,000 for the hardware and $21 per user per year for the subscription.