Test Center: E-mail security services square off
From spam-busting to content management, we test the limits of hosted e-mail security offerings from AppRiver, MessageLabs, Microsoft, MX Logic, SECNAP, and Trend MicroFollow @infoworld
SECNAP Hosted Email Security Gateway
Although not without its strengths, SECNAP came away with the lowest overall score in this roundup. Its general spam-stopping capabilities were just fine at 97.5 percent; however, it had more false positives than any other service in this test -- 133, along with 10 criticals -- a problem that persisted throughout my review (see test results). On top of that, I was often frustrated with both the user and management interfaces.
Its other features are comparable to the rest, with anti-virus and content management. It doesn't offer built-in word lists for content management, but does include an encryption capability.
If you set up accounts through the service, you'll find that SECNAP requires users to create a strong password that includes uppercase and lowercase characters, as well as numbers and symbols. Once again, this practically ensures that users will write down their passwords somewhere (or call the help desk frequently). If, on the other hand, you create accounts using directory synchronization, you'll find a single sign-on feature allowing users to log in to the service with their standard Windows domain credentials.
SECNAP has a trait that admins will likely find quite frustrating: Whenever you make or accept changes to settings, the screen will take a long moment to refresh, sometimes twice. Also irritating: Accessing a quarantine directly is impossible. Rather, admins have to manually log in from another computer (because log-in info is cached) before they can get to the standard user-level quarantine access. Alternatively, you have to generate a quarantine report, send it to yourself via e-mail, open it, click on the embedded Web link, and then enter the user log-in embedded in the message before you get to the actual quarantine. In every other appliance and service I've tested, admins can click on a menu item from within the admin UI to access the quarantine.
Also, it would be nice if there was a way for an administrator to mark spam with a standard addition to the subject line and then set up a rule on the company e-mail server to direct those marked messages to users' spam folders. As it stands, users will have to access the service's Web site to deal with those messages.
Users will also suffer some annoyances with the SECNAP interface. After marking and releasing a message from quarantine, users will be taken to the first page of the quarantine. Additionally, when a user releases a message from quarantine, it still shows up in the quarantine with no indication of success.
Reducing false positives proved troublesome in my tests. Unlike with all the other services, the average number of daily false positives did not drop off over the course of the test. There were several reasons for this: First, when you click on an item, you can release it and whitelist the sender, but only as the exact sender's e-mail address (e.g. email@example.com); there's no way to whitelist an entire domain or add wildcards to an address before whitelisting. This means that whitelisting bulk e-mail from a sender that adds a random character string to each message is impossible.