Test Center guide: Mail security appliances
Mail security solutions differ in anti-spam techniques, accuracy, false positive rates, and ease of setup and administration. We compare Barracuda, BorderWare, Cisco IronPort, Mirapoint, Proofpoint, Secure Computing IronMail, Sendio, Symantec, and Tumbleweed
If you are interested in checking incoming or outgoing messages against specific word lists to spot potential data breaches or ensure compliance with HR requirements, you should be aware that some vendors make this easier than others, by providing a GUI rather than requiring you to refer to a manual to find the exact syntax to type in. Further, not all vendors provide standard lists of words along with their content management engines. But nearly all the vendors (Sendio is a rare exception) will monitor incoming and outgoing messages, and block on specific words or phrases or patterns. And if they don’t provide lists themselves, they will allow you to create or import lists of words in a number of categories, such as sexually explicit language, otherwise offensive language, politically incorrect language, terms that might refer to proprietary intellectual property, and phrases or numbers that could violate confidentiality agreements or legal requirements, such as a customer's Social Security number or credit card information. If a product you otherwise like doesn't include such lists, you can often find them on the Internet.
Appliances come with a wide variety of backup capabilities, ranging from Mirapoint's compatibility with commercial backup software such as NetBackup, and Tumbleweed's automated backup of the mail store, to the minimal ability to save a configuration file or perform a complete backup of the mail store by typing a Linux tar command at the command line. If you will be maintaining a message quarantine on the appliance, you may want a solution that allows you to back up the quarantine separately.
Also worth asking is whether the secure content manager can scan inside zip files, or detect encrypted attachments and block or delete them. All the appliances tested except the Sendio could block messages that contain zip files (or executables, or any other attachments, either by extension or file size). And all except the Sendio, which doesn't do filtering of any kind, could block encrypted attachments. The features table provides an at-a-glance comparison of what each product provides.