Security

From intrusion detection to spam, security solutions were high on our list in 2004

The porous perimeter and the ominous "unknown threat" registered high IT managers' worry meters again this year, and security vendors replied with every manner of product. It seems as though we tested them all: firewalls incorporating application-level protection, signature-based intrusion detection systems, anomaly-based intrusion prevention systems, app security solutions, SSL and IPSec VPNs, do-it-all appliances, and a slew of anti-spam gateways.

We saw progress in almost every corner. Check Point, ServGate, and SonicWall delivered firewalls that blended high performance with easier configuration and management at surprisingly low prices. Arbor Networks, Lancope, McAfee, and Sana showed that anomaly-based intrusion detection has come of age; Imperva, KaVaDo, and Sentryware did the same for application security. Check Point Integrity and Sygate Secure Enterprise secured the end point with network quarantining.

We were also wowed by nCircle's vulnerability management solution, Symantec's advanced warning system, and e-Security's method of tying it all together. As for canning spam, Brightmail proved best, although MailFrontier and Proofpoint also aced the test.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

ANTI-SPAM
Barracuda Spam Firewall
Barracuda Networks
Very Good, 8.5         
Cost: Starts at $1,199, depending on model, plus a $399 annual update subscription          
Bottom Line: Spam Firewall is an accurate anti-spam appliance that's chock-full of features for a relatively low price. It's easy to install and to use, and with only a few weaknesses in documentation and reporting, this is a top anti-spam defense choice.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

BorderWare Mxtreme MX-200
BorderWare Technologies 
Excellent, 8.6
Cost: As tested, $12,595
Bottom Line: This capable anti-spam and anti-virus appliance adds secure e-mail server capabilities that ISPs and multidomain organizations will like. It's more complex to set up than the Proofpoint P800, but it offers an excellent false-positive rate out of the box and spam filtering that should improve with tuning.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

CipherTrust IronMail 4.0
CipherTrust   
Excellent, 8.6
Cost: Initial cost, $27,000; annual costs, $4,860
Bottom Line: The IronMail 4.0 appliance provides easy setup, delivers great performance, and offers very sophisticated security features such as intrusion detection, a reverse proxy for Exchange, content filtering, and anti-virus. Logging features are complete, and it's easy to add users.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Corvigo MailGate MG1200 2.0
Corvigo         
Excellent, 8.7
Cost: Initial costs start at $4,950 for 50 users; annual costs start at $1,237.50 for 50 users  
Bottom Line: Easy to install and use, this appliance is a superb performer. End-user features are great: Users can release messages they want, whitelist senders from the notification e-mail, and instruct the program to treat bulk e-mail differently from spam.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Digitalinfo Networks MailPoint 3000
Digitalinfo Networks
Very Good, 8.5         
Cost: $1,599
Bottom Line: The MailPoint 3000 appliance performed very well in filtering spam and had almost no false positives. It's priced lower than many software-only packages and is simple to set up and configure. However, it lacks some of the enterprise-oriented features and granularity that companies might want.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

MailFrontier Enterprise Gateway 3.1         
MailFrontier
Excellent, 9.0
Cost: Starts at $13.20 per user per year for anti-spam only; starts at an additional $8.50 per user per year for anti-virus        
Bottom Line: MailFrontier offers an easy install that's likely to be comfortable for administrators of any experience level. After installation, it requires little ongoing maintenance. It provides granular user and group management, e-mail policy enforcement, and excellent performance.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

MessageLabs Anti-Spam Service
MessageLabs
Very Good, 8.4         
Cost: 50 users, starts at $798 per year
Bottom Line: MessageLabs' service offloads anti-spam and anti-virus processing from your network, reducing the traffic going across your Net connection. It offers easy setup and provides a simple way for end-users to check quarantined e-mail and release messages they want to keep.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Mirapoint Message Director MD450         
Mirapoint
Very Good, 8.4         
Cost: One-time hardware cost, $22,100; annual anti-spam license ranges from $3.50 per user for 500 users to $1.50 per user for 10,000 users
(anti-virus protection costs extra); annual support fee, $3,315
Bottom Line: Mirapoint's anti-spam appliance boasts excellent performance, easy setup, and on-site support -- all included in its price, which is quite low compared with other such products on the market. Its high capacity can accommodate tens of thousands of users.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Proofpoint P800 Message Protection Appliance
Proofpoint
Excellent, 9.0
Cost: As tested, $9,780
Bottom Line: Simple to install, this appliance offers great ease of use, a low price, and an impressive 94 percent catch rate, making it an all-around good deal. The false positive rate should improve as users add to the whitelist. Even with the additional cost for anti-virus, it's worth the price.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Roaring Penguin CanIt-Pro 2.0b
Roaring Penguin Software
Excellent, 8.6
Cost: Starts at $6 per mailbox for the first year; subsequent support fees are 50 percent of the initial price; outright purchase price begins at $18 per mailbox.         
Bottom Line: CanIt-Pro offers an enterprise-oriented feature set that includes group-based filtering rules and user access to quarantined e-mail. With a minimum purchase of 125 mailboxes, it's not intended for small organizations, but larger organizations will find the comprehensive feature set a good fit.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Sophos PureMessage 4.6  
Sophos
Excellent, 8.6
Cost: Starts at $18.81 per year per user for anti-spam and anti-virus   
Bottom Line: Sophos provides an easy install for Linux shops, with excellent documentation. The offering provided the greatest control of settings, policies, groups, and users in our September test, but that all comes at some cost to complexity.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

SpamAssassin 2.63
SpamAssassin.org  
Very Good, 7.1         
Cost: Free
Bottom Line: SpamAssassin is powerful, extensible, and free, but it's not for beginners. It requires a substantial time investment to understand its features and to properly configure and update its modules. Adding features and modules and adjusting rules requires knowledge of Perl programming.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Symantec Brightmail Anti-Spam 6.0         
Symantec
Excellent, 9.1
Cost: Starts at $18.90 per year per user for a two-year subscription, including anti-spam and anti-virus     
Bottom Line: Brightmail offers superb performance, a simple setup, and very low maintenance. With great end-user support and controls for delegating administration, there's nothing here not to like.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Trend Micro InterScan Messaging Security Suite 2.8     
Trend Micro
Very Good, 8.4         
Cost: Starts at $15.18 per year per user for anti-spam only
Bottom Line: Good policy management features and granular adjustment to anti-spam filters enable admins to tailor IMSS for specific users. It supported the most platforms of the four solutions in our September test and offers granular delegation of administrative rights.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

ANTI-SPYWARE AND ANTI-VIRUS
Computer Associates eTrust PestPatrol Corporate Edition 5.0
Computer Associates         
Very Good, 8.1         
Cost: Priced by volume; 100 seats, $22.49 per seat      
Bottom Line: PestPatrol is a solid product that installs quickly and easily. Client deployment is simple, using either a "push" or command-line installer. The GUI is straightforward and easy to navigate, and detection rates are some of the best available. Reporting and logging are weak, however, and administrators cannot add custom signature definitions.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Panda Software BusinesSecure 3.0         
Panda Software
Very Good, 7.8         
Cost: One-year license for 2,000 users, $24 per seat
Bottom Line: BusinesSecure 3.0 uses Panda's first-rate scan engine, and its user interface is incredibly easy to navigate, but the admin and management features need maturing. Prompt tech support and product pricing incentives make up for some of the management snarls.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Tenebril SpyCatcher 3.0 Enterprise          
Tenebril         
Cost: Priced by volume; 100 seats, $14 per seat
Bottom Line: SpyCatcher client installation uses Microsoft .MSI files, which are easily distributed via shared folders, log-in scripts, or software distribution systems. It does a decent job of detecting and eliminating spyware, but suffers from a slightly disjointed GUI and a lack of centralized update distribution. Its reporting engine could use improvement.     
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Trend Micro Client/Server Suite for SMB 6.0
Trend Micro  
Excellent, 8.9
Cost: $21 to $28 per seat, depending on volume
Bottom Line: Client/Server Suite for SMB provides the best client-side and file-server protection for a midsize Microsoft shop, with a comprehensive set of admin functionalities. It's a mature product that is easy to deploy and manage, thanks to customizable features.           
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

APPLICATION SECURITY
DbEncrypt 2.5.0
Application Security 
Very Good, 7.2         
Cost: $15,000 per Oracle SID or SQL Server Instance  
Bottom Line: An enterprise-level database encryption utility that's easy to install and configure, and it works at the column level. Column decryption is handled through the UI, and it's easy to add and remove permissions. However, such software will be obsolete for Microsoft shops when SQL Server 2005 is released.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Forum XWall Web Services Firewall, Version 3.3           
Forum Systems
Very Good, 8.2         
Cost: Base software system for Windows platforms, starts at $2,500; all features enabled, $20,000          
Bottom Line: For businesses that must secure their Web services but don't need schema tightening or have other systems in place that protect against SQL injection attacks, Forum XWall is a great, low-cost security system. It helps prevent denial of service attacks and can greatly reduce exposure to hack attempts. XWall's policy engine is first-rate and allows for granular control of your IDP rules.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  

Imperva SecureSphere Version 2.0          
Imperva
Excellent, 9.1
Cost: As tested, $25,000; base software includes one management server and protection for one Web and one database server
Bottom Line: SecureSphere provides excellent heuristics and data analysis with its Correlated Attack Verification engine. It doesn't rely strictly on hard triggers or predefined rulesets and is capable of learning "normal" traffic patterns.      
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Imprivata OneSign 2.5         
Imprivata
Excellent, 8.9
Cost: 200 users, starts at $15,995; fingerprint option, $10,000
Bottom Line: A simple and effective way to enable single sign-on for an entire enterprise, OneSign supports virtually any application and directory. This appliance can heighten security dramatically by ensuring that all users need only one strong password, or, even better, token-based or biometric authentication.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

KaVaDo InterDo 3.0
KaVaDo
Excellent, 8.8
Cost: Software, starts at $15,000; appliance, starts at $19,000
Bottom Line: InterDo has a strong UI, with a wizard-driven setup process that even non-experts can follow. A well-designed security dashboard makes monitoring and management easy. ScanDo, an add-on that checks for vulnerabilities, provides excellent feedback to tighten up Web apps.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Related:
1 2 3 Page 1
Page 1 of 3