Security

Sixty-eight solutions for protecting networks, and apps for thwarting intruders

If anything was of greater concern to IT managers in 2003 than keeping costs down, it was security. Throughout the year, IT scrambled to thwart viruses and worms, identify and patch vulnerabilities, secure remote access and protect data traveling the Internet, and defend against intrusions and attacks on network resources and applications. And then there was that little annoyance called spam. Naturally, vendors tried to address these problems with all manner of products, and it seems we tested them all, reviewing nearly 70 security solutions in 2003 -- almost one third of our total reviews.

Highlights included two roundups of firewalls and firewall appliances, roundups of enterprise anti-virus gateways and server scanners, a feature and test of identity management solutions, a XML firewall roundup, a feature and two tests of SSL VPN appliances, three tests of vulnerability scanners, and a shoot-out of anti-spam gateways for large networks. Interspersed among all these comparative tests, we did stand-alone reviews of application firewalls, intrusion detection systems, network forensics appliances, patch management tools, and solutions for securing hosts, clients, and storage devices.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Anti-Spam
Brightmail Anti-Spam Enterprise Edition 5.1
Brightmail
Very Good (8.4)
Cost: Yearly subscription: $1,499 for 50 users; $5,999 for 500; $35,000 for 5,000
Bottom Line: Brightmail's gateway solution includes a spam folder agent for Exchange and IBM/Lotus Domino, allows Outlook users to provide "spam" or "not spam" feedback with a click, and has good reporting. However, administration is relatively inflexible; end-users cannot whitelist senders directly. Nevertheless, Brightmail proved the most accurate in filtering spam (96 percent successful). Excellent support and a large user base mean Brightmail should continue to have high accuracy.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

FrontBridge TrueProtect E-mail Security Suite
FrontBridge
Very Good (8.5)
Cost: yearly subscription is $1,350 for 50 users; $9,000 for 500; $75,000 for 5,000
Bottom Line: The FrontBridge service blocked 90 percent of spam in tests, with few false positives. Adding users is virtually automatic, end-users can easily recover quarantined messages and whitelist senders, and reporting is excellent. However, real-time information is unavailable due to delays of up to six hours. FrontBridge also offers a good array of additional services, including mail policy enforcement and disaster recovery.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

NetIQ MailMarshal SMTP 5.5
NetIQ
Very Good (8.4)
Cost: Licenses fees: $1,295 for 50 users; $5,750 for 500; $39,500 for 5,000. Yearly maintenance fee is 18 percent of license. Enterprise version with four-server license is $2,000 plus $750 per 100 users
Bottom Line: MailMarshal handles spam with a powerful management console, detailed reporting, and a number of functions for Windows-based Internet mail environments, including anti-relay, anti-spoofing, and filtering of dangerous file types. The gateway integrates with a variety of third-party anti-virus scanners, and the ongoing maintenance cost is much lower than other solutions.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Postini Perimeter Manager Enterprise Edition
Postini
Excellent (8.7)
Cost: Yearly subscription is $1,350 for 50 users; $10,000 for 500; $68,750 for 5,000
Bottom Line: Postini's service offers highly accurate spam filtering, a rich and flexible feature set, and granular administration, allowing anti-spam settings to be tightened or loosened to different e-mail types and policies to be tailored to individual users, groups, and domains. The service is easy to use for both admins and end-users. Postini was the only product tested to include anti-virus scanning in the base price.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Proofpoint Protection Server 1.2.1
Proofpoint
Very Good (8.3)
Cost: Yearly subscription is $1,000 for 50 users; $10,000 for 500; $54,049 for 5,000
Bottom Line: Proofpoint is demanding technically to install and configure, but the superb tech support makes this a nonissue. Spam filtering is highly accurate, and a flexible classification system allows administrators to configure different responses to spam depending on spam likelihood. End-users can easily recover quarantined messages and add senders to whitelists, and reporting features are excellent, but delegation of admin tasks is not as detailed or granular as with Postini.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

SpamAssassin 2.44
SpamAssassin Open Source
Good (6.0)
Cost: Free
Bottom Line:  SpamAssassinsoftware is free and plenty of add-ons are available on the Web, but this gateway is much more difficult to install and update than commercial alternatives. Complex setup, scanty documentation, ongoing research and tuning requirements, and lack of tech support make this a poor choice for most companies. Unless you have more staff than money, spend the $10 to $20 per user per year for one of the commercial gateways or services.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

SpamBayes for Outlook
SpamBayes project
Excellent (9.4)
Cost: Free download
Bottom Line: This powerful anti-spam weapon works with Microsoft Outlook filters and folders, trains on your own unique message database, and learns by watching you, responding to both positive and negative clues as to what constitutes spam. Most importantly, it’s immediately effective.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Anti-Virus
Eset NOD32 2.0
Eset Software
Excellent (8.6)
Cost: $290 for 10-user license; $4,500 for 500-seat license
Bottom Line: If resources are limited and anti-virus protection is the key, NOD32 may be the ideal compromise. It offers an easy-to-use interface, simple deployment, and solid performance.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

eTrust Antivirus 7.0
Computer Associates
Very Good (8.4)
Cost: Starts at $35 per user
Bottom Line: Offering comprehensive virus protection to guard against malicious software coming in via e-mail or the Web, Computer Associates' anti-virus solution is affordable, robust, and easy to manage.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

GFI MailSecurity for Exchange/SMTP 7.2
GFI Software
Very Good (8.3)
Cost: $6.99 per user for 500 users
Bottom Line: Multiple scanning engines and e-mail-exploit protection set GFI MailSecurity apart from the rest. Providing content filtering and outbreak management features, it's also easy to install and configure, and it can work as a gateway or integrated with the mail server. The only thing missing is a Web interface for remote management.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Gordano GMS Boundary Protection Version 9
Gordano
Good (6.8)
Cost: $11.92 per user for 1,000 users
Bottom Line: GMS Boundary Protection is a complete mail solution in its own right. The anti-virus component is configured for the GMS mail server, making it difficult to integrate with existing SMTP servers. Nevertheless, anti-virus capabilities are solid, including outbreak alerts as well as disinfection and quarantine capabilities.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Network Associates McAfee VirusScan Enterprise 7.0
Network Associates
Very Good (8.1)
Cost: $51.31/seat for 500 seats, with AntiVirus Defense Suite and one year support
Bottom Line: A solid solution for organizations seeking one tool to coordinate virus scanning, firewall polices, and usage policies over many servers and workstations. Its requirements are heavy and its setup complex, but its ambitious ePO (e-Policy Orchestrator) provides true enterprise policy management with virus signature-file updates and usage policy management.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Network Associates McAfee WebShield SMTP 4.5
Network Associates
Very Good (7.2)
Cost: $11.73 per user for 500 users
Bottom Line: A great server-based anti-virus solution for organizations using McAfee on client desktops, due to integrated client-server management. The setup routine and administration interface really shine on this product. However, the limitation of a single scanning engine and the lack of a Web management interface hold it back.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Sophos Anti-Virus/Enterprise Manager
Sophos
Very Good (8.0)
Cost: $19 per seat for 500 seats, with one-year license and one databank connection to Enterprise Manager
Bottom Line: Sophos Anti-Virus/Enterprise Manager provides simple, straightforward anti-virus protection with very low barriers to deployment or management. Sophos performs well in recognizing viruses, and it wisely focuses on the one thing it does best -- scanning files for virus payloads.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Sophos MailMonitor for Exchange 3.70
Sophos
Very Good (7.0)
Cost: $11.50 per user for 500 users
Bottom Line: MailMonitor is a solid, server-based anti-virus solution featuring an intuitive management interface and tight integration with Exchange. The addition of multiple scanning engines, outbreak alerts, and a Web interface would be welcome. But what MailMonitor lacks in cutting-edge features, it makes up for in maturity.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Symantec AntiVirus Corporate Edition 8.0
Symantec
Very Good (8.3)
Cost: $26.70/seat for 500 seats, including one year Gold maintenance
Bottom Line: A complete anti-virus distribution and event management system with a component-based approach, Symantec will manage anti-virus tools across a huge network while making good use of Microsoft's own management console facilities.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Symantec AntiVirus for SMTP Gateways 3.1
Symantec
Very Good (7.2)
Cost: $11.60 per user for 500 users
Bottom Line: Symantec AntiVirus is a solid implementation of an e-mail gateway, but it's slightly hampered by a single scanning engine and the lack of built-in quarantining, which is available separately. Provides content-filtering and outbreak management features, and the Web interface allows management from anywhere on the Internet.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

TrendMicro ScanMail for Exchange 6.1
TrendMicro
Very Good (7.3)
Cost: $21.90 per user for 500 users
Bottom Line: ScanMail is rich in security features, easy to set up and administer, and manageable by both Windows and Web clients. However, it falls short in value, costing significantly more than competing solutions. By default, ScanMail does not scan the bodies of incoming e-mails; this ill-advised setting hampered its performance out-of-the-box.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Application Security
Akonix L7 Enterprise 2.0
Akonix Systems
Very Good (7.3)
Cost: $2,250 annual subscription for 50 users
Bottom Line: This IM management server addresses security and productivity concerns around using public IM in the enterprise. The L7 proxy server works handily with a firewall to authenticate IM users, apply access policies, and log communications in SQL Server.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

DataPower XS40 XML Security Gateway
DataPower Technology
Excellent (8.6)
Cost: $65,000
Bottom Line: The DataPower appliance looks and feels like a datacenter appliance: no extra ports or buttons exposed and no rotating media. The hardware-based XML processing allows pervasive Schema validation and enables flexible programming via the XSL style sheets.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

eEye SecureIIS Version 2.0
eEye Digital Security
Very Good (8.1)
Cost: $995 as tested; $2,995 for single server; $4,995 to $9,995 for enterprise license based on size of Web site, number of servers, and event management capability
Bottom Line: SecureIIS wraps itself around an IIS server at the ISAPI (Internet Server API) layer, protecting servers from known and unknown attacks. This frees security admins from constant reactive analysis and patch management. Protection is quick to implement, effective, and has a minimal impact on performance.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Forum Sentry 1504
Forum Systems
Very Good (7.9)
Cost: $35,000
Bottom Line: Of the three XML firewall appliances tested, the Forum Sentry 1504 feels the most like a firewall, with an IOS (Internetwork Operating System) interface and policies selected according to XPath criteria. However, the Sentry's multiple user interfaces can be confusing to users expecting a simpler entry point.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

1 2 3 Page 1
Page 1 of 3