Email security recommendations

We are looking at replacing our current email setup. At the moment, we have a pair of Clearswift email gateways, with a mimesweeper spam scanning server behind it.
The Email gateways work as a first point to remove obvious spam based on content filtering, virus scanning and ldap queries. Mail then passes on to the mimesweeper for an added layer of spam filtering.
We would like to consolidate these two parts into one. I can see Barracuda and Ironport are the main providers of appliances, but we are open to software based solutions too.
Most important requirements:
-High availability
-LDAP query
-AV scanning
-Filtering based on header
-Reasonable cost
-Suitability for 250 users, peak of 700 mails per minute

Looking for recommendations from those that have experience with any solution that may fit.
Who is Participating?
Shabarinath RamadasanConnect With a Mentor Infrastructure ArchitectCommented:
Last year, we did a similar evaluation to replace iornport and postfix servers.
We decided to go for Microsoft FOPE (Cloud) + Microsoft Exchange 2010 edge with FPE (DMZ-On premise).

Comparison study was done and had a couple of products got listed out including prof-point.
My recommendation is to go for a cloud based solution as the infrastructure is only having250 user base.
Appliance based solution is having better control and flexibility for administrators, while cloud based solution has limitations on customizing a specific requirement which is unique for you. How ever, looking into the cost factor, cloud based solutions are attractive.

mrklaxonConnect With a Mentor Commented:
2nd that.  Most AV venders have some sort of solution as well.  If you company has no compliance issue with the cloud then it should be considered.  Postini, MXLogics (now McAfee/Intel) and several others have been around for some time.  Another plus is the traffic will hit them first.  SPAM filters will quickly reject mail attempts and not use too much bandwidth but why not have the cloud service getting hammered instead of your IPs?  Cloud sevices usually offer some sort of high availabillity as well - caching email in an outage or an access portal to new mail if your servers are down.
AIC-AdminConnect With a Mentor Commented:
We use Postini by Google at our office. Works great because if our exchange server goes down or our facility is unavailable Postini will queue our mail until it connects back with our exchange server. As well it provides spam and virus detection, requires no management, etc. Its all cloud based so no additional hardware but there is a maintenance cost but its not astronomical.
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

sherryfitzgroupAuthor Commented:
Thanks to all for their input so far

We have very tight SLAs regarding the turn around time of e-mails, the contents of mails must be processed and published within ten minutes - so I don't think that a hosted or cloud based platform would be suitable.

We need to be fully in control of our mail - this is the reason for the multiple Mail gateways (over multiple MXs from Multiple ISPs)

Main concern here is that an issue with Clearswifts licencing service knocked out both nodes last week - so we sould like to diversify at least one of our mail paths by using another vendor.
mrklaxonConnect With a Mentor Commented:
Probably better to avoid software then, may be more flexable but your adding a failure point in the OS that you are responsible for.  Not that an appliance ins't running an OS but it's all under the single vender.  If it fails they replace all of it, no finger pointing.

Having not used these appliances for filters I can only give you my experience with these companies.
Barracuda is one of those lots of features for the price kind of companies.  Support has been decent enough but with many features sometimes you get design issues that take time to get resolved.  Overall I still like them as a vendor.
McAfee has been around a long time and is focused on security not everything to everyone.  They have however slipped a little recently.  They were bought by Intel a year or so ago and appear to be improving.  Mostly good history with them but there have been times...
Ironport is a big name, never used them but would expect a high grade product.  Always had excellent results from Cisco.  We have several Cisco products and support is very good.
sherryfitzgroupAuthor Commented:
Another point is we have 2 sites. One main site, which holds the current mimesweeper, gateway setup and Exchange server. But we also have a data centre location for high availability databases and web servers.
It would be possible for us to setup an appliance here too, and possibly another exchange server.
Would it be worth having an appliance from one vendor at the main site, and another at the data center from a different vendor? This would eliminate downtime in the case of a vendor-specific issue/outage.
Any thoughts on possible use of the second location?
I thought that was already your plan.  Right now sounds like you have one Exchange server.  If you run 2 the second would need to be mirroring the DBs with the filter in standby until a failure caused mail flow to jump to the second sight.

Are you wondering how to get 2 mail servers with duplicated data?
About how to get mail traffic to failover to another destination path?
sherryfitzgroupAuthor Commented:
That's right, one exchange server currently. I'm not looking for howto, just recommendations on appliances, and configuration.
Eg. comparions between ironport, messagelabs, Barracuda, exchange setup in both sites.
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
All Courses

From novice to tech pro — start learning today.