Email security recommendations

Posted on 2011-10-19
Last Modified: 2012-05-12
We are looking at replacing our current email setup. At the moment, we have a pair of Clearswift email gateways, with a mimesweeper spam scanning server behind it.
The Email gateways work as a first point to remove obvious spam based on content filtering, virus scanning and ldap queries. Mail then passes on to the mimesweeper for an added layer of spam filtering.
We would like to consolidate these two parts into one. I can see Barracuda and Ironport are the main providers of appliances, but we are open to software based solutions too.
Most important requirements:
-High availability
-LDAP query
-AV scanning
-Filtering based on header
-Reasonable cost
-Suitability for 250 users, peak of 700 mails per minute

Looking for recommendations from those that have experience with any solution that may fit.
Question by:sherryfitzgroup
    LVL 14

    Accepted Solution

    Last year, we did a similar evaluation to replace iornport and postfix servers.
    We decided to go for Microsoft FOPE (Cloud) + Microsoft Exchange 2010 edge with FPE (DMZ-On premise).

    Comparison study was done and had a couple of products got listed out including prof-point.
    My recommendation is to go for a cloud based solution as the infrastructure is only having250 user base.
    Appliance based solution is having better control and flexibility for administrators, while cloud based solution has limitations on customizing a specific requirement which is unique for you. How ever, looking into the cost factor, cloud based solutions are attractive.

    LVL 5

    Assisted Solution

    2nd that.  Most AV venders have some sort of solution as well.  If you company has no compliance issue with the cloud then it should be considered.  Postini, MXLogics (now McAfee/Intel) and several others have been around for some time.  Another plus is the traffic will hit them first.  SPAM filters will quickly reject mail attempts and not use too much bandwidth but why not have the cloud service getting hammered instead of your IPs?  Cloud sevices usually offer some sort of high availabillity as well - caching email in an outage or an access portal to new mail if your servers are down.
    LVL 3

    Assisted Solution

    We use Postini by Google at our office. Works great because if our exchange server goes down or our facility is unavailable Postini will queue our mail until it connects back with our exchange server. As well it provides spam and virus detection, requires no management, etc. Its all cloud based so no additional hardware but there is a maintenance cost but its not astronomical.
    LVL 2

    Author Comment

    Thanks to all for their input so far

    We have very tight SLAs regarding the turn around time of e-mails, the contents of mails must be processed and published within ten minutes - so I don't think that a hosted or cloud based platform would be suitable.

    We need to be fully in control of our mail - this is the reason for the multiple Mail gateways (over multiple MXs from Multiple ISPs)

    Main concern here is that an issue with Clearswifts licencing service knocked out both nodes last week - so we sould like to diversify at least one of our mail paths by using another vendor.
    LVL 5

    Assisted Solution

    Probably better to avoid software then, may be more flexable but your adding a failure point in the OS that you are responsible for.  Not that an appliance ins't running an OS but it's all under the single vender.  If it fails they replace all of it, no finger pointing.

    Having not used these appliances for filters I can only give you my experience with these companies.
    Barracuda is one of those lots of features for the price kind of companies.  Support has been decent enough but with many features sometimes you get design issues that take time to get resolved.  Overall I still like them as a vendor.
    McAfee has been around a long time and is focused on security not everything to everyone.  They have however slipped a little recently.  They were bought by Intel a year or so ago and appear to be improving.  Mostly good history with them but there have been times...
    Ironport is a big name, never used them but would expect a high grade product.  Always had excellent results from Cisco.  We have several Cisco products and support is very good.
    LVL 2

    Author Comment

    Another point is we have 2 sites. One main site, which holds the current mimesweeper, gateway setup and Exchange server. But we also have a data centre location for high availability databases and web servers.
    It would be possible for us to setup an appliance here too, and possibly another exchange server.
    Would it be worth having an appliance from one vendor at the main site, and another at the data center from a different vendor? This would eliminate downtime in the case of a vendor-specific issue/outage.
    Any thoughts on possible use of the second location?
    LVL 5

    Expert Comment

    I thought that was already your plan.  Right now sounds like you have one Exchange server.  If you run 2 the second would need to be mirroring the DBs with the filter in standby until a failure caused mail flow to jump to the second sight.

    Are you wondering how to get 2 mail servers with duplicated data?
    About how to get mail traffic to failover to another destination path?
    LVL 2

    Author Comment

    That's right, one exchange server currently. I'm not looking for howto, just recommendations on appliances, and configuration.
    Eg. comparions between ironport, messagelabs, Barracuda, exchange setup in both sites.
    LVL 27

    Expert Comment

    This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

    Featured Post

    Highfive Gives IT Their Time Back

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
    Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
    In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
    To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    23 Experts available now in Live!

    Get 1:1 Help Now