Solved

Best Email Gateway for Excahnge server 2010 or 2013

Posted on 2013-11-13
12
2,180 Views
Last Modified: 2014-05-11
Hi EEs,
I have to host exchange server2013 in my company,
Currently I have Fortigate 100 D as a firewall, & as a antivirus we are using Symantec end-point protection 12.1,

Now Can any one pls advise me …either I can use Fortigate 100D or Symantec End-Point 12.1 as an email Gateway for protecting my Exchange server from Email Viruses & spams etc.

Also advice does Hardware based Email gateway(appliance) is good V/S Software base Email gateway (Trend Micro Interscan Messaging suit-IMSS).

Many thanks in advance…
0
Comment
Question by:dxbdxb2009
  • 3
  • 2
  • 2
  • +5
12 Comments
 
LVL 8

Expert Comment

by:I Qasmi
ID: 39645037
Both the softwares are good
Also hardware based  is good as compared to software based.
Those with less expenses can deploy a software alternate solution
that are also good these days
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 150 total points
ID: 39645056
No such thing as "best". What works for me may not work for you.
As a rule I avoid products from the AV vendors, as I find they largely suck and are expensive. Get something that supports multiple AV engines.

You could look at something like GFI Mail Essentials, and then install it on a regular Windows machine with IIS SMTP installed. That can act as a very good gateway machine for SMTP traffic.
Another product that can do similar is Vamsoft ORF.

Another option would be to look at an appliance, even a virtual one. Lots of those around, again using multiple AV engines.

If you have Symantec on your clients, then that would immediately rule it out as the gateway because they will use the same definition files. You want a different vendor so you get multiple attempts to block the traffic.

Final advice - do NOT purchase based on reviews/recommendations alone. Always evaluate. If the vendor doesn't allow evaluations, walk away. If it is a "money back" guarantee then I am not interested because there is no guarantee they will still exist to give you the money back.

Simon.
0
 
LVL 61

Expert Comment

by:gheist
ID: 39645186
Exim is most popular mailserver on the internet
Postfix comes second
Both support ldap to active directory and numorous antiviruses.
0
 
LVL 41

Expert Comment

by:Amit
ID: 39645243
To protect Exchange from Viruses and Spams, You need multiple level of scanning and preferred to have one web based and one on premises. This gives maximum control.

Like i am using Message Labs web based solution and Mail Marshal on premises.
0
 
LVL 14

Accepted Solution

by:
Giovanni Heward earned 250 total points
ID: 39645450
While the term "best" is relative, there are solutions which are more effective than others.  I strongly suggest you consider a FireEye EX series appliance.

The FireEye® EX series secures against spear-phishing emails that bypass anti-spam and email reputation-based technologies. As part of the FireEye Threat Prevention Platform,
the FireEye EX uses signature-less technology to analyze every email attachment and successfully quarantine the spear-phishing emails used in advanced targeted attacks.

Real-time quarantine of malicious emails
To block spear-phishing emails, the FireEye EX series analyzes every attachment using the purpose-built FireEye Multi-Vector Virtual Execution™ (MVX) engine that accurately identifies today’s advanced attacks. The FireEye MVX engine detonates email attachments against a cross-matrix of operating systems and applications, including multiple Web browsers and plug-ins like Adobe Reader and Flash. If an attack is confirmed, the EX platform quarantines the malicious emails for further analysis or deletion.

Highlights

Installs in under 60 minutes – Deploys as an MTA, SPAN device, or BCC destination, in-line (block/monitor-mode) or out-of-band (monitor-only)
Real-time quarantine of zero-day email attacks – Using the FireEye MVX engine, identifies and blocks advanced targeted attacks using malicious images, PDFs, Flash, or ZIP/RAR/TNEF archives
Integrates with the NX to stop blended attacks – Quarantines emails with malicious URLs and traces Web-based attacks back to the original spear-phishing email
Enhances existing email control infrastructure – Layers dynamic malware and attachment analysis behind the static signature-based detections of anti-spam and anti-virus gateways
Dynamically generates threat intelligence – Captures details such as callback coordinates and communication characteristics to protect locally and share globally through the DTI cloud
Supports YARA-based rules – Enables information security analysts to specify byte-level rules and quickly analyze email objects for threats specific to the organization
Supports AV-Suite integration – Malicious objects identified by anti-virus software can be linked to the deeper forensic information provided by the EX for more efficient incident response prioritization

I also strongly suggest the use of OpenDNS to further mitigate against malicious links, malware "phone home" requests (including Cryptolocker), and other threats.  Your firewall should be configured to block all public DNS servers except OpenDNS.
fireeye-ex-series.pdf
0
 
LVL 4

Expert Comment

by:FutureTechSysDOTcom
ID: 39645969
I've had decent luck with a combo of "not the entry level" Barracuda devices, coupled with Sophos Computer Security.
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 8

Assisted Solution

by:myramu
myramu earned 100 total points
ID: 39646904
Hello,

As you already using FortiGate, I recommend to start use the FortiGate for AntiSpam scanning along with third party DNSBL scanning. This should avoid most of the spam mails. But you don't get dedicated AS scanning appliances features like per user configuration, AD integration for AS scanning and user quarantine.

If you are not happy with the FortiGate AS catch rate, you can try Iron Port or FortiMail for in-depth AS scanning.  

Always do POC and get the product that fulfill your needs.
0
 

Author Comment

by:dxbdxb2009
ID: 39647135
Dear All,

Lets go step by step to clear if off...

Can use Fortigate 100D or FortiMail 200D for mail Email Server Security?

Pls advice...
0
 
LVL 61

Expert Comment

by:gheist
ID: 39647175
First try to use what you have. If that proves insufficient you are expert on the subject for purchasing decisions. Fortimail is for high volume
0
 

Author Comment

by:dxbdxb2009
ID: 39647313
any core advantages for having FortiMail-200D which insist us to buy FortiMail200D

pls advice some core benefits..

thanks in advance..
0
 
LVL 8

Assisted Solution

by:myramu
myramu earned 100 total points
ID: 39666536
Still I would suggest you to try FortiGate AS feature, if not satisfied with spam catch rate then try FortiMail.
Core advantages of FortiMail:
1) Transparent mode implementation.
2) Sender reputation based on sender behavior
3) Per user/system quarantine and email archiving
4) Other anti-spam techniques(Grey list, heuristic, deep header) to catch more spams
5) Session level spam catching.

Good Luck!
0
 

Author Comment

by:dxbdxb2009
ID: 40053260
@ Admin: pls close this question; as this is being shown at my dashboard saying 'Your question has been inactive''

thanks in advance...
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

"Migrate" an SMTP relay receive connector to a new server using info from an old server.
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
how to add IIS SMTP to handle application/Scanner relays into office 365.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now