Solved

Anti-virus and anti-spam for Microsoft Exchange 2013

Posted on 2014-11-05
7
314 Views
Last Modified: 2014-11-12
Hi Guys,

I'm going to stop using Mimecast filtering for a client as we are upgrading everything to Exchange 2013. I heard the anti-spam and anti-malware in Exchange 2013 is quite good. Do you guys agree with this?

Is this anti-malware like a proper anti virus scanner for emails? One of my colleagues was suggesting Karspersky, but I'm not a big fan, it is quite heavy in my opinion. I don't want the server to slowdown because of a anti virus that is not very well optimised.  We know it works at least and has a good detection rate, but this is talking only about the normal anti virus software work a server/workstation, not for a email server.

Do you guys have any suggestions please?
0
Comment
Question by:Alex
  • 4
  • 3
7 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40423933
The built in tools within Exchange 2013 are very basic. I wouldn't call them "good". They can work in some scenarios, but most clients find them inadequate. There is no GUI for them, so everything is done with command line.

If you are happy with Mimecast, why not stick with them? The upgrade to Exchange 2013 doesn't make any difference.

When it comes to AV, there isn't much between the products now. I tend to suggest the first thing that goes off your list is whatever you have on your desktops (so if you are using McAfee on your desktops, you don't consider their product for Exchange).

Spam tools are a completely different matter. I have seen every product fail and every product work. That has to be evaluated. The only criteria I use at the start is cost. So if the client allows £10 a user, then products that want more than that get scratched off the list.

Simon.
0
 

Author Comment

by:Alex
ID: 40425728
Powershell to configure spam filters is definitely a no go for me.

Costs, mimecast costs a lot per user and the client doesn't want it.

Well we use only Microsoft RDS servers and Citrix for this client, they don't have fat desktops only thinclients.

We were thinking about £15 per user per year for the protection of anti-virus/anti spam. Mimecast is about £70 at the moment just for filtering/spam/archiving. They don't need archiving anymore.

Thanks
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40425733
You are going to struggle to get it down to £15 a user unless you have a lot of users.
One of the more popular choices I have at a number of clients is GFI Mail essentials (Unified edition, for both AV and Antispam) and it only goes below £15 a seat at over 250 users.

You could look at using something open source for anti-spam (there a number of appliances out there) and then just use something for Anti-Virus. Spam blocking doesn't really need "definitions" in the same way, as the most effective method is to block based on the source, rather than the content.

Simon.
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 

Author Comment

by:Alex
ID: 40425918
I'm checking the anti-spam solution from Kaspersky as we are considering their light agent version for VMware so we have a virtual appliance doing all the heavy work, I'm not sure yet how the anti-spam works, will check the costs this afternoon. We have about 150 users for this company.

This GFI in your opinion, how does it compare to other major vendors regarding the level of protection and ease of use?

I understand I might need to go higher than £15 per seat, but definitely £70 for just Mimecast was a rip off.

The AV will be used in Microsoft RDS servers, so I believe we just need once license per RDS server, which are virtual machines. All user computers are thinclients.

Have you used these open source anti-spam solutions? Are they any good? I'm fine with open source software as long we can also have the option to pay for proper support, like with pfSense. It is a great thing, you don't pay for the firewall but pay for the support when needed.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40426041
You want to have different AV on the servers than you have on Exchange. So if you are considering Kapersky for the servers, then I wouldn't consider them for Exchange. Dual level of protection.
For Antivirus, the GFI product has worked very well everywhere I have put it. The product is multiengine, so it uses definitions from multiple vendors. The Microsoft Forefront product used to do this (and was the go to product for AV protection for Exchange), but that has been dropped as Microsoft try to push everyone to the cloud.

For spam protection, I have seen it work well and have seen it fail. That is why you must evaluate the product first.

With regards to Open Source, in the main they work well, I don't think I have ever really needed support. I used pfSense myself until recently, I never even needed to consider support. The main techniques for spam blocking haven't changed much, so once you have the products setup they tend to just run.

Simon.
0
 

Author Comment

by:Alex
ID: 40433028
I understand your point but I need a central management console, so whatever is the AV we decide to go we will need to apply across all server and manage centrally.

GFI for spam filter would be a cloud solution that filter emails before reaching your server or a on premises solution installed on Exchange?
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 40433049
Note I am referring to Exchange AV, not the OS AV. You can put whatever you like on the server to protect the rest of the OS, as long as you put the correct exclusions in for an Exchange server.

GFI (as an example) can be purchased either as on premise or cloud based. Most of my deployments are on premise simply to stop users from emailing inappropriate material between themselves (still get users sending 25mb videos about, instead of putting them on file shares).

Simon.
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question