Anti-virus and anti-spam for Microsoft Exchange 2013

Hi Guys,

I'm going to stop using Mimecast filtering for a client as we are upgrading everything to Exchange 2013. I heard the anti-spam and anti-malware in Exchange 2013 is quite good. Do you guys agree with this?

Is this anti-malware like a proper anti virus scanner for emails? One of my colleagues was suggesting Karspersky, but I'm not a big fan, it is quite heavy in my opinion. I don't want the server to slowdown because of a anti virus that is not very well optimised.  We know it works at least and has a good detection rate, but this is talking only about the normal anti virus software work a server/workstation, not for a email server.

Do you guys have any suggestions please?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Simon Butler (Sembee)ConsultantCommented:
The built in tools within Exchange 2013 are very basic. I wouldn't call them "good". They can work in some scenarios, but most clients find them inadequate. There is no GUI for them, so everything is done with command line.

If you are happy with Mimecast, why not stick with them? The upgrade to Exchange 2013 doesn't make any difference.

When it comes to AV, there isn't much between the products now. I tend to suggest the first thing that goes off your list is whatever you have on your desktops (so if you are using McAfee on your desktops, you don't consider their product for Exchange).

Spam tools are a completely different matter. I have seen every product fail and every product work. That has to be evaluated. The only criteria I use at the start is cost. So if the client allows £10 a user, then products that want more than that get scratched off the list.

AlexAuthor Commented:
Powershell to configure spam filters is definitely a no go for me.

Costs, mimecast costs a lot per user and the client doesn't want it.

Well we use only Microsoft RDS servers and Citrix for this client, they don't have fat desktops only thinclients.

We were thinking about £15 per user per year for the protection of anti-virus/anti spam. Mimecast is about £70 at the moment just for filtering/spam/archiving. They don't need archiving anymore.

Simon Butler (Sembee)ConsultantCommented:
You are going to struggle to get it down to £15 a user unless you have a lot of users.
One of the more popular choices I have at a number of clients is GFI Mail essentials (Unified edition, for both AV and Antispam) and it only goes below £15 a seat at over 250 users.

You could look at using something open source for anti-spam (there a number of appliances out there) and then just use something for Anti-Virus. Spam blocking doesn't really need "definitions" in the same way, as the most effective method is to block based on the source, rather than the content.

Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

AlexAuthor Commented:
I'm checking the anti-spam solution from Kaspersky as we are considering their light agent version for VMware so we have a virtual appliance doing all the heavy work, I'm not sure yet how the anti-spam works, will check the costs this afternoon. We have about 150 users for this company.

This GFI in your opinion, how does it compare to other major vendors regarding the level of protection and ease of use?

I understand I might need to go higher than £15 per seat, but definitely £70 for just Mimecast was a rip off.

The AV will be used in Microsoft RDS servers, so I believe we just need once license per RDS server, which are virtual machines. All user computers are thinclients.

Have you used these open source anti-spam solutions? Are they any good? I'm fine with open source software as long we can also have the option to pay for proper support, like with pfSense. It is a great thing, you don't pay for the firewall but pay for the support when needed.
Simon Butler (Sembee)ConsultantCommented:
You want to have different AV on the servers than you have on Exchange. So if you are considering Kapersky for the servers, then I wouldn't consider them for Exchange. Dual level of protection.
For Antivirus, the GFI product has worked very well everywhere I have put it. The product is multiengine, so it uses definitions from multiple vendors. The Microsoft Forefront product used to do this (and was the go to product for AV protection for Exchange), but that has been dropped as Microsoft try to push everyone to the cloud.

For spam protection, I have seen it work well and have seen it fail. That is why you must evaluate the product first.

With regards to Open Source, in the main they work well, I don't think I have ever really needed support. I used pfSense myself until recently, I never even needed to consider support. The main techniques for spam blocking haven't changed much, so once you have the products setup they tend to just run.

AlexAuthor Commented:
I understand your point but I need a central management console, so whatever is the AV we decide to go we will need to apply across all server and manage centrally.

GFI for spam filter would be a cloud solution that filter emails before reaching your server or a on premises solution installed on Exchange?
Simon Butler (Sembee)ConsultantCommented:
Note I am referring to Exchange AV, not the OS AV. You can put whatever you like on the server to protect the rest of the OS, as long as you put the correct exclusions in for an Exchange server.

GFI (as an example) can be purchased either as on premise or cloud based. Most of my deployments are on premise simply to stop users from emailing inappropriate material between themselves (still get users sending 25mb videos about, instead of putting them on file shares).


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.