We help IT Professionals succeed at work.

Antivirus/Antispam for Exchange 2010

What antivirus/antispam software is recommended for Exchange 2010?  What products are you currently using and what are your perceptions of its usefulness as well as easy of use?  

Our MS Forefront is expiring and we are currently investigating other products to take its place.  We currently run 2 Exchange 2010 servers with all roles installed on each server.  Any opinions would be greatly appreciated.
Watch Question

We use Symantec Mail Security for Microsoft Exchange - advanced heuristics to provide real-time email protection against viruses, spyware, phishing, and other malicious attacks while enforcing content filtering policies on Microsoft Exchange Server 2007, 2010 and 2013. Ahead of that we have the Fortimail, which is a  Secure Email Gateway platform. It protects against inbound attacks - including advanced malware -, as well as outbound threats and data loss with a wide range of top-rated security capabilities. These capabilities cover: antispam, antiphishing, anti-malware, sandboxing, data leakage prevention (DLP), identity based encryption (IBE), and message archiving. Its inbound filtering engines block spam and malware before they can clog your network or compromise your systems. Its outbound inspection technology (including 3G mobile traffic) reduces the loss of sensitive information, maintains compliance and prevents your organization and users from being blacklisted.

This helps us stop the most advanced threats before they reach end users.
Satyendra SharmaMicrosoft UC Technical Architect


I have used Symantec Mail Security for Exchange quite a bit and its a great product with lots of functionality/feature and reporting.

More info:-
Mohammed KhawajaManager - Infrastructure:  Information Technology

It all depends on how much you want to spend and how you want to handle it.  My recommendation would be to outsource anti-virus and anti-spam to a third-party such as fusemail.com, etc. where your MX record will point to the third-party and you will configure your connector to accept SMTP only from the third-party.  Besides that you could implement any reputable anti-virus for your Exchange (McAfee, Symantec, Kaspersky).  I believe it is worth using a third-party as it will be cheaper in the long-term as you will not have to deal with spam and virus breakouts.


Our exchange environment consist of 2 servers in a clustered DAG with all roles installed on both servers.  Can SMSME be installed in this type environment?
Most Valuable Expert 2014

I wouldn't touch the Symantec product personally. I have had nothing but problems with it.
It is the market leader, which means all of the spammers test their "product" with it. I have also seen it bring down its fair share of Exchange servers.

I have standard advice for this question.
What works for me, may not work for you. I have seen every product work very well, and every product fail.
Don't buy on reputation alone, because that is someone else. Everybody's email profile is different.
I also tend to suggest avoiding the products from the AV vendors.

Test, test and test again.
Make a shortlist based on price and features alone, not reputation or recommendation.

When it comes to selection, it isn't what the product lets through that is important, it is what it blocks.
A product could claim it is 100% effective on spam by simply blocking every email that you receive. Therefore run them on quarantine only mode for at least a week, preferably over a month end, so you can see what it would be dropping and why. Nothing like having an invoice from your biggest supplier being blocked on the last day of the month to have the boss questioning the choice of product.

As for products, I would be looking at a combination of hosted and on prem. Alas the best one in most peoples' eyes you already have and is going away - Forefront. If you want multi engine, the GFI Mail Essential Security works in the same way.
Also look at the appliances, both physical and virtual. Just ensure they can do recipient validation so you aren't scanning email for users who do not exist.




thanks for the response.  We have Ironports on the perimeter as our GWs.  This will be for internal protection for our Exchange servers.  Are you currently using GFI Mail Essentials?  Have you tried Vamsoft ORF Enterprise?
Most Valuable Expert 2014
I have been using Vamsoft for years.

However it is no good for internal traffic, that would be a replacement for your ironport appliances.
GFI Mail Essentials I have in a number of locations and it works well.
However I have also seen it block content it shouldn't do as well.

You shouldn't be getting internal spam, so something like GFI Mail Essentials security edition would block the nasty stuff that users send around.