EDITOR'S NOTE: The Buyer's Guide summarizes vendor-submitted information. To find out about future Buyer's Guide topics or to learn how to include your product in an upcoming Buyer's Guide, go to http://www.winnetmag.com/buyersguide.
The enterprise is experiencing an email security crisis. Spam now constitutes more than 50 percent of all email, and one in every 30 email messages contains a computer worm or virus. Apart from the real damage these scourges can do, they eat up CPU resources, deplete bandwidth, take up disk space, and waste our time. Even as governments pass laws to prevent spam and punish malicious code writers, the problem is worsening, and no one expects it to get better any time soon. Protecting and reclaiming email servers from this onslaught should be a top priority for every network administrator.
This Buyer's Guide looks at email security suites that offer spam blocking, antivirus scanning, and content filtering. All the products run on or support Windows 2000 or later.
All-in-One Security Solutions
Only in the past few years have vendors offered all-in-one email security solutions that include antivirus scanning, spam blocking, and content filtering. Today's email security suites offer the following areas of functionality:
- real-time scanning or analysis
- detection-signature databases
- quarantine management
- heuristic analysis to recognize previously undefined threats
- ability to work across one or more protocols or ports
- centralized management, monitoring, and reporting
- daily or frequent updates of detection signatures
- end-user notification of blocked activity
- high accuracy
- minimization of false-positives and false-negatives
- 24 x 7 technical support
Security Trends
In addition to the convergence of these three primary email security technologies, other trends are emerging. First, most products are becoming policy driven, letting you more easily tie written security policies to configured security settings. Second, several vendors are offering Digital Rights Management (DRM) functionality to control the internal content that end users send to external networks. DRM controls are likely to become one of the fastest-growing areas in email and network security over the next year. Third, vendors are increasingly using preshared private keys or digital certificates to encrypt email. Fourth, vendors are offering more hardware appliances, often because the email security system runs some form of Linux or because a separate appliance can speed throughput. Fifth, in response to high-profile business disasters and new regulatory-compliance laws, some vendors are starting to support email archiving and automatic insertion of legal disclaimers in email messages.
Installation Approaches
Where you install these products in your environment depends on the vendor and product. Some products install at the network perimeter, intercepting email and other Internet content before it arrives at the email server. Other products install right on the email server or on an adjunct server that has a direct connection to the email server's messaging database. A few products install on the client desktop, intercepting email between the server and the user's email client. Each strategy has its strengths and weaknesses, depending on your operational requirements and comfort level. Perimeter solutions can work with almost any email server, whereas a server-installed solution must be specifically written for that server. The decentralized nature of client-side programs is a big disadvantage for many administrators but might be the only way to ensure complete compliance if end users are allowed to retrieve email without directly accessing the company's email server (e.g., through Web-based email accounts, POP3 accounts, or peer-to-peer—P2P—and Instant Messaging—IM—solutions).
Prev. page
[1]
2
next page 
