E-Mail Content Security: Filtering Out the Hype
by Ed Macnair - CEO, Marshal - Wednesday, 6 December 2006.
E-mail is at risk - vulnerable to external attack from viruses, spam, spyware and phishing technologies. And vulnerable to abuse from within, which could result in: acceptable use policies being compromised; regulatory compliance violations; and/or confidential corporate data being leaked externally. The recent DVLA disciplinary action demonstrated all too clearly what can happen when acceptable use policies are flouted by a large number of employees.

A plethora of e-mail content security technologies have emerged in recent years to address such vulnerabilities. Companies currently have the choice of two major types of email content security solution: software or appliances. Software solutions have been available for about ten years, while appliances appeared on the market around five years ago. Appliances are purpose-specific e-mail content security servers, typically based on industry-standard server hardware and running a security-hardened Unix/Linux OS to provide the platform for the mail-screening software.

Since their inception, appliances have been touted by some as the holy grail of e-mail content security, winning over many customers in the process. Today, however, the tide is turning.

Plug and play?

The major selling point for appliances has always been based on the perception that they provided a ‘plug and play’, purpose built, e-mail security hardware solution. The idea was that a company could order a pre-configured email scanning system that would simply plug into its email environment and instantly start cleaning spam and viruses from e-mail. In practice, appliances can be difficult and time-consuming to install. The biggest selling appliance product on the market can take up to six hours to install, compared to between 1-2 hours for an equivalent software-only installation. In some cases, an appliance vendor-approved technician must perform the installation because it is so complex, with customers having to pay extra for this service. By contrast, most software solutions can be easily installed by any in-house IT person with a reasonable understanding of email configuration, MS Exchange and firewall administration.

Performance, scalability and high availability

Performance, scalability and high availability are clearly important factors to consider when choosing how to secure a business-critical tool such as email. E-mail scanning should be a transparent process, with no perceivable delay in email performance and should also be scalable - able to manage 10,000 users as easily as it can manage 100. Ideally, it should also be capable of clustering and load-balancing in an array environment, to ensure high performance throughput scanning, and also redundancy for high availability.

Performance is often claimed as a strength by many appliance vendors on the basis that the hardware is dedicated to a specific task. However, performance is really dependent on a range of factors such as processor speed, available memory, disc I/O, volumes of email and the type of email your business sends. Appliances are commonly marketed as suitable for “up to 1000 users,” based on a simple calculation of how much email the average person sends per hour and how much e-mail the server can process. Often this calculation assumes that the average email size is less than 10Kb. In our experience most typical businesses average around 40Kb per e-mail. As a result, a single appliance purchase really only supports 25% of that claim.

In order to actually process the true volume of e-mail the business requires, companies often need to upgrade to a higher specification appliance, or purchase a second appliance. Usually, customers have already made a significant investment in the appliance hardware and are compelled to upgrade, again at significant additional cost and installation disruption.

Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //