In contrast, the top performing software solutions provide multi-threading functionality, which removes potential bottleneck issues by scanning emails much faster than single-threaded solutions. These high-end software solutions are also able to increase performance throughput by managing multiple email processing node servers in an array. In this set-up, load balancing tools balance the e-mail processing load intelligently between different nodes, all at no additional cost to the customer. One appliance vendor does market a multi-server controller for linking two appliances together and load balancing them to share the task of processing large volumes of e-mail. However, this controller has to be bought separately – yet another additional cost that most customers are unaware of when they make the initial decision to purchase an appliance.
Flexibility and cost-effectiveness
As well as the normal risk assessment, companies reviewing their messaging security solution also need to consider flexibility and cost-effectiveness. By their very nature, even the best designed, feature-rich appliances are inflexible because they are locked into a hardware platform. Functionality is not transferable, and in any case, most do not have the same depth of functionality or power for policy enforcement as equivalent software options. Often, new technologies become available which require higher specification hardware, such as anti-spyware scanning, encryption, messaging scanning, image classification or new anti-spam technologies. In such a situation, the only option for appliance customers is to bite the bullet and upgrade to a new system.
Going down the appliance route also opens up the possibility of hardware failures, which can be very expensive and may leave a company exposed while a replacement appliance is shipped in. Conversely, if there is a hardware failure with the server hosting a software-based solution, there should be minimal downtime. Either the software can be running in a load-balanced, failover configuration on two (or more) servers which means no downtime at all, or it can be swapped onto another box and be up and running again in less than two hours.
Another perceived strength of appliances is that they generally have a hardened operating system which protects the appliance from common vulnerability exploits. This is certainly a valid security practice. Most viruses and spyware in the wild are designed to exploit vulnerabilities in desktop versions of popular Windows operating systems. So, using another operating system theoretically makes you less susceptible to infection. However, there are still viruses in the wild for other operating systems such as Linux, which is popular with some of the appliance vendors. But more importantly, the argument for hardened operating systems is somewhat overblown. Microsoft provides exhaustive information for free on how Windows operating systems on dedicated application servers can be locked down and hardened, and it is relatively easy to do.
The perception that appliances are the holy grail of e-mail content security solutions is changing rapidly. The risk of downtime and the potential lag between new vulnerabilities and the ability to install dedicated appliances to counter them is forcing many companies to re-evaluate their choices. Customers looking for easy-to-use, flexible, scalable and cost-effective e-mail content security products with a good ROI are realising that software solutions can often be a better bet for the long term.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.