Proofpoint Messaging Security Gateway (with Protection Server
4.0)
Proofpoint
Price: $9,750 for P800 appliance, plus annual subscription fees
for selected software modules
Viruses, spam, spyware and worms inflict heavy cleanup costs,
loss of productivity, and often force companies to implement
multiple layers of protection. Therefore, companies just cannot
afford to pile more software on already overburdened servers,
workstations and desktops.
Proofpoint's Messaging Security Gateway email security appliance
claims to solve these threats by taking care of them before they
reach the email server.
Installation/Configuration: A
The mid-range P800 we tested runs Proofpoint Protection Server 4.0
on a hardened Linux platform. To get started, simply change the
default password and basic network settings so the device can be
plugged in to the existing network and be accessed via its secure
Web interface.
A quick-start wizard takes you through the setup, where you can
configure the domains and email servers to be protected.
Considering the number of features and settings available, the
Web interface is well designed, presenting sections and subsections
for easy configuration.
Global policies preventing common attacks are created
automatically. More granular policies, including spam rules, can be
based on groups or even individual users and their attributes.
Effectiveness: B+
The appliance, powered by F-Secure's Anti-Virus engine, handled
suspect email well, stopping 94 percent of the spam; only two of
188 quarantined messages were false positives.
The software inspects each message in different ways, from
structural analysis to reverse DNS query, and also detects foreign
language spam. The antispam engine also learns from the actions
taken by users on quarantined mail.
The embedded email firewall protects the network from buffer
overruns, directory harvest and other connection-level attacks.
Proofpoint also offers an optional module for zero-day viruses.
The compliance module inspects inbound and outbound mail for
defined text, numbers or regular expressions, and confidential
information, such as patient records and credit card numbers.
Management: B
The engine contains more than 50,000 rules, and more are added
weekly through regular updates. You can also create custom rules to
ensure important email is not quarantined.
Organizations with need for multiple devices can manage them
from a master Web interface. High availability and failover support
can also be configured with ease.
Users and groups can be added in multiple ways, from LDAP
directories to CSV files.
Reporting: B
Proofpoint Messaging Security Gateway offers more than 30 reports
with various statistics and in-depth information for executive
management. You can also customize these reports before exporting,
mailing, or publishing them on a URL. The reports are comprehensive
and cover a wide audience, from executive management to a privacy
officer.
Verdict
Proofpoint Messaging Security Gateway is a highly recommended,
affordable solution for big enterprises that need protection from
email-based attacks.
Testing methodology
The Proofpoint P800 appliance was configured to protect emails from
a single email server in our lab environment. We let it inspect
emails for a single domain for about three weeks during the
review.
This review originally appeared in the Sept. 2006 edition of
Information Security magazine.