Download technology report (pdf, 525k) - West Coast Labs
Download technology report (pdf, 525k) - West Coast Labs
Download technology report (pdf, 525k) - West Coast Labs
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
10 TECHNOLOGY REPORT SUPPLEMENT FROM<br />
SurfControl RiskFilter – Email<br />
DEVELOPER’S STATEMENT: SurfControl RiskFilter–E-mail is<br />
compatible with all SMTP-based email systems and offers a scalable,<br />
secure messaging solution for organizations of all sizes and vertical<br />
markets.<br />
Manufacturer<br />
Contact details<br />
SurfControl plc<br />
www.surfcontrol.com/products/email/riskfilter<br />
SurfControl<br />
RiskFilter – Email<br />
has achieved the<br />
Checkmark<br />
Standard<br />
Certification for<br />
Anti-Spam<br />
solutions.<br />
www.check-mark.com<br />
FEBRUARY 2006<br />
SurfControl’s RiskFilter combines content<br />
recognition abilities with multi-layered blended<br />
threat recognition and extensive <strong>report</strong>ing and<br />
analysis to provide the tools and flexibility to protect<br />
against harmful and inappropriate content – both<br />
inbound and outbound.<br />
RiskFilter is a 1U rackmountable device with a front<br />
fascia on a hinge and swivel mechanism, so that it can<br />
be pulled out, twisted down, and tucked underneath the<br />
main body of the unit without ever having to remove it<br />
fully. This gives access to the main power and reset<br />
switches, the CD, floppy and the removable drives.<br />
The arrival of the RiskFilter product in the lab was<br />
preceded by a pre-configuration questionnaire which<br />
contained a checklist of necessary prerequisites along<br />
with sections for the administrator to fill in with DNS and<br />
IP details relevant to the company. After mailing this<br />
back, SurfControl partially preconfigured the device – a<br />
great help to an administrator under a heavy workload.<br />
The initial setup of the RiskFilter was very easy – the<br />
provided starter guide gives clear and concise advice.<br />
Each separate step in the procedure is accomplished<br />
by logging in at a console or terminal for initial<br />
configuration of the networking and then updating and<br />
configuring the application itself, using the two secure<br />
web interfaces available, to setup relays and build mail<br />
routing.<br />
Both web interfaces are SSL encrypted and are split<br />
to allow administration of the device itself through one<br />
port and of the software on the other port. This is a neat<br />
implementation that allows devolution of responsibility<br />
for the central spam management without giving access<br />
to the configuration of the device itself. Further control<br />
may be given to individual end-users via a further web<br />
interface that deals with End-User Spam Management<br />
(EUSM), although that functionality was not tested in<br />
this case. Although there are two interfaces, overall the<br />
setup and configuration of this device was speedy and<br />
the starter guide is written in such a way that ensures<br />
that it was trouble free.<br />
As an overlay service that covers the essential system<br />
administration tasks, the Webmin or System<br />
Management Console provides an intuitive method of<br />
setting the parameters for logging, network interfaces<br />
and clustering on the underlying Linux installation<br />
without ever getting near the OS itself – the subdued<br />
grays and blues make this easy on the eye and easy to<br />
navigate. All the options are well-labeled and easy to<br />
find and tasks can be performed intuitively.<br />
The RiskFilter email console interface acts to allow<br />
alterations to be made to the SurfControl software<br />
installed on the device, with alterations to the spam<br />
management system being performed via this route.<br />
This interface is stylistically similar to SurfControl’s<br />
website and has the same color scheme with shades of<br />
blue and touches of red, black and gray on a mostly<br />
white background. This gives a clean uncluttered look<br />
to the presentation and this serves the RiskFilter well.<br />
The interface is split into three major groups: System<br />
Settings, Policy Manager, and Reports and Logs, with<br />
each section having subsections that are appropriately<br />
grouped so that all options are exactly where the user<br />
expects them to be. The accompanying administrator’s<br />
guide provides simple advice for navigating and making<br />
changes within the interface, and is enhanced by<br />
screen grabs, ensuring that the user is not left with any<br />
doubts when making alterations.<br />
The Policy Manager section is where an administrator<br />
is likely to spend most of his or her time, as here it is<br />
possible to create new policies or alter existing ones.<br />
These can be set to read only, or to be altered by<br />
individual users using the EUSM facility. The RiskFilter<br />
quarantines all spam messages by default, stopping<br />
users from seeing the messages in their inboxes, but it<br />
is possible to apply other actions to incoming<br />
messages, such as adding a user-defined subject<br />
alteration or X-header and then delivering the message<br />
anyway.<br />
THE VERDICT<br />
Riskfilter's dynamic and effective spam engine<br />
make this solution a convincing contender for<br />
inclusion in any administrator's shortlist. The<br />
documentation is plentiful and the system is<br />
easy to set up and configure.<br />
An intuitive interface and good<br />
support from SurfControl<br />
complete the package.<br />
www.westcoastlabs.org