Download technology report (pdf, 525k) - West Coast Labs

More documents

Recommendations

Info

10 TECHNOLOGY REPORT SUPPLEMENT FROM SurfControl RiskFilter – Email DEVELOPER’S STATEMENT: SurfControl RiskFilter–E-mail is compatible with all SMTP-based email systems and offers a scalable, secure messaging solution for organizations of all sizes and vertical markets. Manufacturer Contact details SurfControl plc www.surfcontrol.com/products/email/riskfilter SurfControl RiskFilter – Email has achieved the Checkmark Standard Certification for Anti-Spam solutions. www.check-mark.com FEBRUARY 2006 SurfControl’s RiskFilter combines content recognition abilities with multi-layered blended threat recognition and extensive reporting and analysis to provide the tools and flexibility to protect against harmful and inappropriate content – both inbound and outbound. RiskFilter is a 1U rackmountable device with a front fascia on a hinge and swivel mechanism, so that it can be pulled out, twisted down, and tucked underneath the main body of the unit without ever having to remove it fully. This gives access to the main power and reset switches, the CD, floppy and the removable drives. The arrival of the RiskFilter product in the lab was preceded by a pre-configuration questionnaire which contained a checklist of necessary prerequisites along with sections for the administrator to fill in with DNS and IP details relevant to the company. After mailing this back, SurfControl partially preconfigured the device – a great help to an administrator under a heavy workload. The initial setup of the RiskFilter was very easy – the provided starter guide gives clear and concise advice. Each separate step in the procedure is accomplished by logging in at a console or terminal for initial configuration of the networking and then updating and configuring the application itself, using the two secure web interfaces available, to setup relays and build mail routing. Both web interfaces are SSL encrypted and are split to allow administration of the device itself through one port and of the software on the other port. This is a neat implementation that allows devolution of responsibility for the central spam management without giving access to the configuration of the device itself. Further control may be given to individual end-users via a further web interface that deals with End-User Spam Management (EUSM), although that functionality was not tested in this case. Although there are two interfaces, overall the setup and configuration of this device was speedy and the starter guide is written in such a way that ensures that it was trouble free. As an overlay service that covers the essential system administration tasks, the Webmin or System Management Console provides an intuitive method of setting the parameters for logging, network interfaces and clustering on the underlying Linux installation without ever getting near the OS itself – the subdued grays and blues make this easy on the eye and easy to navigate. All the options are well-labeled and easy to find and tasks can be performed intuitively. The RiskFilter email console interface acts to allow alterations to be made to the SurfControl software installed on the device, with alterations to the spam management system being performed via this route. This interface is stylistically similar to SurfControl’s website and has the same color scheme with shades of blue and touches of red, black and gray on a mostly white background. This gives a clean uncluttered look to the presentation and this serves the RiskFilter well. The interface is split into three major groups: System Settings, Policy Manager, and Reports and Logs, with each section having subsections that are appropriately grouped so that all options are exactly where the user expects them to be. The accompanying administrator’s guide provides simple advice for navigating and making changes within the interface, and is enhanced by screen grabs, ensuring that the user is not left with any doubts when making alterations. The Policy Manager section is where an administrator is likely to spend most of his or her time, as here it is possible to create new policies or alter existing ones. These can be set to read only, or to be altered by individual users using the EUSM facility. The RiskFilter quarantines all spam messages by default, stopping users from seeing the messages in their inboxes, but it is possible to apply other actions to incoming messages, such as adding a user-defined subject alteration or X-header and then delivering the message anyway. THE VERDICT Riskfilter's dynamic and effective spam engine make this solution a convincing contender for inclusion in any administrator's shortlist. The documentation is plentiful and the system is easy to set up and configure. An intuitive interface and good support from SurfControl complete the package. www.westcoastlabs.org
TECHNOLOGY REPORT SUPPLEMENT FROM 11 MailGate Edge and MailGate Email Firewall DEVELOPER’S STATEMENT: MailGate products provide companies with comprehensive email security including protection from network edge defense, anti-spam, antivirus, content filtering, and policy-based routing of secure email via multiple encryption methods. Manufacturer Contact details Tumbleweed Communications Corp. www.tumbleweed.com MailGate Edge and MailGate Email Firewall from Tumbleweed has achieved the Checkmark Premium Certification for Anti-Spam solutions. www.check-mark.com The Tumbleweed solution under test comprises two parts of its multiple device MailGate solution: the MailGate Edge and the MailGate Email Firewall. Both of these components are available separately and both perform distinct services. MailGate takes an integrated approach to email security, providing intelligent defense against network attacks, zero-hour protection from spam outbreaks with additional services in the form of anti-virus, deep content inspection of inbound and outbound messages and attachments with automatic routing and encryption of sensitive or protected messages. The MailGate Edge is a relay appliance that removes directory harvest attacks and email denial-of-service (DoS) attacks. It checks for malformed packets and for invalid recipient addresses, thus removing a large proportion of what Tumbleweed terms “dark traffic”. The MailGate Email Firewall provides the usual forms of spam protection using a policy-based system that allows an administrator to alter existing policies or create new ones. Each box is a 1U rackmounted device and the focus is on simplicity of use from the outset. The configuration was straightforward for both boxes with lots of clear diagrams and advice in the provided manuals. After the configuration the method of installing the two devices becomes more distinct. The SSL encrypted web interface for the MailGate Edge takes the user through a series of steps asking for basic information such as mail server address and proxy settings. The manual reminds the administrator to check that the corporate firewall settings are appropriately in place for correct operation. The entire process is speedy, allowing the administrator to get the device in place and functioning quickly. The MailGate Edge has a fairly simple web interface with menus and submenus arranged across the top of the screen and the main body of the page devoted to data. All of the menus are easy to navigate and options are simple to find. At the initial login the interface loads in a statistics reporting page that displays a graphical representation of the messages received, messages passed through and messages blocked by category. By not overcomplicating the web interface for the administrator this device will win a lot of converts. The running tickertape style display on the LCD panel enables users to see at a glance what level of protection the MailGate Edge is offering. The MailGate Email Firewall uses a remote desktop connection to install the software before any web-based configuration can take place. The well-written and comprehensive setup documentation details how to build and deploy the software. The device uses a licensable option called DAS (dynamic anti-spam) to do all the filtering. This allows the administrator to build policies using a Catch – Action – Exclude setup method whereby any messages with certain characteristics have specific actions applied to them unless they fall under a subset. These are easy to construct, and from the administrator’s point of view easily extendable. Further configuration is performed via an SSL encrypted web interface. The availability of a lot of data does not preclude the menus from being easy to navigate and well laid out, with options in four groups. The first group gives plenty of data regarding the operations that are being performed within a given timeframe including reports and status screen. The setup of the rules is part of the second group. Next up is the group that allows for the system settings to be altered. Finally the last group consists of a Log Out, with contextsensitive help that is clearly written and appropriate. The Email Firewall is set to quarantine by default, but can also be set to drop, return, detain, redirect, defer delivery or deliver normally for any message that is marked by the internal engines as spam. Add to this the ability to add recipients, change the subject line, add headers and add notifications or annotations and overall this system offers a lot of choice. THE VERDICT A powerful grouping of these spam engine and attack prevention devices make this a powerhouse of mail protection, well-presented, well-documented, and simple to use. Any company would be well advised to include it on a shortlist. Overall, it earned our highest rating: CheckMark Anti-Spam PREMIUM. www.westcoastlabs.org FEBRUARY 2006
Page 1 and 2: TECHNOLOGY REPORT - FEBRUARY 2006 V
Page 3 and 4: TECHNOLOGY REPORT SUPPLEMENT FROM 3
Page 9: TECHNOLOGY REPORT SUPPLEMENT FROM 9

Download technology report (pdf, 525k) - West Coast Labs

Create successful ePaper yourself

Delete template?

Save as template?