It is widely accepted that Messagelabs are the UK market leader in in-bound spam filtering, however the market has moved on and many enterprises, especially those who must adhere to PCI compliancy, are now focussing their attention on out-bound filtering and reporting.

It is true to say that filtering in-bound email “in the cloud” is sensible because the bandwidth from that service to your internet gateway will only carry email deemed acceptable.

However, Secure Computing, by way of their Trusted Source service, means that only the first few bits of data reach the SecureMail appliance to be checked against their massive black list, thus eliminating the majority of unwanted email.

Both Messagelabs and Secure Computing will boast about their effectiveness, but now in the U.S., and soon to be in the UK, Secure Computing are trumpetting their anti-spam guarantee, as follows:

Guarantee

With over a 1,000% increase in global spam volume in the past 2 years, customers can no longer accept 90-95 percent detection rates and are seeking a mail solution that can offer 99%+ spam detection accuracy. Secure Computing now guarantees that Secure Mail will deliver 99% Spam Detection Accuracy, providing customers with peace of mind and best-of-breed protection.

Customer Benefits

  • Unmatched Accuracy: Bad mail doesn't make it to the end user inbox offering protection against spam, viruses, malware, and blended threats Good mail is delivered with virtually ZERO false positives (i.e., good mail isn't marked as spam)
  • Fastest possible response to new global spam threats: TrustedSource, Secure Computing's global, multi-protocol reputation system, provides protection against new and emerging threats before they reach your network Threat Response Updates and Dynamic Spam Classifier updates are applied automatically, as quickly as every 20 minutes, protecting you in near real-time with ZERO administration.

Secure Computing with its guarantee is prepared to put its money where its mouth is!

So, on paper both organisations offer outstanding in-bound filtering. Your decision to choose one or the other for in-bound only could easily be made just on which one you like to use in terms of managability and price, as the end result is going to be broadly similar.

In-bound is less than half the story. You must also consider:
  • Out-bound smtp email
  • Email encryption
  • Management
  • Reporting

In some detail below I provide you with information regarding the functionality of SecureMail (IronMail) so that you are fully aware of its capability.

In brief here I describe how a total Secure Computing solution that includes Webwasher, Sidewinder and Ironmail will create a world class defence against in-bound and outbound threats, as well as how a single smpt system will consolidate and simplify management and reporting.

 

Management and Reporting, IronMail.

 

A single solution means that there will be only one system to manage. One management console to control in-bound and out-bound email, and just as importantly one Reporting tool to oversee both too.

 

Already protecing you from Web2 blended threats are Sidewinder and Webwasher. Both platforms benefit from Secure Computing’s Trusted Source engine that recognises the IP source of web, smtp and ftp traffic and drops the connection if it appears in its black list, all in milliseconds. Ironmail utilises the same technology which means that as well as conventional scanning mechanisms, Ironmail can drop a connection even before the content is interogated.

 

It is the intention of Secure Computing to develop a management console that can manage Sidewinder, Webwasher and IronMail. So, before too long you’ll have the ability to manage policy from a single point for your three gateway devices.

 

 

Out-bound smtp email.

You’d be shocked if you knew what data was leaving your business. It’s human nature to break rules, even if they were done with the best of intentions. But just because no malice was intended doesn’t make the damage done by data leakage any less dangerous.

 

Here’s an everyday example. A purchasing manager is behind with his analysis and decides to send a spreadsheet to his gmail account so that he can work on it over the weekend. Here are the risks.

 

1)    He sends the mail to a 3rd party by mistake as the auto address finder popped up three choices and he selected the wrong one! We’ve all done it.

2)    The email has deposited secret information to his unsecured home PC which may have malware on it looking for spreadsheets.

3)    Gmail accounts (and all other web based mail systems) are prone to being hacked. Just ask Sarah Palin who is running for Vice President in the U.S.

 

 

 

Ensure Compliance

Compliance isn’t a one step project. It’s a complex series of events that involve every aspect of the company. What makes compliance even harder is the fact that all enterprises, regardless of size, are subject to multiple regulations, all at the same time.

Secure Computing Secure Mail (IronMail) provides unique resources to enable companies to multi-task their compliance projects, ensuring a culture of compliance that can future-proof enterprises to meet today and tomorrow’s regulatory hurdles.

Keyword and Content Matching
Many regulations such as HIPAA and PCI lend themselves to keyword matching. Secure Mail (IronMail) provides extensive dictionaries on-box for all major US regulations, as well as regular updates.

Advanced Scanning
Not all regulated data can be discovered with just a lexicon. That’s where Secure Mail (IronMail)’s advanced scanning engines kick in. Using sophisticated technologies such as fingerprinting, advanced lexical analysis, clustering and advanced content analysis, Secure Mail (IronMail) is able to uncover sensitive data regardless of how it’s being used.


Secure Mail Encryption

While few will debate the value of encrypting messages that contain sensitive information, many security officers have resisted installing an encryption solution due to the multiple incompatible technologies, difficulty in communicating encryption requirements to end users, and challenges of getting end users to enforce the corporate policies.

Secure Computing solves these problems with an integrated, policy-based encryption solution that automates and enforces corporate IP protection policies with no end-user intervention. Just ask Network World Magazine, who named the Secure Computing Encryption solution the “Clear Choice Test” winner for enterprise email encryption.

Powerful Policy Engine Removes User from the Equation
Secure Mail Encryption allows detailed policies to be automatically enforced, so that the messages containing sensitive or protected content are automatically sent encrypted.


Encryption Flexibility
A key challenge in encryption is adapting to the needs of the recipient. Depending on their capabilities, different types of encryption may be most appropriate. With the help of Secure Computing’s policy engine, the encryption engine can dynamically select between different encryption methodologies to best fit the situation. Secure Computing Encryption sends messages securely from gateway-to-gateway using:

  • TLS
  • S/MIME
  • OpenPGP

In addition, Secure Mail Encryption offers several options for gateway-to-user, or user-to-user encryption, including:

  • Push Technology
  • Pull Technology
  • Voltage IBE
  • PGP® Universal Gateway

Secure Computing's policy engine determines which communications need to be encrypted, and automatically chooses the most appropriate encryption technology based upon the recipient's technological capabilities.

 

Easy Credential Set-Up
Secure Mail Encryption can import existing keys or generate appropriate credentials to support all encryption methods, ensuring that administrators do not have to be encryption experts.

 

Benefits
Secure Computing’s flexible encryption options ensure that:

  • Users don’t have to remember what to encrypt
  • Compliance is assured regardless of end user behaviour
  • Recipients can open and use encrypted emails without training or downloading client software

 

Conclusion:

A large, complex organisation with compliancy issues to address, ought to look closely at implementing IronMail, because:

1.    Both outbound and in-bound mail can be controlled from a single low cost solution.

2.    Out-bound data leakage can be minimised with IronMail alone and is best placed to manage this as it stops the mail leaving before it reached your Internet gateway.

3.    Reporting is simplified as all can be performed for both in-bound and out-bound email.

4.    As standard email encryption, image analysis and content scanning can be performed bi-directionally.

5.    IronMail can help satisfy your PCI requirements, especially when combined with Sidewinder and Webwasher.

6.    IronMail also proactively scans for  Viruses, Trojans, Malware and other Malicious code.