Magic Quadrant for Secure Gateways

Size: px
Start display at page:

Download "Magic Quadrant for Secure Email Gateways"

Transcription

1 Research G August 2011 Magic Quadrant for Secure Gateways Peter Firstbrook, Eric Ouellet The secure gateway market is a mature market. Buyers must look at advanced functionality, service delivery, vertical integration of related products and strategic vendor relationships to differentiate solutions. What You Need to Know The security market is very mature, and there has been minimal vendor movement in the Magic Quadrant since our last analysis. Spam-filtering effectiveness is at an acceptable rate for most organizations. Inbound improvements are still needed to detect targeted phishing s, which are an increasing problem. Content-aware data loss prevention (DLP) that includes numerous prebuilt dictionaries and regulatory policies is a significant differentiator. However, buyers must understand how these capabilities will be used in context of the broader enterprise DLP strategy. Policy-based encryption is an increasingly important capability and a significant differentiator of leading products. security solutions are available in various delivery models. Appliances and security as a service (SaaS) are the most popular, but the availability of hybrid (combination of on-premises and SaaS) and virtual appliances is increasing. The breadth of the product portfolio is also an important consideration as organizations look to consolidate security buying around fewer, more strategic vendors, especially in mature product domains. 1-16XZCJ7

2 Magic Quadrant Figure 1. Magic Quadrant for Secure Gateways Source: Gartner (August 2011) Market Overview The secure gateway (SEG) market is a mature market. Spam and virus filtering is at an acceptable rate, and features are sufficient for most organizations. The penetration rate of commercial SEG solutions is close to 100% of enterprises. Buyers are becoming more price-sensitive; 60% of recently surveyed reference customers (see Note 1) said that "price" would induce them to change vendors. The overall market growth flattened out in 2010, and there were no significant mergers or acquisitions in the past 12 months. DLP and encryption remain the single biggest solution differentiators and are the primary reason we have not yet moved to a MarketScope format for this analysis. We continue to see form factors influence decisions, with interest and deployment of virtual solutions and SaaS solutions continuing to outpace traditional appliances and software. Leading vendors in this market are expanding their offerings vertically into adjacent markets, such as mailbox hosting, hosted archiving, e-discovery and continuity services, and horizontally into secure Web gateway (SWG; see "Magic Quadrant for Secure Web Gateway") solutions linked by common DLP and management. 2

3 Global spam volumes declined significantly in late 2010 and early 2011, primarily from the Rustock botnet takedown. Although this doesn't signal the end of botnets or high-volume spam, we expect to see a shift in more advanced spam campaigns to a more targeted approach. Reduction in bulk spam volumes has increased the necessary emphasis of solutions on more targeted spam and phishing attacks. We anticipate the decline in pure volume will be followed by increases in more limited-volume targeted attacks. The recent compromise of marketing firm Epsilon and others will likely seed the next generation of more targeted attacks that exploit the knowledge of customer relationships with brands and other information to create a more targeted spam or phishing campaign. We anticipate that older techniques, such as volume-based reputation filters and signaturebased content filters, will become less effective in blocking new threats. Anti-spam solutions must continue to invest in new techniques to catch these new threats and the last 0.5% of spam that continues to slip through. One new approach is cloud-based prefilters or cloud-based look-up mechanisms, which allow on-premises solutions to benefit from more rapid changes in cloud protection techniques and more up-to-date cloud intelligence. We also expect leading anti-spam research labs to continue to invest in improvements in data collection and analytics to detect new spam and malware trends early. The primary malicious technique will remain the redirection to a malicious website rather than actual executable binaries in . Successful SEG vendors will have significant research in Web malware and a presence in the SWG market. Integration between the SEG and SWG products for vendors that do both is a bonus, especially for organizations using complex DLP policies. Smaller organizations and leaner IT organizations should look for both solutions from a single vendor. However, we still see these as different buying centers in the large enterprise market. The primary malicious file attachments will be malformed documents (Office and PDF) that take advantage of vulnerabilities in the host program. These types of attachments cannot be easily filtered with static policy (that is, no executable attachments). Static code analysis that searches files for known attack techniques is the most productive detective technique for this type of threat, but we also see value in active code analysis (either in the cloud or on-premises) that actually executes code in a virtual environment looking for malicious output. One of the biggest frustrations of administrators is legitimate bulk marketing s that users think are spam. Solutions are finally starting to address this class of unwanted with specific quarantines for bulk that users can deploy in their efforts to clean up in-boxes while avoiding potentially dodgy "unsubscribe" processes. DLP remains a significant differentiator. Recently surveyed reference customers (see Note 1) reported that 30% were already using DLP, while 32% were planning on using it within the next 24 months. The breadth and depth of content detection techniques, the number of predefined dictionaries and lexicons that can be used in policy, the flexibility of policy development, and workflow and reporting specific to DLP tasks vary widely across solutions. DLP capabilities were weighted heavily in our analysis, given that over 60% of buyers will be exploiting this functionality within the life cycle of their next contract renewal. The adoption of DLP drives the adoption of encryption. Companies that search for sensitive or private information in often find it. However, exchanging this content with third parties is often a business imperative, and blocking it outright is rarely an option. Encryption becomes an enabling tool to send sensitive content safely and in compliance with regulations. The primary form of encryption that is the most common is pull-based that 3

4 strips content at the gateway and holds that content for pickup by the recipient in a Secure Sockets Layer (SSL)- encrypted browser interaction similar to a Web mail interaction. Another popular option is to strip the content of the and put it in an encrypted PDF file, which is then attached to the original . The options for customizing the experience for recipients and senders, such as setting passwords and enabling encrypted reply, message hold limits, message recall, read monitoring, and message branding, are all differentiators of encryption solutions. The experience of sending or receiving an encrypted on mobile devices is also a significant differentiator. Encryption solutions can be hosted on-premises. However, SaaS-based solutions are increasingly popular as organizations seek to outsource the certificate management complexity of these solutions. Encryption capabilities are weighted heavily in this analysis, as we estimate that more than 65% of organizations will be exploiting this functionality within the life cycle of their next contract renewal. Other common feature improvements in this analysis included IPv6 support, Outlook plug-in support for spam reporting, large file offloading, global spam detection improvements, support for DomainKeys Identified Mail (DKIM), and Sender Policy Framework and administration interface improvements, such as improved role-based administration, log data segregation, dashboard customization, improved reporting and message trace functions, and security incident management (SIM) integration. The SaaS form factor continues to outpace the growth of on-premises deployments. We estimate that the revenue from SaaS-based deployments is now roughly 37% of the overall market. We see interest in SaaS across the board from all clients, but especially those that have fewer than 1,000 seats. Very large organizations (that is, more than 20,000 seats) are also very interested in SaaS as a means to rapidly standardize across a global set of loosely federated IT departments. We also see an increasing interest in organizations adopting additional SaaS services, such as archiving, continuity and mailbox hosting. We also see some interest in "hybrid" offerings that provide a combination of on-premises outbound features, such as DLP and encryption, with SaaS-based inbound spam and virus filtering managed from a common console. For on-premises solutions, we see a significant interest in virtualization form factors as more organizations become more proficient in this platform. Vendors that offer a full range of services are given extra credit in this analysis. Longer term, the gradual migration to cloud-based mailboxes which always includes virus and spam protection threatens the SEG ecosystem, since third-party filtering services become largely unnecessary when mailboxes reside in the cloud. Market Definition/Description The SEG market is defined by solutions that provide enterprise message transfer agent (MTA) capabilities, offer protection against inbound and outbound threats (such as spam, phishing attacks and malware), and satisfy outbound corporate and regulatory policy requirements. SEG solutions can be offered in the form of appliances or software that goes on customer premises, hosted solutions that reside in solution providers' data centers, or multitenancy SaaS that exists in multiple data centers around the globe. Unified threat management (UTM) devices that combine firewalls with some spam filtering are not included in this market. The total market size was roughly $1.6 billion in Last year, we predicted the growth rate in 2010 to decline to 8% due to market saturation, increased bundling/suite deals and intense competition among market leaders. However, these elements had a more significant effect than predicted, and the market grew only by approximately 1%. We anticipate a slight increase in 2011 due to a recovering economy. However, we see the 4

5 market growth rate is now at an effective plateau that accompanies a saturated and mature market. Ancillary services, such as archiving, DLP and encryption, are the main drivers of growth, while traditional spam- and virus-filtering services and other license and subscription revenue will decline. The increase in suite bundling will blur the SEG market, making future growth and market size difficult to identify. The increase in acceptance of the SaaS delivery form factor continues. The five-year compound annual growth rate (CAGR) of SaaS revenue (between 2005 and 2010) was 31%, while the CAGR of the on-premises solutions was 15%. SaaS SEG revenue in 2011 will be roughly 37% of the total market. Inclusion and Exclusion Criteria The solution must have its own proprietary capabilities to block or filter unwanted traffic. Supplementing it with third-party technology is acceptable. The solution must provide virus scanning via its own or a third-party antivirus engine. The solution must provide basic intrusion prevention. The solution must offer encryption functionality beyond Transport Layer Security (TLS) on its own or via a third-party relationship. The solution must offer the ability to scan outbound according to a set of basic vendor-supplied dictionaries and common identifiers (for example, U.S. Social Security number [SSN], credit card, bank account and routing numbers). Vendors must have at least 2,000 direct (not via OEM) enterprise customers in production for their security boundary products. Multifunction firewalls (also known as UTM devices) are outside the scope of this analysis. These devices are traditional network firewalls that also combine numerous network security technologies such as antispam, antivirus, network intrusion prevention system and URL filtering into a single box. Multifunction firewalls are compelling for the small or midsize business (SMB) and branch office markets. However, in most circumstances, enterprise buyers do not consider multifunction firewalls as replacements for SEGs. Other Vendors This Magic Quadrant is not intended to be an exhaustive analysis of every vendor in this market, but rather a focused analysis of solutions that are most interesting to the majority of our clients. There are other vendors that were not included in this analysis because they do not fit the technical inclusion criteria. Sendmail is one that has a respectable large enterprise presence but takes a unique approach by offering a platform that allows enterprises to plug in various security applications from other vendors. This approach allows enterprises to build their own solutions from component vendors, while offering an overall management framework and underlying scalable messaging transfer agent. There are also vendors like Spamina, Axway and Mimecast, which focus on a particular geographic or vertical market niche. 5

6 Added Sophos reappears in this analysis. Dropped PineApp and Messaging Architects were dropped from this year's analysis. Evaluation Criteria Ability to Execute Vertical positioning on the Ability to Execute axis (see Table 1) was determined by evaluating the following factors: Overall viability was given a heavy weighting, because this is a mature and saturated market. Overall viability was considered, not only in terms of the overall company revenue, channel reach, management team and resources of the vendor, but also in terms of the importance of the security unit at each company. Sales execution/pricing scores reflected a comparison of pricing relative to the market. Market responsiveness and track record measured the speed in which the vendor has spotted a market shift and produced a product that potential customers are looking for, as well as the size of the vendor's installed base relative to the amount of time the product has been on the market. This weighting takes into account a vendor's performance over time, but performance during the past 18 months was evaluated most significantly. Customer experience measured the quality of the customer experience based on reference calls and Gartner client teleconferences. We incorporated research and reference call data on support responsiveness and timeliness, quality of releases and patches, and general experiences when installing and managing the product and service on a day-to-day basis. The operations score reflects the corporate resources (in other words, management, business facilities, threat research, and support and distribution infrastructure) that the SEG business unit can draw on to improve product functionality, marketing and sales. We also took into consideration the focus and transitions of the teams in charge of engineering, management, marketing and sales for the relevant product lines. 6

7 Table 1. Ability to Execute Evaluation Criteria Evaluation Criteria Product/Service Overall Viability (Business Unit, Financial, Strategy, Organization) Sales Execution/Pricing Market Responsiveness and Track Record Marketing Execution Customer Experience Operations Weighting Standard High Standard High Standard High Standard Source: Gartner (August 2011) Completeness of Vision The Completeness of Vision axis captures the technical quality and breadth of the product, and the vendor's organizational characteristics that will lead to higher product satisfaction among midsize to large enterprise customers, such as how well the vendor understands this market, its history of innovation and its geographic presence. In market understanding, we ranked vendors on the strength of their commitment to this market in the form of strong product management, their vision for this market and the degree to which their road maps reflect a solid commitment of resources to achieve that vision. We heavily weighted the product features of the vendors' flagship solutions in the Completeness of Vision criteria. Product features that Gartner deemed the most important were: Anti-spam/phishing effectiveness and investment in malware research Management and reporting functionality DLP capabilities Encryption capabilities Delivery form factor options Other functionality or solutions relevant to the buyer in the target market of the supplier, such as archiving, disaster recovery and file transfer, were also taken into account. 7

8 Table 2. Completeness of Vision Evaluation Criteria Evaluation Criteria Market Understanding Marketing Strategy Sales Strategy Offering (Product) Strategy Business Model Vertical/Industry Strategy Innovation Geographic Strategy Weighting Standard No rating No rating High No rating No rating Standard Standard Source: Gartner (August 2011) Leaders Leaders are performing well, have a clear vision of market direction and are actively building competencies to sustain their leadership positions in the market. Companies in this quadrant offer a comprehensive and proficient range of security functionality, and show evidence of superior vision and execution for current and anticipated customer requirements. Leaders typically have a relatively high market share and/or strong revenue growth, own a good portion of their threat or content-filtering capabilities, and demonstrate positive customer feedback for anti-spam efficacy and related service and support. Challengers Challengers execute well, but they have a less-defined view of market direction. Therefore, they may not be aggressive in preparing for the future. Companies in this quadrant typically have strong execution capabilities, evidenced by financial resources, a significant sales and brand presence garnered from the company as a whole or other factors. However, Challengers have not demonstrated as rich a capability or track record for their security product portfolios as vendors in the Leaders quadrant. Visionaries Visionaries have a clear vision of market direction and are focused on preparing for that, but they may be challenged to execute against that vision because of undercapitalization, market presence, experience, size, scope and so forth. 8

9 Niche Players Niche Players focus on a particular segment of the client base, as defined by characteristics such as a specific geographic delivery capability or dedication to a more limited product set. Their ability to outperform or be innovative may be affected by this narrow focus. Vendors in this quadrant may have a small installed base or may be limited, according to Gartner's criteria, by a number of factors. These factors may include limited investment or capability to provide security threat detection organically, a geographically limited footprint or other inhibitors to providing a broader set of capabilities to enterprises now and during the 12-month planning horizon. Inclusion in this quadrant does not reflect negatively on the vendors' value in the more narrowly focused market they service. Vendor Strengths and Cautions Barracuda Networks Barracuda Networks (Barracuda) is a private California-based company that focuses on producing a range of economical, easy-to-use appliances and a SaaS-based solution. Barracuda's solutions are aimed squarely at cost-conscious SMBs, as well as educational and government institutions, but Barracuda is starting to address larger enterprises and service provider markets. Barracuda Spam & Virus Firewall appliances are shortlist candidates for organizations seeking "set and forget" functionality at a reasonable price. The Barracuda Security Service (BESS) is appropriate for organizations in supported geographies. Strengths The Web-based management interface is designed to be easy to configure, even for nontechnical users, with numerous wizards, context-sensitive help, and clearly visible recommended settings and explanations. It has a very good message-tracking search capability, with granular filters and fast drill-down into message and header details and log content, as well as contextual right-mouse-click action options. We also like its ability to delegate quarantine management. Barracuda leverages the open-source and white-hat community with its anti-spam technology, along with its own growing security lab. It is one of the few vendors that have a false-positive/negative report to monitor spam detection quality. It also offers an Outlook plug-in to report spam and false positives. Barracuda now includes an optional cloud-based prefilter, which filters out obvious spam in a Barracuda data center before final filtering is done on-premises. Encryption was recently added to the solution and comes at no extra cost. It supports push- and pull-based encryption and is suitable for mobile devices. It also provides very basic DLP capability free of charge. Barracuda Control Center can manage multiple boxes and centralize configuration, logs and reporting. It comes as a free cloud-based offering or an on-premises appliance. Service prices are per box, rather than per user, making Barracuda a significant price leader. 9

10 Barracuda also offers an archiving solution that has an interface with a consistent look and feel that can also be managed from the same Barracuda Control Center. Cautions Barracuda uses open-source databases for spam and antivirus filtering, supplemented with Barracuda's own research labs. However, Barracuda Labs is still relatively small. It does not offer any other third-party antimalware engines. The management platform is designed for Barracuda's core SMB market. Advanced features for enterprise users are missing, such as dashboard customization capacity, a hyperlinked drill-down, a reusable objectoriented policy, granular role-based administration, group-level-only data access, directory synchronization and a group-level policy. Reporting is still quite basic and lacks ad hoc capability to create completely new reports. Logs from the cloud-based prefilter service are not combined with appliance logs. DLP is limited to keyword and regular expression (RegEx) filtering. It is not very flexible. Although it includes four predefined dictionaries, each policy requires its own dictionary. Workflow for compliance officers is missing. Cisco Cisco continues to dominate the market for dedicated on-premises solutions for midsize to large organizations. The company's consolidation of malware research groups into a more cohesive unit analyzing the vast amount of data from its global footprint of products is providing improved native malware and spam intelligence. Cisco also enjoys strategic vendor status with many of its customers and is well-respected in the core network buying centers. Cisco is a very good candidate for midsize to large enterprise customers looking for appliance form factors. Strengths Cisco's IronPort appliances offer excellent scalability/reliability and very granular MTA control capabilities. The management interface is easy to use and provides deep policy control. Improvements since our last analysis focused on enhancing protection and the identification of targeted lowvolume attacks. Cisco's outbreak prevention option uniquely rewires suspicious URLs, such that Web content linked from is scanned for malware in real time by Cisco's ScanSafe SWG Service. Other recent improvements include flexible role definition, stronger password controls, mass marketing or bulkmail protection, and SMTP Call Ahead, which ensures a message is deliverable. Cisco is also increasing its Federal Information Processing Standards (FIPS) and Common Criteria compliance. IronPort offers integrated content-aware DLP capabilities with numerous predefined policies, dictionaries and identifiers. The policy and compliance officer interface is complete and easy to use. Policy violations are scored on a severity scale and can have different disposition actions based on severity. The DLP quarantine can be encrypted for extra data protection. 10

11 Cisco offers very flexible, fully integrated native policy-based encryption delivered on-box, off-box or as a service with support for secure delivery via Transport Layer Security (TLS), Secure Multipurpose Internet Messaging Extensions (S/MIME) and Pretty Good Privacy (PGP), along with hosted pull and envelope push encryption capabilities. IronPort's support for secure bulk mailings and e-statement delivery will appeal to organizations with a need for frequent secure B2C communications. IronPort supports the secure transfer of arbitrarily large file attachments via its encrypted pull capability (hosted encryption). IronPort benefits from Cisco's installed base of network security appliances and the ScanSafe SaaS SWG to collect a massive amount of Internet traffic information to spot new trends. Moreover, Cisco's broad array of network security components (firewalls, intrusion prevention systems [IPSs], SWGs and routers) makes it a strategic vendor for organizations looking to consolidate buying around fewer security vendors. Cisco offers a limited North America-based hosted security service that provides dedicated instances of its security appliances managed by Cisco. Cautions IronPort's focus on the needs of large enterprises doesn't always scale down well for the midsize organization. A virtualized appliance is not yet available (due in 4Q11). Cisco's hosted offering is very new and only has data centers in the U.S. so far. These offerings would enable Cisco to more effectively reach the midmarket. Cisco solutions carry a very high list price relative to the market. Buyers must negotiate effectively to gain competitive pricing. Cisco's rapid exit from the cloud-based market (see "The Perils of Cloud Cisco Exits the Market") illuminates its primary focus on the security and hygiene part of the market. Cisco is not likely to offer a vertically integrated stack (for example, security, archive, disaster recovery and hosted exchange). Despite Cisco's deep product and technology offerings, it still has significant work to do to integrate the various components in a comprehensive integrated suite. Today, there is no management integration between IronPort appliances and the other Cisco network security products. Even integration between the two IronPort appliances is weak. Although the M-Series appliance provides common management for IronPort appliances, the DLP policy is not synchronized between these two products, and there is no central quarantine. Cisco does not own an enterprise DLP solution offering of its own. However, it does integrate with EMC/ RSA. Organizations that have an enterprise EMC/RSA DLP deployment can manage DLP features incorporated in the IronPort offering, such as content/policy definition and event management via the enterprise console. The native IronPort DLP quarantine would benefit from a more-advanced capability, such as data redaction and more options for building cases. The IronPort management interface would benefit from a more flexible custom dashboard (although the reporting interface has dashboardlike functionality). 11

12 Clearswift Clearswift has an established presence in the protection market with small to midsize organizations primarily in the U.K., but with an expanding Asia/Pacific presence. It has also branched out to the SWG market. Clearswift offers a bare metal or VMware solution. The combination of these two products and the provision of good DLP capabilities across both channels make it a reasonable shortlist candidate for buyers in Europe, the Middle East and Africa (EMEA) looking for both solutions from the same vendor. Strengths Clearswift's Secure Gateway offers a clean and logical Web-based management interface and dashboard that manages Web and products. It is easy to use for nontechnical users, and it has a lot of context-sensitive recommendations and help functions. Clearswift exploits Commtouch for a portion of its anti-spam capability and recently upgraded to the most recent engine. The solution includes a "bulk " category, which is useful for reducing nuisance . The ImageLogic pornographic and registered image detection engine is a bonus, and bounce address tag validation (BATV) is supported. Policy development for content inspection/dlp is very good. Clearswift supports numerous policy constructs and lexicons (for example, the U.S. Sarbanes-Oxley Act, the Gramm-Leach-Bliley Act, the Payment Card Industry [PCI] standard, and the U.S. Securities and Exchange Commission, as well as accounting terms and stock market terms). Clearswift now offers on-box encryption with support for S/MIME, PGP and password-protected encryption with a built-in certificate store. Clearswift recently added end-user whitelists, policy audit logs, anti-spoofing for internal addresses, faster updates and on-box encryption (TLS, S/MIME, PGP and ad hoc encryption), as well as partnerships with Echoworx for enhanced encryption capabilities. Cautions New management at Clearswift is moving the company in the right direction, with a focus on the core and Web gateway business and improving customer support. However, it has yet to deliver industry-leading features and functionality that would enable it to break out of the EMEA small to midsize market. It does not offer a SaaS-based delivery model or vertical products such as archiving. As buyers increasingly look for more strategic integrated vendors, Clearswift will have a difficult time standing out in a crowded market. Although the interface is easy to use for nontechnical users, it is limited in detail for more-technical enterprise users. Ad hoc reporting is limited; it cannot limit administrator access to specific groups; it does not have a predeveloped ability to report on spam accuracy; and role-based administrator configuration is not reusable. DLP capability is improved with better workflow this year. However, it is still not delivering best-in-class capability. Enhancements are needed in the ability to describe sensitive content beyond regular expressions along with support for more advanced detection techniques, such as proximity rules and partial document matching. Policy management, workflow reporting and event management are rudimentary. 12

13 Image filtering is inherently prone to false positives. Clearswift prices are high relative to close competitors and SaaS services. The dashboard is limited to what is provided by the vendor and only includes four data graphs (CPU and Disk Usage, Message Queue Size, SMTP Connections and Connection Management). It does not provide an Outlook plug-in "is spam" button to simplify the reporting of false negatives. Fortinet Fortinet is a public company with a broad geographical market presence that offers a broad array of UTM and dedicated appliances for all organization sizes from SMBs to telecommunication carriers. It offers an array of anti-spam technology in various forms from client to unified threat management (UTM). This analysis, however, focuses on the dedicated SEG FortiMail appliances. FortiMail is a shortlist candidate for existing Fortinet customers or those looking for a firewall and SEG solution from the same vendor. Strengths FortiMail offers a very complete management interface that is similar to other Fortinet products. FortiMail provides strong high-availability and scalability features, such as native clustering, load balancing and high-throughput appliances, as well as UTM and client-based solutions. Any FortiMail can be a master and distribute configurations to peers/slaves. FortiManager can manage up to 40 Fortinet devices, and FortiAnalyzer provides centralized log storage dashboards and reporting. FortiMail offers an attractive price-to-performance value, with appliance-based, rather than user-based, service pricing. FortiMail provides on-box or off-box policy-based message archiving that is fully indexed and available from the FortiMail management interface. The product includes some basic DLP capability with RegEx matching via preconfigured and user-definable dictionary profiles. Identity-based encryption, which is now a part of the standard feature set, includes both pull and push modes. FortiMail also supports encryption using TLS and S/MIME. Cautions It is difficult for any company to compete in many markets and across many company segments, ranging from carriers to the small office/home office market, and to provide market-leading features in each market segment. Fortinet is no exception. The company is much better known for its firewall/utm market presence, and only a small percentage of its revenue is related to security. Fortinet's very rapid growth has resulted in inconsistent support and training experiences for customers and channel partners. The administration interface is not really user friendly and would benefit from enhanced search capability. The FortiAnalyzer component is required for in-depth, per-domain report and log access across multiple logs in a single interface. However, this component costs extra. 13

14 Fortinet uses its own antivirus technology, which is not tested in the numerous antivirus bake-offs, and it does not have a big research organization, especially when compared with the Leaders in this analysis or their partners. The addition of an optional third-party antivirus engine would be an improvement. Fortinet does not offer a hosted or managed service for security or encryption. DLP functionality is relatively basic and lacks good compliance workflow, notifications, partial document matching, delegated administration and hierarchical policies. DLP notifications employ static messages with currently no ability to dynamically modify the content. Google Google remains one of the market share leaders in the SaaS SEG market. It has a broad array of customers and a global presence. Innovation and feature development of in-the- SEG solutions have slowed since the company acquired Postini, and Google is struggling to find a successful support model, lowering its execution score this year. Google is a shortlist candidate for any size enterprise looking for a service delivery model, and it is a particularly good choice for organizations considering enterprise Gmail and other Google SaaS offerings. Strengths Google's core strength is in its easy-to-use but functional/rudimentary management interface. Features such as hierarchical policy administration, spam thresholds for different types of spam (sexual content, financial gain, special offers and racially insensitive content), a complete policy summary page with shortcuts to policy edits, granular user and company allow and block listing capability, and role-based administration are major benefits. Policy changes are automatically propagated and not subject to delays. Google also offers extensive routing options for a SaaS solution. Google has recently released a disaster recovery service that allows for a Web mail interface into a 25GB mail queue that allows to be read and sent in the event of a corporate mail server failure. Google released "Health Check," which shows best practices and recommended settings for Postini services to ease optimization and improved log search features since our last analysis. Directory synchronization is eased with on-premises software that integrates with local directories and cache change. Delta updates are provided via standard ports (XML over SSL). Google licenses some aspects of ZixCorp's service for encryption and provides rudimentary DLP capability with the ability to scan attachments for SSN and credit card numbers only. Google is one of the few providers in this analysis that also offers hosted mailbox services (enterprise Gmail). It also offers SaaS "office" suites (word processing, spreadsheet, calendar and collaboration), as well as Cisco's ScanSafe SaaS SWG solution. Google's price is typically very good compared with comparable services, especially for broad bundles of related services. 14

15 Cautions Numerous Gartner customers have complained about Google's support, and it scored poorly in support in an online survey of Google's reference customers. Users and partners advise that it is difficult to get Google support on the phone, and communications and problem resolutions are inconsistent in quality and speed. Google needs to invest in more direct technical support and rely less on online self-service resources and channel partners. Google has not significantly improved its management interface since it acquired Postini in 2007, and it is now overdue for a refresh. In particular, we would like to see better reporting (ad hoc reporting and scheduled distribution of saved reports) that is hyperlinked to the dashboard. Some customization of the dashboard, including shortcuts to specific functions, would be welcome. Reusable administrator profiles, centralized quarantine management, better search functionality, an Outlook plug-in to report spam and more object-oriented policies would be helpful as well. DLP functionality is very rudimentary and disappointing considering Google's experience in content analysis in its search capabilities. It lacks a preconfigured policy for common regulations, extensive dictionaries and number format lexicons for detecting Health Insurance Portability and Accountability Act (HIPAA)-protected health information. Google's policy is not object-oriented. The quarantine is not specific to the task and offers few features to ease compliance management. Not all ZixCorp encryption functionality is instrumented in the management interface. Some elements need to be set up via Google support. Google only discloses U.S. and EU data centers. Google does not offer many security assurances that are commonly offered by other providers, and it does not allow for site visits. As with other major service providers, it is likely that Google will continue to be a target of malicious attackers as it amasses more potentially lucrative information. M86 Security While there is still work to do, in 2010, M86 Security made very good progress converging its various acquisitions into a cohesive company, while retaining much of the acquired talent and bringing aboard new management to move the company to the next level. The M86 Security flagship offering, M86 MailMarshal Secure Gateway, which is a Windows-based SEG solution, is a good candidate for most organizations. Strengths The Windows-based management interface is capable and offers some advanced features, such as task shortcuts and support for batch file workflow commands (which is useful for automating order entry, or triggering actions based on content). Administrators can be restricted to view only managed group data. Reporting is done in a Web-based interface. Recent improvements include more options for end-user spam management and an update to the management console to show historical trends. The company provides its own anti-spam research and filtering engine and is increasing its investment in blended threat detection capabilities. By default, it uses an automatically updated whitelist of 15

16 communications recipients and connecting IP addresses to reduce false positives. Antivirus is provided by an option of Kaspersky, Sophos, McAfee or Norman. The M86 MailMarshal Content Manager, which is a Microsoft Exchange Hub Transport agent that allows the scanning of internal for compliance and policy purposes, was overhauled and relaunched in March Notable improvements include support for Microsoft Exchange 2010, enhanced reporting via Marshal Reporting Console (MRC), updated management tools and an improved content inspection engine. Encryption support includes native TLS and S/MIME. It partners with ZixCorp for pull (hosted) and push encryption. DLP capabilities include basic RegEx matching and identifying system-registered watermarks. They also include some predeveloped policies, dictionaries and number formats. Cautions M86 Security is not a well-known brand in this market, and the growth rate of the SEG part of its business has been very flat since our last analysis. M86 Security still has a lot of work to do to improve the management interface to match the Leaders, and integrate and rationalize its various corporate acquisitions into a cohesive company and easy-to-use product line. Currently, the solutions have three management interfaces: one for policy setting, one for help desk and one for reporting. Policy is a Windows application with lots of pop-up windows, while others have a more modern look and feel that is browser-based. Reporting is a Web-based solution, with yet another different look and feel, and there is very little linkage between products. The solution would benefit from an history summary for the help desk, rather than simply a window into the logs, which can be overly technical. There are limited dashboard elements and no hyperlinked drill-down into reports. Policy development requires multiple windows to complete or to audit. DLP capabilities are limited to a keyword analysis and do not include very many predefined policies, dictionaries or lexicons, nor do they offer much workflow support for compliance officers. caught by DLP policy is stored in standard spam-type quarantines with very limited specific actions for DLP. DLP capabilities are not consistent between the SEG and SWG solutions, and policy and dictionaries must be exported/imported between products to synchronize. M86 Security offers a SaaS service that is limited to New Zealand and the Australian markets. On-box encryption is limited to TLS. M86 Security also offers a S/MIME encryption in another solution and ZixCorp service, but neither provides integrated management or logs. McAfee McAfee has a broad range of endpoint and network security products. It is also one of the more established malware research groups. It offers both on-premises and SaaS-based SEG solutions. The company is now owned by Intel (see "Making Sense of Intel's Acquisition of McAfee"). McAfee is a candidate solution for enterprise buyers, especially those looking to consolidate security vendors. 16

17 Strengths McAfee has a formidable threat research team and is consolidating data from its numerous security services and products for real-time analysis of emerging threats. McAfee has two on-premises gateway solutions: McAfee Security Appliance and McAfee Gateway (formerly IronMail). All of the development resources for these two lines has been consolidated, and most of the improvements in the lineup are going into Security Appliances. The next major release (version 7) will combine the functionality of these products into a single solution due 3Q11. The McAfee Security Appliance Web-based management interface is complete with granular policy options and allows for customization of dashboard elements for each administrator. Message queues have now been consolidated in a single location, easing lost message search. McAfee's malware and spam-filtering capability is very strong. IP reputation (TrustedSource) results in up to 98% detection at the connection layer. The solution includes targeted threat detection capabilities, as well as protection for Outlook Web Access (OWA) and inotes transactions. McAfee recently adapted reputations to detect phishing messages based on specific message characteristics and URLs. Its native DLP capability is strong and leverages the capabilities of its stand-alone enterprise-class contentaware DLP offering. McAfee provides numerous predefined policies and dictionaries as part of the base product, and it supports self-defined content for policy creation. The solution supports delegated administration for distinct event viewing, along with the separation of duties. Basic encryption methods (TLS, S/MIME and PGP gateway encryption) are supported along with push (secure envelope) encryption, which was significantly improved in the latest version with an enhanced enduser interface and more options, including reply-and-recipient-initiated encrypted options. The solution is now very complete and is deployable on-box, rather than as a separate solution. It also supports the secure transfer of arbitrarily large files via its encrypted pull capability (hosted encryption). It can also be configured to automatically set up a pull-only encrypted based on a predetermined attachment size. The SaaS offering provides a simple, clean, Web-based interface that is very easy to use for managing Web and traffic. Ancillary services include archiving and continuity service with a 60-day rolling history. The service can lock message traffic to a specific geography to avoid processing traffic in foreign legal environments. Recent improvements include the additions of policy-based pull encryption (Echoworx), SPF validation, improved attachment scanning and DLP improvements. Cautions McAfee hasn't significantly expanded its market share in the enterprise SEG market since the Secure Computing acquisition, and it does not show up on Gartner client shortlists or competitive large enterprise deals, as often as we would expect, given McAfee's channel reach. The biggest problem with McAfee's solutions is the lack of integration or feature consistency across the three offerings. Most of McAfee's recent improvements in the past year have been on the Security and Web Appliance code base, and the SaaS service. The former IronMail product (now the MacAfee Gateway) has received little attention. McAfee will be integrating the two existing appliances in a single solution later in This new solution should streamline the product lineup, provide better integration, and 17

18 improve previous criticisms about management interface and reporting, which are common from reference customers and Gartner clients. It will be a critical test of McAfee's ability to merge the best features of these three different products to create a single solution. McAfee has to expand the global footprint of its data center to appeal to more international customers and global organizations. Currently, the service is only hosted in seven geographies (U.S., China/Hong Kong, Japan, New Zealand, Australia, England and the Netherlands). The McAfee network security portfolio is less well-aligned with Intel's priorities and is less likely to receive future management attention and resources. Customers and buyers must demand road maps with firm delivery commitments and monitor McAfee's fulfillment. Microsoft Microsoft offers two complementary security solutions. Its flagship product is Forefront Online Protection for Exchange (FOPE), which is a SaaS-based solution. Forefront Protection 2010 for Exchange Server (FPE) is a software solution that is run on Exchange. FOPE is a good shortlist inclusion, especially for Microsoft-centric customers that purchase premium licensing. It is a default choice for organizations considering Microsoft's Exchange Online or the Office 365 suite. Enterprise buyers should consider FPE primarily as an additional layer of antivirus protection for the Exchange message store and for internal federated Exchange filtering, rather than a stand-alone SEG solution. Strengths FOPE is a multitenancy SAS infrastructure where each data center has a copy of the customer's data, allowing for continuous uptime, even in the event of a data center failure. Mail-processing data centers are located in the U.S. and Europe. Microsoft supports guaranteed "in-geography" mail processing for its U.S. customers that do not want mail to be processed in other countries. Microsoft made improvements to message trace, management integration with Exchange Online, delegated administrator access, URL database quality and routing since our last analysis. Exchange, Outlook, and the FOPE and Exchange Hosted Encryption (EHE) network all support TLS, S/MIME and PGP. FOPE also offers a Hosted Encryption solution that is built on Voltage Security's certificateless identity-based encryption (IBE) technology. FOPE supports large file attachment transfer up to 150MB. Microsoft released the Forefront Protection Server Management Console 2010 (FPSMC) a free download that provides multiserver management for FPE 2010 and Forefront Protection 2010 for SharePoint (FPSP 2010). It also integrates with the FOPE Administration Center. FPE is useful on an Exchange hub for internal spam and virus filtering. Microsoft's security solutions are part of the enterprise client access license (CAL), the Exchange Enterprise CAL and the Forefront Protection Suite. A large number of customers already pay for components of Microsoft's security solutions but have not deployed them. Users should check their license entitlements before they consider alternatives. Exchange Online Archiving (which replaces the previous Exchange Hosted Archive offering) is available as an optional service for Web-based archiving of , IM and other items. EOA is for on-premises Exchange 18

19 2010 mailboxes. Alternatively, Exchange Online (on the Office 365 platform) will include basic archiving or advanced archiving depending on the version purchased. Microsoft is improving its reputation for delivering solid and well-integrated security capabilities and regaining the trust of enterprise organizations. Cautions Despite recent improvements, Microsoft is still not on the leading edge of user interface reporting or functional capabilities. FOPE still does not allow end users to create their own safe senders (allow list) through the Web portal (although Outlook and Exchange Server support safe senders, and administrators can set up a per-user "Allow Policy" and synchronize via directory synchronization) or consolidated quarantine for aliases and distribution lists. There is no ad hoc reporting capability (only filtered versions of existing reports). FOPE does not allow for individual-user spam thresholds for different categories of spam. It doesn't allow for an AD group-specific disclaimer (although the solution does include the ability to set up virtual domains to segment users for policy purposes). Management integration of the various Microsoft components is still fractured. For example, FPE and the Exchange Edge role have different interfaces for managing MTA functionality versus competitive integrated appliances. We anticipate tighter future integration with the recent integration of the Forefront organization unit at Microsoft with the Office business unit, which includes the Exchange team. Microsoft only has data centers in the U.S. and EU, and in-geography-only routing is only available in the U.S. Buyers that have not standardized on Active Directory require Forefront identity manager to consolidate directories in a single addressable entity for synchronization with the service. The DLP capability for FPE is limited to keyword and regular expression searching, and FOPE DLP only includes a single predefined policy (HIPAA). Microsoft cannot scan within attachments for DLP violations and only uses true-type file detection for executable files. It does not have a DLP quarantine that is optimized for compliance workflow. The announcement of an OEM deal with EMC/RSA for its DLP capabilities several years ago still has yet to manifest itself in a functionality offering. Some customers complained that policy changes take some time to propagate through the network, and that they would like a feedback loop to certify that the changes have been implemented. The FOPE spam detection SLA at 98% is lower than the industry norm of 99%. It does not offer a disaster recovery/continuity service. Proofpoint Proofpoint, a private California-based company, is the last remaining dedicated SEG provider in this analysis. It continues to lead the market with innovative features and a broad range of solutions, including archiving, e- discovery, large file transfer and mailbox hosting. Proofpoint increased in execution this year due to a combination of a high growth rate relative to peers, dedicated focus on security issues and continued product enhancements. Proofpoint is a very good candidate for organizations looking for a full range of best-ofbreed SEG functionality in supported geographies. 19

20 Strengths Proofpoint's flagship security solution (Proofpoint Enterprise) is available as a hosted service; as onpremises appliances, virtual (VMware) appliances and software; or as a hybrid combination of these versions. Spam and malware accuracy has always been a consistent strength of Proofpoint, and the company is one of the few that publicly reports its anti-spam effectiveness (see livespamstats.php). Proofpoint recently added DKIM verification. The company continues to invest in new techniques for spam and phishing detection, including a machine-learning classifier for phishing and improved URL link inspection. Proofpoint provides spam classifiers (adult, bulk mail, phish and suspected spam) to enable more granular policy. Its Web-based management interface is one of the best in this market, with numerous innovations and unique features. We particularly like the Ajax-based dashboards that are completely customizable for each administrator. All reports are available as a dashboard widget. The Proofpoint information channel provides Really Simple Syndication feed news items on global threats or product information. Administrators have complete control over the look and feel of the end-user quarantine and secure interface, including color logos, terms, field identifiers, help content and support for numerous languages. Proofpoint offers integrated, push policy-based encryption that incorporates the features traditionally associated with pull offerings, which is optimized for mobile devices. The solution also supports TLS, S/ MIME and PGP secure delivery. DLP features are very strong and include numerous prebuilt policies, dictionaries, number identifiers and integrated policy-based encryption. Policy development is object-oriented and similar across spam and DLP. The DLP quarantine is very sophisticated for a channel solution, and it includes highlighted policy violations and the ability to add comments to incidents. DLP policy can be enforced on Web traffic via a dedicated network sniffer or ICAP integration with a proxy server. The SaaS service provides the same controls and policies as the on-premises appliance, including bidirectional spam filtering and outbound DLP functions. The installed base for this offering is expanding among G2000 customers, including some very large enterprises. Cautions Proofpoint's dedicated focus on is both a strength and a weakness. Although it continues to define best-of-breed functionality, in a rapidly maturing market, best of breed often becomes overkill to some customers. Concurrently, numerous enterprise buyers are looking for opportunities to consolidate product purchases around fewer, more strategic vendors. Proofpoint is not able to offer product breadth horizontally, such as SWG solutions, nor is it able to offer indepth integrated products, such as enterprise DLP that goes beyond the and Web channel. Despite good growth rates, Proofpoint continues to have a smaller market and mind share, compared with early market competitors. Proofpoint needs to improve its delivery through the channel, rather than its dedicated sales force to accelerated market share growth, especially outside North America. 20

Magic Quadrant for Secure E-Mail Gateways

Magic Quadrant for Secure E-Mail Gateways Magic Quadrant for Secure E-Mail Gateways Gartner RAS Core Research Note G00175396, Peter Firstbrook, Eric Ouellet, 27 April 2010, RA5 04302011 The e-mail security market is very mature. Targeted phishing

More information

Secure Messaging. Forefront Online Protection for Exchange. Forefront Protection 2010 for Exchange. Forefront Unified Access Gateway

Secure Messaging. Forefront Online Protection for Exchange. Forefront Protection 2010 for Exchange. Forefront Unified Access Gateway Secure Messaging As businesses look to drive growth, they need to increase collaboration, sharing and access to information but must do so while protecting their assets and infrastructure. Frequently this

More information

Magic Quadrant for Secure E-Mail Gateways

Magic Quadrant for Secure E-Mail Gateways Magic Quadrant for Secure E-Mail Gateways Gartner RAS Core Research Note G00175396, Peter Firstbrook, Eric Ouellet, 27 April 2010, R3360 04282011 The e-mail security market is very mature. Targeted phishing

More information

Magic Quadrant for Secure Email Gateways

Magic Quadrant for Secure Email Gateways G00247704 Magic Quadrant for Secure Email Gateways Published: 2 July 2013 Analyst(s): Peter Firstbrook, Brian Lowans The secure email gateway market is mature. Buyers should focus on strategic vendors,

More information

Magic Quadrant for Secure Email Gateways

Magic Quadrant for Secure Email Gateways Magic Quadrant for Secure Email Gateways 2 July 2013 ID:G00247704 Analyst(s): Peter Firstbrook, Brian Lowans VIEW SUMMARY The secure email gateway market is mature. Buyers should focus on strategic vendors,

More information

Email Migration Project Plan for Cisco Cloud Email Security

Email Migration Project Plan for Cisco Cloud Email Security Sales Tool Email Migration Project Plan for Cisco Cloud Email Security 2014 Cisco and/or its affiliates. All rights reserv ed. This document is Cisco Conf idential. For Channel Partner use only. Not f

More information

Cisco Cloud Email Security Interoperability with Microsoft Office 365

Cisco Cloud Email Security Interoperability with Microsoft Office 365 White Paper Cisco Cloud Email Security Interoperability with Microsoft Office 365 We ve all been witness to the cloud evolution and the technologies that have been driven by moving operations and resources

More information

are some of the key drivers behind mandates from executives to move IT infrastructure from on-premises to the cloud.

are some of the key drivers behind mandates from executives to move IT infrastructure from on-premises to the cloud. W H I T E PA P E R Public Network External Application MTA Moving to the Cloud Important Things to Consider Before Migrating Your Messaging Infrastructure to the Cloud Fallback MTA External Corporate MTAs

More information

Configuration Information

Configuration Information This chapter describes some basic Email Security Gateway configuration settings, some of which can be set in the first-time Configuration Wizard. Other topics covered include Email Security interface navigation,

More information

Cisco IronPort C370 for Medium-Sized Enterprises and Satellite Offices

Cisco IronPort C370 for Medium-Sized Enterprises and Satellite Offices Data Sheet Cisco IronPort C370 for Medium-Sized Enterprises and Satellite Offices Medium-sized enterprises face the same daunting challenges as the Fortune 500 and Global 2000 - higher mail volumes and

More information

Transitioning to McAfee SaaS Email Protection from Postini

Transitioning to McAfee SaaS Email Protection from Postini Technical FAQ Transitioning to McAfee SaaS Email Protection from Postini Frequently Asked Questions Google recently and abruptly announced that all Postini customers must either migrate to Google Apps,

More information

Symantec Messaging Gateway 10.5

Symantec Messaging Gateway 10.5 Powerful email gateway protection Data Sheet: Messaging Security Overview Symantec Messaging Gateway enables organizations to secure their email and productivity infrastructure with effective and accurate

More information

Cisco IronPort X1070 Email Security System

Cisco IronPort X1070 Email Security System Data Sheet Cisco IronPort X1070 Email Security System As the battle to protect the email perimeter continues, two predominant trends emerge: higher mail volumes and more resource-intensive scanning. The

More information

V1.4. Spambrella Email Continuity SaaS. August 2

V1.4. Spambrella Email Continuity SaaS. August 2 V1.4 August 2 Spambrella Email Continuity SaaS Easy to implement, manage and use, Message Continuity is a scalable, reliable and secure service with no set-up fees. Built on a highly reliable and scalable

More information

Mimecast Email Security

Mimecast Email Security DATA SHEET Mimecast Email Security A fully integrated email security, continuity and archiving cloud based solution that delivers total end-to-end control of your email, mitigating email risks and reducing

More information

Securing enterprise collaboration through email and file sharing on a unified platform

Securing enterprise collaboration through email and file sharing on a unified platform Axway MailGate SC Securing enterprise collaboration through email and file sharing on a unified platform Email is the primary collaboration tool employees use to share information and send large files.

More information

SESA Securing Email with Cisco Email Security Appliance Parts 1 and 2

SESA Securing Email with Cisco Email Security Appliance Parts 1 and 2 Course Overview Securing Email with Cisco Email Security Appliance (SESA) combines Parts 1 and 2 (SESA1, SESA2) into a single three day course. Students learn to use Cisco Email Security Appliances (ESA's)

More information

Top 10 Features: Clearswift SECURE Email Gateway

Top 10 Features: Clearswift SECURE Email Gateway Top 10 Features: Clearswift SECURE Email Gateway Top 10 Features: Clearswift SECURE Email Gateway Modern business simply couldn t function without email. However, both incoming and outgoing messages can

More information

Symantec Messaging Gateway 10.6

Symantec Messaging Gateway 10.6 Powerful email gateway protection Data Sheet: Messaging Security Overview Symantec Messaging Gateway enables organizations to secure their email and productivity infrastructure with effective and accurate

More information

FortiMail Email Filtering. Course 221 (for FortiMail v5.0) Course Overview

FortiMail Email Filtering. Course 221 (for FortiMail v5.0) Course Overview FortiMail Email Filtering Course 221 (for FortiMail v5.0) Course Overview FortiMail Email Filtering is a 2-day instructor-led course with comprehensive hands-on labs to provide you with the skills needed

More information

eprism Email Security Appliance 6.0 Release Notes What's New in 6.0

eprism Email Security Appliance 6.0 Release Notes What's New in 6.0 eprism Email Security Appliance 6.0 Release Notes St. Bernard is pleased to announce the release of version 6.0 of the eprism Email Security Appliance. This release adds several new features while considerably

More information

Configuration Information

Configuration Information Configuration Information Email Security Gateway Version 7.7 This chapter describes some basic Email Security Gateway configuration settings, some of which can be set in the first-time Configuration Wizard.

More information

On and off premises technologies Which is best for you?

On and off premises technologies Which is best for you? On and off premises technologies Which is best for you? We don t mind what you buy, as long as it is YELLOW! Warren Sealey and Paul-Christian Garpe On Premises or in the cloud? 1 Agenda Why Symantec? Email

More information

Trend Micro Hosted Email Security Stop Spam. Save Time.

Trend Micro Hosted Email Security Stop Spam. Save Time. Trend Micro Hosted Email Security Stop Spam. Save Time. How it Works: Trend Micro Hosted Email Security A Trend Micro White Paper l March 2010 Table of Contents Introduction...3 Solution Overview...4 Industry-Leading

More information

Securing enterprise collaboration through email and file sharing on a unified platform

Securing enterprise collaboration through email and file sharing on a unified platform Axway MailGate SC Securing enterprise collaboration through email and file sharing on a unified platform Email is the primary collaboration tool employees use to share information and send large files.

More information

email management solutions

email management solutions Safeguard business continuity and productivity with Mimecast email management solutions Computacenter and Mimecast in partnership Expert software solutions Computacenter and Mimecast help organisations

More information

Mod 08: Exchange Online FOPE

Mod 08: Exchange Online FOPE Office 365 for SMB Jump Start Mod 08: Exchange Online FOPE Chris Oakman Managing Partner Infrastructure Team Eastridge Technology Stephen Hall Owner & IT Consultant District Computers 1 Jump Start Schedule

More information

Exchange Online Protection In-Depth

Exchange Online Protection In-Depth Exchange Online Protection In-Depth Mike Crowley Baseline Technologies Session Agenda Introduction to EOP Administration DMARC, SPF & DKIM Advanced Threat Protection EOP Deployment Tips Introduction to

More information

FortiMail Email Filtering Course 221-v2.2 Course Overview

FortiMail Email Filtering Course 221-v2.2 Course Overview FortiMail Email Filtering Course 221-v2.2 Course Overview FortiMail Email Filtering is a 2-day instructor-led course with comprehensive hands-on labs to provide you with the skills needed to design, configure,

More information

anomaly, thus reported to our central servers.

anomaly, thus reported to our central servers. Cloud Email Firewall Maximum email availability and protection against phishing and advanced threats. If the company email is not protected then the information is not safe Cloud Email Firewall is a solution

More information

No per user or mail box pricing restrictions. Bundled pricing integrated with Antispam, Antivirus, Antispyware and Antimalware

No per user or mail box pricing restrictions. Bundled pricing integrated with Antispam, Antivirus, Antispyware and Antimalware Fortinet Lowers TCO No per user or mail box pricing restrictions Bundled pricing integrated with Antispam, Antivirus, Antispyware and Antimalware Cost on average is approximately 50% less than traditional

More information

Symantec Messaging Gateway powered by Brightmail

Symantec Messaging Gateway powered by Brightmail The first name in messaging security powered by Brightmail Overview, delivers inbound and outbound messaging security, with effective and accurate real-time antispam and antivirus protection, advanced

More information

MESSAGING SECURITY GATEWAY. Detect attacks before they enter your network

MESSAGING SECURITY GATEWAY. Detect attacks before they enter your network MESSAGING SECURITY GATEWAY Detect attacks before they enter your network OVERVIEW This document explains the functionality of F-Secure Messaging Security Gateway (MSG) what it is, what it does, and how

More information

Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats

Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats 1 of 2 November, 2004 Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats Choose Your Weapon: Fighting the Battle

More information

Market Guide for Network Sandboxing

Market Guide for Network Sandboxing G00271317 Market Guide for Network Sandboxing Published: 2 March 2015 Analyst(s): Lawrence Orans, Jeremy D'Hoinne Choosing a network sandboxing solution is challenging due to the wide array of options

More information

AlwaysMail. Sector 5. Cloud E-Mail

AlwaysMail. Sector 5. Cloud E-Mail AlwaysMail Sector 5 Cloud E-Mail INDEX INDEX 2 SECTOR 5 COMPANY PROFILE 3 Background Company Name & Address 3 1. SECTOR 5 HOSTED E-MAIL OFFERING 4 2. MICROSOFT HOSTED EXCHANGE 5 3. HOW WE MIGRATE COMPANIES?

More information

EMAIL MANAGEMENT SOLUTIONS SAFEGUARD BUSINESS CONTINUITY AND PRODUCTIVITY WITH MIMECAST

EMAIL MANAGEMENT SOLUTIONS SAFEGUARD BUSINESS CONTINUITY AND PRODUCTIVITY WITH MIMECAST EMAIL MANAGEMENT SOLUTIONS SAFEGUARD BUSINESS CONTINUITY AND PRODUCTIVITY WITH MIMECAST Enabling user efficiency with a cloud-based email platform With productivity, revenues and reputation at stake, an

More information

Cisco Email Security Appliances

Cisco Email Security Appliances Data Sheet Cisco Email Security Appliances Over the past 20 years, email has evolved from a tool used primarily by technical and research professionals to become the backbone of corporate communications.

More information

ZSCALER EMAIL SECURITY CLOUD FOR LARGE AND MEDIUM ENTERPRISE

ZSCALER EMAIL SECURITY CLOUD FOR LARGE AND MEDIUM ENTERPRISE The Leader in Cloud Security DATA SHEET ZSCALER EMAIL SECURITY CLOUD FOR LARGE AND MEDIUM ENTERPRISE OVERVIEW Email volume is growing every day. Administrators struggle with a growing number of appliances

More information

Trend Micro Hosted Email Security Stop Spam. Save Time.

Trend Micro Hosted Email Security Stop Spam. Save Time. Trend Micro Hosted Email Security Stop Spam. Save Time. How Hosted Email Security Inbound Filtering Adds Value to Your Existing Environment A Trend Micro White Paper l March 2010 1 Table of Contents Introduction...3

More information

European developer & provider ensuring data protection User console: Simile Fingerprint Filter Policies and content filtering rules

European developer & provider ensuring data protection User console: Simile Fingerprint Filter Policies and content filtering rules Cloud Email Firewall Maximum email availability and protection against phishing and advanced threats. If the company email is not protected then the information is not safe Cloud Email Firewall is a solution

More information

Selecting Your Essential Cloud Services

Selecting Your Essential Cloud Services DATASHEET Selecting Your Essential Cloud Services Mimecast s flexible and scalable suite of essential cloud services for Microsoft Exchange removes the risks and complexities of business email management

More information

Stop Spam. Save Time.

Stop Spam. Save Time. Stop Spam. Save Time. A Trend Micro White Paper I January 2015 Stop Spam. Save Time. Hosted Email Security: How It Works» A Trend Micro White Paper January 2015 TABLE OF CONTENTS Introduction 3 Solution

More information

WATCHGUARD IRONPORT KEY SALES PITCH TRUTH BEHIND THE PITCH

WATCHGUARD IRONPORT KEY SALES PITCH TRUTH BEHIND THE PITCH KEY SALES PITCH First and only true unified security provider for protection bidirectional threats and data loss prevention across email and web in a single solution. XCS leverages ReputationAuthority

More information

Symantec Brightmail Gateway Real-time protection backed by the largest investment in security infrastructure

Symantec Brightmail Gateway Real-time protection backed by the largest investment in security infrastructure Real-time protection backed by the largest investment in security infrastructure Overview delivers inbound and outbound messaging security, with effective and accurate real-time antispam and antivirus

More information

Evaluation Guide. eprism Messaging Security Suite. 800-782-3762 www.edgewave.com V8.200

Evaluation Guide. eprism Messaging Security Suite. 800-782-3762 www.edgewave.com V8.200 800-782-3762 www.edgewave.com Welcome to EdgeWave Messaging Security! This short guide is intended to help administrators setup and test the EdgeWave Messaging Security Suite for evaluation purposes. A

More information

FortiMail Identity Based Encryption A Business Enabler WHITE PAPER

FortiMail Identity Based Encryption A Business Enabler WHITE PAPER FortiMail Identity Based Encryption A Business Enabler WHITE PAPER FORTINET FortiMail Identity Based Encryption - A Business Enabler PAGE 2 Contents Business Need Secure Mail Delivery... 3 Challenges with

More information

FortiMail Email Filtering. Course 221 (for FortiMail v4.2) Course Overview

FortiMail Email Filtering. Course 221 (for FortiMail v4.2) Course Overview FortiMail Email Filtering Course 221 (for FortiMail v4.2) Course Overview FortiMail Email Filtering is a 2-day instructor-led course with comprehensive hands-on labs to provide you with the skills needed

More information

WATCHGUARD BARRACUDA KEY SALES PITCH TRUTH BEHIND THE PITCH

WATCHGUARD BARRACUDA KEY SALES PITCH TRUTH BEHIND THE PITCH KEY SALES PITCH Long time provider of email security with large customer base XCS 170, 370 and 570 appliances integrate bi directional email threat protection and data loss prevention on a single platform.

More information

Selecting Your Essential Cloud Services for Office 365

Selecting Your Essential Cloud Services for Office 365 DATASHEET Selecting Your Essential Cloud Services for Office 365 Mimecast provides a rich set of cloud services designed to meet the specific needs of Microsoft Office 365 customers. We effectively remove

More information

Cisco IronPort C670 for Large Enterprises and ISPs

Cisco IronPort C670 for Large Enterprises and ISPs Data Sheet Cisco IronPort C670 for Large Enterprises and ISPs As the battle to protect the corporate email perimeter continues, two trends emerge: higher mail volumes and more resource-intensive scanning.

More information

SurfControl EmailFilter for SMTP

SurfControl EmailFilter for SMTP ANTI SPAM SOLUTIONS TECHNOLOGY REPORT SurfControl EmailFilter for SMTP JANUARY 2007 www.westcoastlabs.org 2 ANTI SPAM SOLUTIONS TECHNOLOGY REPORT CONTENTS SurfControl EmailFilter for SMTP SurfControl,

More information

Mimecast Unified Email Management

Mimecast Unified Email Management DATA SHEET Mimecast Unified Email Management An always-on, cloud-based email security solution that reduces the complexity of protecting your organization from malware, spam and data leakage. Mimecast

More information

CYBEROAM UTM s. Outbound Spam Protection Subscription for Service Providers. Securing You. Our Products. www.cyberoam.com

CYBEROAM UTM s. Outbound Spam Protection Subscription for Service Providers. Securing You. Our Products. www.cyberoam.com CYBEROAM UTM s Outbound Spam Protection Subscription for Service Providers Our Products Unified Threat Management Agenda of Presentation What is Outbound Spam? Consequences of Outbound Spam Why current

More information

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments Trusted protection for endpoints and messaging environments Overview Symantec Protection Suite Enterprise Edition creates a protected endpoint and messaging environment that is secure against today s complex

More information

Forefront Protection 2010 for Exchange Server Overview

Forefront Protection 2010 for Exchange Server Overview Forefront Protection 2010 for Exchange Server Overview Fast and effective protection against malware and spam Forefront Protection 2010 for Exchange Server provides fast and effective detection of viruses,

More information

Magic Quadrant for E-Mail Security Boundaries

Magic Quadrant for E-Mail Security Boundaries Magic Quadrant for E-Mail Security Boundaries Gartner RAS Core Research Note G00160125, Arabella Hallawell, Peter Firstbrook, 11 September 2008 R2856 09122009 The e-mail security market is maturing, but

More information

Access Webmail, Collaboration Tools, and Sync Mobile Devices from Anywhere

Access Webmail, Collaboration Tools, and Sync Mobile Devices from Anywhere P a g e 1 Steadfast email Steadfast email delivers Exchange-level mail server features at a lower cost. With lower end user requirements, superior stability, and reduced maintenance costs Steadfast email

More information

GFI Product Comparison. GFI MailEssentials vs Barracuda Spam Firewall

GFI Product Comparison. GFI MailEssentials vs Barracuda Spam Firewall GFI Product Comparison GFI MailEssentials vs Barracuda Spam Firewall GFI MailEssentials Barracuda Spam Firewall Integrates closely with Microsoft Exchange Server 2003/2007/2010 Integrates closely with

More information

Copyright 2011 Sophos Ltd. Copyright strictly reserved. These materials are not to be reproduced, either in whole or in part, without permissions.

Copyright 2011 Sophos Ltd. Copyright strictly reserved. These materials are not to be reproduced, either in whole or in part, without permissions. PureMessage for Microsoft Exchange protects Microsoft Exchange servers and Windows gateways against email borne threats such as from spam, phishing, viruses, spyware. In addition, it controls information

More information

2012 North American Enterprise Firewalls Market Penetration Leadership Award

2012 North American Enterprise Firewalls Market Penetration Leadership Award 2012 2012 North American Enterprise Firewalls Market Penetration Leadership Award 2012 Frost & Sullivan 1 We Accelerate Growth Market Penetration Leadership Award Enterprise Firewalls North America, 2012

More information

Data Sheet: Messaging Security Symantec Brightmail Gateway Award-winning messaging security for inbound protection and outbound control

Data Sheet: Messaging Security Symantec Brightmail Gateway Award-winning messaging security for inbound protection and outbound control Award-winning messaging security for inbound protection and outbound control Overview The delivers inbound and outbound messaging security for email and IM, with effective and accurate antispam and antivirus

More information

InsightCloud. www.insightcloud.com. Hosted Desktop Service. What is InsightCloud? What is SaaS? What are the benefits of SaaS?

InsightCloud. www.insightcloud.com. Hosted Desktop Service. What is InsightCloud? What is SaaS? What are the benefits of SaaS? What is InsightCloud? InsightCloud is a web portal enabling Insight customers to purchase and provision a wide range of Cloud services in a straightforward and convenient manner. What is SaaS? Software

More information

Comprehensive protection. Streamlined administration console

Comprehensive protection. Streamlined administration console Next generation of Forefront Online Protection for Exchange (FOPE) Comprehensive protection Enterprise class reliability Streamlined administration console On-premises Exchange Online Protection Office

More information

The Fortinet Secure Health Architecture

The Fortinet Secure Health Architecture The Fortinet Secure Health Architecture Providing Next Generation Secure Healthcare for The Healthcare Industry Authored by: Mark Hanson U.S. Director Fortinet, Inc. - Healthcare Introduction Healthcare

More information

INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe

INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN Albin Penič Technical Team Leader Eastern Europe Trend Micro 27 years focused on security software Headquartered

More information

Top 10 Reasons Enterprises are Moving Security to the Cloud

Top 10 Reasons Enterprises are Moving Security to the Cloud ZSCALER EBOOK Top 10 Reasons Enterprises are Moving Security to the Cloud A better approach to security Albert Einstein defined insanity as doing the same thing over and over again and expecting different

More information

Tumbleweed MailGate Secure Messenger

Tumbleweed MailGate Secure Messenger EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT Tumbleweed MailGate Secure Messenger JANUARY 2007 www.westcoastlabs.org 2 EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT CONTENTS MailGate Secure Messenger Tumbleweed

More information

Cisco Email Security Appliances

Cisco Email Security Appliances Data Sheet Cisco Email Security Appliances Product Overview Over the past 20 years, email has evolved from a tool used primarily by technical and research professionals to become the backbone of corporate

More information

Astaro Gateway Software Applications

Astaro Gateway Software Applications Astaro Overview Astaro Products - Astaro Security Gateway - Astaro Web Gateway - Astaro Mail Gateway - Astaro Command Center - Astaro Report Manager Astaro Gateway Software Applications - Network Security

More information

Check Point Positions

Check Point Positions Check Point Positions - Gartner Magic Quadrants - IDC Market Share Research 2012 Dean J. Whitehair Analyst Relations October 2012 Version 9.0 Updated 10/17/2012 2012 Check Point Software Technologies Ltd.

More information

INFORMATION PROTECTED

INFORMATION PROTECTED INFORMATION PROTECTED Symantec Protection Suite Effective, comprehensive threat protection Safeguarding your organization s business-critical assets in today s ever-changing threat landscape has never

More information

IronPort X1060 Email Security System

IronPort X1060 Email Security System IronPort EMAIL SECURITY APPLIANCES THE ULTIMATE EMAIL S E C U R I T Y S Y S T E M F O R T H E W O R L D S M O S T DEMANDING NETWORKS. IronPort X1060 Email Security System Overview As the battle to protect

More information

Consolidated Email Hygiene and Encryption Service E-Hub. Slide 1

Consolidated Email Hygiene and Encryption Service E-Hub. Slide 1 Consolidated Email Hygiene and Encryption Service E-Hub Slide 1 Agenda E-Hub Service Overview E-Hub Benefits & Features E-Hub Rates and Implementation Microsoft FOPE Hygiene Overview Demo Microsoft FOPE

More information

Strengthen Microsoft Office 365 with Sophos Cloud and Reflexion

Strengthen Microsoft Office 365 with Sophos Cloud and Reflexion Strengthen Microsoft Office 365 with Sophos Cloud and Reflexion Many organizations are embracing cloud technology and moving from complex, rigid on-premise infrastructure and software to the simplicity

More information

Forcepoint Stonesoft Management Center

Forcepoint Stonesoft Management Center Datasheet Forcepoint Stonesoft Management Center EFFICIENT, CENTRALIZED MANAGEMENT OF FORCEPOINT STONESOFT NEXT GENERATION FIREWALLS IN DISTRIBUTED ENTERPRISE ENVIRONMENTS FORCEPOINT STONESOFT MANAGEMENT

More information

Selecting Your Essential Cloud Services

Selecting Your Essential Cloud Services DATASHEET Selecting Your Essential Cloud Services Mimecast s flexible and scalable suite of essential cloud services for Microsoft Exchange removes the risks and complexities of business email management

More information

Quick Heal Exchange Protection 4.0

Quick Heal Exchange Protection 4.0 Quick Heal Exchange Protection 4.0 Customizable Spam Filter. Uninterrupted Antivirus Security. Product Highlights Built-in defense keeps your business communications and sensitive information secure from

More information

FortiMail Email Filtering Course 221-v2.0. Course Overview. Course Objectives

FortiMail Email Filtering Course 221-v2.0. Course Overview. Course Objectives FortiMail Email Filtering Course 221-v2.0 Course Overview FortiMail Email Filtering is a 2-day instructor-led course with comprehensive hands-on labs to provide you with the skills needed to configure,

More information

The Fortinet Secure Health Architecture

The Fortinet Secure Health Architecture The Fortinet Secure Health Architecture Providing End-to-End Security for Modern Healthcare Organizations Introduction Healthcare providers are migrating from large, independent stand alone organizations

More information

Sophos Acquires Cyberoam

Sophos Acquires Cyberoam Sophos Acquires Cyberoam Frequently Asked Questions Table of Contents FAQ... 2 What is Sophos announcing?... 2 Who is Cyberoam?... 2 Why is Sophos acquiring Cyberoam?... 2 Why is Sophos acquiring Cyberoam

More information

BUSINESS OPPORTUNITY 4 CONNECTED UTM FOR SMALL OFFICES 6 SECURE COMMUNICATIONS FOR SMALL OFFICES 10 COMPETITIVE COMPARISONS 15

BUSINESS OPPORTUNITY 4 CONNECTED UTM FOR SMALL OFFICES 6 SECURE COMMUNICATIONS FOR SMALL OFFICES 10 COMPETITIVE COMPARISONS 15 SMB Partner Sales Guide 1 Contents BUSINESS OPPORTUNITY 4 CONNECTED UTM FOR SMALL OFFICES 6 SECURE COMMUNICATIONS FOR SMALL OFFICES 10 COMPETITIVE COMPARISONS 15 FORTIGUARD SECURITY SERVICES 18 PARTNER

More information

Transitioning to McAfee SaaS Email Protection from Postini

Transitioning to McAfee SaaS Email Protection from Postini Technical FAQ Transitioning to McAfee SaaS Email Protection from Postini Frequently Asked Questions Google recently and abruptly announced that all Postini customers must either migrate to Google Apps,

More information

Solution Brief FortiMail for Service Providers. Nathalie Rivat

Solution Brief FortiMail for Service Providers. Nathalie Rivat Solution Brief FortiMail for Service Providers Nathalie Rivat Agenda FortiMail for Internet Service Providers Outbound antispam to prevent blacklisting MMS routing for Mobile Operators Inbound antispam

More information

Service Launch Guide (US Customer) SEG Filtering

Service Launch Guide (US Customer) SEG Filtering Secure Network Gateway / Secure E-Mail Gateway (SEG) Service Service Launch Guide Service Launch Guide (US Customer) SEG Filtering Overview The following information will guide you through the steps required

More information

Magic Quadrant for E-Mail Security Boundaries

Magic Quadrant for E-Mail Security Boundaries Magic Quadrant for E-Mail Security Boundaries Gartner RAS Core Research Note G00160125, Arabella Hallawell, Peter Firstbrook, 11 September 2008, R2875 03262009 The e-mail security market is maturing, but

More information

Technology Blueprint. Protect Your Email. Get strong security despite increasing email volumes, threats, and green requirements

Technology Blueprint. Protect Your Email. Get strong security despite increasing email volumes, threats, and green requirements Technology Blueprint Protect Your Email Get strong security despite increasing email volumes, threats, and green requirements LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security

More information

Advantages of Managed Security Services

Advantages of Managed Security Services Advantages of Managed Security Services Cloud services via MPLS networks for high security at low cost Get Started Now: 877.611.6342 to learn more. www.megapath.com Executive Summary Protecting Your Network

More information

Cisco Email Security Appliances

Cisco Email Security Appliances Data Sheet Cisco Email Security Appliances Product Overview Over the past 20 years, email has evolved from a tool used primarily by technical and research professionals to become the backbone of corporate

More information

Websense Email Security Transition Guide

Websense Email Security Transition Guide Websense Email Security Transition Guide Websense Email Security Gateway v7.6 2011, Websense Inc. All rights reserved. 10240 Sorrento Valley Rd., San Diego, CA 92121, USA R140611760 Published August 2011

More information

Mailwall Remote Features Tour Datasheet

Mailwall Remote Features Tour Datasheet Management Portal & Dashboard Mailwall Remote Features Tour Datasheet Feature Benefit Learn More Screenshot Cloud based portal Securely manage your web filtering policy wherever you are without need for

More information

UNCLASSIFIED. UK Email Archiving powered by Mimecast Service Description

UNCLASSIFIED. UK Email Archiving powered by Mimecast Service Description UNCLASSIFIED 11/12/2015 v2.2 UK Email Archiving powered by Mimecast Service Description Cobweb s UK Email Archiving, powered by Mimecast, provides businesses with a secure, scalable cloud-based message

More information

Unified Threat Management, Managed Security, and the Cloud Services Model

Unified Threat Management, Managed Security, and the Cloud Services Model Unified Threat Management, Managed Security, and the Cloud Services Model Kurtis E. Minder CISSP Global Account Manager - Service Provider Group Fortinet, Inc. Introduction Kurtis E. Minder, Technical

More information

BUILT FOR YOU. Contents. Cloudmore Exchange

BUILT FOR YOU. Contents. Cloudmore Exchange BUILT FOR YOU Introduction is designed so it is as cost effective as possible for you to configure, provision and manage to a specification to suit your organisation. With a proven history of delivering

More information

Symantec Protection Suite Add-On for Hosted Email and Web Security

Symantec Protection Suite Add-On for Hosted Email and Web Security Symantec Protection Suite Add-On for Hosted Email and Web Security Overview Your employees are exchanging information over email and the Web nearly every minute of every business day. These essential communication

More information

Web Security Update. A Radicati Group, Inc. Webconference. The Radicati Group, Inc. Copyright March 2010, Reproduction Prohibited

Web Security Update. A Radicati Group, Inc. Webconference. The Radicati Group, Inc. Copyright March 2010, Reproduction Prohibited The Radicati Group, Inc. www.radicati.com Web Security Update A Radicati Group, Inc. Webconference The Radicati Group, Inc. Copyright March 2010, Reproduction Prohibited 9:30 am, PT March 25, 2010 Speakers

More information

IronPort C350 for Medium-Sized Enterprises and Satellite Offices

IronPort C350 for Medium-Sized Enterprises and Satellite Offices I r o n P o r t E M A I L S E C U R I T Y A P P L I A N C E S H I G H - P E R F O R M A N C E E M A I L S E C U R I T Y. C A R R I E R - P R O V E N T E C H N O L O G Y. E N T E R P R I S E - C L A S S

More information