Anti-spam Comparison Report



Similar documents
No per user or mail box pricing restrictions. Bundled pricing integrated with Antispam, Antivirus, Antispyware and Antimalware

FortiMail Filtering Course 221-v2.2 Course Overview

Copyright 2011 Sophos Ltd. Copyright strictly reserved. These materials are not to be reproduced, either in whole or in part, without permissions.

Test Report October InterScan Messaging Security Suite. Anti-Spam Technology Report

Spam Testing Methodology Opus One, Inc. March, 2007

Symantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations

FortiMail Filtering Course 221-v2.0. Course Overview. Course Objectives

Eiteasy s Enterprise Filter

HOSTING SERVICES AGREEMENT

Symantec AntiVirus Enterprise Edition

Release Notes for Websense Security v7.2

T E C H N I C A L S A L E S S O L U T I O N

Solutions IT Ltd Virus and Antispam filtering solutions

Cyber Security Solutions for Small Businesses Comparison Report: A Sampling of Cyber Security Solutions Designed for the Small Business Community

SecurEnvoy Security Server. SecurMail Solutions Guide

Core Protection Suite

How To Configure Forefront Threat Management Gateway (Forefront) For An Server

Comparing Industry-Leading Anti-Spam Services

INLINE INGUARD GUARDIAN

PureMessage for Microsoft Exchange Help. Product version: 4.0

TELSTRA CLOUD SERVICES CLOUD INFRASTRUCTURE PRICING GUIDE AUSTRALIA

MICROSOFT EXCHANGE best practices BEST PRACTICES - DATA STORAGE SETUP

BitDefender Security for Exchange

SurfControl Filter for SMTP

The Exchange 2010 Ecosystem

System Compatibility. Enhancements. Operating Systems. Hardware Requirements. Security

BUILT FOR YOU. Contents. Cloudmore Exchange

Websense Security Transition Guide

SESA Securing with Cisco Security Appliance Parts 1 and 2

PGP Universal Satellite Version 2.7 for Windows Release Notes

Endpoint Security Solutions (Physical & VDI Environment) Comparative Testing Analysis

Avira Exchange Security Small Business Edition. Quick Guide

IronPort C300 for Medium-Sized Enterprises and Satellite Offices

Cyber Security Solutions:

Deploying Layered Security. What is Layered Security?

PureMessage for Microsoft Exchange Help. Product version: 3.1

Barracuda Spam Firewall

IronPort Plug-in for Outlook VERSION 1.8 ADMINISTRATOR GUIDE

SERVICE LEVEL AGREEMENT

Kaspersky Security 8.0 for Microsoft Exchange Servers Installation Guide

Chapter 6: ScanMail emanager

6445A - Implementing and Administering Small Business Server 2008

Barracuda Spam Firewall User s Guide

World-class security solutions for your business. Business Products. C a t a l o g u e

FortiMail Filtering. Course 221 (for FortiMail v5.0) Course Overview

Symantec Protection Suite Add-On for Hosted and Web Security

FortiMail Filtering. Course for FortiMail v4.0. Course Overview

Installing GFI MailEssentials

Symantec Encryption Satellite for Windows Version 3.3 Release

SonicWALL Security Appliance

PureMessage for Microsoft Exchange startup guide. Product version: 3.1

SPAMfighter Exchange Module

Kaspersky Security 9.0 for Microsoft Exchange Servers Administrator's Guide

HARDWARE, SOFTWARE AND CONFIGURATION REQUIREMENTS

Web. Anti- Spam. Disk. Mail DNS. Server. Backup

Configuration Information

Sophos UTM Software Appliance

FortiMail Filtering. Course 221 (for FortiMail v4.2) Course Overview

Purchase College Barracuda Anti-Spam Firewall User s Guide

Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT

Stellar Phoenix. SQL Database Repair 6.0. Installation Guide

Endpoint Security Solutions Comparative Analysis Report

Opus One PAGE 1 1 COMPARING INDUSTRY-LEADING ANTI-SPAM SERVICES RESULTS FROM TWELVE MONTHS OF TESTING INTRODUCTION TEST METHODOLOGY

Sagari Ltd. Service Catalogue and Service Level Agreement For Outsource IT Services

Release notes. Symantec Event Manager for Firewall. What s new. System requirements

Solution Brief: Enterprise Security

How To Manage Your Quarantine On A Blackberry.Com

Installing GFI MailEssentials

Enterprise Vault.cloud Deployment Checklist

World-class security solutions for your business. Kaspersky. OpenSpaceSecurity

PureMessage for Microsoft Exchange startup guide

Cisco IronPort C370 for Medium-Sized Enterprises and Satellite Offices

Version 3.x. Barracuda Spam & Virus Firewall User s Guide. Barracuda Networks Inc S. Winchester Blvd Campbell, CA

PureMessage for Microsoft Exchange 2013 startup guide. Product version: 4.0

Intercept Anti-Spam Quick Start Guide

Kaspersky Security 9.0 for Microsoft Exchange Servers Administrator's Guide

Ignify ecommerce. Item Requirements Notes

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

Core Filtering Admin Guide

NAC at the endpoint: control your network through device compliance

Symantec Protection Suite Small Business Edition

WHITE PAPER: BEST PRACTICES. Sizing and Scalability Recommendations for Symantec Endpoint Protection. Symantec Enterprise Security Solutions Group

ContentCatcher. Voyant Strategies. Best Practice for Gateway Security and Enterprise-class Spam Filtering

Upgrade to Webtrends Analytics 8.7: Best Practices

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

GFI Product Comparison. GFI MailEssentials vs Barracuda Spam Firewall

Symantec Brightmail Gateway Real-time protection backed by the largest investment in security infrastructure

Service Launch Guide (US Customer) SEG Filtering

Introduction. SonicWALL Security

eprism Security Appliance 6.0 Release Notes What's New in 6.0

Transcription:

January 2009 Anti-spam Comparison Report www.westcoastlabs.com 1

Test Laboratory Details US Headquarters and Test Facility West Coast Labs, 16842 Von Karman Avenue, Suite 125 Irvine, CA 92606, U.S.A., Tel: +1 (949) 870 3250, Fax: +1 (949 251 1586) European Headquarters and Test Facility West Coast Labs, Unit 9 Oak Tree Court, Mulberry Drive, Cardiff Gate Business Park, Cardiff, CF23 8RS, UK, Tel: +44 (0) 29 2054 8400, Fax: +44 (0) 29 2054 8401 Test Facilities also in Delhi, Hong Kong and Sydney, Australia. Authors: Richard Thomas, Paul Jones Tel : +44 (0)2920 548 400 Date: 23rd January 2009 Issue: 1.1 www.westcoastlabs.com 2

Contents Introduction 4 Test Configuration 5 Test Methodology 7 Test Results 9 Product Details 10 Conclusion 15 www.westcoastlabs.com 3

Introduction West Coast Labs performed an anti-spam comparative test on various email solutions related to spam detection rate over a series of at least 100,000 emails per solution. The vendors that were considered were the following(alphabetically, and by deployment type): Appliances Barracuda Fortinet Ironport McAfee Hosted Services (SaaS) Trend Micro Software Microsoft Sophos Symantec Trend Micro Websense www.westcoastlabs.com 4

Test Configuration Each solution in the test was configured in accordance with the solution provider s instructions, and was allowed to download the latest updates prior to the testing. During the course of the testing, signature updates were allowed. It should also be noted that no training was conducted during the testing. All the software-based solutions were installed and configured to receive the West Coast Labs mail feed. A series of test messages were then sent through each solution in turn to determine whether they were correctly routing through to the target collection point. Once confirmed, the products were then updated to the latest releases and a forensic image was taken of each. Simultaneously, the four appliances had the appropriate setup processes/wizards run. As with the software-based solutions, engineers then sent a series of test messages to check that the messages were correctly routing to the target collection points. Where possible, backups of the appliance configuration files were then saved. The hosted service, InterScan Messaging Hosted Service, was then configured by engineers at Trend Micro using the network and domain information provided by West Coast Labs. The routing of traffic was then subsequently checked. www.westcoastlabs.com 5

Test Configuration (Cont.) With the setup complete, West Coast Labs reset and deleted all previous test emails and then redirected the live corporate mail feed at each of the solutions, using in-house multiplexing systems. Throughout testing, West Coast Labs engineers took a daily backup of each solution s mailbox. After six days, the mail feed was redirected away from the solutions and the final mailbox saved. www.westcoastlabs.com 6

Test Methodology West Coast Labs used their live corporate enterprise spam feed, multiplexed across each of the solutions, so that each solution received the same emails. Wherever possible, the multiplexing server was designated as a known upstream server. Testing was conducted over a total of 6 days with subsequent analysis. The following types of email were removed from the stream prior to analysis: Bounced Mail Forwarded Mail Corrupted Spam Virus Emails Out of Office Notifications Newsletters Following the removal of these, a series of scripts were run to ensure identical test sets across each of the ten solutions. The tables are based on analysis performed against the 50,124 spam messages remaining once the agreed types were removed. There were also 4,249 genuine messages sent through each of the devices. False Positive rates were calculated based on the number of genuine messages that had been incorrectly identified as spam. These genuine messages were sent through each of the solutions and originated from separate live source networks controlled and owned by West Coast Labs. www.westcoastlabs.com 7

Test Methodology (Cont.) No externally owned email hosts or domains were used to send any of the genuine feed so that each message was coming from a known-good source. All genuine emails replicated communications that would be expected for a corporate network. These messages were initially taken from genuine business emails, used with the original sender s consent, and subsequently anonymized so that any identifiable content was replaced. Message counts were then taken and the catch rates calculated. The results for each were based upon the following formulae: Spam detection rate = (spam marked as spam / total spam) * 100 False Positive rate = (genuine marked as spam / total genuine) * 100 Therefore each result can be expressed as a percentage. www.westcoastlabs.com 8

Test Results Direct Comparative of Catch Rates and False Positives The following table contains the spam detection rates of each solution. The False Positive detection rates for each solution were also calculated, and were negligible across each of the solutions. Only Microsoft recorded a significant False Positive rate of 0.71%. Vendor Spam Catch Rate Trend Micro (hosted) 96.71% Trend Micro (software) 96.48% Symantec 95.73% IronPort 95.63% Sophos 94.63% Microsoft 93.89% Websense 88.25% Barracuda 88.07% Fortinet 61.96% McAfee 59.66% Spam Catch Rate 120.00% 100.00% 80.00% 60.00% 40.00% 20.00% 0.00% Trend Micro (hosted) Trend Micro (software) Symantec IronPort Sophos Microsoft Websense Barracuda Fortinet McAfee www.westcoastlabs.com 9

Product Details Trend Micro InterScan Messaging Hosted Security To configure Trend Micro InterScan Messaging Hosted Security, West Coast Labs provided Trend Micro with the relevant domain and network address information needed in order to correctly redirect incoming mail along with the configuration, by Trend Micro, of an upstream server address. Trend Micro InterScan Messaging Hosted Security service had the highest detection rate in the test with a catch rate of 96.71%. Detection Rate: 96.71% Trend Micro InterScan Messaging Security Suite - Version: 7.0 build 5547 Trend Micro InterScan Messaging Security Suite is a software-based gateway email security product, and the second Trend Micro product used in this test. The solution is available for Solaris, Linux, and Windows-based platforms and requires 1Gb of RAM and 500Mb of hard disk space. InterScan Messaging Security Suite scored the second highest detection rate in the test with a catch rate of 96.48%. Detection Rate: 96.48% www.westcoastlabs.com 10

Product Details (cont.) Symantec - Version: 5.0 Symantec s Mail Security for SMTP is a software-based solution designed to be installed on a Windows server operating system running an SMTP mail server. The solution is available for a range of platforms including Solaris, Linux, and Windows. Minimum system requirements for this solution comprise of 1Gb of RAM and 512Mb of hard disk space. No support for 64 bit architecture was apparent at time of testing. Detection Rate: 95.73% IronPort - Version: 6.1.0.307 IronPort s C150 is an appliance that is specifically intended to work at the gateway level and check incoming messages for spam. The C150 is the entry level model of the C series of IronPort appliances and allows throughput speeds of up to 1Gb. Detection Rate: 95.63% www.westcoastlabs.com 11

Product Details (cont.) Sophos - Version: 3.0.2.0 PureMessage for Exchange is a software-based solution that works in conjunction with an existing Microsoft Exchange server. The solution has a minimum recommended requirement of 256Mb of RAM and 150Mb of hard disk space. Support for both 32 bit and 64 bit architecture is provided. Detection Rate: 94.63% Microsoft - Version: 10.1.0746.0 Microsoft s Forefront Security for Exchange Servers is a software-based solution intended to be installed in-line with a Microsoft Exchange mail server. The solution supports both 32 bit and 64 bit architecture and requires a minimum of 1Gb of RAM and 550Mb of hard disk space. Detection Rate: 93.89% Websense - Version: 6.1.0 Websense Email Security is a software-based solution and required a computer running Windows 2000 Server along with Exchange 2000. The solution requires a minimum of 1.7Gb of hard disk space and 512Mb of RAM. No support for 64 bit architecture was evident at time of testing. Detection Rate: 88.25% www.westcoastlabs.com 12

Product Details (cont.) Barracuda - Version: 3.5.11.025 Barracuda s Spam Firewall 200 is a gateway appliance specifically designed to protect against spam and other email-borne threats. The appliance supports traffic of up to 100Mb and has a recommended user limit of 50. Detection Rate: 88.07% Fortinet - Version: 3.00 build 199 Fortinet s Fortimail-100 is designed to work on the gateway level and actively scan incoming messages for spam and other unwanted content. This appliance is intended to handle up to 100Mb throughput and can support up to 50 separate email domains. Detection Rate: 61.96% www.westcoastlabs.com 13

Product Details (cont.) McAfee - Version: 4.5 The McAfee product used in this test was the Secure Internet Gateway (SIG) 3100 appliance. The SIG supports a recommended maximum of 400 users while handling network speeds of up to 1Gb. Secure Internet Gateway (SIG) 3100 had a detection rate of 59.66%. There were two issues noted by West Coast Labs engineers during the course of testing. The first was related to sporadic down-time that appeared to coincide with any configuration changes made by engineers. The second issues related specifically to the testing being done on 26th September the SIG box ceased processing traffic for several hours, eventually starting to process messages again later that day. West Coast Labs can ascertain no reason for this behaviour, and log examination does not show anything unusual. www.westcoastlabs.com 14

Conclusion The two Trend Micro solutions, InterScan Messaging Hosted Security and InterScan Messaging Security Suite, finished with the highest catch rates in the test. The hosted service had the highest catch rate at 96.71% followed by the software solution at 96.48%. The products with the lowest detection rates were the McAfee and Fortinet solutions with catch rates at less than 80% with the Microsoft solution recording the highest False Positive rate. It should be noted that this test was performed with no ongoing training a step usually recommended by most anti-spam vendors. Instead this test was configured based on out-of-box configurations using the vendor s recommended settings to mimic the customer experience after initial purchase. With a period of training and ongoing maintenance, these figures are likely to be different and result in an improvement to detection rates or False Positive rates as appropriate. Overall, both of the solutions provided by Trend Micro for this test demonstrated better protection rates for end users using this live test set against the other solutions tested. With a period of training, customers can expect to receive an even higher effectiveness from these products. www.westcoastlabs.com 15

West Coast Labs Disclaimer Test Sponsorship Trend Micro commissioned West Coast Labs to conduct this test and selected the vendors tested. Otherwise, Trend Micro was not involved in the product testing or the final results produced during that process. As an independent testing and certification organization, West Coast Labs carried out all the tests in its own facilities. The test data and results were analyzed and summarized by West Coast Labs staff. Conduct of the Testing While West Coast Labs is dedicated to ensuring the highest standard of security product testing in the industry, it is not always possible within the scope of any given test to completely and exhaustively validate every variation of the security capabilities and / or functionality of any particular product tested and / or guarantee that any particular product tested is fit for any given purpose. Therefore, the test results published within any given report should not be taken and accepted in isolation. Potential customers interested in deploying any particular product tested by West Coast Labs are recommended to seek further confirmation that the said product will meet their individual requirements, technical infrastructure and specific security considerations. All test results represent a snapshot of security capability at one point in time and are not a guarantee of future product effectiveness and security capability. West Coast Labs provide test results for any particular product tested, most relevant at the time of testing and within the specified scope of testing and relative to the specific test hardware, software, equipment, infrastructure, configurations and tools used during the specific test process. West Coast Labs is unable to directly endorse or certify the overall worthiness and reliability of any particular product tested for any given situation or deployment. Revision History Issue Description of Changes Date Issued 1.0 Trend Micro Anti-Spam Comparative 01 January 2009 1.1 Layout Changes 23 January 2009 1.2 Discalimer 17 March 2009 www.westcoastlabs.com 16

US SALES T +1 (949) 870 3250 EUROPE SALES T +44 (0) 2920 548400 CHINA SALES T +86 1 343 921 7464 CORPORATE OFFICES AND TEST FACILITIES US Headquarters and Test Facility West Coast Labs 16842 Von Karman Avenue, Suite 125, Irvine, California, CA92606, USA T +1 (949) 870 3250, F +1 (949) 251 1586 European Headquarters and Test Facility West Coast Labs Unit 9, Oak Tree Court, Mulberry Drive Cardiff Gate Business Park, Cardiff CF23 8RS, UK T +44 (0) 2920 548400, F +44 (0) 2920 548401 Asia Headquarters and Test Facility A2/9 Lower Ground floor, Safdarjung Enclave, Main Africa Avenue Road, New Delhi 110 029, India. Test Facilities also in Hong Kong and Sydney E info@westcoast.com W www.westcoastlabs.com www.westcoastlabs.com 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information