Specifically for email security, most of the appliances out there focus on inbound email scanning (i.e. antispam) and some rudimentary outbound scanning for compliance purposes (such as to stop personal or credit card data from leaking). Some also include email encryption capabilities to protect data that can't be sent in the clear.
For enterprises, deciding on an appliance has a lot to do with scale and granularity. Many of the lower-end appliances will not be able to scale up to enterprise traffic dynamics, so test the specific environment to make sure the device can scale adequately. Secondly, if there are detailed policies or data formats the company needs to deal with, then a higher-end product may be in order.
Finally, as opposed to trying to figure out what class of appliance to implement, consider a managed service to make scalability and uptime the service provider's responsibility.
- Will Web application security vendor mergers present better opportunities for buyers?
- Learn best practices for application-level firewall deployment.
This was first published in October 2008