IronPort C-Series Messaging Gateway: Antivirus, Antispam tool

Enhance your email security strategy with IronPort's C-Series Messaging Gateway. In this product review you will get information on cost, installation, reporting, configuration, and antivirus and antispam technology.

IronPort C-Series Messaging Gateway
IronPort Systems
Price: $9,995 to $54,950, plus subscriptions

"Reputation Filters" give the IronPort C-Series Messaging Gateway Appliance an edge among antispam products.

Although IronPort Systems' IronPort C-Series Messag-ing Gateway packages solid third-party antispam and AV tools into one e-mail solution, it's the appliance's proprietary next generation spam-fighting technology, Reputation Filters, that really makes it something special.

The Reputation Filters approach is similar to white-lists/blacklists, but the rate of false positives is much lower. IronPort claims a zero rate; we didn't see a single false positive during our testing.

The common problem among spam appliances is that they're reactive. E-mail is allowed to traverse the DMZ before it's scanned for spam and viruses. Reputation Filters prescreen e-mail by checking it against IronPort's global traffic-monitoring network, SenderBase.org. The process is similar to a DNS request, in which the device caches the information locally to reduce latency. The site determines the "reputation" of a given sending domain, and local policies determine whether e-mail is accepted, rejected or simply discarded at the front door. SenderBase.org then kills the TCP handshake of offending IP addresses, conserving bandwidth in the process.

IronPort packages the C-Series solution with another piece of innovative technology: Virus Outbreak Filters (VOFs). When VOFs are enabled, all incoming e-mail is scanned for patterns, such as the frequency of identical attachments that could be a telltale sign of a zero-day malware outbreak. Suspect e-mail is quarantined until the attachments are reviewed by a security manager.

One caveat: VOFs and IronPort's bundled third-party tools (Symantec's Brightmail Anti-Spam and Sophos' Anti-Virus) are all optional buys based on per-user subscriptions and can quickly add to the cost of the basic appliance.

The C-Series appliances are built on IronPort's AsyncOS platform, which supports much greater throughput than an ordinary FreeBSD kernel. It's capable of supporting more than 10,000 simultaneous connections, and the mid-tier C30 barely broke a sweat in our test lab.

Installation is a snap; the C-Series Messaging Gateway can be configured to receive and route e-mail in about 30 minutes. Ad-ministration is as simple as it is powerful. Creating and modifying policies only takes a few clicks, and the appliance allows for custom whitelists, blacklists and rate limiting by domain or IP address.

IronPort's Email Security Manager provides security managers with just about every piece of information they could want, such as running counts on messages received, blocked and quarantined. The reporting mechanism is equally impressive. Reports can be generated for everything from mail flow counts to spam numbers.

--Ryan Guzal

This was first published in February 2005

Dig deeper on Email Security Guidelines, Encryption and Appliances

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close