Information Security

Defending the digital infrastructure


Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

IronPort C-Series Messaging Gateway: Antivirus, Antispam tool

Enhance your email security strategy with IronPort's C-Series Messaging Gateway. In this product review you will get information on cost, installation, reporting, configuration, and antivirus and antispam technology.

IronPort C-Series Messaging Gateway
IronPort Systems
Price: $9,995 to $54,950, plus subscriptions

"Reputation Filters" give the IronPort C-Series Messaging Gateway Appliance an edge among antispam products.

Although IronPort Systems' IronPort C-Series Messag-ing Gateway packages solid third-party antispam and AV tools into one e-mail solution, it's the appliance's proprietary next generation spam-fighting technology, Reputation Filters, that really makes it something special.

The Reputation Filters approach is similar to white-lists/blacklists, but the rate of false positives is much lower. IronPort claims a zero rate; we didn't see a single false positive during our testing.

The common problem among spam appliances is that they're reactive. E-mail is allowed to traverse the DMZ before it's scanned for spam and viruses. Reputation Filters prescreen e-mail by checking it against IronPort's global traffic-monitoring network, The process is similar to a DNS request, in which the device caches the information locally to reduce latency. The site determines the "reputation" of a given sending domain, and local policies determine whether e-mail is accepted, rejected or simply discarded at the front door. then kills the TCP handshake of offending IP addresses, conserving bandwidth in the process.

IronPort packages the C-Series solution with another piece of innovative technology: Virus Outbreak Filters (VOFs). When VOFs are enabled, all incoming e-mail is scanned for patterns, such as the frequency of identical attachments that could be a telltale sign of a zero-day malware outbreak. Suspect e-mail is quarantined until the attachments are reviewed by a security manager.

One caveat: VOFs and IronPort's bundled third-party tools (Symantec's Brightmail Anti-Spam and Sophos' Anti-Virus) are all optional buys based on per-user subscriptions and can quickly add to the cost of the basic appliance.

The C-Series appliances are built on IronPort's AsyncOS platform, which supports much greater throughput than an ordinary FreeBSD kernel. It's capable of supporting more than 10,000 simultaneous connections, and the mid-tier C30 barely broke a sweat in our test lab.

Installation is a snap; the C-Series Messaging Gateway can be configured to receive and route e-mail in about 30 minutes. Ad-ministration is as simple as it is powerful. Creating and modifying policies only takes a few clicks, and the appliance allows for custom whitelists, blacklists and rate limiting by domain or IP address.

IronPort's Email Security Manager provides security managers with just about every piece of information they could want, such as running counts on messages received, blocked and quarantined. The reporting mechanism is equally impressive. Reports can be generated for everything from mail flow counts to spam numbers.

--Ryan Guzal

Article 4 of 15

Dig Deeper on Email and Messaging Threats-Information Security Threats

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

Get More Information Security

Access to all of our back issues View All