Your company's email security system?

For the love of all that is holy, stay away from Microsoft Online Protection - it's a steaming pile of donkey crap.

We're about to move to an on-prem Ironport solution. Pricing was very competitive (even for the Premium licenses) and it's held up very well in our testing.

I also hear good things about Proofpoint, but couldn't find anyone locally to speak to about it...

 

Sophos dedicated email appliance here - same device has been in operation for the last 5 years with no issues or complaints from staff plus more importantly no nasties allowed through.

https://www.sophos.com/en-us/press-office/press-releases/2008/01/evision-review.aspx

 

Barracuda Spam Firewall as the front line then a MailMarshal SEG as a 2nd.

The Barracuda catches most of the crap but some still filters through. The MailMarshal box then catches the rest, well almost.

Both have been in place for a long time, probably more than 7 years now, and we're moving over to O365 with our parent company.

 

Another ironport customer here for at least 5 years, their reporting/web feature is pretty good. No major complaint from staffs.

 

Nothing beats hand checking all mail, nothing. I print out every message and read them all before anyone gets them.

 

How do you know they haven't got a traffic infringment from the Australian Federal Policy, or aren't expect a package from FedEx?

 

Doesn't matter, I read all of them and if I see fit they can have them. It's the only way, I just wish I had more time to clear all the water out of the server room.

 

Everything is stored on a raid of 3.5 floopy disks.



We call it security by stupidy.

 

striped?

 

We don't have this problem because we don't use email much for communication anymore. Most communication is done through web forms, IM, ticket systems and project management software. That, and Google Apps seems to pick up the crap pretty easy. Am I not the only one

 

You're floopy

 

Yep

Not around you donkey man.

 

We operate a full Intel Security / McAfee stack.. EPO, MEG, EWG, VSE, GTI... etc etc.. 10 million different products.

We have a hybrid solution deployed, cloud is the first port of call then lands onto on-premise boxes, then off to exchange farm. We allow users to release quarantined email up to a low threshold, anything else is dumped.

 

How does that work for you?

We're possibly looking at moving from ours to a McAfee based system using either cloud or ePO.

 

Also interested in joe_sixpack's experience with the Mcafee suite, Mine are outlined below;

I don't mind EPO as a managmeent console for actual mcafee products, but for other products that they have aquired/rebranded, (MX logic in particularly) it's pretty poor and giving you an effective overview and single point of management.

VSE seems mostly OK, but Mcafee seem very particular about what they flag as "unwanted programs". Basically, if your particular version of $Malware presents a EULA, and can be removed via Add/Remove programs... then it doesn't matter what it does to the system... Mcafee won't add it to any of their detection routines, despite having Policy options for Ad-ware and spyware.

Their MDM offering is terrible, but good things are coming "In the next version" (and have been since the first version)

 

Agreed.

I'm in the process at the moment of cleaning up ePO after the last guy left it in a mess. Admittedly we should have looked at it sooner but hey shit happens

 

Dust off and nuke it from Orbit, it's the only way to be sure.

 

Have previously used (for a variety of businesses):

* MailGuard - love them. Aussie company, takes great care of their SMB clients, and according to their website are now offering extended services for enterprise clients. If you're in that Australian SMB segment, I can't speak highly enough of these guys.

* Ironport - liked it, worked really well at the time. Haven't used it since Cisco buyout, can't comment on it recently.

* Messagelabs - dunno. Was at my current place of work, but I had nothing to do with deploying/managing it. Appeared to prevent most nasties as advertised. We decommissioned it when we decommissioned Exchange.

Currently we use Google Apps for Work which does a pretty good job. Sophos Cloud sits on our endpoints and covers the rest.

I've also had a crack at deploying my own (SpamAssassin, ClamAV, and various milter and AV combinations through Postfix) long, long ago. I honestly don't think they can keep up these days compared to commercial solutions. Mail security is a cat and mouse game, and one that that's worth paying for a good cat.