Application security

Product section: SC Lab takes a look at email content filtering, policy management products

The theme in the labs this month was policy, policy and more policy. Lab manager Mike Stephenson looked at email content filtering, which depends on policies for its success, while reviewer Justin Peltier evaluated policy management products. In these two areas, policy determines success, but the two views are quite different.

The view from Mike's side of the lab was that policy determines, explicitly, what email passes into the organization and what does not. In this case, the focus narrows to spam, virus, phishing and other types of what we might call in today's vernacular "mal-mail."

Over on Justin's side, the definitions are a bit fuzzier. Some products look at details such as vulnerabilities, as well as configuration, patch levels and so on. They may look at clients and servers. Typically these products have two purposes: deploying and enforcing security policies, and reporting their enforcement for compliance and tuning purposes.

In the email content filtering tests, we set up a central policy, and it operates at a single gateway to determine what enters the system and, in some cases, what leaves. In the policy management products, we were looking at products that push policies out from a central control point to a variety of devices, then monitor and report the results across the enterprise.

However, in both cases, the success of the product depends on its policy engine and that was, we found, the key differentiator in both sets of tests. The other issue that became clear is that today's security products are becoming increasingly complex and specialized. From a performance perspective, we have observed that the more functionality the vendor tries to stuff into a single appliance, the more difficult it is to deploy and the more it is likely to impact overall performance.

As we compare this month's tests with those in previous years there is a single pervasive trend: refinement. The products we are seeing are more refined, their capabilities more defined and focused, and their reporting far more robust than in previous years. We attribute this trend to two things: economy and regulatory compliance.

The future? Better defined products, more quality self-serve support on websites, and less jargon, which helps buyers make good decisions. And that's our policy.
— Peter Stephenson, technology editor

Click here to view the Email Content Filtering 2007 group test.
Click here to view the Policy Management 2007 group test.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.