CipherTrust’s IronMail 6.0 product is a 1U height device, with a 2.8 GHz Intel Pentium 4 processor running FreeBSD. Only one power supply is provided.
Installation is straightforward, with a wizard to guide you through the process. Once this is complete, the system can be configured to activate other services using the browser-based administration interface.
The initial impression is that there is a bewildering array of options, but in fact the system is logically designed and simple to navigate. It provides a wealth of monitoring information in the shape of graphs and tables, and also provides extensive reporting options, ranging from executive summaries to detailed traffic analyses.
The system makes use of a number of different anti-spam technologies, including blacklists, both internal and external, and content filtering. This can be extended with user-defined words and regular expressions for greater flexibility.
The main weapon in the CipherTrust arsenal is its Trusted Source system. Integrated with the trustedsource.org website, this system evaluates an email sender on the basis of information received from other CipherTrust systems. When it is combined with information from other sources, the system can make a reasonably accurate prediction of the likely content of a message from a given source based on its previous behaviour.
Because the system operates in real-time, the information is constantly updated. This should enable the system to detect new spam more rapidly, which in turn should reduce the amount of spam passing the filters. We could not verify this in our test set up, but similar systems are used in anti-virus software with great success.
CipherTrust also offers the ability to create whitelists, with the obvious advantages this has in reducing the system’s workload. Since the anti-spam filtering is quite aggressive in some cases, these whitelists can be extremely useful in preventing legitimate mail being sent to quarantine.
The system has an extensive alerting system, which can be configured to use email, pager or SNMP to send alerts to specific administrators. Alerts can be categorised in various ways, and the system also offers a facility to review alerts through the management interface.