Trend Micro Email Encryption
Strengths: The best documentation we’ve seen in a long while and very strong support.
Weaknesses: As a standalone product, lacks features that we would expect.
Verdict: Clearly, this product is intended to be part of Trend Micro’s larger content management gateway, and we find that this limits its effectiveness somewhat. If you already are running the larger application, however, this is a very strong offering.
SummaryTrend Micro Email Encryption is a virtual appliance that can be installed on a physical or virtual server. It is an application-layer encryption tool. The product, while capable of being used as an independent device, works best in the context of a full content management system. Trend Micro Email Encryption has several deployment options - from inline to part of a complementary content management tool. The encryption algorithm is AES-256, but message encapsulation is identity-based and Trend Micro proprietary. No certificates are required, and users register with Trend for authentication.
Internal use requires no client-side software. For web delivery, no recipient client is required, but there is an add-in for Outlook. If the recipient's content filter blocks attachments such as those used by the product, Trend can provide characteristics that will permit whitelisting. Management is done through a web interface.
Initial setup is straightforward, and there is a helper that can be set up to ensure PCI compliance. Specific content can trigger encryption, as can a variety of other conditions. Again, Trend recommends that the product be used in the context of a complete content management package. The granularity of policy management within the product by itself is less than perfect.
Support is excellent, with many options, and the website is well-stocked with information. Documentation too is excellent with many network diagrams and screen shots.
The product can be quite expensive - nearly $50,000 for the 5,000-user example, and that is for the email encryption product only - and the emphasis on incorporating it in a full content management package seemed to us to discourage standalone implementation. The few limitations on functionality, such as policy granularity, confirmed this impression.