EmailSafety.net - Tips for testing messaging-security gateways

Tips for testing messaging-security gateways

Anti-Spam Software

What is Spam?

Spam Laws

Spam Facts

User Tips

Common Email Scams

What Are Visuses?

Virus Prevention Tips

Anti-Virus Software

Basic Tips

Community

RE: Yahoo, SBC offer free online security suite

RE: Quantum cryptography to secure ballots in Swiss election

RE: Microsoft Research India to work on cryptography

All security forums

Story tools

Sponsored by:

E-Mail article
Print article
Contact author	Reprint
AIM article	del.icio.us
Reddit	Digg
Stumble	Slashdot It!

While some features, such as system performance and content filtering, can be tested off-line, there is no way to tell how good an antispam and antivirus gateway is until you see it operate on your e-mail stream.

Read the latest WhitePaper - State of Internet Security Report on Protecting Enterprise Systems

There's no substituting some kind of reduced-fat cheese product for real cheese here. You can't make a copy of e-mail; you can't send messages via an alternate route; you can't send through stored e-mail. You have to put the box in the mail stream, in real time, to see how it responds to spam and viruses.

The bottom line is that the antispam gateway has to see the mail as it comes in, from the spammers, in order to extract the most information about the mail and provide the appropriate response to the attackers. If you are using security settings, such as encryption requirements or IP-based content filtering, you'll also need to have that device in its final position to test correct operation.

To help ameliorate concerns about putting new gear into a production network, we often suggest to our clients that they keep their old messaging-security gateway "inside" of the new test system. In other words, mail comes to the new system, then the old system, before it passes to the e-mail servers.

This has some nice benefits: You can easily see if the new system is letting viruses or spam through that the old system would have caught by looking at the logs and counters on the old system. You can't really tell how much better the new system is than the old at catching spam and viruses, although some testers have tried a shift approach: swapping boxes every few hours (you want to have round-the-clock coverage, because spam and virus patterns vary by day of week and hour of day) and comparing statistics between the two.

Another, albeit counterintuitive, testing guideline is to make sure the product vendor doesn't get to tinker with the antispam part of the device. A good antispam product should work out of the box without substantial tuning and adjustment. A few tweaks are OK, but if your sales engineer is spending most of a day on "tuning," then you've got a long-term problem: Your box will slowly go out of adjustment as both spam patterns and your e-mail change. A messaging security gateway is not like a car: It doesn't require regular tune-ups to operate at peak efficiency, at least not if it was built right in the first place.

1 | 2 | Next >

Recent News:

· Feds draw a bead on Russian behind Mega-D botnet
· Ransomware Attack Resurfaces to Hold Files Hostage
· Adobe Reader X Makes PDF Files Safer
· PayPal Users Beware of Holiday Phishing Scam
· McAfee Reports Malware at All-Time High

Site Map | Recent News | Related Sites

Other stories on this topic

Community

Story tools

Sponsored by: