Administrative overhead may be as big a business driver as security threats among companies adopting hardware appliances to protect enterprise e-mail accounts, according to vendors offering products in this category.
Sophos on Wednesday released two versions of its e-mail appliance, the ES1000 and ES4000, which are designed to block malware and spam before it can enter the e-mail gateway. Along with filters and intrusion-detection software, machines like the Sophos products offer a more hardware-based approach to combating potentially dangerous attacks on enterprise networks.
Mike Haro, senior security advisor at Boston-based Sophos, said administrators are already too strapped for time and resources to deal with IT-enabled business processes to manually monitor all the potential threats that come through e-mail messages.
“Three years ago, as multi-function appliances really came onto the market, ROI was perceived as the value behind using an appliance versus a software solution,” he said. “Today, we believe that ROI tends to be calculated based upon how significant of a reduction in administration overhead you can achieve.”
The Sophos appliances include automated policy enforcement, for example, that notify administrators when rules around what kind of information is sent out or received are violated, or data leakage. It also tracks 60 sensors – including one that Haro called a “heartbeat monitor” that checks the overall health of the e-mail systems – and send information directly to a user’s handheld device, such as a BlackBerry.
See also E-mail appliance chokes off spam
“We’re pushing information to the admin. A lot of other appliances ask the admin go to the console and see what’s going on,” he said. Sophos, which counts DaimlerChrysler among its appliance customers, also offers the option to manage the appliances in a hosted environment on users’ behalf.
The e-mail appliance market is already saturated with products from Barracuda Networks, IronPort, Symantec and Trend Micro, but Sara Radicati, an analyst based in Palo Alto, Calif., said she expects a lot more competition in this space.
“Many of the traditional security vendors have just ‘discovered’ the appliance space and are gearing up products for it,” she said. “I also believe that a first generation of products which was largely based on just re-packaging, will soon be replaced with a second generation of appliance products that have been thought out and designed more carefully as appliances from the start.”
Among the more recent entrants is Marshal, which last month released its e1000000 appliance that uses its MailMarshal SMTP software. Bradley Anstis, the privately-held firm’s vice-president of products, said the company is trying to redefine the space by focusing on ease of installation as well as reduced administrative overhead. Anstis said customers can get the e1000000 up and running within 30 minutes.
“You’ll see appliances that will do small application fixes but are inflexible in terms of installation and limited in terms of the environment they actually fit into,” he said. “There’s a reason why (other vendors) sell consulting services.”
Radicati said ease of configuration as well as high-throughput tends to separate the market leaders from the rest of the pack.
“High-throughput is essential as the volume of spam keeps increasing, with at times very high traffic spikes,” she said.
Haro said vendors recognize that a lot of enterprises have poorly-defined security policies that may not sufficiently address e-mail. Sophos’ appliances, he said, will be include default settings based on recommended best case uses for e-mail policies.