We’ve had spam filters for about as long as we’ve had spam: The spammers get sneakier and the filters get smarter, in an endless loop it seems. Although there’s likely no chance that this cycle will change in the foreseeable future, one type of solution might give you a slight advantage in fighting spam. I’m talking about a hosted service model for spam prevention. Hosted antispam solutions can cost less than on-premises antispam in terms of time savings and bandwidth use, and they can free up admins to focus on other important tasks. They also provide economy of scale—the more people that use a hosted solution, the more opportunities for the filter to discover new forms of spam before they affect your business.
Benefits of Hosted Antispam
Hosted antispam solutions are generally offered on a subscription model—you pick which features you want to implement and supply the number of mailboxes you want covered, then the solution provider gives you a price quote. You can probably expect to pay less overall—especially when you consider administrator time and bandwidth savings—than if you were running your antispam product inhouse, plus you get the benefit of a fixed cost, making budgeting a smidge easier.
Let’s examine the cost-savings in time and bandwidth use. In the case of inhouse spam protection running behind the corporate firewall, your servers must begin the process of receiving each message, then run the various detection methods for spam before rejecting or quarantining a message. Outsourcing this function frees both the bandwidth required to receive these messages and the server processes necessary to examine them—and when you consider that most estimates suggest that 95 percent or more of all messages are spam, you can see that these resource savings could be huge for your organization.
You should also see time savings in administration, though some ongoing tuning of a hosted solution will likely be necessary. Most services provide a means for administrators or end users to check their quarantined messages for false positives as well as to classify and report messages they receive as spam; how well the service implements this review process could be a key factor in choosing a provider.
Setup for a hosted filtering service is usually just a matter of changing your MX records to point to the provider’s servers so that all your incoming mail passes through their filters. Therefore, implementing hosted filtering is generally quite simple. However, this arrangement can cause privacy or security concerns for many companies, so be sure to note what protection a provider offers for your data.
Most spam solutions combine filtering methods, using proprietary scanning algorithms, widely available Realtime Blackhole Lists (RBLs), Bayesian or pattern-recognition filters, and other methods. Because of the many types of spam, and the many characteristics of such messages, it’s widely recognized that using a layered approach to detection relying on different engines and techniques is the most effective way to capture unwanted messages.
Perhaps the strongest selling point in favor of hosted antispam filtering is the service providers’ ability to quickly react to new threats. In addition to using multiple filters, service providers can draw on their vast networks of clients to alert them to the latest type of spam currently hitting email inboxes. For instance, as soon as a message is recognized as spam anywhere on the service provider’s network, the provider should tag that message as spam across all the recipients it’s hosting (assuming, of course, the spam was a mass mailing). The larger the provider’s customer base, the more people available to report spam, and therefore the less likely that any one customer will see spam make it through the filter. By the time a new, malicious email message targets your users, there’s a good chance your hosted provider already has it blocked. Most service providers announce their frequency of updates so you can tell how current your protection should be at any time.
The Email Security Suite
Many of the hosted antispam service providers offer up-to-the-minute spam protection as part of an overall email security suite, bundling such features as virus and malware protection, instant messaging (IM) protection, and outgoing message filters and encryption, with spam filtering. Many providers also feature email archiving and disaster recovery or failover services. In most cases, you can expect to pay more for additional features, but you’ll probably still see a better price than what it would cost to find and implement multiple point solutions to achieve the same level of security. If you already have strong messaging security in place and are just looking to beef up your spam filtering, you’ll have no trouble finding service providers that can give you just that piece.
The All-Important SLA
Perhaps the most important part of picking a hosted antispam service provider is examining its service level agreement (SLA). No doubt you’ve encountered companies that promise to achieve certain levels of service but deliver much less. The SLA protects you and ensures that you get what you’re paying for, so read it carefully and make sure it covers all the features that you consider essential. It should also clearly spell out what the consequences will be should the provider fail to meet its commitments.
A basic SLA for spam filtering should cover such things as spam capture rate, rate of false positives, and overall system uptime availability. It might also include timeframes for support response from the provider, based on the severity of an incident. Email latency might be another major concern—considering you’re sending all your inbound messages through the host’s servers first, how much of a delivery-time delay are you willing to settle for? Naturally, if you’re taking advantage of additional security features, pay close attention to what’s offered in the SLA for those as well.
Many Providers, Lots of Choices
The field of antispam vendors is vast even if you’re looking specifically for a hosted antispam service provider, and you’ll probably want to consider additional factors to narrow down the candidates—things such as whether end users or only administrators can review message quarantines, or whether administration is web-based or if a client-side GUI is available. As in all such buying decisions, consider which features are a necessity and balance that with your budget. The Hosted Antispam Solutions table gives you a quick start on your search by highlighting some of the top hosted antispam solutions and what features they’re offering
)
Register
Network World also did a review not too long ago and inserted a disclaimer to the effect "We didn't mention Postini because we use them ourselves, and thought it would present a conflict of interest.
Is that the situation here? No disclaimer, so I'm guessing.
Please keep in mind, IT pros need all available options, and to hide a vendor who's proven to be "Best of breed" only because the magazine doing the rating rating wants to avoid a conflict of interest is doing IT pro's a disservice. If they're the best, but you can't publish that fact, what good is the rating at all?
Happy Postinin Camper
curtishudson April 09, 2009 (Article Rating: