Client Server Security Suites for SME

Discussion in 'Windows Small Business Server' started by DT, Aug 6, 2007.

  1. DT

    DT Guest

    Guys,

    I've got a couple of customer whose CA and Symantec client/server security
    suite products are about to expire and want to look at whats new and
    improved n this area. Can anyone provide any feedback or point to any
    recent reviews to help me out?

    Thanks

    Darren
     
    DT, Aug 6, 2007
    #1
    1. Advertisements

  2. DT

    Gregg Hill Guest

    I used to be a fan of Trend CSM Security for SMB. Then it started letting
    phishing emails and PDF spam through the filters. Trend still tells me that
    they have that handled, and I keep sending them samples of what got through.

    Gregg Hill


    "Cris Hanna [SBS-MVP]" <>
    wrote in message You'll find just about as many varied responses here as you can imagine.

    Many are big fans of the Trend Micro Client/Server/Messaging (CSM) for SMB

    --
    Cris Hanna [SBS-MVP]
    -------------------------------------------------
    Microsoft MVPs
    Independent Experts (MVPs do not work for MS)
    Real World Answers
    ---------------------------------------------------------
    Please do not contact me directly regarding issues

    Guys,

    I've got a couple of customer whose CA and Symantec client/server security
    suite products are about to expire and want to look at whats new and
    improved n this area. Can anyone provide any feedback or point to any
    recent reviews to help me out?

    Thanks

    Darren
     
    Gregg Hill, Aug 7, 2007
    #2
    1. Advertisements

  3. DT

    Eugene Tan Guest

    I'd suggest that if you or the customer is familiar with SCS/SAVEE
    or CA's ITM etc, then it may be better to stay with it and configure
    it well. Unless there's a very good price discount because a good
    vendor is trying to get market share. E.g. recently Sophos here
    has been very aggressive with pricing - 3 years price for 1 year.
    But don't forget that new tools bring new learning experieinces -
    something not all endusers want to deal with.

    HTH,
    Eugene Tan
    SBS MVP

    =========================
     
    Eugene Tan, Aug 7, 2007
    #3
  4. DT

    Gregg Hill Guest

    Cris,

    Trend Micro's response, after insisting that they already stop the messages,
    was to turn on Content Filtering.

    "If still issue persist, we strongly suggest creating a content filter rule
    that would block PDF spams while waiting for the heuristic rules, on
    creating anti-spam patterns to resolve new PDF spams. Please do the
    following:
    1. on your console go to Security Settings> Exchange server > Configure >
    Content filtering
    2. click Add > Filter messages that match any conditions defined > select
    Header
    3. input the .WILD. *.PDF keyword to filter messages
    4. save the content filter and test the rule"

    I did exactly as she said, with the following very odd behavior.

    Here is a summary of my testing. The email address from which I am sending
    test emails (a Yahoo account) is NOT in my approved senders list, so it
    should be a valid test source.
    1) Changing the setting to HEADER and Action to either Archive, Quarantine,
    or Delete, it does not filter the message at all, but instead delivers it to
    my Inbox.
    2) If I use the keywords in the Subject field, then it gives different
    behavior depending upon what Action type setting I use.
    2a) If I use the keywords and have the Subject box checked with Action set
    to Archive, I receive the message in my Inbox AND it gets archived FOUR
    times.
    2b) If I use the keywords and have the Subject box checked with Action set
    to Quarantine, it works as it should. The message gets quarantined once, and
    does not get delivered to my Inbox.
    2c) If I use the keywords and have the Subject box checked with Action set
    to Delete, it works as it should. The message gets deleted.

    I then added my testing email address to the approved senders list, and the
    messages still get filtered as above, instead of being trusted.

    Is anyone out there able to set up a Content Filter per the notes above and
    actually have it work without blocking PDFs from approved senders?

    Gregg Hill







    "Cris Hanna [SBS-MVP]" <>
    wrote in message Everyone (or about 99%) are letting those PDFs through

    --
    Cris Hanna [SBS-MVP]
    -------------------------------------------------
    Microsoft MVPs
    Independent Experts (MVPs do not work for MS)
    Real World Answers
    ---------------------------------------------------------
    Please do not contact me directly regarding issues

    I used to be a fan of Trend CSM Security for SMB. Then it started letting
    phishing emails and PDF spam through the filters. Trend still tells me that
    they have that handled, and I keep sending them samples of what got through.

    Gregg Hill


    "Cris Hanna [SBS-MVP]" <>
    wrote in message You'll find just about as many varied responses here as you can imagine.

    Many are big fans of the Trend Micro Client/Server/Messaging (CSM) for SMB

    --
    Cris Hanna [SBS-MVP]
    -------------------------------------------------
    Microsoft MVPs
    Independent Experts (MVPs do not work for MS)
    Real World Answers
    ---------------------------------------------------------
    Please do not contact me directly regarding issues

    Guys,

    I've got a couple of customer whose CA and Symantec client/server security
    suite products are about to expire and want to look at whats new and
    improved n this area. Can anyone provide any feedback or point to any
    recent reviews to help me out?

    Thanks

    Darren
     
    Gregg Hill, Aug 8, 2007
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.