The Secure Computing IronMail E-Mail Gateway E2000 (v6.5.2) came in second in filtering performance, with 98 per cent of spam stopped, but placed eighth in false positives. The E2000 offers excellent capabilities in all other areas, with a wide range of secure content management features including scanning within attachments, policy-based rules for enforcing compliance, and pre-built rules for social security numbers, credit card numbers, and regulations such as Sarbanes-Oxley, GLBA (Gramm-Leach Bliley), and HIPAA.
The E2000 can also provide policy-based encryption of e-mail, not only between sites, but one a per message basis. The IronMail box also features application-layer protection for the back-end mail server and for Web mail, IM protection, DNS hijack protection, URL filtering, intrusion detection, and very granular tools for granting administrative rights. All topped off with excellent reporting and alerts.
The downside is a somewhat cumbersome initial configuration. Every setting requires clicking a commit button, and at the end configuration requires a reboot but doesn't say so. Even after the last commit, the GUI just sits there until you reboot. Getting the system from the "as shipped" configuration to the initial updated configuration is also cumbersome. Applying anti-virus updates is a manual process that requires sending a request to Secure Computing's Web site to see available updates, selecting each update, changing the state to download the update, pressing commit, changing the state to install, pressing commit, updating the view, waiting for the updates to show as applied, and then confirming and rebooting.
The E2000 is not for small organizations, nor for the faint of heart, but it offers a very capable feature set. Although it is not cheap, there is no per user pricing, and the appliance should be able to handle many more than 1,000 users. For large organizations the same US$35,995 would support many thousands of users with no additional cost, making the E2000 a worthy addition to the short list for large companies, as well as those concerned with setting up complex regulatory compliance requirements.