Educause Security Discussion mailing list archives

Re: Proofpoint vs. Ironport

From: Ashley Frost <Ashley.W.Frost () WILLIAMS EDU>
Date: Tue, 15 Apr 2008 09:22:41 -0400

 From: "Holland II, Richard H" <rick.holland () UTDALLAS EDU>

 I was curious if anyone would mind sharing their experiences with either of
 these products. (especially if you have done a bake off between then).



While I've never tried Proofpoint, I do have some very positive things to say
about the Ironport appliance.  Many years ago, when spam email first became a
major problem for us, we took a look at a variety of solutions. Up until that
point we had been using relay-blackhole lists, but the problem had quickly
outgrown that band-aid solution.

We tried several products including SpamAssassin (w/ Clam AV), Sophos
Antispam/Antivirus, and Ironport.  I might be forgetting one, as it was a long
time ago.  We found Ironport to be the best solution by far.  Setup was easy,
the management interface was clean and it fit into our existing environment
without any problems.  Most importantly, it did a fantastic job of stopping the
spam problem with an extremely low (almost non-existant) false positive rate.
In all the years that we've had it, I've only heard of a few false-positives
and have never had one personally.

The strongest feature of the system, in my opinion, is the SenderBase
Reputation Scoring (SBRS) system.  Its been very good at turning away huge
amounts of spam at the gateway, before it even hits the more resource intensive
scanning engine.  There have been a few small domains that have a reputation
with the College that we've whitelisted to bypass SBRS, but thats been it.

Over time, the Ironport has proven to be very low-maintenance in terms of
sysadmin time.  Occasionally a patch or an OS upgrade will come out and with a
simple click on a web page, the OS updates itself and restarts. The only
problem we've had over the years is that we eventually outgrew the Ironport C30
appliance and we had to upgrade to a C300.  That upgrade was also painless.  It
was a matter of saving the config from the C30, and loading it into the C300.
As a final note, Ironport's technical support line has been excellent the few
times that I've needed them.

I hope these comments have been helpful.

-Ashley Frost
-Sr Network and Systems Administrator
-Williams College

Current thread:

Proofpoint vs. Ironport Holland II, Richard H (Apr 14)
- <Possible follow-ups>
- Re: Proofpoint vs. Ironport Brian Epstein (Apr 15)
- Re: Proofpoint vs. Ironport Ashley Frost (Apr 15)