IronPort C60 review
The email security-appliance market is now so crowded it takes something special for any vendor to stand out from the crowd. Formed as a start-up in 2000, IronPort Systems reckons it has what it takes with its C-Series Messaging Gateways. These use a combination of IronPort’s own defences, Symantec’s Brightmail Anti-Spam and Sophos’ Anti-Virus. You can also join up to IronPort’s own SenderBase (www. senderbase.org), a web-based service that monitors worldwide email and identifies the top senders based on information provided by over 50,000 companies. It’s now so popular that IronPort claims it’s monitoring more than 25 per cent of the world’s email transmissions.
The C60 on review targets enterprises and focuses heavily on performance. AsynchOS 4 is IronPort’s own hardened Unix-based kernel, and the company reckons it can handle 500,000 messages an hour and 10,000 simultaneous SMTP connections, making it a fine choice for ISPs. After investigation, we discovered that behind the brushed steel front panel lies a well-specified Dell PowerEdge 2650 2U rack server. With dual Xeons and a good helping of memory, it should be capable of handling a high load. There’s plenty of fault-tolerant storage too, with a quartet of 73GB Ultra320 drives configured as a RAID10 array.
The C60 may be a powerful solution, but it certainly isn’t complex. Installation is well documented with plenty of wizard-based help. You can start at the CLI or move straight to web-browser access, but either way you just follow the guides provided. We had the C60 up and running in our closed test environment in around ten minutes. This comprised a Windows Server 2003 domain controller running Ipswitch’s IMail Server 8 to provide internal mailing services for our test clients, which were all running Microsoft Outlook XP.
Three gigabit network ports are provided, with management access placed on a separate subnet for increased security. The remaining two ports support a variety of scenarios. You can simply use one to handle all mail flows, or put incoming and outbound mail onto separate interfaces. If fault tolerance is a requirement, the ports may be joined together, so if the primary link fails the secondary will take over.
Once mail is routing through the C60, it’s subjected to an extensive barrage of tests, collectively called the Work Queue. There’s a strict processing order, with LDAP routing and masquerading functions at the top of the queue, followed by message filters and then a two-pronged anti-spam defence comprising Brightmail and reputation filters based on the SenderBase information. Next comes anti-virus and then your own custom content filters. A new feature is a filter that uses rules published by IronPort to identify virus outbreaks.
A quick browse through the SenderBase website shows how extensive this service is and the amount of information on mail traffic it has at its fingertips. At any time, you can opt into this service and the appliance will then pass on information about the messages it receives and how they were handled. IronPort is at great pains to clarify that this is a secure service and that no confidential information is gathered. Either way, the SenderBase Reputation Filter uses this information to assign a score to senders, which could be used to control how the message is handled.
Email policies make the C60 highly versatile, and a new feature of this OS release is that policies can now be assigned to individual recipients and senders, plus inbound or outbound messages. Furthermore, these may include individual actions for the anti-spam and anti-virus components along with the reputation and content filters. It’s worth noting that IronPort Systems also owns the SpamCop anti-spam service, but we were advised by the company that the C-Series appliances don’t employ this, as IronPort believes the Brightmail service is sufficient.