Symantec Mail Security 8220 Appliance review
Up until now, Symantec has focused on the enterprise with its message-security appliances. But the latest 8220 comes in as an affordable product for the SMB. There’s no doubting its credentials, as the power behind this desktop box is Symantec’s excellent BrightMail anti-spam and anti-virus products. It also functions as an email firewall, allowing you to decide what connections to refuse and what to allow into the network.
For the hardware, Symantec has taken the simple expedient of commandeering a Dell OptiPlex GX520 DT business PC as its hardware platform. However, after inspecting the interior, we weren’t overly impressed by the fact that the hard disk wasn’t mounted properly in its carrier as one of the plastic retaining lugs had been broken off during assembly. A floppy disk interface cable had also been connected to the motherboard, but with no drive present it had just been left to flap around loose inside the chassis.
The 8220 slots into existing networks, where it intercepts SMTP traffic and scans it for spam and viruses. It can’t function as a transparent gateway and requires the MX record or MTA priorities changed, so that it always gets this traffic before the internal mail server. The Symantec scenario requires one appliance to function as a Control Center, where it can look after multiple appliances acting as Scanners. In the SMB, the 9220 will be configured to run as a Control Center and Scanner.
Hardware installation could have been made easier, as the manuals are specific to the larger 8240 and 8260 appliances and haven’t been updated to refer to this appliance. Configuration starts with a local monitor and keyboard connection to configure IP addresses of the interfaces, domains and DNS details. Next, you move to a browser to license the appliance and download the latest signature updates. The web interface is a tidy affair that opens with a traffic table and a couple of graphs showing viral and spam activity for the selected period.
Policies are used to control responses and these can be applied to different groups using email addresses, domain names and LDAP groups. The default policy has inbound and outbound virus scanning enabled and will attempt to clean infected email attachments, delete worms or append the subject header of messages that couldn’t be checked. Using pattern matching and heuristic analysis, spam scanning is also enabled in both directions and dubious messages will be tagged. There are plenty of other options, as you can delete messages, quarantine them or deliver them to another folder.
The 8220 can enforce content compliance with filtering rules that can be applied to selected policies. Using customisable dictionaries, messages may be searched for particular types of words and then you can pick from around 20 actions if these are found. Attachments such as pictures, multimedia files or executables may be blocked, and you can add disclaimers to mail from selected user groups.
Once the appliance was up and running, it was easy to configure and manage. Policies make the 8220 very versatile, and the well-designed interface provides plenty of good reporting tools. The price also puts it firmly in the SMB market space.