Panda Email Security Competitive Analysispartnernews.pandasecurity.com/za/src/uploads/2016/...email...

Panda Email Security Competitive Analysis

pandasecurity.com

2

Vendor Panda Security Cisco GFI Max McAfee Mimecast ProofPoint Symantec TrendMicro

Product Email Protection Email Protection GFI MailEssentials Online

SaaS Email Protection

Mimecast Email Security

Proofpoint Essentials

Email Security Cloud

Hosted Email Security

IP Reputation: Usually the first layer of defense, IP Reputation filtering can be used to tell if a certain IP Address is responsible for sending Spam or Unwanted Bulk Email

Cyren IP reputation, Public RBLs SenderBase

IP reputation connection manager

ARMed SMTP [*3]Connection

ManagerEmail Reputation

Services (ERS)

Multilayer Scan: Multiple Layer scanning puts email through 2 or more different branded engines for better filtering results

Spam Engine: Spam Engines built-in in the service

Cyren RPDS, heuristic &

bayesian, Panda Security’s SFF

CASE SpamRazer MX Logic ARMed SMTP Proofpoint MLX Messagelabs TMASE

Catch Rate: Spam catch rate: (Total Spam - Total Spam Delivered) / Total Spam = resulting %. Defined by the Service Level Agreement (SLA)

99%+ 99%+ 0,99 99%+ 0,99 [*4] 99%+ 99%+

1. It is not possible to manage multiple email addresses or aliases using a single EUQ account. Each email address will have its own EUQ account that cannot be merged with others.

2. Users receive a combined Quarantine Report for any alias domain, along with the associated primary domain.

3. Uses PDR technology (Proofpoint Dynamic Reputation).

4. ProofPoint Essentials SLA does not warrant the accuracy of the intended email blocking of any mail message, the services will meet customer’s requirements or that no email will be lost or that the services will not give false positive or false negative results or that all spam and viruses will be eliminated or that legitimate messages will not be

occasionally quarantined as spam.

5. Requires Graymail Control.

pandasecurity.com

Panda Email Security Competitive Analysis: AntiSpam

pandasecurity.com

3


Product Email Protection Email ProtectionGFI

MailEssentials Online






SPF: Sender Policy Framework (SPF) for inbound mail filtering adds significant processing overhead and can generate false positives without adding any appreciable effectiveness to spam detection. Therefore, many providers do not implement SPF

Filter Sensitivity: Increase/decrease spam filtering sensitivity to define how aggressively engines react to marketing mailing campaigns or false positives

N/A N/A

Block by Country: Blocks originating mail from countries predefined. An organization may want to block countries they are not doing business with or does not approve. This feature is also used to block Russian, Chinese and Japanese generated spam using Cyrillic and double-byte character sets (DBCS) content

N/A

Catch-all: When a domain has catch-all enabled, the anti-spam filtering service handling the mail for that domain accepts mail sent to any address that has not specifically been created, as long as the domain name is correct. This allows misspelled recipient email addresses to still be delivered. If catch-all is not supported by the anti-spam filter the message will be rejected with an -unknown user- error

N/A

Alias Support: Alias support allows spam filters to consolidate multiple

N/A [*1]

Alias Limit: Some products have a cap on the number of aliases that can be associated with each mailbox and requiere additional costs for extra alias added where other platforms provide unlimited aliases support

20 per mailbox (first 5 free of

charge)N/A Unlimited Unlimited N/A Unlimited Unlimited N/A

IPv6 Support: Support inbound SMTP (TCP port 25) connections over IPv6. If a spam filter does not support IPv6 then you may want disable inbound Simple Mail Transfer Protocol (SMTP) over IPv6 on your Email server. IPv6 is incompatible with IPv4 directly, and it will take several years or longer before IPv4 is no longer viable

N/A N/A

Panda Email Security Competitive Analysis: AntiSpam

pandasecurity.com

4









% Anti-virus SLA: % of Email Virus Blocked as defined by the Service Level Agreement (SLA). Failing to meet the defined % usually entitles to a service credit or refund. Most SLAs that provide 100% AV protection do not apply with respect to Malware, Trojans, Phishing, Spyware or Adware

N/A 100% [*5] 100% [*5] N/A 100% [*5] N/A [*3] 100% [*1] 100% [*5]

False Positives: Email blocked and falsely identified as Virus as definied by the SLA

N/A N/A N/A N/A [*3] <0.0001% <0.0003%

Export Quarantine: Export the virus quarentine so administrators can share the data and run analisis of trends to better understand what may requiere action

(*.csv) (*.csv) (*.csv)

Virus Report: Report of virus blocked and not delivered to intended inbox

N/A

Real-time Alert: Virus notifications alerts in real time that a virus has been blocked and not delivered

N/A N/A N/A N/A

Proprietary Engine: Propietary AV engine provides more flexibility for a vendor to quickly patch a security hole and not rely on third-party engines

AV engines: List of all the AV engines scanning each email before delivery

Panda Cloud AV Sophos, McAfee Sophos, McAfee Vipre [*2]

McAfee, WormTraq Open source ProofPoint,

F-secure

Symantec Proactive Skeptic

Trend Micro Virus Scan Engine

Quarentine: Quarantine specifically for Viruses and Malware N/A

Panda Email Security Competitive Analysis: Email AntiVirus-AntiMalware

1. Requires additional module Email AntiVirus.cloud Service.

2. For an additional cost, users may also subscribe to AV engines from McAfee, Kaspersky, Avira and Norton.

3. ProofPoint Essentials SLA does not warrant the accuracy of the intended email blocking of any mail message, that the services will meet customer’s requirements, that no email will be lost or that the services will not give false positive or false negative results, that all spam and viruses will be eliminated or that legitimate messages will not be occasionally quarantined as

spam

4. Access restricted to administrators only.

5. Will detect and stop 100% of all Known Viruses that are routed through the Service. A “Known Virus” is defined solely by the provider of anti-virus software that is used for a specific message.

pandasecurity.com

5









Outbound Filtering: Outbound spam detection scans email traffic as it exits the email server, identifying spam and blocking the message. Outbound spam protection will block a botnet-infected computer trying to send spam, most of the time without the user’s knowledge

[*2] [*1]

Outbound AV Filtering: Scanning of outbound Email and associated attachments for virus detection

N/A N/A N/A

Multilayer Scan: Multiple Layer scanning puts email through 2 or more different branded engines for better filtering results [*3] N/A N/A [*1]

SPF/DKIM: Signing of messages to protect against spoofing, phishing or impersonation. SPF and DKIM Authentication protocols help legitimate senders prove that their email isn’t forged, and can help ISPs and corporate email servers control inbound spam. Improves deliverability and maintains a reputation for your sending domain

[*4]

Panda Email Security Competitive Analysis: Email Outbound Filtering

1. Multilayered scanning applies to Spam filtering; Virus filtering is a one layer approach.

2. Outbound filtering for Virus scanning; Spam filtering not supported.

3. Requires additional licenses.

4. SPF is validated but messages are not DKIM signed

pandasecurity.com

6









Email Spooling: Email spooling or mail bagging provides a safety net in case of Email server failover. During outage it cues up all incoming Email through the service for up to several days, and delivers all upheld email once the Email server has been reestablished

[*1]

Spooling days: Number of days incoming email gets spooled and held ready for delivery

4 N/A 14 5 2 14 5 5

Quarantined Days: Number of days services uphold spam in the quarantine before getting deleted

28 N/A 10 [*5] 14 14 30 7 N/A

Valid Email Backup: Services can uphold a copy of all valid Email for recovery or safety purposes. The number indicates amount of days the service will uphold valid Email before deleting it

5 N/A N/A 60 [*4] 30 [*2] 7

Always-on Email: Provides an always on option in case of email failover, allowing not only for the email to continue to be delivered but for users to continue accessing and sending emails

N/A [*4] [*3] [*1] N/A

Webmail access: Webmail access so users can continue to receive, write and manage their email while the Email server is restored

N/A [*4] [*1] N/A

Panda Email Security Competitive Analysis: Email Spooling & Continuity

1. Requieres FailSafe Disaster Recovery enabled.

2. Does not apply to Beginner Package offering.

3. Requires Mimecast Email Continuity Service.

4. Not available on McAfee SaaS Email Inbound Filtering. Requieres McAfee Email Continuity enabled.

5. Can be configured to store messages for 10, 14, or 21 days.

6. Requieres additional licenses.

pandasecurity.com

7









Rules Engine: Set rules to allow different parameters and conditions to analyze and take action based on the content of the Email. Usually applied to prevent regulatory violations or corporate Email misuse by employees

[*1] N/A [*2]

Basic DLP: Basic level of Data Loss Prevention on corporate information assets. Advanced DLP would usually requiere an additional product

[*1] N/A [*2]

Size of Attachments: Administrators optimize network resources by limiting the size of outgoing email [*1] N/A [*2] N/A

Binary File: Ability to block documents with attachments which are not Office file extensions or plain text files. Certain file types, such as PDF, images and libraries can automatically be blocked

[*1] N/A [*2]

MS Office: Ability to detect and block Email with Microsoft Office file attachments. [*1] N/A [*2]

MIME Type Filtering: Ability to block Email with MIME type attachments [*1] N/A [*2] N/A

Block by Keyword: Blocking specific words and phrases from leaving the internal email system [*1] N/A [*2]

Panda Email Security Competitive Analysis: Content Filtering & Rules

1. Requires additional product license.

2. GFI MailEssentials Online is now ControlNow and all matrix data is under review.

pandasecurity.com

8









Admin Reports: Daily Email spam report customized for administrators of the domain with an overview of traffic in the entire domain

[*3]

User Reports: Daily Email spam report customized for users with email being held as spam, virus or malware [*4]

Frequency: How often can reports be sent to administrators or users 24 hours N/A N/A 12 hours 1 hour 24 hours N/A N/A

Report Scheduling: Automated publishing, scheduling, and email delivery of reports

Manual Report: User option to request manually a report. This feature is really useful when an email that you are expecting is not being delivered as it allows to quickly see if it’s being held in the spam quarentine

[*5] N/A N/A N/A N/A N/A

Rules Dashboard: DLP Dashboard for a consolidated view of compliance activity within the domain [*1] N/A

Log Updates: How often spam, virus and malware event log refreshes data

15 min N/A N/A N/A N/A N/A 15 min N/A

Country of Origin: Searching logs by country of origin provides key information to create more efficent spam rules

Log search by Field: Log search by sender, recipient, subject, etc. N/A N/A [*2]

Attachment search: Log search by attachment name N/A N/A

Panda Email Security Competitive Analysis: Reporting & Log Search

1. Requires additional product license.

2. Symantec does not provide access to the Email Security.cloud logs and therefore it is not possible to perform a free-text search on the logs. However, there is a Track and Trace feature available for use through the ClientNet portal.

3. Reporting data is available for 3 months.

4. Only Spam report, not malware/AV

5. For real time notifications, Panda Security offers the Notifier App free of charge

pandasecurity.com

9









Impersonate Users: Grants access to end user quarantines allowing the administrator to impersonate users to easily access their quarentines

N/A N/A N/A

Global Quarantine: Delivers all quarantined messages to a specified global address

N/A N/A

Granular Permissions: Administrator options to set policy rules across the domain or let users set their own set of rules. Granular permissions allow for control over which users will be allowed to define their own whitelists and blacklists

N/A N/A

Domain Policies: Allows setting policies as per domain on a multiple domain scenario [*1]

Multiple Domain: Allows provisioning and administration of multiple domains

LDAP Sync: LDAP synchronization connects to your existing LDAP server to automatically create accounts for all users in the domain. Requires read-only permission of Active Directory. Microsoft, Sun, IBM, Novell and others support the LDAP protocol

[*2] [*6]

Activity Audit: Search, message view and export the data in a format that can be used for auditing purposes [*4] N/A [*4] N/A N/A

Log search: Log search and content retrieval through an administrator search interface [*3]

Block by Country: Block Email by country of origin

Multi-language: Administrator console offered in multiple language interfaces

DE/EN/ES/FR/IT/P T/RU/CAT N/A EN/DE/FR [*5] EN EN/FR/SP EN N/A EN/FR/JP [*7]

Panda Email Security Competitive Analysis: Administrator Management

1. Can create policies at global and domain level.2. Requires downloading Schemus, a configuration tool.

3. Symantec does not provide access to the Email Security.cloud logs and therefore it is not possible to perform a free-text search on the logs. However, there is a Track and Trace feature available for use through the ClientNet portal.

4. Requires additional product.5. Full list of languages available EN/IT/DE/SP/RU/PO.

6. LDAP sync is not supported but profiles can be manually imported using LDAP Data Interchange Format (LDIF) or comma-separated values (CSV) files into Hosted Email Security.LDAP sync is not supported but profiles can be manually imported using LDAP Data Interchange Format (LDIF) or comma-separated values (CSV) files into Hosted Email Security.

7. Full list of languages available EN/JP/DE/SP/FR/IT/PO.

pandasecurity.com

10









Console: User level console with access to customized settings, quarentine, etc.

N/A

Spam release: User option for Spam quarantine release

Daily Report: Daily Spam report with email release

Policy: Spam settings, policies and rules configurable as per user N/A N/A N/A

Blacklisting: Managing a list of blocked senders or blacklist N/A

Whitelisting: Managing a list of approved senders or whitelist N/A

Languages: User console offered in multiple language interfaces DE/EN/ES/FR/IT/PT/RU/CAT N/A EN/DE/FR [*2] EN plus 17 [*1] EN/SP EN [*1] EN/FR/JP [*3]

Country of Origin: Search spam by country of origin

Attachment filter: Search Spam with attachments N/A N/A

Real time Spam & AV notifications integrated in desktop environments

Panda Email Security Competitive Analysis: User Management

1. Full list of languages available EN/BR/FR/NL/DE/DA/NO/SP/PO/CH/SE/RU/KO/TU.2. Full list of languages available EN/IT/DE/SP/RU/PO/DK/NL/FR/PO/SE.

3. Full list of languages available EN/JP/DE/SP/FR/IT/PO

pandasecurity.com

11









Data Centers: Data Center locations. Email service providers typically have multiple data center locations. Different geographical options allow for a better compliance with local laws and improved latency

EU N/A UK USA/NL/JP/AU /NZ/HK USA/UK/ZA USA/UK USA/UK USA/EU

Data Center Select: Option to select data center to provision service from

N/A N/A

ISO 27001: ISO 27001 has emerged as the de-facto standard to ensure international best practice - Information Security Management Standard (ISMS). ISO/IEC 27001 is part of the 27000 family

N/A N/A

Tier III: Tier III data centers are composed of multiple active power and cooling distribution paths. However, only one path is active, has redundant components, and is concurrently maintainable, providing typically 99.982% availability

N/A N/A N/A N/A

Panda Email Security Competitive Analysis: Service & Infraestructure

1. Service Level is provided as per a service credit scale based on downtime.

pandasecurity.com

12









24/7: 24/7 Technical support included at no extra cost N/A [*3] [*2] [*1]

Phone: 24/7 Phone line access N/A [*3] [*2]

Status: Service to provide status updates with information on live outages as well as service alerts [*6] N/A [*3] N/A

Language: Technical support languages supported over the phone [*4] N/A N/A [*3] EN/DE/FR [*1] EN EN EN/FR/DE [*1] N/A

Knowledge Base: Knowledge Base available for customers View View View View View View View

LDAP Support: Offered for a better support experience, Active Directory (LDAP) is the preferred option for provisioning new user accounts. It offers a great support option for troubleshooting and quick deployment needs

[*5]

Panda Email Security Competitive Analysis: Technical Support

1. McAfee full list EN/BR/FR/NL/DE/DA/NO/SP/PO/CH/SE/RU/KO/TU. Symantec full list ENG/DE/FR/SP/IT/SE/NO/DK/PT.2. Three support levels: Email, Business and Priority. Email is email-based support during office hours, Business is both email and telephone support during office hours and Priority is both email and

telephone support 24 hours a day.3. GFI MailEssentials Online is now part of ControlNow and all matrix data is under review.

4. Technical Support by certified technicians in the local language of Panda Security’s 61 offices around the world.5. LDAP sync is not supported but profiles can be manually imported using LDAP Data Interchange Format (LDIF) or comma-separated values (CSV) files into Hosted Email Security.

6. Panda Security View available as an add-on service

Panda Email Security Competitive Analysispartnernews.pandasecurity.com/za/src/uploads/2016/...email...

Documents

Transcript of Panda Email Security Competitive Analysispartnernews.pandasecurity.com/za/src/uploads/2016/...email...