Product: Vircom’s modusGate 4.7
Product Homepage: www.vircom.com
Product Overview: click here
The world of email security and spam protection in recent years has evolved away from an appliance oriented solution to a software based offering. Virtualization has added to that trend away from a physical appliance or server and has widened the field to allow for smaller and larger organizations to enter the scene. Vircom offers a multitude of appliances but it was their standalone gateway for Windows that I had a chance to work with and review, the modusGate v4.7 and I found the product to be a solid competitor amongst its peers.
We are all aware how frustrating spam and virus intrusions can be within our organization. What we are left with is a choice between outsourcing the handling of that aspect of the organization or taking on the challenge of tackling this in-house. Administrators wanting to go with the in-house route find themselves torn between just using the Microsoft’s Edge Transport role with ForeFront for virus protection or going with a stronger, more mature solution, which is what modusGate provides. What I found to be so compelling about modusGate is that the installation, once complete, provides the organization with a fully functional solution that requires no further initial configuration for it to be providing basic protection on a variety of levels, including spam and anti-virus. Obviously an administrator would want to lock things down further to ensure that the organization is completely protected, but the starting point is pain free.
modusGate (v4.7) Features
modusGate combines anti-spam and anti-virus protection to provide email security that is customizable to the highest degree. In addition, there are a wide array of management and monitoring tools that go well beyond a simple spam/virus filter offering. Here are some of the notable features:
Deployment and Integration – You can deploy this on Microsoft Windows Server running 2003 or 2008 (32-bit) with the latest service packs applied. Ultimately, even a weak system (Celeron processor with 2 GB of RAM) can handle a user count of 1500. The solution can be installed on a VM and I tested it myself with no problems, so you have a choice to go with a physical box or a VM.. I deployed on a stand-alone system that was not part of the domain for that extra layer of security between your modusGate and your internal organization. I integrated it with Exchange 2010 but it can also integrate with legacy Exchange environments going back to 5.5, as well as Lotus Domino.
Email Filtering – Vircom uses some proprietary wording to describe the full gambit of solutions for blocking spam and virus intrusions but ultimately they break down to Realtime Block List (RBL) IP based checking, Sender Reputation blocks, forbidden attachment blocking, virus and malware blocking (utilizing McAfee and/or Norman, a well-known and respected virus solution in Europe), trusted and blocked sender policies (for whitelist and blacklist protection), spam filtering, phishing filtering, foreign language filtering, a Sieve™ policy management solution that allows you to customize your filtering through the Sieve™ scripting language, and Vircom’s Sequential Content Analyzer (SCA) which provides a measure of AI scanning and analysis.
The McAfee virus solution is not included by default and is an extra fee when purchasing the product.
Monitoring and Reporting – There is a variety of different tools provided to configure and monitor the modusGate solution. For starters there is an administration tool that allows you to configure the entire solution directly. You also have several web based administration features that can be installed including a Quarantine site (where users can check their quarantined emails from the email filtering phase and determine if something was blocked that they prefer to release), a WebMonitor site (which provides a variety of reports and system health monitoring that is visually quite impressive) and a WebAdmin site (which may allow for simple user login for minor modifications or Administrative login for full administrative configuration options through the web interface).
Additional Features – There are some interesting side features that I liked about the product, such as the ability to easily add footers to the end of messages (although with Exchange 2007/2010 I use transport rules to accomplish this). The quarantine web feature allows users to login and make decisions for themselves, but if you want to avoid having that extra step you can also have reports sent to users where, with just a click, quarantined email is released. I also liked that you can configure settings at the system, domain and individual user level.
Implementing the modusGate Solution
I have several constructive criticisms for Vircom regarding the modusGate solution and none of them relate to the functionality of the product itself. Let me say that straight off the bat, it installed without a glitch (with a little help from Support), and worked beautifully. I was impressed with the wide array of features and even more impressed by the cool reporting elements which I felt were somewhat of a bonus. My first constructive criticism relates to documentation. I tried using the Quick Install Guide (39 pages) to get me through the install and that did not quite cut it. It got me through some of the opening issues like required software (I went with 2008 32-bit) and ensuring ports were open for communication to take place, as well as the decisions for deployment with or without an existing SQL solution (it will install the SQL express version for you if you like). It was when I got to the routing configuration to port back to my Exchange 2010 server that I hit a snag and then I had to jump over to the painfully long Administration Guide (283 pages). One dilemma is that I was using Server 2008 and all of the steps were written for 2003, so I found the documentation a bit out of date. But, with some searching, I did find the configuration settings I needed to in order to complete the installation on my own. However, the process stalled right at that point because it would not tie into my Exchange server.
Preferring not to read 283 pages of content I called Support. Now, on the support side I give Vircom the highest rating I could possibly give. Immediately the support tech helped me locate the source of the issue (which was actually not my fault whatsoever, it had to do with configuring the route to link to my Exchange server but having to manually change over the LDAP connection to link to my domain controller… had I installed my Exchange on a domain controller, a best practice no-no, I would have not had any issue). Once the IP address was changed and the LDAP connectivity confirmed, we did a simple Telnet test to confirm that emails could be sent through and that modusGate could detect the mail and the user (which is populated in the console as emails for persons come through the gate).
The next step was configuring the smart host feature on my existing send connector so that now email would pass through the gate to the outside world. It worked without any frustration and I was up and running with a fully functional, advanced security and email filtering solution that included reports and monitoring and a cornucopia of additional features.
The installation did not include Exchange 2010 in the selections (so I chose the 2007 option). Although it has nothing to do with its functionality (it works fine with 2010), I like it when features are matched accurately. While the web consoles all look pretty polished, the Administration tool could use a bit of a sprucing up because the way it is designed with multiple tables in three separate windows and with many tabs being sparsely populated at times, I think it could use a less confusing design.
My last recommendation is for there to be more immediately help through the Administrative tool. With administrators having so many points to focus on within their organization it can be overwhelming to try and mentally take in all the settings provided. The support from Vircom is a must at this point and well worth the time, however, I believe every single setting should have some help link that ties back to an explanation on what that setting does and how it can help. Microsoft does that with most dialogs in that they have a Help button that ties the dialog back with an online help screen (which is great for adding to the content and making it better over time rather than an onboard help feature).
In conclusion, I found the modusGate solution to be a worthy product to protect your enterprise. It contains a bevy of filtering features, multiple deployment possibilities, multiple ways to configure the features (directly or web based), monitoring and reporting tools that are quite impressive and once it was setup, which did not take very long, it just worked! In my opinion it falls just short of a Gold Award due to some documentation issues, some dialog polishing issues and an integrated Help for all the many features that are included. Vircom Support, on the other hand, does get the 5-star Gold Award.
MSExchange.org Rating 4/5
For more information about Vircom’s modusGate, click here.
NOTE: Additional Feature as of 19th April 2011
directQuarantine – directQuarantine is an Outlook add-on module that provides end-user control of quarantine emails directly from Outlook. End-users can search for quarantined emails in real-time using the Outlook search toolbar or fast native Windows search – no more waiting for nightly quarantine reports, logging in to a Web portal, or depending upon IT to check for and release blocked emails. The directQuarantine folder contains all emails caught and filtered by modusGate and any false positives can be quickly and easily released directly from the Outlook toolbar. Any attachments, viruses, phishing links and all other electronic threats remain safely on the modusGate server and are not downloaded to Outlook, ensuring the highest level of security. But the real advantage, is the time IT administrators will save by putting the task of email quarantine management into the hands of end-users.