Security Boxes Look to Ban Spam
End-users and Internet Service Providers are fed up with spam, and with good reason. According to Probe Group LLC, by the middle of 2003, nearly 50 percent of all Internet traffic worldwide was considered spam or unsolicited and unwanted email. Not only is all this junk email a nuisance to end users, but it’s also costing Internet service providers (ISP) big bucks in terms of requiring additional email servers and storage capacity to handle the growing volume of traffic.
There are already a ton of software companies that offer anti-spam products for mail servers. But now security appliance vendors are starting to add anti-spam functionality to their platforms. They claim that junk email protection should be placed on a gateway product that sits between the Internet and the private network to block unwanted traffic before it ever reaches the email server.
“Some industries require that all email received by the company’s mail server be archived, whether it’s junk or not,” says Richard Kagan, vice president of security appliance vendor, Fortinet Inc. “That’s a lot of mail processing and storage. Doesn’t it make sense to stop these messages before they even get to the mail server?”
The idea is gaining steam among appliance vendors. Some have already announced products that incorporate the feature, while others are set to announce the feature in future releases.
Last week, Symantec Corp. (Nasdaq: SYMC), a maker of security gateway products, announced it would support anti-spam filtering on its latest product, the Gateway Security Appliance 5400. The new product combines an Internet gateway firewall, anti-virus, Web filtering, anti-spam, and intrusion detection and prevention technology. The 5400 is an enhancement over its existing product line, which also supported anti-spam features.
Fortinet, which claims to be the only ASIC-based appliance on the market, says it will add intelligent anti-spam filtering to its products in the fourth quarter of this year (see Fortinet Score $30M Funding Round). Other security appliance vendors like Cisco Systems Inc. (Nasdaq: CSCO) and NetScreen Technologies Inc. (Nasdaq: NSCN) have not announced support for anti-spam. But there are rumblings that the feature could be on their roadmaps.
“Security vendors, especially those doing antivirus, are already opening the packets and inspecting them,” says Jeff Wilson, a security analyst with Infonetics Research Inc. “So it makes sense for them to also check email for spam.”
While spam filtering is not a security feature per se, Kagan says that it can help network administrators fight against email-based viruses and worms. For example, he says it can often be easier to search for a particular subject header that is known to contain a virus than running the more complicated signature-based virus scan.
“If you have a complete set of tools that include anti-spam, antivirus, and intrusion detection, then no matter how the attack is launched, you should have the tools to deal with it,” he says. “End users don’t care how you stop the attack. You can stab it, shoot it, or hit it with a baseball bat. All they want is to be able to keep their network running without spending an arm and leg to do it.”
Already appliance vendors have been adding more intelligent, content-based features to their products (see Security God in the Making?). For example, many vendors are adding deep packet inspection and intrusion detection and prevention features to their gateways. Anti-spam technology, which also requires a close inspection of data coming into the network, fits into this trend.
But some analysts, like Richard Stiennon, vice president of research at Gartner Inc., are adamant that anti-spam is best left to standalone products.
“Figuring out what exactly constitutes spam and what doesn’t is complicated,” says Stiennon. “And gateways are not the place to do it. They have enough to worry about.”
— Marguerite Reardon, Senior Editor, Light Reading