Symantec Messaging Gateway and Symantec Email Security.cloud: Product overview

Product versions

The two products offer mutually exclusive deployment models. The Symantec Email Security.cloud offering is a public cloud service. The Symantec Messaging Gateway product only supports on-premises deployments, but does offer two options: a hardware appliance and a virtual appliance (which could be deployed in a private cloud controlled by the organization).

The Symantec Messaging Gateway can be deployed on a series of Symantec hardware appliances known as the Symantec 8300 Series:

• Model 8340, intended for small or medium-size organizations
• Model 8360, intended for large organizations
• Model 8380, also intended for large organizations; provides more robust storage than the 8360

The virtual appliance version of the product is known as the Messaging Gateway Virtual Edition. It is supported by VMware ESXi/ESX/vSphere v4 and v5, along with Microsoft Hyper-V 2008 and 2012.

Security capabilities

The Symantec Messaging Gateway (in both hardware and virtual appliance deployments) and the Symantec Email Security.cloud products both offer all the fundamental security capabilities usually provided by email security gateways: antivirus, antimalware, antiphishing and antispam. Both products also support the use of threat intelligence feeds to improve threat detection accuracy, as well as data loss prevention (DLP) capabilities for stopping unauthorized outbound emails containing sensitive information. Also, both products support email encryption, although Symantec Messaging Gateway supports it through the Symantec Content Encryption or Symantec Gateway Email Encryption add-ons. Finally, the Symantec Messaging Gateway supports advanced content filtering.

Detection accuracy

Symantec provides separate statistics for the two products. For the Symantec Messaging Gateway, the spam detection rate is supposed to be over 99%, and the false positive rate is supposed to be less than one in a million. A wider range of statistics is provided for Symantec Email Security.cloud, including the following:

• Detects 99% of spam
• False positive rate at a maximum of 3 in a million for antispam
• Stops 100%  of viruses "as defined in the SLA"
• False positive rate at a maximum of 1 in a million for antivirus

Licensing

The Symantec Messaging Gateway licensing is user-based, with subscription licenses available. Obviously if the hardware appliance deployment is selected, it will also be necessary to purchase one or more appliances.

A free trial of the Symantec Messaging Gateway Virtual Edition is available for download on the vendor's website. The Symantec Email Security.cloud product has multiple service plans available, Email Protect and Email Safeguard, with the latter plan offering everything the former plan does plus privacy features, such as basic DLP capabilities.

Conclusion

The Symantec Messaging Gateway and Symantec Email Security.cloud products, when considered together, encompass three email security gateway deployment models: public cloud local hardware appliance, and virtual appliance (including private cloud). This range of deployment models provides a solution that will be adequate for organizations of nearly any size.

In terms of security capabilities, both products provide all the basic features typical of email security gateways, plus threat intelligence and DLP capabilities. Email encryption is also available for outbound messages -- natively with the Symantec Email Security.cloud service and through the Symantec Content Encryption or Symantec Gateway Email Encryption add-on for the Symantec Messaging Gateway product. However, both products lack support for executable sandboxing, which is a negative when compared to other email security gateway products. On the other hand, the detection accuracy and false positive rates offered by both products are as good as or better than rival products, giving the products an advantage over competitors.

Organizations looking for a solid email security gateway solution should consider the Symantec Messaging Gateway and/or Symantec Email Security.cloud products. Neither is clearly superior to the other, and because they use different deployment models, they tend to complement each other well. Organizations with existing Symantec security software and hardware deployments may want to give particular consideration to the Symantec Messaging Gateway product because of interoperability with other Symantec products.