Clearswift Smart Web & Email review

Since focusing on appliance-based web and mail security, Clearswift has delivered an impressive range of features with its MIMESweeper for Web CSW250 taking a well deserved place on the PC Pro A List. Clearswift's latest Smart Web & Email offering teams up its entry level products with the aim of delivering a complete security solution to SMBs.

You get a pair of Dell PowerEdge R200 rack servers and the price includes all features except HTTPS scanning, which costs an additional £619 for the first year and £124 for subsequent yearly renewals. A key feature is centralisation as although each appliance can be managed separately via a web browser, Clearswift's peer grouping function allows them to be integrated together and handled from a single web interface.

The wizard guided installation is a cinch and Clearswift's web interface is one of the best designed on the market. Each function has been separated into different Centers and the home page opens with easy access to each one, along with a quick status summary. From the web appliance we added the mail system as a peer and the Policy Center page was updated with all mail security and policy route options so we could now manage them both from one interface.

Consistency is maintained as both appliances use filtering policies that combine content rules and routes which tell the system what to look for, how a suspect message or web page should be handled and who should be notified. Routes can be anything from an individual user to all outbound or inbound messages, and things are helped along with pre-defined references which can be a message annotation such as a company disclaimer, a list of filenames to be detected or multiple quarantine areas defined for different routes and rules.

You'll need to configure your clients to use the web appliance as a proxy and we did this manually ??" although it's easy enough to use proxy auto-configuration scripts or Active Directory group policies. Web content filtering starts straight out of the box as a default policy is applied to all systems and users. Common filters include content blocking based on a range of categories, restricting upload and download file sizes and virus scanning.

Clearswift's lexical expressions add a new dimension as you can search web content with user defined expressions and predefined categories to look for credit card numbers, UK national insurance numbers and US social security numbers. Clearswift's ThreatLab LIVE! service also maintains regularly updated lists of unacceptable words in a variety of languages.

Tough anti-spam measures are provided by Clearswift's SpamLogic service and the Mail-Filters solution which use a wide range of tests including textual analysis, auto-white listing, Bayesian analysis with auto-learning, Clearswift's own spam signature list, RBLs and reverse DNS lookups. Virus scanning comes courtesy of Kaspersky which also protects against spyware and phishing. Suspect messages and attachments are placed in quarantine areas which can be accessed directly from the Message Center.

Web and mail rules can have primary and secondary actions where you could, for example, block delivery of a suspect message but send a copy to the administrator. This provides a useful message archiving solution, where all accepted messages are delivered and a copy is sent to an archive server as well.

Policies can be applied to machine lists, which contain IP addresses, ranges and hostnames, but support for LDAP servers also allows them to be enforced for Active Directory users and groups. This means content security policies will be applied to users no matter which system or location they log in from, and a new scheduler feature means that policies can be active at specific times of the day.