[an error occurred while processing this directive]
Sindre Westre, former Chairman of the School Cool Solutions Advisory Board, recently reviewed GWGuardian to see how it would hold up under the pressure of a live school network. Check out his review of this anti-spam/anti-virus tool.
See "How Cool Is It?" for an explanation of the following ratings.
by Sindre Westre, Network Administrator
In May 2004 I installed GWGuardian in my school's production network. Since I had agreed to review this anti-spam and anti-virus solution, I decided to give it a proper beating by introducing it to a live school network. All students and staff/faculty have GroupWise accounts.
GWGuardian Academic edition is a full version of GWGuardian Enterprise. The choice of anti-virus engine is what differs between the two editions. Enterprise comes with McAfee, and the Academic edition comes with Norman anti-virus. Additionally, The Messaging Architects also has very school-friendly pricing on the Academic edition.
The choice of anti-virus engine did not make me sceptical about the product's capabilities. My school already makes use of Norman anti-virus on all the workstations and NetWare/Windows servers. We have been very satisfied with Norman's products.
GWGuardian has kept the inboxes of my students and faculty/staff free from spam and viruses during the period of time I reviewed the product (about 5 months). The false positive rate has been very little, almost non-existent. GWGuardian was easy to install and configure, and my users have also had a positive experience with it.
Once up and running it has been a "set and forget" solution. The software is feature-rich, yet easy to use and even reasonably priced. I recommend it for use in school environments.
GWGuardian can only be installed on a Windows server. The installation process was very straight forward, as are most Windows installations.
I considered it a plus to have the anti-virus solution on a separate box; I considered it "expendable". If a virus should bring the GWGuardian server to a full stop, it would be easy to reinstall.
After installing the software, I configured my GroupWise Internet Agent to use the GWGuardian server as a Relay Host for outbound email. This way all outbound email are scanned for virus content before it leaves the school premises, which is as important as scanning incoming email. A quick phone call to my ISP initiated a change to our MX-record to the IP address of the GWGuardian server. The MX record is DNS information that tells other mail servers which server accepts email for your domain. Our firewall allows SMTP traffic to/from this server only.
The configuration of the GWGuardian software post installation was intuitive and easy. All features are explained in the manual.
GWGuardian comes with many features to block unwanted email. The full features list is so long that I can only mention the most important features here.
First of all there is the anti-virus scanning engine. Both outbound and inbound messages are scanned. Anti-virus definitions are automatically downloaded and installed. You can adjust the frequency of updates. Viruses that are found can either be deleted or quarantined. One or all of the senders, recipients and administrators can be notified of detected viruses.
Attachments can be blocked by filename or extension (for instance .vbs or .exe). There are three pre-defined levels of blocking for attachments in GWGuardian: Normal, Strong and Extreme.
GWGuardian makes use of an Sequential Content Analyzerô to perform advanced metrics analysis on message content. The SCA determines whether message content is "good" or spam. Updates of the filtering engine are updated automatically.
GWGuardian employs "User-Aware pre-Authentication" when relaying inbound messages. This means the destination of messages is validated before the relay takes place. This provides better performance to the mail gateway. GWGuardian can use GroupWise to look up users.
GWGuardian provides the ability to establish the Ultra-Secure Mailbox. This feature is intended for individuals who use their email to communicate with a finite number of people. By Blacklisting everybody else and entering specific addresses in their Whitelists, those users ensure that ONLY email from Whitelisted addresses is received. Since Whitelists are considered before Blacklists, you can enable an Ultra-Secure Mailbox by entering "*" in the Blacklist from the GWGuardian console.
In addition to the features mentioned there are several other features that will help you stop spam. GWGuardian is complying with federal regulations that govern the handling of personal data, such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in health care.
Among other features, GWGuardian has an automatic disclaimer/signature capability that will be attached to all outbound messages.
GWGuardian has a web interface to allow end-users to view and manage their quarantine contents. The quarantined contents can be viewed and released (sent to the users Inbox) or deleted. Using the web interface, users can create their own custom Whitelists and Blacklists and configure spam-level, attachment blocking and anti-virus options. If you don't think this is something that end users should be able to do, the administrator can lock a configuration at the system, domain or user level. Users log in to the web interface using their email address and their email-account password.
Enhancement needed: Since GWGuardian has the ability to let users configure their own level of security, a wizard should help novice users by recommending different levels of security and presenting the options, in a language that the average user can understand, to make their mailboxes safe while still allowing normal email-based communication to take place.
Personally, I locked down the users' anti-virus configuration tight, but allowed some user configuration of the spam settings. As an email system administrator, I found the web interface easy to use.
On a regular basis, your users will receive in their inbox a digest-report of quarantined messages. By using "point and click" they can quickly scroll through the contents of the quarantine, release messages they want to receive, and delete everything else.
GWGuardian acts as a mail gateway and relay host. It is capable of fronting several mail servers from different vendors. For educational institutions this means that GWGuardian can be used even if the students have a different email system from what the faculty and staff use. Because of the nature of GWGuardian, it does not prevent the Post Office Agents and Message Transfer Agents from sending infected messages internally. In my opinion, this is not important, as long as all workstations are secured with updated anti-virus software.
I found GWGuardian easy to use. If you spend some time configuring the desired level of security, neither you nor your users will spend much time quarrelling with GWGuardian. That has been where I've found GWGuardian to be at its strongest. You set it up, and it just works and works and works. If you need to make a change to some of the settings, you nor your users will have to read through the manual to make it happen. And this is what GWGuardian is all about: stopping unwanted email and viruses so that your users can spend their time dealing with productive email communication. And administrators won't have their Solitaire games interrupted by annoying virus breakouts.
Still, since the users are presented with a configuration interface, I would like to see some wizards that help with actually making inboxes secure. Otherwise, you need to lock them down tight.
I have had no performance issues with GWGuardian. According to The Messaging Architects, GWGuardian will process mail with no detectable latency. By stopping virus-related network traffic and saving storage space by excluding spam from the email system, there are considerable performance gains for the system.
Minimum system requirements are moderate:
1 GHz Intel® Pentium III processor or better
Most medium-sized companies can install GWGuardian on a low-end server.
GWGuardian comes with a manual available from the application. By pressing F1, you can access contextual help. This will bring up the appropriate section of the GWGuardian User Manual. By pressing Support you will be taken to the online support site.
The online support site contains a FAQ and Glossary, a collection of important Technical Documents, a searchable Knowledgebase, downloadable documentation and Online Forums. The Online Forums offer user-to-user support, but I also found that The Messaging Architects employees sometimes contribute to the forums.
With GWGuardian comes with 3 incidences or 30 days of support following the purchase. A support plan is available, as well as training and installation assistance. I used the support service of The Messaging Architects, and had my issues resolved in a quick and professional manner.
When it comes to updates, I mentioned the automatic download and installation of the anti-virus and anti-spam engines. Updates are downloadable from the gwtools.com site and they install as easily as the main product.