What is our primary use case?
Right now, we're mainly just using the email gateway security server. We have all of our incoming emails getting scanned and sanitized for any malicious attachments. Our other spam products didn't always catch Macros and things in Word and Office documents. We added MetaDefender to provide an extra layer there. In any case, the solution will sanitize all documents by recreating a clean one with just the content and no embedded code. It offers a little extra safety.
What is most valuable?
The sanitization is very good. Previously, we had to control certain files in which we would restrict which files could get delivered to user mailboxes until IT could verify them manually to ensure that they were clean. This allows us just to let them go through. They get sanitized, and they go through. It took a burden off of IT. There's the rare instance where we actually need the original file. For example, maybe a bank or our payroll company actually has put some code in the file that they need in order to work. However, it's greatly reduced the amount of work IT has to do.
MetaDefender's ability to identify attacks, for example, spam, social engineering tags, blackmails, scams, et cetera, seems fine. I don't really monitor day-to-day to see. I haven't seen any obvious things get through. No one's reported that to us. It does detect malware; however, we don't get a ton of malware anyway. We do have another spam gateway as well in front and at the edge that gets things first. So that blocks a lot of things. However, if some of them get through, then MetaDefender blocks things that were missed. I'm happy about that. It does catch things.
MetaDefender's ability to sanitize malicious content from documents or emails is great. I'm very happy with that. It's never let through anything malicious. Still, it does have some limitations. There are some documents with embedded hyperlinks that end up going to maybe a credential phishing site that it doesn't know. We'd have to check it ourselves. Thankfully, our users are pretty aware of those kinds of malicious threats. They do alert us to those.
Having email security in the organization is essential. It's very important since we're routinely receiving files. We get most of our orders through email. A lot of people are looking at incoming emails that almost all have attachments in them. So making sure that those attachments are clean is very important to us.
MetaDefender may have helped to improve our spam catch rate. If I'm looking at my dashboard over the last thirty days, I haven't seen any spam. That said, our other solution is doing pretty well at spam. Our spam rate is relatively low. It's mostly things that are actually legitimate advertising or companies that we have relationships with. It's not really spam. The combination of MetaDefender and SpamTitan is what we're using.
We don't get very many false positives. If there is, we have to put in an exception for those.
What needs improvement?
They offer a feature called SmartLink neutralization. I have tried it before. It seemed to work most of the time; however, I had a few users for whom it just wouldn't work. Whenever they click on a link, it stays on the MetaDefender page, saying that it's scanning it and never moves forward. I haven't tried it in a while since then. Since I can't turn it off on a per-user basis, I had to turn it off globally.
I have certain exceptions for not doing the sanitization, and how to set those up is not intuitive. It would be useful if there were a better way of doing that.
Using digital certificates is hard. It would be better if it used Windows Servers' built-in certificate management.
For how long have I used the solution?
I've been using the solution for about three years.
What do I think about the stability of the solution?
The solution seems stable. I haven't noticed any issues with it.
What do I think about the scalability of the solution?
We're only using the product as a single-server solution. While doing the installation, I noticed it has some high-availability options. You can have multiple servers with load balancing. It seems pretty scalable.
How are customer service and support?
In the beginning, I might have contacted technical support, and I recall them being pretty responsive.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We do use SpamTitan. We added MetaDefender as SpamTitan wasn't catching enough of the malicious attachments. We were hoping we could replace SpamTitan with MetaDefender, however, MetaDefender's limitations on how emails can be routed would not allow us to. We still have to use SpamTitan.
How was the initial setup?
While we use an on-prem deployment, it's my understanding they have a cloud option as well.
The setup was pretty straightforward. There isn't much maintenance required. The only time I log in is if they block an attachment and I need to retrieve it. It does have reporting and dashboards if you would like to be more proactive.
What about the implementation team?
I handled the implementation myself, using the solution's documentation.
What's my experience with pricing, setup cost, and licensing?
We paid for a three-year agreement. The cost is kind of high. For smaller companies, it may be outside of their budget. However, for us, management knows how important this product is. It's worth the money.
What other advice do I have?
While it does have password-protected archives, over the general course of our business, these protected archives are not common and not in use.
We don't currently use it to try to meet any standards. We're just trying to block things from coming in.
For someone who hasn't installed any mail security solution, I'd warn them that it's only a matter of time before something very bad happens. It's essential in any company to ensure there's robust email security.
If someone is looking for zero-day protection, they would be making a mistake in the long term. Something like MetaDefender, which can sanitize documents, provides peace of mind. Zero-day would strip all of the code out of your documents.
I'd rate the solution eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.