Coming October 25: PeerSpot Awards will be announced! Learn more
Buyer's Guide
Email Security
September 2022
Get our free report covering Microsoft, Fortinet, Cisco, and other competitors of Barracuda Email Security Gateway. Updated: September 2022.
635,987 professionals have used our research since 2012.

Read reviews of Barracuda Email Security Gateway alternatives and competitors

Benjamin Jeffrey - PeerSpot reviewer
Director of IT at M&M Golf Cars
Real User
We can block entire domains and subdomains with a click, and reduced junk mail saves time of every employee
Pros and Cons
  • "They have something called Pattern Filtering, which has been a godsend... For example, if I don't want any email to ever come through that has the term "hot dog" in it, whether it be in the subject, the title, or anywhere else, I can immediately block such emails, company-wide. That has saved me so much time."
  • "If they had a little more documentation explaining how to use regex, or if they could include that inside of the cloud interface so that it generates regex code based on the parameters you input, that would be a lot more useful for people who aren't familiar with coding languages and HTML."

What is our primary use case?

Within our company, M&M Golf Cars, there are three companies under us, with everything from sales to marketing to customer interaction, both inbound and outbound. Anytime that we receive any type of email, it gets filtered through SpamTitan. 

The way that we have it set up is to filter on keywords. If something looks like it was written by a human, it will allow it to pass through, unless it throws some kind of flag that something looks suspicious. In general, it simply routes emails to our employees, giving us warnings if there is anything suspicious that we need to know about, before those emails actually are received.

We use the cloud version of the solution, we don't have an onsite server. We have multiple companies within my company, but we've set them all up to route through SpamTitan.

How has it helped my organization?

We started with SpamTitan a couple of months after I started with this company. Up until then, we didn't have a spam filter solution. All the junk marketing emails would make it to every single person's inbox. People were having to filter through all the junk while also trying to find and respond to emails from customers in a decent amount of time. They were getting more spam and fake emails with malicious attachments than actual customer emails. The amount of time that everybody was spending just deleting junk and trying to actually find customer emails was excessive.

Since starting with SpamTitan, though, we hardly ever have any emails that are malicious or that are from random domains that are known to be used for spam. And anything that does come through that it thinks is malicious, but it's not 100 percent sure, will be placed in quarantine for each user. It will give them a daily, automatic report saying, "We have these in a quarantine. If they look good to you, you can release them, and you'll immediately get them in your inbox."

As a result, not do we not have to delete all the spam from our inboxes. It allows us to only see the most important ones that are questionable, so we're not digging through hundreds of emails a day from junk addresses. In comparison to before we got SpamTitan to now, two and a half years after getting it, hours a week are saved for every single employee because they don't have to dig through junk. At the end of 2021, when I ran our yearly report, it had automatically blocked over 250,000 bad emails that weren't from customers or had malicious attachments.

If we saved, say, 30 seconds for every one of those 250,000 emails that were stopped, we saved that much time, minimum. And our inboxes don't reach capacity from the junk that should have never reached us to begin with. As a company, we've saved so much money by not having to spend the time to deal with that stuff, because of SpamTitan.

The geo-blocking feature definitely reduces our spam intake. The last time that I checked just geo-IP blocking, we had about 2,000 emails that attempted to come through in the last six months and were immediately stopped because we obviously don't do business with them or have any connections with them.

What is most valuable?

The filter rules are valuable. The software itself will automatically filter out things that it thinks are suspicious. However, the filter rules are the most helpful because, if we need to, we can block entire domains and subdomains with the click of a button. In addition, if one specific email address is a problem, but not the entire domain, we can drill down and specifically block it without affecting anyone else in that domain.

They also have something called Pattern Filtering, which has been a godsend. While the software can only do so much, as far as detecting things that look suspicious based on what it's seen from all of its users, with Pattern Filtering I can use my own terminology or search terms. For example, if I don't want any email to ever come through that has the term "hot dog" in it, whether it be in the subject, the title, or anywhere else, I can immediately block such emails, company-wide. That has saved me so much time. It also works for blocking specific document types or file types. All it takes on my end is going into the Pattern Filtering and selecting what I don't want to come through or what I want to go into quarantine, to warn me first before we allow it through. It's one of the most helpful, but also one of the easiest-to-use features, that does the most for our company. It has saved me hours of work a month when it comes to filtering out all the new stuff that keeps coming in from different countries and scammers.

When we started, geo-blocking wasn't a feature but they added it within the last year. I also do a lot of network security for our company. If there is a specific country that we don't do business with and from which we're getting a lot of requests, or if we have multiple attacks coming in a specific country, or if we keep getting a lot of emails from the same IP subnet from a certain country, instead of having to block every single new IP that comes in from that country, I can literally just block the country and any IP that tries to send us mail is immediately stopped, which is fantastic.

Those features are the ones we use the most, and they're also the most helpful for filtering out the most junk. And a lot of that is done automatically, once it starts detecting our blocking patterns and the stuff we aren't allowing to come through. With the subset of those things that do actually get through, because the senders either found better ways to mask what they're trying to do or they're sending stuff from different IPs that weren't blocked originally, I can just go into the solution and block them. Including login time and getting to the screen, I could have an IP address or an entire country blocked in less than two minutes.

In addition, the UI is not extremely flashy, which is fine for the people who need to be in the online console and determine what gets blocked and what gets released. It's very straightforward without animations or graphics. It has tabs that you click on that say, "If you click here, this is what you're dealing with." The usability is fantastic. It doesn't give me more than I need so that I have to drill down through 20 different windows before I get to what I want. I actually appreciate the fact that it's as simple as it is.

Another good feature is that you can see how much is being blocked based on date ranges.

What needs improvement?

The only thing that threw me off a little bit, when it first came out, was the Pattern Filtering. There didn't seem to be a huge amount of documentation on how to properly use it. If you want to block the term "hot dog," it's pretty straightforward. You just select, "if the email contains this phrase, block it for everyone." 

But, if you want to block an email address with .com.biz, which seems like it's legit but that .biz at the end throws it off, you have to get a little more detailed regarding how you type out what the Pattern Filtering looks for. You can't just enter ".com.biz" because it will then block everything that has .com or .biz in it. It takes a little more regex coding.

If they had a little more documentation explaining how to use regex, or if they could include that inside of the cloud interface so that it generates regex code based on the parameters you input, that would be a lot more useful for people who aren't familiar with coding languages and HTML. When you use it for a while, you get used to it, and you understand what it is that the pattern filter is looking for, but a regular user who doesn't know anything about regex has to learn a type of coding before they're able to successfully use that filter properly.

For how long have I used the solution?

I have been using TitanHQ SpamTitan for two and a half years.

What do I think about the stability of the solution?

I have never once had an issue where the software went down or stopped routing our emails. There has never once been an occasion where TitanHQ has said, "We're going to do maintenance," or "We're not going to be able to route your emails." In two and a half years, it's never stopped working once, not even for five minutes. It's one of the most stable solutions that we use, company-wide.

What do I think about the scalability of the solution?

Scaling is extremely simple. When we started, they asked us how many users we would have. SpamTitan detects whether we are under that number of users. But it has never stopped us. We once went over the number of licensed users. We talked to them and said, "We added new employees, we need to up our license," and they did that instantly. There was no waiting and we didn't have to go through renewing the contract. We didn't have to change any settings and we didn't have to reroute anything again. They added more users and it just kept working. Scaling is super-easy, and the solution can accommodate as many people as you need.

With all of our sub-companies, we have about 150 users of the solution.

We use it literally every day for filtering everything. The cool thing about it is that once it's set up and it's running the way you need it to, you hardly even need to log in, unless somebody tried to send an email and it didn't show up immediately. If that email didn't hit the spam filter, then you just have to tell whoever sent the email to try again. Other than that, it just works.

In the future, if we open more locations or we hire new employees, we'll absolutely increase how many users are using the software because it's invaluable to us.

How are customer service and support?

I come from an MSP background. I took over the director of IT role in this company when I started here. With companies that I used in the past, if there was an issue with something that was not set up right or it was not filtering correctly, you would have to either submit a ticket or call. You would wait on hold and hope that the rep who talks to you is either knowledgeable enough to help you or wait again to be transferred to tier-one, two, or three support, until somebody was able to solve the problem.

The best thing about support with SpamTitan is that if I have an issue and I email them, I will normally get a response in 30 minutes if it's not a serious problem. But if I call them—and I have never had a company do this before—I always seem to talk to the same people; not the team, but literally the same people every time. If I had a problem a couple months ago, and then I have a new problem, I'm talking to the same person that I spoke with months ago, and they're familiar with what's happened in the past and they remember my setup. It seems like the most personalized software support that I've ever experienced. I'm not constantly worried that I'm going to have somebody who isn't able to help me when I call. With TitanHQ, the person I call and talk to is the person that is solving my problem, every single time.

It honestly feels like the people who are helping me either use the software themselves, and have from the beginning, or they helped engineer and develop the software. They're able to fix my problem in minutes, versus several phone calls or having to worry about getting transferred around. That's awesome.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

In a previous job, the company I worked for used Barracuda. That was an onsite spam filtering service. It was fine, although it took a lot more setup and a lot more hands-on work to get it working the way that I needed it to. And if there was ever a problem, either with the hardware or software updates, I would have to call somebody in support who knows what they're doing, or wait for somebody that does to give me a callback and help me fix the problem. In a business, when you have people sending you contracts or sales orders and invoices and there's a problem that is stopping email from coming through, if you can't get help immediately and you lose those emails, it really hurts your company. I had issues like that with Barracuda.

Before Barracuda, we had something that was used to help filter spam and has since become Cisco hardware. It almost feels like the companies were too big to give customers personalized support when they needed it. It was as if they had grown beyond what their support teams could handle. With SpamTitan, I've never once gotten the feeling that they're taking on more than they can handle.

We looked at Barracuda and Cisco and went through a few demos. Believe it or not, we actually found SpamTitan through Reddit, via several IT channels that I was a member of. Somebody from TitanHQ answered a lot of my questions through Reddit and offered us a demo. We did the demo and it did everything we needed it to do, without a ton of input from us or having to spend days to get it set up and working. The fact that it worked, out-of-the-box, meant we went directly from the demo to signing on with the company. We've loved it ever since.

The setup for the demos that we had tried to do before SpamTitan was insane. We did less to get everything working with SpamTitan than we did with all of these other companies' spam filtering demos. Demos are supposed to be easy and attract customers. You want to show people that your stuff works with the easiest onboarding possible. The only company that was able to do that and show us that their stuff worked without a headache in setting it all up was SpamTitan. And that's why we stuck with them.

How was the initial setup?

It's one of the easiest setups that we've ever done. We just set our mail to route through SpamTitan and it auto-detected our email addresses. That's all it took. The software took care of everything else for us. There was no complicated setup. Our domain goes through the solution first. It detects the users that we have, sets them all up separately, and filters from there. We set up how strict we wanted it to be and let it learn over the first month. We manage everything through their website.

From the time that we were told to change where our mail is routed to, until it was actually successfully routing our emails to SpamTitan, it took about five minutes to set up.

Because we were unfamiliar with the software, we waited until our company was closed, and we weren't expecting any emails, to implement it. We did it on a weekend when we don't get a lot of customer emails. I spoke with somebody from SpamTitan and they told me where I needed to change our routing to. We logged into our domain, changed our MX record to route to SpamTitan, and everything else just took care of itself after that.

When we first started, there was a test mode and it would ask me, as the administrator, what was okay to let through. It would learn, based on my preferences, what it is that we were looking to block. After that first month of using SpamTitan, we now get a maximum of three false positives, company-wide, a week. Most of the time, the ones that get caught in the quarantine but that should have come through have a PDF attached or something has a really sketchy name, like a bunch of numbers, or it has "exe", even if it's not a .exe file but has the word "executive". But it lets us know that it was flagged so that way we have the ability to release it.

What was our ROI?

Not having to completely recover the company from a malware attack or from something that came in through email, and not having to worry about employees clicking on malicious links, are themselves, aspects of a return on investment. One malicious email with a bad attachment, or with a link that leads to a bad attachment, is enough to take an entire network down. 

Also, the fact that our firewall hasn't been working as hard since we got the spam filter, speaks for itself regarding how valuable the software is. 

If one software implementation can stop 90 percent of the problems in a company, when it comes to malware and malicious actors; if it can do that much and take the workload off of everything else in the company, then it's worth it a million times over.

And the time that we all save not having to dig through all the junk or worrying about whether we are going to click on something we shouldn't click on allows all of us to focus more on our actual tasks. We don't have to devote so much of our day to digging through and deleting junk emails, just to get to the stuff we actually need to do our jobs. That is also return on our investment. The amount of time SpamTitan has saved us is definitely worth it.

What's my experience with pricing, setup cost, and licensing?

When we started with this company they had fewer features. Neither the geo-IP blocking was available, nor was the Pattern Blocking. But throughout the two and a half years that we've been with them, they've added them, and they have not increased our cost. They've not even asked us to sign on for additional features. They just added them to their product and they were available for us to use. Having the same costs that we've been paying and having new features added is awesome. They give you an update without charging you more for it. I like that a lot. It makes you feel appreciated as a customer.

What other advice do I have?

If you're considering SpamTitan, get a feel for the software during the demo that they offer. If there is anything that you're not 100 percent certain about in terms of how it works or what its function is, call the support people and they'll explain it to you and make sure that you understand what it's supposed to do and how it works. That will let you know that the support people are there to help you, but it also makes sure that you understand the software that you're considering paying for. The demo will show you how much their software is actually able to do, while asking questions of their support staff will also show you how attentive and personal the support is. That way, you're getting the most out of determining if you want to actually use the software.

Lean on the support staff, because that's what they're there for. They will let you know that if you need anything, they're always there to help, no matter how small or big the question or problem might be.

The biggest lesson I've learned from using the solution is that I should have gotten it a lot sooner. The sooner you use the solution, the more time you'll have for everything else in your company.

Given all the spam filters that I've used, this is by far the easiest to use and the most detailed. At least give it a try, before you make a decision.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
Enrique Diaz Jolly - PeerSpot reviewer
Owner at Jolly Security Inc
Real User
Top 5
You can know exactly and accurately where an email came from and for which specific device
Pros and Cons
  • "It has an intuitive, clear graphical interface where you can deploy your policies and understand the overall flow. There are a lot of things that you cannot handle on the graphic interface, like message filters. For this, you need to go to a lower level where you have more power, like command line interface. So, this solution has the best of both worlds. There are not a lot of bells and whistles. It is more practical with access to most features that you can configure."
  • "The Forged Email Detection feature needs improvement, particularly with domain. The sensors are not that good and the rules sets are unclear."

What is our primary use case?

It is like a gateway for email. They receive all your email traffic. They send over your email traffic, and it is the first incoming point and the last outgoing point. They deliver the traffic to the destination. Whatever it is, you want to be informed of what is happening. Depending on the site's deployment, if you have a single device, then you have all the information on the device. And if you have several devices, you have all the information on every single device for each device. However, for consolidation, you need another device called Security Management Appliance (SMA).

It has no real interaction with other stuff. It does not interact with a gateway beyond the networking level. You have a router and that router provides IP addresses for a switch, etc. You don't have to integrate Cisco Secure Email with something specific since it is standalone and only requires basic essential networking. You can integrate it with a firewall, like ASA, but that firewall has to allow traffic. To do that, you would open port 25.

It is available to be deployed as on-premises, on the cloud, and hybrid cloud.

How has it helped my organization?

The solution is valuable if you are looking for a security email gateway that provides you with the most services possible. It has anything that you may be looking for in an email deployment, except for the endpoint which should be supported by something else, like Exchange. It doesn't have mailboxes because it is a gateway.

There are some methods to authenticate email, i.e., putting a stamp or seal of trust on an email, where one method is DKIM and another is SPF.

  • For SPF in the DNS, where you have records that list the different devices or IP addresses that can send email from a specific domain, a security device can consult that DNS and check if the mail coming from that domain is coming from an authorized source.
  • DKIM is a cryptographic signature of an email. It is usually what you announce is the public key of that system's PKI and verify the signature in the headers. You have a checksum of all the contents so it is possible to define or identify whether the message has been tampered with in route.

They are mutually exclusive in a way, so DMARC consolidates both. It provides alignment with the IP address, domain name, etc., and has to match at least one, being properly aligned. It has become something very important for compliance.

When you are receiving, you use all this information to decide whether an email is legitimate. Or, if you also need to deploy your DKIM, DMARC, and SPF infrastructure, that lets the rest of the world know where you are sending email from and how you are authenticating your email.

It can honor all SPF, DKIM, and DMARC rule sets and apply rules based on the results of these tests as well as sign the DKIM. Therefore, your email can comply with whatever you are announcing on your DNS for the rest of the world to know that you know about the signed domains. It has perfect, robust integration on that. 

What is most valuable?

The most valuable feature is reputation filtering. In the beginning, it was based on just the IP source. but it has now evolved to domain reputation. It allows you to classify different IP sources and different sender groups, where you can reject to throttle to whitelist from any IP sources, domains, etc. Based on the reputation gathering, the reputation is powered by Talos security. It is a super powerful feature. That alone gets rid of more than 50% of the crap from the traffic flow, before even hitting the anti-spam or antivirus.

If you have some knowledge about email, it is a pretty simple solution that has many controls on different levels, from the gateway part to accepting messages from certain sources to stringent filtering. It is state of the art with anti-spam, antivirus, and different threat prevention features. 

SecureX is powered by Talos, Sourcefire, etc. Today, it is the largest, richest threat intelligence on the market. SecureX is quite standalone in regards to integration since you put it into the network, whether it is on your own cloud or a third-party cloud.

If you go to the filtering level, you can have very accurate features or filters since it is programmatic. At a certain point, you can define sets of rules, such as where the email is coming from, whether it has this content, or to apply this policy. For example, if it has the same considerations, but the content is different, apply this another policy. It is super flexible and very customizable to your needs. It is not difficult to use.

It provides information, reporting, logging, and tracking. It has powerful tracking, so you can know exactly and accurately where an email came from, for which specific device, etc. It shows the emails which were:

  • Dropped
  • Rejected
  • Quarantined
  • Accepted by which policies.

It also shows the rule sets applied for that email and considers

  • The source
  • The Offender
  • Anything else that you may consider in an email.

It has an intuitive, clear graphical interface where you can deploy your policies and understand the overall flow. There are a lot of things that you cannot handle on the graphic interface, like message filters. For this, you need to go to a lower level where you have more power, like command line interface. So, this solution has the best of both worlds. There are not a lot of bells and whistles. It is more practical with access to most features that you can configure. 

What needs improvement?

You can consolidate on SMA if you want to spam or threats quarantined for multiple devices. It is not advisable for a single device, because if it fails, you are left without any email.

I would like to see a few changes to the UX. 

There is space for improvement with data loss prevention, particularly with third-parties integration. Data loss prevention is quite important, though most customers have some third-party or other elements in their network doing data loss prevention, specifically for email. However, if it could be possible to integrate with other solutions, not only on the email flow, but on analysis for a connector or something like that, then that would be ideal.

The Forged Email Detection feature needs improvement, particularly with domain. The sensors are not that good and the rules sets are unclear.

For how long have I used the solution?

I have been using it since 2004.

What do I think about the stability of the solution?

It does not add anything to the potential downtime for a corporation, unless everything fails. If all your email exchanges fail, then you don't have email, but this solution does not affect the performance of your whole network. 

At the minimum, you need two devices. If you have two devices and one fails, then the other one can handle the work, though you might have some email delays.

You should keep track of what is going on. It does need some daily administration, fixes, and policy changes.

How are customer service and support?

In general, their technical support is really good. There are a few who are still learning, e.g., not providing enough help, but there is always the option to escalate.

Which solution did I use previously and why did I switch?

It was the IronPort before Cisco acquired it in 2007. It is the same appliance and software. This solution has been upgraded by several versions, but it is basically the same, they just changed the name. 

What about the implementation team?

I have done the architecture for a company in China.

What's my experience with pricing, setup cost, and licensing?

It is a super big router that costs a few hundred thousand dollars.

Which other solutions did I evaluate?

These days, the first tiers of this market have good enough anti-spam, antivirus, etc. These have become routine. There are some other not-so-good solutions, like Barracuda and Fortinet, but it depends on how much you are willing to pay as this solution is not cheap.

The best other solution is Proofpoint. They have been long-time competitors who have also been evolving. The big difference is it is more fancy because it has more bells and whistles. The solution is good as well. However, they are super expensive, not cheap.

If you want a multi-tiered deployment, you could perhaps have Secure Email on the cloud and Proofpoint on-premises. Then, you have the two best solutions in the market working together. I have customers who have done this and are satisfied. Very few solutions can compete with Secure Email and Proofpoint outside of the price. If your budget is a problem, then you have a problem.

Along with Proofpoint, this is the best solution in terms of preventing spam, malware, and ransomware.

Check Point has fancy graphics and an interface where you can do a lot. The Cisco Secure gateway has both, though not as fancy as Check Point, but a big majority of the tasks can be done on the graphical interface level.

What other advice do I have?

It is not so difficult to us, but neither is it easy, particularly if you don't have some knowledge about email.

Whatever you are looking for with an email security appliance or device, you mostly have it, though nobody is perfect.

The solution’s ability to prevent phishing and business-email compromise is fairly good. DKIM, DMARC, and SPF integration are the best way to prevent phishing, spoofing, etc. However, they still have room to work in this area.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
CISO at a manufacturing company with 1,001-5,000 employees
Real User
Top 10
Straightforward to set up, good support, and quickly adapts to new threats
Pros and Cons
  • "The most valuable feature is the ability to identify malicious content and phishing emails and reduce the workload we have to do in terms of security."
  • "The only thing that can be improved in Perception Point is the in-depth analysis and attribution to cyberattack groups."

What is our primary use case?

We are today using this product for email filtering and we plan to use it later for file filtering on cloud-sharing platforms.

How has it helped my organization?

This solution is very effective at detecting malicious content and very fast in adapting to new threats. There have been new types of attacks which, instead of attaching malicious files to emails, have been attaching to Google Docs that are hosted on the Google Cloud. Within a couple of days, Perception Point updated the engine to a filter and block such attacks. For us, it was very beneficial because the users are not allowed to open attachments, but when people asked them to view a document on the cloud, they weren't used to it. This left them open to this type of attack.

The Perception Point incident response team acts like our own SOC team, which is important because we do not have a SOC, but rather a limited incident response team. This means that any external assistance allows us to work on the more critical areas and identify the events that we have to investigate. In general, it significantly reduces our internal workload.

When it comes to incident management, I think that the Perception Point incident analysis is very fast. It usually takes less than an hour to go back with initial reactions, and they adapt the technology very fast as well. They provide either interim solutions or full solutions to all of the incidents that are identified.

In terms of engine optimization, ever since we started working with Perception Point, we have been able to monitor improvements to their capabilities, including adaptations they have made. Moreover, our own team was able to work with the system and ask for improvements, and they've all been done very fast.

Perception Point has helped to reduce our false positive rate by approximately 90%. More generally, it has reduced the total number of alerts we get. We used to have more than 100 endpoint alerts per month and it has been reduced to individual ones. Overall, that is a greater than 90% drop in alerts.

What is most valuable?

The most valuable feature is the ability to identify malicious content and phishing emails and reduce the workload we have to do in terms of security. The quarter before we used Perception Point, we had about 400 positive identifications of malicious content being used by employees, probably getting them via email. Since using Perception Point, we have almost nothing.

What needs improvement?

The only thing that can be improved in Perception Point is the in-depth analysis and attribution to cyberattack groups. This is an issue I have raised with their product team. Currently, when we get malicious content, we don't know where it came from. One of the things that worries me the most, as a sysop, is whether we are being targeted by any of the cybercrime groups. This is something that Perception Point doesn't do, so I have another cyber threat intelligence team that does the investigating. Ideally, Perception Point should offer this as part of their service.

For how long have I used the solution?

We have been using Perception Point Advanced Email Security for the past four or five months.

What do I think about the stability of the solution?

We are using it as a SaaS and since we have been using it, there have been no noticeable service interruptions.

What do I think about the scalability of the solution?

It seems to be very scalable. It's cloud-based, so it should be able to scale nicely. We haven't done load tests because our load is not very high.

We have about 1,400 people who are protected by this product, and they work in every role that you find in an enterprise. We are located in Asia, Europe, and North America.

How are customer service and technical support?

The technical support is very good. Most of the time, they reply within one hour.

Which solution did I use previously and why did I switch?

Prior to Perception Point, we were using a solution by Barracuda. We switched because Barracuda didn't provide the capability to filter emails and block the malicious content we wanted.

How was the initial setup?

The initial setup was very simple and straightforward. As we are using Perception Point as a mail relay, it only involved changing the MX record or DNS records in order to relay our email messages to Perception Point, and whitelisting the Perception Point addresses in our email systems. It was a very simple configuration, and it was up and running very fast.

We have many domains, and some of them took some time, our major domain was done first and it was completed within one day.

After deployment, it started providing value immediately. That said, it took a few weeks before we identified everything that needed to be whitelisted or blacklisted.

It requires some administration in terms of blacklisting and whitelisting rules for URLs of domains. There are some cases that the out-of-the-box solution doesn't identify properly, especially when there are misconfigurations by people that we communicate with.

What about the implementation team?

I managed the deployment, but someone on my team did the technical setup.

What was our ROI?

We have seen ROI in the form of reduced security team activity, a reduction of employees clicking on phishing emails and malicious content, a reduction in the need to re-image machines that have been infected by malware, and a reduction in the incident response (IR) activities.

What's my experience with pricing, setup cost, and licensing?

We were able to get reasonable pricing that matches the ROI we want, so I think that it is the correct price point.

Which other solutions did I evaluate?

We evaluated other solutions including Mimecast, Sasa Software, Forcepoint, and a couple more. Some of the products that we looked at didn't offer a full SaaS solution so we didn't consider them.

We didn't perform a full pilot program with the rest of the vendors because we had a situation where we wanted to deploy very quickly. We were in a dialogue with Perception Point, it performed perfectly, and we just decided to move on with them.

What other advice do I have?

My advice for anybody who is considering Perception Point is that there are no false negatives and no false positives with this product. Overall, I am very happy with it.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
General Manager -Mfg at a consumer goods company with 5,001-10,000 employees
Real User
Top 20
Easily configurable solution suitable for small to medium businesses
Pros and Cons
  • "The best features are that it is very convenient to configure new rules onto it and it gives very good insight on what has entered my system and what the email security solution has taken action upon."
  • "There is a lot of room for improvement towards the phishing kind of email filtering, with the different hijacking attacks, and with the kind of password attacks which these phisher attackers do."

What is most valuable?

From an email security standpoint, the best features are that it is very convenient to configure new rules onto it and it gives very good insight on what has entered my system and what the email security solution has taken action upon. It has future analytical insight on what kind of attacks it could come across which would have already penetrated your system that you should be aware of. If there is anything which has already propagated inside the system, we can look into the other email security solutions to get that validated and then it gets things under control.

What needs improvement?

There is a lot of room for improvement towards the phishing kind of email filtering, with the different hijacking attacks, and with the kind of password attacks which these phisher attackers do. The engine is intelligent enough to block any link which is coming in the email because it checks the quality of the reputation of the link. But it is written by a very intelligent person using a very localized domain so it lacks that functionality. There are other solutions available in the market, such as Proofpoint and Barracuda, that have slightly better intelligence around that, maybe they have more attack feeds coming in or maybe they are working a little harder on the resource side. Their response towards such emails is very granular whereas Trend Micro's is higher.

Maybe email security is not the goal for Trend Micro, because the other players like Proofpoint, Barracuda and Microsoft are working essentially on the email security. So they are very focused and since the products are completely driven towards email security they give a better posture and have better performance there. But from a threat prevention point of view and as the first wall of anti-virus defense, Trend Micro tends to be a superior product.

For how long have I used the solution?

I have been using Trend Micro Email Security for two and a half to three years.

What do I think about the stability of the solution?

Stability-wise, we have not found any challenges so far.

I don't know if I can fully comment on that, because we have a limited base, a limited number of users, and maybe our organization is not the organization which should ideally comment on the stability. But the solution has been available all the time, there was no downtime in our service period and we are not facing any challenges regarding availability.

How are customer service and technical support?

In India they provide very good support.

We have not faced any kind of challenges here. I'm not sure about other regions and their services there. For us, it has been a very good experience, because the vendor we work with has very good expertise in Trend Micro. The OEM itself is there and they are available most of the time, even 100% of the time. So it's good.

Whenever we had some issues with our email services, they were all available.

How was the initial setup?

The initial setup was very straightforward. I think it took us 15 days.

It was very, very quick because we were on the cloud setup. It was just a few steps so that our emails go there, get filtered and then come back to us. Then a few fine tunings so that we don't block legitimate emails.

Which other solutions did I evaluate?

I think the email security domain is a very mature domain now. If you look at Gartner, for example, they have stopped publishing their quadrants for email security because they have declared that it's a very mature market and players which are in email security already know that they are very deep into the services.

What other advice do I have?

On a scale of one to ten, I would give Trend Micro Email Security a seven.

Some of their features should focus more on preventing the emails which are malicious in nature from entering into the user mailbox and they should have a feature to completely remove it from the entire email system. For example Microsoft has an option where if there is a malicious email you can just identify it and with one click you can delete every email in the system in the organization for whoever has received it. Similarly, there must be some kind of awareness mechanism for the user, even for whoever is not receiving it. They should be able to send out some kind of email or some kind of awareness to the user not to respond to any malicious services. In my experience throughout my career, making your users aware of email threats helps to get control of the threat by almost 70%.

If you receive 10 emails out of which four to five would be spams, one or two may be malicious. If you are aware of it you will not respond to it. But in the initial stages, you might have clicked on the link or responded to their request. But eventually, when you learn about these malicious things, you automatically hesitate responding to them, or maybe you just don't read them. Those kinds of responsive behavior comes with time. If you teach your people they will not respond and your email security solution will look better because people will not get into the wrong traps.

For small to medium sized business, Trend Micro Email Security fits very well because cost-wise it is effective and because their technical resources are widely available in India, the Asia Pacific region, and in Europe. However, when we look at it from an enterprise user perspective, where the number of users can be huge, we take more of a risk opting for a less expert solution. In terms of email security, I would not rate Trend Micro as an expert solution. There are others available which are doing this better than Trend Micro. Once Trend Micro is at their scale, at that point only would I recommend Trend Micro. But for the small and medium industries, I would recommend it because they have limited budgets and they work in a different sector of the market.

But for the enterprise customers, I think they should look at some better solutions which are dedicated for email security. Email is the most critical part of the organization, so you should always choose the expert.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Head Of Finance And Administration at a financial services firm with 1,001-5,000 employees
Real User
Top 10
Good gateway and email security with an easy initial setup
Pros and Cons
  • "It's really quite user-friendly. In terms of technical superiority and the product itself, there are no complaints. It is really cutting edge."
  • "We have subscribed to an archival service, and yet, when we have to get our data out, we have to pay a fee to get our own data. They charge an extraction fee."

What is our primary use case?

We use Mimecast as our email gateway. We also use it as our archival service. All those phishing, anti-phishing, spear phishing, spamming, and other security filters that they have, we use all of them.

What is most valuable?

We have found email security very good.

The gateway is excellent. 

We have found the archival services to be very valuable.

It's really quite user-friendly. In terms of technical superiority and the product itself, there are no complaints. It is really cutting edge.

The initial setup is straightforward.

What needs improvement?

It was not so much about the product itself, however, their business model needs improvement. We have subscribed to an archival service, and yet, when we have to get our data out, we have to pay a fee to get our own data. They charge an extraction fee. This is something which really worries us as a company.

For how long have I used the solution?

I've used the solution for about six years at this point. It's been a while.

What do I think about the stability of the solution?

The solution is stable. There aren't bugs or glitches. It doesn't crash or freeze. It's very good.

What do I think about the scalability of the solution?

The solution can scale well. If a company needs to expand, it can do so rather easily.

We have grown from about 2,600 users to about 4,000 users. We have added additional geography as well. The product is resilient enough to take care of all of this.

How are customer service and technical support?

We have contracts and we are also subscribed to a service plan. Whenever we have used it, the service levels have been very good and we have no reason to complain.

Which solution did I use previously and why did I switch?

We were previously thinking of an alternative to Mimecast for two reasons. The main reason is as an organization, we are in the financial service industry, and we have to show some data resiliency to our regulators. However, due to the fact that we're present in 30 countries, what happens is all Mimecast data is centrally hosted in one particular grid, which is preventing us from showing data resiliency to them. I want a solution that allows me to selectively map users to a particular geography. 

How was the initial setup?

We didn't find the initial implementation complex. It was pretty easy and rather straightforward.  We didn't run into trouble.

We are a complex organization. We are present in 30 countries. It was a mix of on-prem and some were in Office 365. Due to the set up of our own architecture, we had to undergo some labor, however, otherwise, the entire process was pretty straightforward.

What's my experience with pricing, setup cost, and licensing?

We typically use a subscription service. If there are version upgrades. We automatically get upgraded to the latest version, as it's a software as a service setup. We don't need to update it as Mimecast takes care of it.

If you need to extract data from their archival service, there is an additional fee involved.

As we are an enterprise customer and we have a relationship with them, what we are told by the reseller is that we pay about 40% of their list price for this product.

It's an expensive solution. There are other competitors, like Barracuda, who offer similar services. We believe that over the years, they have picked up, and their pricing is much more competitive than Mimecast. As an organization, Microsoft itself has really matured over the years. They offer probably 90% of what Mimecast is offering, and then you don't have to pay anything extra for it because it comes with part of the Office 365 licenses. That is why we also believe that there is a lot of room for Mimecast to get their act together, pricing-wise.

Which other solutions did I evaluate?

We evaluated a few other options such as Cisco IronPort as a security service. We evaluated Proofpoint. The comprehensive solution that Mimecast offers, however, really made us sign on the dotted line.

What other advice do I have?

We're just an end-user.

We use their Perimeter Defense plan, we use their Continuity plan, we also use email to archive. These are the three scales that we use from them.

I would advise others considering the solution to technically evaluate their competencies, their highs, and lows, first. Also, read the fine print, and understand the exact costs. A company will need to understand natively how much of Mimecast capabilities does Microsoft offer if you just subscribe to an Office 365 license. It might make them rethink using this solution.

From a technical standpoint, I would rate the solution eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Email Security
September 2022
Get our free report covering Microsoft, Fortinet, Cisco, and other competitors of Barracuda Email Security Gateway. Updated: September 2022.
635,987 professionals have used our research since 2012.