WIXLIB

Proofpoint Enterprise vs. McAfee Email Gateway(Formerly IronMail from CipherTrust and Secure Mail from Secure Computing)Proofpoint, Inc.892 Ross DriveSunnyvale, CA 94089P 408 517 4710F 408 517 4711info@proofpoint.comwww.proofpoint.com

Email is unquestionably the primary formof business communications. Unfortunately it is also one of the most vulnerablechannels for security attacks, data leakage,and fraud. To protect against the everchanging nature of email security threats,email security solutions must be constantly updated and improved. Spammers andcriminal syndicates are continually evolving their tactics, and email defense systemsmust keep pace—or, better yet, keep onestep ahead.

CONTENTSExecutive Summary4The Evolution of Spam and Malware Threats4Finding an Innovative, Adaptive Defense Solution for the Enterprise 4Section 1 - Product Fit with Market Needs5Technical Strengths Across Anti-Spam, Anti-Virus,and Data Loss Prevention6Anti-Spam and Anti-Virus Effectiveness6Comparing Anti-Spam Defenses7Comparing Anti-Virus Defenses8Different Approaches to Policy Management8Architectural Complexity and Total Cost of Ownership9Path to SaaS: Comparing Deployment and Migration OptionsSection 2 - Product CommittmentMcAfee has Zero Major Releases Between 2006 - 2011Section 3 - Email Security and Product Expertise10111112Engineering Organization12Support Organization12Conclusion12About Proofpoint, Inc.13

EXECUTIVE SUMMARYEmail is unquestionably the primary form of business communications. Unfortunately, it is also one of themost vulnerable channels for security attacks, data leakage, and fraud. To protect against the ever-changing nature of email security threats, email security solutions must be constantly updated and improved.Spammers and criminal syndicates are continually evolving their tactics, and email defense systems mustkeep pace—or, better yet, keep one step ahead.If you rely on McAfee Email Gateway (formerly known as CipherTrust IronMail and Secure Mail), the legacyemail security and compliance solution from McAfee, your organization is vulnerable to attack. The variousvendors who have been responsible for this product over the past five years—first CipherTrust, then SecureComputing, then McAfee, and now Intel—have done almost nothing to develop or enhance the product inthat time. In IT security, idleness creates risk. By failing to keep up with new threats, such as social mediaattacks and dynamic-IP botnets, McAfee and its predecessors have left customers vulnerable to spam andvirus attacks—and hence vulnerable to lost data, lost productivity, regulatory penalties and fines, and damage to brand and reputation.This white paper examines recent trends in spam and malware and the resulting requirements for enterprise email security. Then, drawing on customer testimonials and on-site test results, the paper examinesthe effectiveness of McAfee Email Gateway to protect enterprise customers against spam and email-bornemalware. For contrast, the paper compares the McAfee solution to Proofpoint Enterprise, Proofpoint’semail security and compliance platform. This paper is intended to help enterprises assess which solution ismore likely to meet their ongoing IT security and compliance needs.THE EVOLUTION OF SPAM AND MALWARE THREATSEnterprises should expect the onslaught of spam to continue. Botnets aren’t going away. Criminal syndicates won’t abandon a profitable business. In 2011 and beyond, attacks will likely become more frequent,targeted, devious, and malicious.What characterizes spam in 2011? There are several new threat types that cannot be stopped by legacysolutions, especially those that haven’t evolved to keep up: Botnets and snowshoe networks now send spam with dynamic IP addresses within a singlespam campaign Phishing and low-volume targeted attacks not only compromise your organization’s brand, butalso “fly under the radar” of most legacy filters Blended threats combine the worst of traditional SMTP-based attacks with newer HTTPbased threats Social engineering continues as users are exploited for their trust in social networks such asFacebook Outbound spam is now one of the largest threats to an organization’s brand, and can be extremely difficult to block with older uni-directional or reputation-based systemsHow do new types of spam change the requirements for anti-spam defenses? Defenses must become moresophisticated. They can’t simply rely on just one or two techniques for detecting spam; they need to beable to consider a myriad of factors in email traffic, including up-to-the-moment intelligence about spamattacks occurring elsewhere. And they must continuously evolve, applying the latest analysis of spam andmalware attacks to protect enterprises 24/7.In short, to defend against evolving threats, defenses must themselves evolve. Enterprises should look foremail security and compliance solutions that are dynamic, adaptive, and proven.FINDING AN INNOVATIVE, ADAPTIVE DEFENSE SOLUTION FOR THEENTERPRISEDeploying an innovative email security and compliance platform is an important part of any enterprisesecurity strategy. The following sections compare McAfee Email Gateway to Proofpoint Enterprise acrossthree broad axes: The overall technical fit of the McAfee and Proofpoint product to the market’s needs.Email defense systems must evolve to keep pace. The McAfee product line has not been able tokeep up with the new phase of malware attacks. In fact, the last major release of the productoccurred well before new security threats such as dynamic-IP botnets and social-media phish-Page 4Proofpoint Competitive Comparison - Proofpoint Enterprise vs. McAfee Email Gateway

ing schemes had become common at all. Tests in live customer environments demonstrate thatMcAfee overlooks a dangerous amount of spam and malware. Product commitment by McAfee and ProofpointHow committed are the vendors to their respective product lines? One way to tell is to examinea company’s history of product releases, which is a useful proxy for investment levels in R&D. Email security and product expertise by McAfee and ProofpointEmail security is a complex, mission-critical issue. To create the best products and deliverenterprise-class support, a vendor must build up stable engineering and support organizationswith deep expertise in email technology, security practices, and more. Unfortunately for McAfeecustomers, the original CipherTrust team seems to be long gone, after the successive acquisitions by Secure Computing, McAfee, and now, Intel.As the tables below make clear, there are significant differences between McAfee and Proofpoint. Forexample, the McAfee Email Gateway product group has not issued a major release in five years; they seemto have simply stopped innovating. And if the past five years provide any indication of the next five, thenit’s safe to say that McAfee Email Gateway customers can expect little in the way of product innovationand improved security in the coming years—despite the increasingly malicious and complex threats thatspammers and hackers are directing at enterprise email servers. McAfee is in direct contrast with Proofpoint, which has innovated continually over the same period, and maintains a healthy and active roadmap.Section 1Product “fit” with market needsMcAfeeProofpointTechnical strength - anti-spam, anti-virus, and DLP Simple to manage with low TCO Enable path to SaaS Section 2McAfeeProofpointNumber of major releases between 2006-2011Product commitment04Number of minor releases between 2006-2011412McAfeeProofpointSection 3Long-term email security and product expertiseWithin engineering Within support organization Section 1 - Product Fit with Market NeedsThe lack of product development has taken its toll on the quality of the McAfee Email Gateway productand feature set, causing product functionality to fall behind the market leaders. This is a story that Proofpoint has been hearing repeatedly from many McAfee Email Gateway customers, and many of those customers are making the strategic decision to abandon the McAfee email solution and to adopt ProofpointEnterprise instead. Having evaluated both products, these customers inevitably reach the same conclusion:Proofpoint’s solution is technically superior; the McAfee Email Gateway is a legacy product with severedeficiencies that leave employees vulnerable to attacks; ongoing total costs of ownership can be high, sincehardware refreshes result in the addition of too many appliances and the administrative cost of the clusteris high; requires too many appliances and too much ongoing management by administrators; and the risksof staying with McAfee in light of evolving threats in areas such as phishing and targeted attacks are simplytoo great to continue with this costly, defective status quo. For the sake of email security and compliance,these customers are switching from McAfee and investing in Proofpoint.Proofpoint Competitive Comparison - Proofpoint Enterprise vs. McAfee Email GatewayPage 5

Technical Strengths Across Anti-Spam, Anti-Virus, and Data Loss PreventionVaried threats require varied defenses. Proofpoint Enterprise offers a number of features that are not available in the McAfee Email Gateway. These features are shown in the matrix below. As this comparisonshows, Proofpoint Enterprise is a more complete email security and compliance platform with consolidatedmanagement, reporting, and flexible deployment options.Technical Comparison Between McAfee Email Gateway and ProofpointEmail Security (Anti-Spam and Anti-Virus)Reputation-based spam detectionMcAfeeProofpoint Machine learning technology for outbound spam detection Granular spam classification and dispositions Selection of anti-virus engines Zero-hour anti-virus detection for zero-day protection McAfeeProofpoint Email Compliance (DLP and Encryption)Pre-configured compliance policiesSmart identifiers - algorithmic checks of structured data Managed dictionaries - pre-defined and updated libraries Advanced proximity and correlation analysis Policy-based encryption Flexible encrypted message delivery Per-message encryption keys End-user encryption controls DLP incident dashboard for administrative remediation Self remediation of DLP violations ICAP integration with Web proxies for Web 2.0 compliance ManagementMcAfeeProofpointConsolidated and aggregated reporting for multiple devices DLP Dashboard - consolidated view of compliance activity Deployment OptionsApplianceMcAfeeProofpoint Software Private Cloud Public Cloud Table 1: Feature comparison showing Proofpoint Enterprise is a more complete email security and compliance platformAnti-Spam and Anti-Virus EffectivenessBottom Line: McAfee’s ineffective anti-spam and anti-virus detection leaves your organization and end usersvulnerable.To detect the latest attacks, email security and compliance solutions require constant updates. Out-ofdate defenses leave enterprises vulnerable to attack. When attacks get through, employee productivity suf-Page 6Proofpoint Competitive Comparison - Proofpoint Enterprise vs. McAfee Email Gateway