The move will take the company into competition with pure-play hosted providers such as Postini, MessageLabs and MX Logic, as well as larger players including Microsoft and Symantec.
We’re ready to offer hosted, Chaudhry told us during an interview at Secure’s Messaging Security 2006 user conference in Las Vegas last week. We’ll have the best of both worlds. Let the cloud do what it does best, let the edge do what it does best.
There are pros and cons of each, he said. Namely, hosted internet-based email filtering takes some load off premises-based equipment, but is not as useful for scanning outbound emails and enforcing user directory-based group policies.
Applying policy to outbound mail was seen by some Secure customers we spoke to last week as being an increasingly important feature companies are looking for when trying to meet their regulatory compliance objectives.
Secure has been in the firewall business for many years, a position it consolidated when it bought Cyberguard a year ago. It entered email security when it bought CipherTrust, a company Chaudry founded, earlier this summer.
As well as rounding out Secure’s perimeter appliance range, the deal meant the company got its hands on TrustedSource, CipherTrust’s reputation database. TrustedSource, a list of IP addresses with a trust value assigned to each, is expected to be key in future product plans.
Indeed, Chaudhry characterized the forthcoming hosted service as an extension of the company’s Edge appliance, which manages email traffic at the TCP/IP connection level, out into the internet cloud.
While the service will be able to do virus and spam filtering, on of the key benefits will be the ability to cut down on unnecessary inbound email traffic by dropping connections from known spambots at Secure’s data center.
It’s the first line of defense, Chaudhry said, a coarse filter. Up to 70% of inbound connections can be eliminated this way, he said. This means less user bandwidth devoted to spam and less processing and storage required at the on-premises email servers.
He said that TrustedSource is identifying 250,000 to 300,000 new spambots – those zombie machines that have been compromised by malicious hackers to pseudonymously send spam – every day.
That’s as measured by new IP addresses sending spam, Chaudhry admitted, and most of the machines are laptops that jump between locations, so the actual number of compromised machines appearing every day is likely much smaller than 300,000.
As for the appliances, Secure’s new CipherTrust business has hit the point with the next version, provisionally numbered 6.7, where it needs to focus on upgrades to the interface and operating system. No big whizz-bang features are expected.
There used to be the need for this big feature, that next big feature, Chaudhry said. We’re almost out of those. Now it’s more performance improvements, simpler installation. We’re doing things that are needed as the market matures more and there is less expertise, as the masses are using it.
These OS upgrades are expected this quarter. Version 7.0, due next year, will see the company increase its crypto features, streamlining server-to-server and server-to-user encryption.
Not a lot of information was available, but it will apparently include clientless encryption and decryption, to try to get around the Catch-22 situation where people don’t send encrypted email because the recipient may not be able to decrypt it.
