Fighting malware and spam

Best practices for evaluating anti-spam solutions

Nathan Turajski Trend Micro

Administrators are often perplexed during their evaluation of anti-spam solutions due to the various techniques used to block spam for achieving the highest catch rate, minimising false positives, and ensuring relevancy over time as the threat adopts new tactics for propagation. This discussion will examine the influence of various test variables and parameters including the impact of global environments (geography, vertical industry); spam definition including graymail, phishing and valid mail corpora; accuracy and effectiveness trade-offs; techniques including heuristics, signatures and IP blocking; and most importantly, integration as part of a multi-layered defence as the spam threat morphs in the future.

Along with accurate anti-spam performance visibility, administrators need to be aware of the hidden costs such as spam disposition options to minimise network resource impact, accurate reporting metrics, multi-level (gateway, workgroup) deployment, and end user management. The discussion will conclude with the TCO of deploying and managing a cohesive policy-based messaging security strategy that includes anti-virus, anti-spam, anti-phishing, content filtering, messaging security, archiving and related applications in a single platform solution allowing anti-spam to integrate seamlessly into the network.