Halon Security Virtual Spam Prevention (VSP)

Powered by SC Magazine
 

Large enterprises require email gateways that are quick and robust. The Halon Virtual Security Appliance from Halon Security can fill that role nicely, but administrators should be prepared to learn a new scripting language in order to fully use the product.

 

As the product is a virtual appliance, installation was easy. Halon provided an open virtualization format (OVF), template for VMware vSphere, so importing it into the test lab environment was a more or less three-click affair. The solution supports a number of different deployment scenarios, but we rolled it out as a gateway in front of our Exchange server. Within minutes it was serving as our SMTP gateway and, in its default configuration, scanning all incoming and outgoing messages for viruses and spam signatures.

The product is managed via a beautiful web interface. The navigation tree is clearly laid out and moving through the various configuration screens feels snappy. The product applies all settings in the background, so admins never find themselves staring at a waiting screen. There is an excellent real-time log feature, which makes troubleshooting mail flows simple. The offering supports DomainKeys Identified Mail (DKIM) for digital message signing and transport layer security (TLS) for server-to-server encryption. However, we did not see any way to implement S/MIME or any other type of direct message encrypting, an unfortunate omission, although Halon says that support for S/MIME can be added via scripting. It also supports content filtering based on regular expressions, which are stored on text files on the device, and simple blacklists are easy to deploy. The real power of the device, however, is unlocked through Halon's proprietary scripting language, HSL. Similar in appearance to PHP or Perl, the scripting language is the driving force behind the product's versatility. The challenge, then, is becoming comfortable enough with the language to leverage it effectively. While it is possible to view all of the stock rules in their native script via a button on the web interface (a feature that makes adapting to the language much easier than it could be otherwise), administrators without a knack for development may find themselves struggling to fully unlock the product's potential. 

Basic installation and configuration instructions are provided in the form of a short PDF. This takes administrators through importing the product into VMware, configuring access to the web administration tool and configuring basic mail flows. The bulk of the documentation on higher functions is provided on Halon's wiki, including all documentation related to HSL. While the company appears to have done a good job documenting the framework of HSL, we would have liked to see a lot more code samples. 

Support is provided 24/7 via email, and is included in the license fee. Halon also offers a premium support service via phone.

Halon Security provides the VSP at cost of $570 for 25 users, and includes one year of software and security updates, as well as 24/7 email support. Premium phone support costs $150 per ticket not covered by the service level agreement.

Copyright © SC Magazine, US edition


Halon Security Virtual Spam Prevention (VSP)
 
Overall Rating
Verdict:
For administrators who are up to the task, the Halon VSP is an incredibly powerful device well worth its price.
Product Info
Supplier:
 
 
 
 
Top Stories
Microsoft confirms Australian Azure launch
Available from next week.
 
NBN Co names first 140 FTTN sites
National trial extended.
 
Cloud, big data propel bank CISOs into the boardroom
And this time, they are welcome.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  27%
TOTAL VOTES: 260

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  62%
 
No
  38%
TOTAL VOTES: 82

Vote