Ninja Blade

July 26, 2008 · 2 comments

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)

Well, we were very excited about this product after having read all of the information and manuals about the Ninja Email Security software.  Both products are from Sunbelt Software and have been getting a lot of press and reviews lately.

As you can tell, we really favor gateway appliance/software solutions for Anti-SPAM and Anti-Virus for E-mail.  This is mostly due to the fact that we want to be able to update, bounce rebuild or otherwise change these systems without losing connectivity with our mail store.  Taking down E-mail is becoming more and more difficult as we expand to a world-wide organization where everyone just expects E-mail to be up and running 7×24.  The first product we ever used was ScanMail from TrendMicro, which sat on our backend servers.  I am not providing a write-up of that product since it was many years ago and I am confident that they have significantly improved their product offerings since then.  However, we found that AV systems connected directly to the Exchange mail stores had problems when the systems are bounced or altered.  In particular, mail can get “stuck” in the queues and replayed by the AV engines, causing users to get old E-mails back in their inbox.  We strongly feel that a gateway approach is the only viable solution for scalability and flexibility.

OK.  Lets get back to talking about the Ninja Blade.


There are four versions of the product, all of which use a Dell white box with incresing processor capabilities, networking and storage capacity and redundancy.  The models are loosely based on the number of users that the company suggests that the device can support.  However, it has been our experience that this is a fallacy and misleading conept used by appliance vendors.  User count does not directly proportional to E-mail volume across different companies.  You can have a large number of users, like a department store, that does not process a large volume of mail, and conversely, you could have a social networking or marketing company with few employees that are on E-mail all day.  Since these products are aimed at business, a more reliable classification of benchmarks would be the number of simultaneous connections that can sustain a bandwidth of moving mail messages of given sizes from just text to large complex attachment processing capabilities.

Using a single Ninja Blade generally does not make sense in a business environment because a failure means that all E-mail processing in and out of the company will come to a complete stop until the situation is fixed.  We used to be a large Dell shop and had their 4-hour on-site service and support agreement.  In no instance did they ever repair a system within that timeframe.  We went anywhere from 6 hours to 2 days to get parts and materials.  These two data points made it critical that we purchase two Ninja Blades.  Since I did not like the “math” for sizing the systems, we decided on a 500 and a 1000.  Our plan was to use the 1000 in standard production and duplicate the configuraiton to the 500 and configure a hardware load balancer for failover/redundancy, but in worst case use the 500 as a hot standby unit.  Sunbelt does not have their own cluster configuration or failover solution, which is a significant issue, but we were confident that we could engineer something.

Getting the Appliance

This proved a lot harder than it sounds.  We worked with our sales rep as we are current CounterSpy Enterprise customers (I’ll write about that later).  They were very anxious to get the order and provided us with significant discounts on the purchses.  We have found the sales teams at Sunbelt to be very aggressive and easy to work with and quick to respond to questions, requests and information.  They also seem to work at representing your needs to the company.

However, this product proved to be quite the exception.  Once the order was placed, it seemed to drop into a black hole at Sunbelt.  We were told that it would arrive very quickly, but after a week without hearing from anyone, we contacted sales and were told that it was being held up in manufacturing.  Huh?  This is a Dell white box with a customer supplied OS image.  I would bet money that Dell builds the box, burns a disk image per Sunbelt’s instructions and drops ships the unit to the customer.  Another week went by, and again it is a production problem and this time they directly blame Dell for the issue.  We wait an entire month for these boxes and we are getting convinced that we must be the first customer and they are working out all the logistics with their supply chain.

Eventually, the boxes arrive and sure enough, they seem to be direct from Dell.  They use Sunbelt name branding on the shipping boxes, but there is no identification of which box is the “500” and which is the “1000”, so we had to guess.  This was bad, since we had agreed with Sunbelt to only open the “1000” for the 30-day evaluation period.

Read the Documentation

Here is where we should have been doing our homework.  As I mentioned earlier, we spent most of our time reading the Ninja Email Security documentation and then reviewed the Ninja Blade.  While we knew there were some differences between the products, we did not spend nearly enough time reading about that in true detail.  After the appliances arrived, I asked my senior administrator about a detailed analysis between the Ninja Blade and our current soution using GFI MailEssentials 12 and GFI MailSecurity 10 on Microsoft Exchange Front-End servers.  At the same time, I printed the manals for Ninja Blade and Ninja Email Security for my own review.

We were both shocked to find that our initial excitement over this product was too much wishful thinking.  Even Sunbelt’s own documentation and literature compares Ninja Email Security against GFI and Barracuda, but only compares Ninja Blade to Ninja Email Security — despite that fact that advertise the blade as the “Barracuda Killer”.


This appliance seems to be aimed directly at ISPs and other third parties that provide E-mail as a service to outside customers.  All of the whitelist, blacklist, management of the quarantine and other items falls on the users and not the administrators.  This is great if the user wants/needs all of that, but it is not meant for corporate environments in my opinion.  Corporate customers want to feel protected and serviced by their IT department and they want straight answers.  Just take a white list for example.  If Joe white lists a customer, but Bob does not, then Bob is going to ask why Joe got the messages and he didn’t.  Telling Bob that he has to white list the customer like Bob did, will just make him angry.  Why didn’t we tell him that earlier?  Why does he have to do it?  What’s wrong with this system?  Where’s the messages?  Why can’t IT white list our customers for us?  And if Bob is a senior executive, then it could get ugly very fast.

I must say that I am impressed with the documentation and reading on the Ninja Email Security software that sits on the back-end Microsoft Exchange Servers and perhaps that would be a good solution, so if we can not find a front-end appliance or software solution, we will revist it.

Needless to say, we have returned the Ninja Blade appliances to Sunbelt without ever firing one of them up.

Article by Steve Van Domelen

Steve has written 47 awesome articles.

  • Sylvie

    I’m a customer of Sunbelt’s Ninja Blade, and wish I wasn’t. It has proven to be the most unreliable software I’ve ever used. 6 months into our purchase things started to go horribly wrong. The single hard drive disk failed (there is no redundancy!). The shipment coordination between Sunbelt, Dell was unorganized and the hdd took 3 days to get to us (eternity in our standards, meanwhile I’ve got the president breathing down my neck as to why he’s receiving a sleugh of spam on his BB).

    Once that was resolved, they sent us an older version of the Ninja Blade spam OS, which contained several bugs. Called them again, they finally “upgraded” to their current version 109. Thing is that version is buggy as well. For some unknown reason, the unit hangs every Saturday or Sunday and doesn’t let anything in or out. The service cannot be restarted from the Admin console, it can only be corrected by logging via SSH and performing a “reboot” of the server (running CentOS). It’s uptime is never more than a 7 days (certainly not in our case).

    And just yesterday, the Ninja Blade went offline again. The license become invalid due to the leap second at the end of the year (same problem happened with Zune). This affected every single Ninja Blade owner. I wouldn’t want to be a Sunbelt Software technical and customer service rep right about now…

    They have offered us (and their other customers) a one-year complimentary license to Ninja Email Security, which we have accepted and use (though it weighs down heavily on our Exchange 2007 server).

    I’m planning on returning the unit in January. I’ve been told they plan on releasing a new version soon, but I don’t know if I can put up with the Ninja Blade any longer.

    • steve

      Sylvie — Thanks for sharing your experiences with the Ninja Blade. I support/coordination between Sunbelt and Dell does not suprirse me given our experience in just trying to obtain a unit for evaluation. Seems all of our concerns about that device have been proven by your sleepless nights and frustrations.

      We also wondered about the overhead on performance of the Ninja Email Security product which is why my administrator really does not want to use any products that sit on the Exchange server itself.

      If you are serious about returning the unit, I really recommend you look into the Symantec 8300 virtual appliance. I wrote about this unit back in November ( and we really like this product for a number of reasons.

      Good luck and let us know how things go.

Previous post:

Next post: