Well, we were very excited about this product after having read all of the information and manuals about the Ninja Email Security software. Both products are from Sunbelt Software and have been getting a lot of press and reviews lately.
As you can tell, we really favor gateway appliance/software solutions for Anti-SPAM and Anti-Virus for E-mail. This is mostly due to the fact that we want to be able to update, bounce rebuild or otherwise change these systems without losing connectivity with our mail store. Taking down E-mail is becoming more and more difficult as we expand to a world-wide organization where everyone just expects E-mail to be up and running 7×24. The first product we ever used was ScanMail from TrendMicro, which sat on our backend servers. I am not providing a write-up of that product since it was many years ago and I am confident that they have significantly improved their product offerings since then. However, we found that AV systems connected directly to the Exchange mail stores had problems when the systems are bounced or altered. In particular, mail can get “stuck” in the queues and replayed by the AV engines, causing users to get old E-mails back in their inbox. We strongly feel that a gateway approach is the only viable solution for scalability and flexibility.
OK. Lets get back to talking about the Ninja Blade.
There are four versions of the product, all of which use a Dell white box with incresing processor capabilities, networking and storage capacity and redundancy. The models are loosely based on the number of users that the company suggests that the device can support. However, it has been our experience that this is a fallacy and misleading conept used by appliance vendors. User count does not directly proportional to E-mail volume across different companies. You can have a large number of users, like a department store, that does not process a large volume of mail, and conversely, you could have a social networking or marketing company with few employees that are on E-mail all day. Since these products are aimed at business, a more reliable classification of benchmarks would be the number of simultaneous connections that can sustain a bandwidth of moving mail messages of given sizes from just text to large complex attachment processing capabilities.
Using a single Ninja Blade generally does not make sense in a business environment because a failure means that all E-mail processing in and out of the company will come to a complete stop until the situation is fixed. We used to be a large Dell shop and had their 4-hour on-site service and support agreement. In no instance did they ever repair a system within that timeframe. We went anywhere from 6 hours to 2 days to get parts and materials. These two data points made it critical that we purchase two Ninja Blades. Since I did not like the “math” for sizing the systems, we decided on a 500 and a 1000. Our plan was to use the 1000 in standard production and duplicate the configuraiton to the 500 and configure a hardware load balancer for failover/redundancy, but in worst case use the 500 as a hot standby unit. Sunbelt does not have their own cluster configuration or failover solution, which is a significant issue, but we were confident that we could engineer something.
Getting the Appliance
This proved a lot harder than it sounds. We worked with our sales rep as we are current CounterSpy Enterprise customers (I’ll write about that later). They were very anxious to get the order and provided us with significant discounts on the purchses. We have found the sales teams at Sunbelt to be very aggressive and easy to work with and quick to respond to questions, requests and information. They also seem to work at representing your needs to the company.
However, this product proved to be quite the exception. Once the order was placed, it seemed to drop into a black hole at Sunbelt. We were told that it would arrive very quickly, but after a week without hearing from anyone, we contacted sales and were told that it was being held up in manufacturing. Huh? This is a Dell white box with a customer supplied OS image. I would bet money that Dell builds the box, burns a disk image per Sunbelt’s instructions and drops ships the unit to the customer. Another week went by, and again it is a production problem and this time they directly blame Dell for the issue. We wait an entire month for these boxes and we are getting convinced that we must be the first customer and they are working out all the logistics with their supply chain.
Eventually, the boxes arrive and sure enough, they seem to be direct from Dell. They use Sunbelt name branding on the shipping boxes, but there is no identification of which box is the “500” and which is the “1000”, so we had to guess. This was bad, since we had agreed with Sunbelt to only open the “1000” for the 30-day evaluation period.
Read the Documentation
Here is where we should have been doing our homework. As I mentioned earlier, we spent most of our time reading the Ninja Email Security documentation and then reviewed the Ninja Blade. While we knew there were some differences between the products, we did not spend nearly enough time reading about that in true detail. After the appliances arrived, I asked my senior administrator about a detailed analysis between the Ninja Blade and our current soution using GFI MailEssentials 12 and GFI MailSecurity 10 on Microsoft Exchange Front-End servers. At the same time, I printed the manals for Ninja Blade and Ninja Email Security for my own review.
We were both shocked to find that our initial excitement over this product was too much wishful thinking. Even Sunbelt’s own documentation and literature compares Ninja Email Security against GFI and Barracuda, but only compares Ninja Blade to Ninja Email Security — despite that fact that advertise the blade as the “Barracuda Killer”.
This appliance seems to be aimed directly at ISPs and other third parties that provide E-mail as a service to outside customers. All of the whitelist, blacklist, management of the quarantine and other items falls on the users and not the administrators. This is great if the user wants/needs all of that, but it is not meant for corporate environments in my opinion. Corporate customers want to feel protected and serviced by their IT department and they want straight answers. Just take a white list for example. If Joe white lists a customer, but Bob does not, then Bob is going to ask why Joe got the messages and he didn’t. Telling Bob that he has to white list the customer like Bob did, will just make him angry. Why didn’t we tell him that earlier? Why does he have to do it? What’s wrong with this system? Where’s the messages? Why can’t IT white list our customers for us? And if Bob is a senior executive, then it could get ugly very fast.
I must say that I am impressed with the documentation and reading on the Ninja Email Security software that sits on the back-end Microsoft Exchange Servers and perhaps that would be a good solution, so if we can not find a front-end appliance or software solution, we will revist it.
Needless to say, we have returned the Ninja Blade appliances to Sunbelt without ever firing one of them up.