Antivirus for Microsoft Exchange 2010

At PRAS we are in different stages of processes for implementing Exchange 2010 for several clients.

There are two repetitive questions that we get from our clients:

• What antispam should we use?
• What antivirus should we use to protect our new mail environment?

For previous Exchange version, based on our former experience as System Administrators at Vodafone, traditionally our answer was: GroupShield from McAfee or if you have more money to invest, a Web Security Appliance from the same producer (or a „blackbox” - how we name it).
There are other producers that provide antivirus and antispam protection for Exchange but we had a bad experience with Bit Defender Security for Exchange so we stayed with the products from McAfee.

For Exchange 2010, we made some researches through the market and as surprise or not, for the moment is no antivirus designed for this product except Microsoft Forefront Protection 2010 for Exchange Server. There is always the option to use a „blackbox” but this has some major disadvantages like no protection from infestations generated by the internal users.
With no other option, we tested the new antivirus and antispam protection for Exchange from Microsoft. There are a few things that make this product a great product:

• Antispam that is deeply integrated with Exchange and provides a 99% catch rate with less than 1 in 250,000 false positives. The old version had no antispam protection and you had to use standard antispam features included in Exchange 2007;
• Easy to manage quarantine. In standard antispam protection that could be configured in Exchange 2007 or Exchange 2010 you could configure a quarantine mailbox but the mailbox was so full of spams that it was impossible to check it for false positives;
• Innovative, hybrid solution to optimize email hygiene in the cloud with joint on-premises management and monitoring. It provides integration with Forefront Online Protection for Exchange;
• Premium antimalware via multiple antimalware engines which provide 38 times faster detection than any single vendor solution according to AV-test.org;
• Brand new user interface and easy-to-use console that allows administrators to rapidly identify and respond to security threats. The old console was a little bit difficult to understand and it was not so easy to find some settings or features;
• Easy to install and configure and set and forget smart defaults.

I am eager to see what the competition has to say about this. It is always great to have the possibility to choose between different products and I am sure that soon we will some interesting choices.