Proofpoint Rocks
Overall Satisfaction with Proofpoint Email Protection
We use Proofpoint as our primary perimeter defense for all email traffic. Inbound email goes first to Proofpoint's servers for checking and then once vetted by Proofpoint, email goes to our on-premise Exchange servers for distribution. Proofpoint also rewrites all URLs contained in emails so that users cannot open URLs without them being tested in a Proofpoint sandbox first.
Pros
- Proofpoint does a nearly perfect job of rewriting URLs in emails to our users. They can very rarely click on a link that does NOT go to a Proofpoint sandbox URL.
- Proofpoint does a fantastic job of detecting "imposter" emails where the sender is attempting to impersonate a C-level officer for the purpose of fraud. All we had to do was tell it which names to look for as "sender" and match up the sender display name with the sender email address. when there is a mismatch, Proofpoint re-directs the email straight to our MIS team and the recipeitn doesn't even see it.
- Proofpoint does a very good job of identifying email-transported threats. We often get notified immediately that an end user has received a malicious email and even when it is a zero-day threat, they generally notify us within minutes of the nature of the threat.
Cons
- I think that Proofpoint could potentially speed up their identification of certain kinds of threats. Other than that i can't think of anything, they are just that good.
- There are several examples of imposter email campaigns that nearly cost us thousands of dollars before we implemented Proofpoint's imposter email detection feature.
- I can't even imagine how many viruses and other malware we have avoided by using Proopoint's URL re-writing capability.
I have not evaluated any others since I have been in this position. But in a previous position I evaluated Mimecast. It's similar and may have a nicer GUI but I don't think it has the same depth as far as bulk of historical detection data.
Comments
Please log in to join the conversation