It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

What factors should I consider when evaluating an appliance versus a cloud-based email security solution?

  • Type: Knowledgebase
  • Date changed: 3 years ago

Solution #00004417


For potential customers evaluating cloud-based email security solutions.



According to IDC, software-based solutions still represent about 52.5% of the overall email security market.  However, the clear market trend today is a shift from software-based solutions to either appliances or cloud services. 


There are several dynamics behind this trend:

  • Offloading the email server.  Keeping the tasks of email security off the email servers allow the email server platforms to do what they were designed to do -- deliver email.  By isolating connection management and content scanning from the email servers, those email servers can perform better and organizations can do more with what they have today.
  • Reducing licensing costs.  Traditional software solutions involve high licensing fees.  In this economic environment, most organizations are looking at alternative ways to reduce operating expenses.
  • Reducing management overhead.  Software solutions impose soft dollar costs associated with the integration of software-based solutions and their interactions with ever-changing patch levels of other software or operating systems on the email server platforms. 

Once a decision is made to move away from a software-based solution, customers should consider the following factors when deciding on whether to make the move to either an appliance or cloud solution.

  • Control of data.  Does your organization care about the confidentiality of the data?  Cloud-based providers usually cache copies of email for redelivery and logging, and employees of those providers generally have access to those logs.  Organizations concerned with confidentiality generally prefer to keep their email security solutions on-premises to keep the point of control for email in one place.
  • Architecture.  An email security solution integrates with other internal systems, including either your email server itself or your LDAP directory server to do recipient validation.  Do you want to be opening up firewall ports to your LDAP directory provider to accelerate your recipient validation, or would you rather restrict this to internal systems like email security appliances?  In general administrators who generally have concerns for issues like opening up firewall ports for LDAP queries usually have other concerns about cloud-based email security solutions and generally prefer on-premises deployments.
  • Costs.  Most cloud email security providers charge expensive per user license fees as a list price.  Even when cloud service providers offer introductory or steeply discounted rates for new customers in year one, customers often get surprised by the costs of renewing the services in subsequent years.

One myth associated with cloud-based deployments is that they can save bandwidth costs to customers.  However, generally customers end up paying MORE for bandwidth overall when using a cloud-based email solution.  Why?

  • 80% of all spam email attempts are blocked through connection management.  In other words, when the first packet comes across, the systems check the source IP address and drop the connection if it matches the IP address of a known open relay, botnet or infected host.
  • Remaining spam messages tend to be very small, as it's a more effective strategy to send a lot of them.
  • Good messages tend to consume most of the bandwidth.  In fact over 80% email bandwidth is attachments alone (e.g., PowerPoint presentations, photos, PDF documents, spreadsheets, etc.)

And, with good messages taking the bulk of bandwidth, you end up paying for that three times -- once for the cloud email service to receive the good email, once for the cloud email service to send you the email and once for you to receive it!  Of course, the last two times you pay, the costs are hidden inside the cost of the email security service!


Overall, for most customers who host their own email on-premises already, an appliance generally represents a better solution for control of data, integration with existing infrastructure, and lowest cost.


Link to This Page: