What is our primary use case?
We use this solution as a firewall for our email environment; it's basically a reputation-based service. It denies the connection from known bad sites. That's the biggest protection they have when you go to the antivirus and anti-spam modules. They even have an encryption piece in it.
What is most valuable?
There's Microsoft Office 365 email protection. The one good thing they have over Microsoft is their incredible search engine. That's why our clients like it. They like the search engine because they can search anything to do with their messages incredibly easily. This allows them to find troubleshooting issues. That's a big selling point.
There are some tools within it that are amazing. Even from a configuration standpoint, it's a hardened system. It's never been penetrated, so that's another great feature about Proofpoint.
They handle combined attacks. Defender for Office 365 does this as well. For instance, if you have an obfuscated URL embedded into an email and the email looks very legitimate, they can track that. Provepoint offers the same flexibility when combined with Office 365 as well. You can do your spam scores, and you can set up policies for people. From here, they can make a decision whether to select a spam policy or not. You can do the same thing with a lot of products, but Proofpoint makes it easy.
They all have quarantines where you can release messages. They're all very on par with each other. However, if you don't have Defender for Office 365, the feature parity is just not there. But there are lots of selling points, Proofpoint, in particular, takes care of. Still, they have a business continuity piece that is lacking in the Office 365 suite.
What needs improvement?
Not one of them is one hundred percent when it comes to reputation scores. It doesn't matter which solution — none of them are. Not one of them is a hundred percent on false negatives or false positives.
Proofpoint scores way up there along with Cisco. You used to have a choice with Proofpoint which one you use. They may be using multiples now, too. Proofpoint is the main tool for blocking spam because it denies the connection altogether.
I know for a fact that I can set Proofpoint up to what they call SYN attacks. SYN attacks basically open a connection, and then a handshake starts, and thousands of connections form. So, Proofpoint waits for a timeout to occur and then allows you to tie up all your connections, which is basically an out-of-service attack. They have something similar in Office 365, too.
Still, the reputation services, the antivirus modules, none of them are a hundred percent when it comes to false positives or false negatives.
It's the whole industry. The SMTP protocol needs to be totally rewritten. It was designed in the fifties or sixties. Changing it would be very, very difficult.
They put band-aids on it for security — that's essentially what's happened with that. That email is not secure by design because it's still using an old design from many moons ago.
For how long have I used the solution?
I have been working with Proofpoint Email Protection for 15 years.
What do I think about the scalability of the solution?
It's scalable, but the devil's in the details — you have to know your email volumes. Like anything else, you've got to know those kinds of things. You have to know email volumes, you have to properly scale it, and this is the bottom line. I've seen people do a lot of really stupid things.
How are customer service and technical support?
I've always had good luck with both. I think Proofpoint has always been superior — they do a very, very good job. They're a small organization though, so it's pretty tightly controlled as far as versioning is concerned. Compared to Microsoft, which is a huge organization, the lack of documentation revisions, that's where you have a harder time finding the information and connecting the dots than you do with Proofpoint.
How was the initial setup?
When it comes to the initial setup, you have to know the product well or get outside help; that's literally what it comes down to it. You have to know what the hell are you doing with email. Literally, I just had one client acquired a company that wanted to put Proofpoint Email Protection behind their email messaging security gateways — they don't know how to do it. If you're running M365 and you decide you want to put it behind Proofpoint, for instance, you have to know how to set up both to route email inbound and outbound, to your message security gateways.
What's my experience with pricing, setup cost, and licensing?
Proofpoint is fairly expensive. Most people, when they go to buy their M365 licenses, they buy them in a bundle. It's more than just email protection. It's actually lots of different protections.
What other advice do I have?
You need to be able to connect the dots on what the licensing buys you and what that particular module is to accomplish. Therefore, it behooves you to get someone that understands how the product works, what each module's intended for, what the licensing entails, and the cost-effectiveness of it.
It's one of the top products out there. Overall, on a scale from one to ten, I would give this solution a rating of nine.
It's just got the BC feature on it. If you get Defender for Office 365 specifically, that is the key to email protection from the Microsoft product. If you don't have that, then you will either have to purchase a third-party product or buy the add-on for Defender for Office 365.