Need advice on email security tools (Trustifi vs Proofpoint vs Avanan vs Barracuda)
Posted by ActualRegister7436@reddit | sysadmin | View on Reddit | 16 comments
Hey all,
Looking for some advice on what you guys are using for email security these days.
We have been using Trustifi for about 3 years now and honestly it’s been solid overall—no major complaints. That said, we’re coming up on renewal and I’ve been tasked with either sticking with them or moving to something else.
So far I’ve trialed Proofpoint and Avanan (Check Point), and next up I’ll be testing Barracuda.
Right now I’m leaning toward Avanan. The UI is really clean, setup was super easy, and it feels like it would make my day-to-day admin work a lot easier compared to the others.
That said, I don’t want to just go off first impressions.
What are you guys running in your environments right now?
What do you feel is the “leader” in this space currently?
Appreciate any real-world feedback—especially from anyone who’s used multiple of these
Hot-Use4070@reddit
They’re all decent, they just fail differently. Trustifi’s a good fit if you want managed without the Proofpoint learning curve.
Proofpoint and Avanan are more powerful but you’ll spend real time tuning them. Barracuda has the sanest defaults if you don’t want to babysit it.
What actually matters in the trial: ask each vendor how they catch Reply-To redirect attacks (where From passes auth but Reply-To points somewhere else entirely), and how they handle sending domains that are 48 hours old but have perfect SPF and DKIM.
That’s where the mid-tier gateways quietly miss things. If a vendor can’t answer those two clearly, move on.
DNSai_app@reddit
+1 for Check Point.
Also, I recently published a thorough Email Security vendor directory
https://dnsai.com/vendor-directory/php/sector.php?slug=email_security
Calm-Exit-4290@reddit
If BEC and vendor impersonation are in your threat model I'd add Abnormal AI to the evaluation. They focus on behavioral analysis specifically for those attack types rather than gateway scanning and the API native approach means no MX changes or mail flow disruption during deployment. Avanan has a clean setup experience but detection efficacy on socially engineered attacks is where the real differentiation shows up.
bsachs11@reddit
+1 for Avanan
delicate_elise@reddit
Also interested in hearing about this, and how Avanan works - is it a true gateway or is it API-based? I've heard excellent things about Avanan.
Three years ago, there was a huge influx of QR code phishing attacks. Most solutions couldn't handle this because they were just images coming through. Avanan introduced protections immediately and were the quickest to do so. Take a look at this thread from when it was happening. That was a huge green flag for me. Meanwhile our solution was just letting them fly through.
Visible_Spare2251@reddit
We moved from Barracuda as a gateway and now use an api based system. The new system is way better for what it catches but I miss having an actual gateway.
delicate_elise@reddit
Why's that? I imagine API based systems are rate limited and there can be delays in removing items from mailboxes.
Visible_Spare2251@reddit
yeah, that is one thing, the email will often be delivered and then disappear.
My other main complaint is that as it works with exchange online, it will only see emails that have been sent to a real mailbox. With barracuda I could see anything sent to our domain. This was handy for things sent to slightly incorrect addresses or to mailboxes that no longer exist.
I just generally find it easier to work with where everything is captured before it gets to the mail system.
delicate_elise@reddit
Yeah, those are all my concerns, as well. I wonder if Avanan is API based or a traditional gateway.
littleko@reddit
Agreed - we were just discussing this too in /r/EmailSecurity recently too
saltyslugga@reddit
Avanan's inline API approach is nice because you skip the MX record swap, but don't let a clean UI be the deciding factor. The thing that matters is detection efficacy and how well it handles credential phishing links that detonate after delivery.
Proofpoint is the 800lb gorilla for a reason but it's overkill and overpriced for a lot of orgs. Barracuda is fine but their detection has lagged behind in my experience, especially on BEC stuff. Trustifi if it's been working for 3 years with no major complaints, that's actually a pretty strong signal. Switching just because it's renewal time isn't always the move.
Whatever gateway you pick, make sure your DMARC/SPF/DKIM stack is actually enforced. None of these tools matter much if someone can spoof your domain freely. We switched our clients to Suped for the monitoring side and it's made enforcement way less painful across multiple domains. A gateway catches inbound threats, but auth enforcement stops your domain from being weaponized outbound, and most orgs neglect that half of the equation.
sivanandu_itops@reddit
We faced similar scenarios in production. You can evaluate based on spam filtering, threat detection and ease of integration. Also check logs and alerts to compare effectiveness before finalizing.
Active_Drawer@reddit
The big 4 we sell in order Mimecast, Proofpoint, Barracuda, Checkpoint.
Microsoft is in there as well when folks need to make an argument for e5 costs.
Mimecast I get the most complaints on. Now then if that's a matter of % buying or not is to be seen. I avoid Barracuda except for their email security and spear phishing/trainings.
Checkpoint, no real issues. Not as heavy of a user group.
Proofpoint requires implementation (cost). Be sure that's included Checkpoint is self installed
Some other smaller players, but not enough volume to mention.
DuckDuckBadger@reddit
Recently migrated from Mimecast to Barracuda cloud and have been really happy with it.
PlasmaStones@reddit
Mimecast has been rock solid for us
azo1238@reddit
Checkpoint has been amazing for us. Never had a system catch so much phishing emails and just general spam. Works great. Keeps outlook clean for your users. Super simple to setup with exchange online