Select Page

Ninja Blade
Back in 2003, when we first shipped our antispam product for businesses, iHateSpam for Exchange, we built it to be specifically designed for Microsoft Exchange. Then, when we came up with iHateSpam’s successor, Ninja Email Security, we again focused on tying very closely into Exchange.

Hooking tightly into Exchange has real benefits to the administrator. For example, since we’re on the Exchange box, we’re seeing every email in the organization, so we could then do things like intra-company attachment filtering.

However, we found that a number of admins were using our Ninja product on Exchange, but also running a box on the gateway to “pre-filter” to reduce the load on Exchange — often, cheap boxes. And this makes sense — with 90% of email traffic being spam, it makes sense to keep as much load off the Exchange server as possible.

We thought we could do a better job of it, and so we started working on our product — evaluating the competition, seeing what was out there.

A dominant theme in our research was something like this: A company takes a bunch of open source software, puts it on some cheap hardware, and ships it. Certainly, there were exceptions. At the high end of the market, you have companies like IronPort, which builds beautiful technology on top of Dell hardware. But it’s very expensive stuff.

We don’t like expensive.

Now, there are a few core components in an email security appliance:

– The operating system. In most cases, you’ll see Unix variants, but in some, you’ll see Windows server boxes.
Mail server software. This handles the job of actually delivering the email. Often, SendMail is used for this task.
– An antispam engine (often, SpamAssassin, a solid antispam engine)
– An antivirus engine (often, ClamAV)
– The hardware itself

In other words, what a number of companies will do is simply take a hardened version of Linux, put SpamAssassin and ClamAV on top of it, add a few enhancements, make a UI to pull it all together, throw it on a box and ship it.

Now, that model is fine, but we didn’t agree with many aspects of it (for starters, why not just do it yourself at that point?).

So what could we do that could really give the competition a run for their money?

First, we could start with the hardware. Instead of using low-cost, disposable hardware, we would partner with Dell, which makes outstanding server hardware (you can argue about their desktop systems, but their servers are an entirely different game). By doing so, we would be able to get solid quality hardware, as well as provide our customers, at no charge, Dell onsite service with a guaranteed four-hour turnaround time. It costs me more. But it’s better.

Then, we took an excellent Linux variant, CentOS, and hardened it for enterprise-grade security.

Then, our software would be carrier grade, not a bunch of apps thrown together in a box.

Our mail server — the most important component — was going to be top notch. So we partnered with MessageSystems, a leading developer of mail server software that’s used by carriers (for example, Verizon is one of their customers). This software is rock-solid, and is also blindingly fast.

Then, we partnered with our friends at Cloudmark to for the antispam component; and BitDefender for the antivirus component (we’ll add our own AV engine later this year, after our AV certifications are complete). Cloudmark is the Rolls-Royce of antispam products, with low false positives and a high catch rate; BitDefender is one of the best antivirus engines on the market.

And instead of some UI that looks like it was made to run on an old Dec VMS system, Robert LaFollette, our creative director, worked to make something that was elegant, powerful and simple. We wanted to make it easy to use, realizing that a lot of admins don’t have the time or patience to go through pages of documentation.

We didn’t go for having all the possible bells and whistles in the first release. We focused on providing solid email security that won’t break your budget (or the delivery of your email).

So there you have it: Ninja Blade, our first hardware product. And the price is very, very low: $1,995 for the base model (up to 500 users), with an additional $599 for the first year of updates and upgrades. Prices go up from there for larger sites.

If you want to see the UI, I have a real-live box that you can play on. Simply go to, and use the user name “admin” and password “ninjablade”. Have fun! (The server gets reset periodically, so just try again in a few minutes if the link doesn’t work.)

More corporate propaganda here, and the product website here.

Alex Eckelberry