Comodo Secure Email

The Comodo Secure Email application comes as a free product. However, to use it in a corporate PKI environment, one needs to install commercial certificates, and there is a charge for that. The product operates at two levels: network level and MS Outlook-only. The network level operates at the network layer and applies to all supported email traffic, while the Outlook-only mode operates at the software layer. It is only available in a 32-bit version, while the network-level product also is available in 64 bits.

We tested the Outlook-only version, but the main difference between the two is that in the network version one will need to specify an email client(s). The admin may purchase certificates to use as part of the corporate network - Comodo is a CA - or use the free Personal Email Certificate from Comodo for non-commercial applications. Personal certificates were our choice for testing.

When we selected the free personal certificate option, we were directed to fill out a form, which resulted in an email from which we could install the certificate. We also downloaded the application and installed it. The first time we ran the application, we received a cryptic error message and were offered an opportunity to send the message unencrypted. Thus, we expected the message to be signed only. However, the received message was not signed. Further testing showed that if the message was sent in Outlook's plain-text mode, the product would not work.

Generally, we found the performance to be poor, and the product simply did not live up to its billing. While it is very easy to implement, the impact on the end-user is out of balance with the benefits of encrypting and signing emails.

We found the manual to be missing some critical answers, such as error message meanings and troubleshooting. The website, as well, is heavy on marketing and short on information.

At the price, we would find the value to be very good, if not for the performance issues.