Email Security Gateway Overview

Email Security Gateway Overview

218
0
SHARE

Email is one of the most important components of a well-functioning business. The number of messages passing through corporate servers can amount to tens of thousands. It all depends on the size of the company. Therefore, ensuring information security in this department is an important part of the corporate information security strategy as a whole. In this review, we will tell you about the leading email protection tools – Email Security Gateway – and provide a convenient tool for choosing the best option.

For those who doubt that email can be a serious source of threats, here is one example. Many well-known ransomware viruses, such as WannaCry, Petya and NotPetya, which caused a worldwide loss of hundreds of millions of dollars, were also spread via email. Security Gateways and e-mails, in particular, are designed to fight such threats, as well as more prosaic problems, such as spam, Internet fraud (phishing), etc. They analyze emails and block the actions of those that contain unwanted content: malicious attachments, phishing (leading to fake sites) links, annoying ads. Some of them can also block the communication of private and confidential corporate information.

Another problem that gateways such as this solve is the abundance of personal devices (smartphones, tablets, laptops) that employees use for official purposes. This format is called BYOD (bring your own device). But it also carries additional risks for IS.

With the increasing number of devices, spam and email attacks, the situation will only get worse. Therefore, a reliable email security gateway is an important tool for enterprise information security.

Today, email security gateways come in several forms: public cloud service, hardware, virtual devices, and their hybrids. But how do you choose the correct solution for your company? For this you need to ask a series of questions.

For example, how advanced are the basic security features? The more opportunities the product provides, the better, of course. If one solution offers only basic protection against viruses based on signature analysis, and the other is also a sandbox check, then you should pay attention to the second option. In that scenario, virus protection will be more reliable.

Exactly the same approach is needed to protect against spam. Some solutions allow you to independently create lists and blocking policies. Others can keep unwanted emails in a separate folder. If a certain email is suddenly sent there by mistake, it will always be possible to restore it within a certain period of time.

Another question – what additional functionality does the product offer and is it needed? For example, many solutions make it possible to encrypt email messages. If this is of importance to the company, then you should pay attention to these kinds of products. If not, then perhaps you shouldn’t overpay.

Storage issues are also important. The main one is where will the emails be stored? For many companies, corporate information security policy requires mail to be located on internal servers. In this case, cloud solutions which store mail on the service provider’s servers are not acceptable .

There are many more things to consider, so you have to consider your choice carefully. We will help you with this, discussing the leading solutions that are on the market today, and their basic capabilities. All of them have a high rating on Gartner, and many regularly fall into the “magic squares” of the analytical organization as market leaders and promising products.

Barracuda Email Security Gateway

  • Anti-malware protection: yes
  • Antispam: yes
  • Protection against advanced threats: yes
  • Trial Period: yes

Barracuda’s solution is a powerful and functional tool for monitoring an organisation’s inbound and outbound emails. Barracuda Email Security Gateway comes in the form of both hardware and virtual solutions, as well as a cloud service on Amazon Web Services or MS Azure platform. Product protects against attacks, viruses, DoS-attacks and leaking confidential information through emails. It allows you to encrypt messages and use the cloud to send emails. This can be useful if mail servers become unavailable as a result of an attack or malfunction.

Mail Protection happens in several ways. You can use a number of predefined policies to filter emails.  According to them, unwanted letters will be deleted. Barracuda Sentinel cloud component protects against phishing attacks in real time. It uses elements of machine learning and artificial intelligence. Integration with cloud services also reduces the load on the company’s hardware, as additional checks of incoming and outgoing mail checks are carried out in the cloud.

Cisco Email Security

  • Anti-malware protection: yes
  • Antispam: yes
  • Protection against advanced threats: yes
  • Trial period: yes, 45 days

Solution from one of the leading vendors in the field of IT which comes in both hardware and cloud versions. Depending on the type of subscription, Cisco Email Security protects your organization’s email from spam, viruses, and targeted attacks (basic), and also provides easy-to-use encryption and data loss prevention (DLP) solutions for information security.

One of the most important functions of the product combating the threats of a new generation, which are very difficult to detect in the first hours and days of their existence. The mechanism of blocking targeted attacks by Cisco Outbreak Filters protects from them. It uses three main elements- targeted attack heuristics, dynamic quarantine and cloud network redirection.

In addition, the product has all the necessary functions for such solutions: in the presence of security policies, anti-spam, phishing detection, etc. Cisco Email Security uses an intelligent threat analysis platform.

Cisco Talos, as well as tight integration with Office 365.

Microsoft Exchange Online Protection

  • Anti-malware protection: yes
  • Antispam: yes
  • Protection against advanced threats: yes
  • Trial Period: yes

This solution is designed exclusively for the cloud usage model. Although it is a Microsoft product, oriented primarily for work with Microsoft Exchange Server, it is also compatible with any local email solution. Exchange Online Protection is designed to combat spam and malware, and to manage message policies.

Exchange Online Protection provides three options. In an isolated script which provides cloud-based email protection for your on-premises environment. In the hybrid version, the product can be configured to protect the messaging environment and control mail routing when there is a set of local and cloud mailboxes. And as part of the Microsoft Exchange Online product, it is enabled by default and also provides protection for the cloud mailboxes of this service.

Fortinet FortiMail

  • Anti-malware protection: yes
  • Antispam: yes
  • Protection against advanced threats: yes
  • Trial Period: yes

Fortinet e-mail security product is delivered as physical and virtual devices, as well as a cloud service. It can work as a standalone solution, but is also part of Fortinet Advanced Threat Protection (Fortinet ATP). This complex provides protection against complex threats and targeted attacks. FortiMail has advanced tools for blocking spam, filtering malicious links and files from phishing emails. It can also prevent information leaks and encrypt correspondence based on identification data.

In the fight against malware, FortiMail uses a combination of signature, heuristic, and behavioural detection methods. The effectiveness of blocking spam emails is 99.997% – these are the results of independent testing of Virus Bulletin, held in the summer of 2017. The indicator is one of the best on the market.

Proofpoint Email Protection

  • Anti-malware protection: yes
  • Antispam: yes
  • Advanced Threat Protection: Partially
  • Trial period: yes, 45 days

Proofpoint – This is an American company whose activity is mainly focused on the development of postal security solutions.  One of its flagship products is the Proofpoint Email Protection cloud solution. It offers protection against phishing emails and forwarded malicious files, blocking spam and suspicious links, as well as protection against email viruses. When working with incoming and outgoing mail, flexible policies are used. They allow the application of several levels of rules: global, group and user, which allows you to conveniently customize the operation of the system.

 Proofpoint Email Protection scans incoming mail for hundreds of parameters, including the sender’s address, headers, content, attachments, etc. This protects a company from a growing threat — letters from impostors disguised as trusted addresses, such as company management business partners.

SonicWALL Email Security

  • Anti-malware protection: yes
  • Antispam: yes
  • Protection against advanced threats: yes
  • Trial Period: yes

Email protection from SonicWALL comes in three versions.: in the form of hardware, cloud service, and software. They can be used separately or combined. Here it all depends on the needs of the organization and the work model.

In terms of functionality, these solutions offer a standard set of comprehensive protection for incoming and outgoing messages, blocking spam, protecting against phishing, encrypting mail, protecting against data loss, a set of email filtering policies, etc. The product contains a Capture Advanced unit and Threat Protection service, which allows you to effectively deal with every day threats. SonicWALL Email Security handles phishing threats with heuristic analysis, machine learning, content analysis and sender reputation.

The Email Laundry

  • Anti-malware protection: yes
  • Antispam: yes
  • Advanced Threat Protection: Partially
  • Trial Period: yes

This cloud service offers a full range of email protection against all types of modern threats. Emails are checked on five different levels as they pass through the cloud service: a behavioural analysis, reputation check and content, antivirus scanning and applying custom settings. In the latter case it may be work with black and white lists, blocking of any given content, etc.

One of the main functions of the product is the fight against fake emails. According to customer feedback, The Email Laundry easily handles such threats. In addition to this, the tool provides a spam blocker which is 99.99% reliable.

Symantec Email Security.cloud

  • Anti-malware protection: yes
  • Antispam: yes
  • Protection against advanced threats: yes
  • Trial Period: yes

Symantec, a renowned anti-virus software vendor, also has a cloud-based email protection solution. It has a standard set for such tools: anti-phishing, anti-spam, protection against malicious programs and links, encryption and privacy protection.

Since Symantec has an arsenal of tools to ensure information security, many of them are used in this product. One of them is real-time link checking technology. It tracks the full, and abbreviated letters and analyses the content of the websites to which they lead. If links do not meet security criteria, emails with them are blocked.  Heuristic analysis, verification of recipients, lists of prohibited addresses, as well as scanning of incoming and outgoing messages are used for dealing with spam. According to the developers, this allows you to block 99% of unauthorized mailings.

Symantec Email Security.cloud can also protect and encrypt sent data using a set of special policies that help reduce the risk of leaked information. Data protection technology analyses various email components, including message text, headers, the contents of Microsoft Office documents and PDF embedded in a message or sent as an attachment.

In a way of epilogue

Email security gateways cannot fix everything, but they are an important component of an integrated approach to information security. The use of these products significantly reduces the risk of phishing and social engineering, as well as the spread of dangerous viruses within the corporate network. Most of them have similar functionality. But there are still some differences, as can be seen from our review. To make it easier to navigate these subtleties, you can use comparison table  You will learn about the presence or absence of certain functions in each considered gateway and see all the necessary data about the products from it. This will help you make an informed choice on the solution according to your needs.

About The Author: Vladislav Myronovych for ROI4CIO.