Browse 9 email security gateway options for your enterprise
Finding the best email security gateway is vital to protect companies from cyber attacks. Here's a look at the current market leaders and their standout features.
Business email has been around a long time, but that doesn't mean it's always safe to use -- quite the contrary.
As you sit here reading, hackers and other cybercriminals are drawing a target on your company's back, and the bull's-eye mark is your corporate email, the wide-open entry through which hackers can gain admission to your proprietary information and wreak general havoc. No industry is safe, and the incidents of email phishing attacks, ransomware and other malicious attachments are on the rise. But there's something companies can do to protect themselves.
They're called email security gateways, and they work by filtering out email with malicious content and preventing them from ever entering your employees' inboxes. Email security gateways supported the COVID-19 pandemic-induced shift to off-premises work with cloud-based offerings used either standalone or in conjunction with on-premises installations. Here's a look at some popular email security gateways with significant market share and that offer both traditional and advanced functionality.
Barracuda Total Email Protection
Barracuda Networks Inc.'s Total Email Protection provides a multilayered approach, starting with a cloud-based email security gateway to stop spam, phishing, malware, ransomware and other targeted attacks. It adds email continuity services, fraud and account takeover detection, and frequent user refresher training on phishing attacks.
The G2 and Gartner review sites did not have reviews for Total Email Protection as of this writing, but they did have reviews for Barracuda Email Security Gateway at its core. Reviewers rated it high on ease of use, reliability and security, but some noted its spam filtering is not as configurable as they would like it to be.
Features of Total Email Protection include the following:
- full-system emulation sandboxing and payload analysis to detect zero-day malware and other advanced threats;
- real-time global threat information network;
- agentless email encryption;
- inbox defenses using AI to learn individual user behavior and identify malicious deviations, such as fraud attempts and account takeovers;
- brand protection through Domain-based Message Authentication, Reporting and Conformance (DMARC) enforcement;
- web-based portal for organizations to manage all devices and security policies through a single interface.
Cisco Secure Email
Cisco Secure Email provides a multilayered approach to secure email communications and helps prevent corporate data loss by staving off malware, ransomware, phishing and spam. Cisco offers on-premises physical appliances, virtual applications, cloud-based services and Office 365 supplemental security to detect, block and remedy email-borne threats, and its end-to-end email encryption helps keep sensitive data safe while it's getting from point A to point B.
Gartner review users cited its customizable nature as a chief reason they like it, including comprehensive protection and its general ease of use. Some reviewers claimed to encounter problems during initial setup and configuration and wished more customer support was available.
Features include the following:
- sender reputation filtering that blocks email based on threat intelligence gleaned from Talos, Cisco's own threat research team;
- real-time URL analysis that drops emails with suspicious links and automatically blocks access to risky websites;
- spam catch rate of over 99% and a false positive spam identification rate of less than one per million, according to Cisco;
- detection of forged or spoofed inbound email, plus detailed logs of all attempts to help organizations identify patterns and gauge the security's effectiveness;
- domain filtering to protect against malicious URLs, with the ability for users to set conditions based on certain threat levels and domains; and
- encryption for all outbound email messages.
Fortinet FortiMail
Citing the need to comply with regulations and to keep corporate data safe, Fortinet Inc.'s FortiMail offers a secure email gateway focusing on volume-based attacks and targeted cyberthreats. It provides antispam and antimalware protection but also folds in advanced features, such as outbreak protection, sandbox analysis and impersonation detection, to execute more complex security functions. It can be deployed on premises as appliances or in VMs in the cloud if you use services like Microsoft Azure or AWS. It's also available as a SaaS offering: FortiMail Cloud for Email Security.
Fortinet emphasizes its ability to address bulk email delivery, ransomware and phishing attacks. Users had positive feedback on the spam filter and anti-phishing features on Gartner but claimed keeping FortiMail up to date is time-consuming and causes delays.
Features include the following:
- multiple setup options for filtering bulk email and spam, including numerous sender, protocol and content inspection techniques;
- 99.798% success rate in identifying and blocking spam, according to the company;
- heuristics that monitor evolving trends and mitigate the risk of malware outbreaks;
- email encryption and safe archiving, plus data loss prevention capabilities;
- optional features, like spoof detection and sandbox analysis, which can protect against newly developing threats.
Microsoft Exchange Online Protection
Microsoft's Exchange Online Protection (EOP) is a cloud-based service that protects against spam and malware. It uses URL and domain blocking tools, antimalware engines, and deep message and attachment inspection. Since it's cloud-based, companies can manage existing email systems without having to worry about added hardware or software, and it works with current and legacy versions of Microsoft Exchange Server, as well as Microsoft Exchange Online cloud-hosted mailboxes and any Simple Mail Transfer Protocol program.
Feedback from users on Gartner indicated that the spam filtering and malware detection work well. Users also liked how it requires no hardware or software installation and is easy to set up and use, but it ultimately suffers in comparison with other secure email gateways because it doesn't offer as comprehensive a level of protection.
Features include the following:
- real-time antispam and multiengine antimalware;
- fast reporting capability -- near-real time -- that lets companies trace any email message the system has processed;
- content filters ensuring compliance with policies and regulations;
- email loss and bounce prevention with automatic queuing that kicks in when the destination server becomes unavailable;
- IP reputation protection through separate delivery pools for high-risk outbound email; and
- 100% protection against known viruses and a 99% spam catch rate, according to Microsoft.
Mimecast Secure Email Gateway
Cloud-based Mimecast Secure Email Gateway uses sophisticated detection engines and intelligence to protect email data and employees from spam, malware, phishing and targeted attacks, all from the cloud. Mimecast also offers a CyberGraph add-on for Secure Email Gateway that uses AI to stop evasive and hard-to-detect email threats.
Gartner users gave Mimecast high marks for inbound and outbound email monitoring that reduces spam and cuts down on incidences of bounced email messages and rejections, but those same users indicated that Mimecast doesn't completely eliminate spam.
Features include the following:
- URL and attachment scanning on inbound messages to block recipients from clicking bad hyperlinks or downloading malicious attachments;
- just-in-time training giving feedback to users when they click on suspicious links;
- browser isolation that blocks phishing attempts and potential malware infections so users can safely click on embedded URLs and websites; and
- impersonation protection to thwart email attacks using sender and domain spoofing.
Proofpoint Email Protection
Proofpoint Email Protection safeguards company email from both malware and nonmalware threats, like spam, fraud, phishing and business email compromise (BEC). It prevents threats from getting in and stops confidential information from getting out through the identification of compromised internal email addresses.
Reviews of Proofpoint Email Protection on Gartner are mostly positive, with users praising its detection capabilities and interoperability with antivirus software, threat intelligence providers and other security platforms. The most common complaint centers on the interface, which some claim is difficult to use.
Features include the following:
- adjustable settings that enable admins to customize the service to match company policy, including the ability to change and set customized email firewall rules;
- advanced BEC defense capabilities to accurately uncover email fraud attacks, including the most sophisticated supplier invoicing fraud attacks;
- automatic scanning of all internal email traffic looking for malware, spam and phishing attempts, as well as multilingual analysis;
- reporting and identification of compromised internal email accounts;
- dynamic reputation analysis that accepts, rejects or assumes control of email communications after performing a scan of the sender's IP address;
- signature-based identification that detects known threats, including ransomware;
- scanning for impostor email messages and credential phishing; and
- continuity of email during server outages, plus automatic syncing when email service is restored.
SonicWall Email Security
SonicWall Email Security provides multilayered protection from inbound and outbound email threats, data leaks and compliance violations. The platform applies several advanced techniques, including sandboxing analysis on links and attachments, to see through the methodologies that phishing, BEC, spoofing and ransomware campaigns use to hide malicious intent. SonicWall Email Security is available as a cloud-hosted offering, hardware appliance, software on Windows servers and virtual appliance.
SonicWall touts its email security gateway as user-friendly to configure, with a well-organized, intuitive admin interface, and Gartner site review users generally agreed. The most frequent complaint about SonicWall was lack of support.
Features include the following:
- machine learning, heuristics, content scanning and sender reputation analysis to stay on top of evolving threats;
- zero-day malware and ransomware protection through multiengine sandboxing and real-time memory inspection;
- real-time threat intelligence feeds from SonicWall Capture Labs, collecting information on evolving threats from millions of sources;
- time-of-click URL analysis to block access to malicious URLs;
- spoof detection through Sender Policy Framework, DomainKeys Identified Mail and DMARC;
- inbound and outbound email content analysis through custom policy filters to prevent data leak and compliance violations; and
- continuity of productivity and email delivery during server outages.
Symantec Messaging Gateway and Email Security.cloud
Symantec Messaging Gateway provides on-premises or cloud-hosted security for inbound and outbound email messages to stop ransomware, malware, spear phishing and spam, as well as sensitive data breaches. Symantec also offers Email Security.cloud, a cloud-based service with some of Messaging Gateway's capabilities, which can be used with Messaging Gateway and vice versa. Both offerings utilize the latest information from Symantec's Global Intelligence Network to stop the latest threats.
Gartner site reviews indicated both offerings are effective at filtering spam, phishing and ransomware. However, reviewers also reported there isn't a single interface for managing both offerings.
Features include the following:
- BEC protection to defend against email impersonation, fraudulent email and spoofing attacks;
- integrated policy-based encryption that safeguards proprietary company data contained in email messages or attachments;
- compatibility with Microsoft Office to scan and block suspicious URLs or malware contained in attachments, remove malicious content and send a clean, restructured message to the intended recipient;
- URL reputation monitoring and filtering through Symantec's global database, with advanced analytics and remote browser isolation technology keeping users safe from risky and unknown websites;
- advanced heuristic and machine learning capabilities that keep Symantec's reputation database constantly refreshed, offering up-to-date protection from malware, fraud and phishing attack schemes; and
- customizable spam settings that Symantec says stops over 99% of spam and has a false positive rate below one in 1 million.
Trend Micro Cloud App Security
Trend Micro's Cloud App Security service adds cloud-based protection to Microsoft Exchange Online and Gmail deployments to pinpoint and stop email threats, including ransomware, phishing and malware, as well as data leaks through granular policies. Trend Micro Cloud App Security puts threat intelligence, virtual cloud-based sandboxing and other techniques into action to find advanced attacks.
User reviews on Gartner stated that Trend Micro Cloud App Security is easy to set up and use and is generally effective at stopping threats. A few users complained that it's not as configurable as they would like.
Features include the following:
- granular policies for defining what should be done when threats are identified based on the risk they present;
- integration with Microsoft Office 365 and Google Workspace;
- detection of zero-day malware hidden in documents;
- analysis capabilities to find suspicious files, then open in a cloud-based sandbox to monitor their behavior; and
- heuristic policies to stop spam, ransomware and phishing.