Buyer's Handbook: What secure email gateways can do for your enterprise Article 4 of 4

sdecoret - stock.adobe.com

Browse the best email security products for your enterprise

Finding the best email security product is vital to protect companies from cyberattacks. Here's a look at the current market leaders.

It's been a long time since the introduction of email to the corporate communication structure, but just because it's been around forever doesn't mean it's safe to use. Quite the contrary.

As you sit here reading, hackers and information thieves are drawing a target on your company's back -- and the bull's-eye mark is your corporate email, the wide-open entry through which hackers can gain admission to your proprietary information and wreak general havoc. No industry is safe, and the incidents of email phishing attacks, ransomware, and other malicious attachments are on the rise. But there's something companies can do to protect themselves.

They're called email security gateways, and they work by filtering out email with malicious content and preventing them from ever entering your employees' inboxes. Here's a look at some of the most popular and widely used email security products on the market today.

Barracuda Email Security Gateway

Barracuda Network Inc.'s Email Security Gateway filters all incoming and outgoing email traffic, searching for spam, Trojan horses and malicious URLs, and encrypts outbound messages for increased security. It will also temporarily store messages in the cloud if a server goes down, ensuring their delivery.

Barracuda offers an array of security options that include hardware and virtual applications, but it also works within existing public cloud environments like Microsoft Azure or AWS. Barracuda Essentials is an optional cloud-based feature that beefs up security on email traffic by constantly scanning for new, advanced threats.

According to G2, most users rank Barracuda Email Security Gateway high on ease of use, reliability and security, but those same users say its spam filtering could use a bit of improvement.

Features include the following:

  • identifying and blocking messages from known spammers;
  • checking inbound email messages for hyperlinks that drive to known malware domains;
  • a cloud-based service that prescreens email for potential threats before they get delivered to the on-site Barracuda Email Security Gateway;
  • email encryption;
  • filters that stop outbound email with sensitive data from being sent and prevent your company from being added to spam block lists; and
  • a web-based portal that lets organizations manage all devices through a single interface.

Cisco Email Security

Cisco Email Security provides a multilayered approach to secure email communications and helps prevent corporate data loss by staving off malware, ransomware, phishing and spam. Cisco employs physical appliances, virtual applications and cloud-based hybrid products to detect, block and remedy email-borne threats -- and its end-to-end email encryption helps keep sensitive data safe while it's getting from point A to point B.

Gartner review site users cited Cisco Email Security's customizable nature as chief among the reasons they like it, including the comprehensive protection it offers and its general ease of use. Its biggest downfall seems to be the learning curve imposed by its legacy interface, which some say could use a facelift to make difficult configurations easier.

Features include the following:

  • reputation filtering that blocks email based on threat intelligence gleaned from Talos, Cisco's own intelligence group;
  • embedded hyperlink checks that verify the source's integrity and automatically block websites with bad reputations;
  • a spam catch rate of 99% and a false-positive spam identification rate of one per million, according to Cisco;
  • detection of forged or "spoofed" inbound email, plus detailed logs of all attempts to help organizations identify patterns and gauge the security's effectiveness;
  • domain filtering to protect against malicious URLs, with the ability for users to set conditions based on certain threat levels and domains; and
  • encryption for all outbound email messages.

Forcepoint Email Security

Forcepoint Email Security performs real-time threat detection and uses machine learning to remain on the constant lookout for new attack patterns. It utilizes sandboxing to test suspect URLs and analyze potential malware in real time before allowing it to enter a user's inbox -- a feature many other providers only make available as an add-on service. Forcepoint claims a 99% success rate at blocking spam. It is also capable of preventing information leaks of both the intentional and inadvertent kind.

While some Gartner users said Forcepoint Email Security imposes a tough learning curve on complex configurations, others laud it as being a full-featured product that's easy to deploy and boasts high-quality reporting capabilities.

Features include the following:

  • an Advanced Classification Engine that stops Trojan attacks and catches phishing emails and spam;
  • machine learning, sandboxing and predictive analytics that provide real-time threat protection from a malware attack;
  • protection against unmanaged computers and devices accessing email attachments;
  • content-aware scanning that detects data theft, even when the data is concealed within images and being transmitted piecemeal; and
  • adaptability with a variety of existing hardware, cloud and hybrid environments.

Fortinet FortiMail Secure Email Gateway

Citing the need to comply with regulations as well as keep corporate data safe, Fortinet Inc.'s FortiMail offers up a secure email gateway that focuses on volume-based attacks and targeted cyberthreats. It can be deployed on-premises in physical or virtual environments and in the cloud if you use programs like Microsoft Azure or AWS. It's also available as a SaaS that brings antispam and antimalware protection, but also folds in advanced features, such as outbreak protection, sandbox analysis and impersonation detection, that perform more complex security functions.

Fortinet emphasizes its ability to address bulk email delivery, ransomware, phishing attacks and targeted attacks. G2 reported that users like the spam filter and antiphishing features, but those same users say the program is difficult to set up if you aren't familiar with the interface.

Features include the following:

  • multiple setup options for filtering bulk email and spam, including more than a dozen sender, protocol and content inspection techniques;
  • a 99.98% success rate in identifying and blocking spam, according to the company;
  • heuristics that monitor evolving trends and mitigate the risk of virus outbreak;
  • email encryption and safe archiving;
  • antispam and antimalware filtering capable of handling in excess of 1.5 million email messages per hour; and
  • optional features like spoof email detection and sandbox analysis, which can protect against newly developing threats.

Microsoft Exchange Online Protection

Microsoft's Exchange Online Protection (EOP) is a fully cloud-based spam filter and antimalware detector that polices messages for violation of email policies. Since it's cloud-based, companies can manage existing email systems without having to worry about added hardware or software, and it works with Microsoft Exchange Server 2013, legacy Exchange Server versions, Microsoft Exchange Online cloud-hosted mailboxes and any Simple Mail Transfer Protocol program. EOP is configurable and works in hybrid environments that use both on-site email and cloud mailboxes.

Feedback from users on Gartner indicated that the spam filtering and malware detection work well. Users also liked the fact it requires no hardware or software installation and is easy to set up and use, but it ultimately suffers in comparison with other secure email gateways because it doesn't offer as comprehensive a level of protection.

Features include the following:

  • real-time antispam and multiengine antimalware;
  • a fast reporting capability (near real time) that lets companies trace any email message the system has processed;
  • content filters that ensure compliance with policies and regulations;
  • email loss and bounce prevention with automatic queuing that kicks in when the destination server goes unavailable;
  • IP reputation protection through separate delivery pools for high-risk outbound email messages; and
  • 100% protection against known viruses and a 99% spam catch rate, according to Microsoft.

Mimecast Secure Email Gateway

Cloud-based Mimecast Secure Email Gateway uses numerous detection engines to identify and quarantine malware, catch spam, block spear phishing attempts and protect against zero-day attacks with up-do-date intelligence on breaking threats. A bonus feature allows users to send messages with large attachments without having to use third-party file sharing services like Dropbox or Google Drive. Additionally, impersonation protection scans email for suspicious content and anomalies that may indicate a targeted threat.

Gartner users gave Mimecast high marks for inbound and outbound email monitoring that reduces spam and cuts down on incidences of bounced email messages and rejections, but those same users indicated that Mimecast doesn't completely eliminate spam.

Features include the following:

  • URL and attachment scanning on inbound messages to block recipients from clicking bad hyperlinks or downloading malicious attachments;
  • secure, encrypted email messaging that doesn't require the purchase of hardware or the download of additional software;
  • content control to safeguard your company's intellectual property and customer information;
  • support for emailing files up to 2 GB in size without having to use third-party file sharing services to keep organizations in line with internal security and in compliance with archiving policy; and
  • impersonation protection scans.

Proofpoint Email Protection

Proofpoint Email Protection safeguards company email from both malware and nonmalware threats, like spam, phishing and email spoofing. It prevents threats from getting in and stops confidential information from getting out through the identification of compromised internal email addresses.

Reviews of Proofpoint Email Protection on TrustRadius are mostly positive, with users praising the service for its ability to guard against viruses and limit the incidents of email spoofing getting through. One resounding complaint appears to be aimed at the quality of customer support.

Features include the following:

  • adjustable settings that allow admins to customize the service to match company policy, including the ability to change and set firewall rules;
  • an automatic scan of all internal email traffic that looks for malware, spam and phishing attempts and provides multilingual analysis;
  • reporting and identification of compromised internal email accounts;
  • dynamic reputation analysis that accepts, rejects or assumes control of email communications after performing a scan of the sender's IP address;
  • signature-based identification that detects known threats;
  • system that scans for impostor email messages and credential phishing; and
  • continuity of email during server outages, plus automatic syncing when email service is restored.

SonicWall Hosted Email Security

Offered as a cloud-based service, SonicWall Hosted Email Security protects organizations from threats to the company network, such as ransomware, viruses, phishing, spam and spoof email messages. Reputation checks scan an email sender's IP reputation as well as the reputation of the content contained in the message, running analysis on included links, images and other attachments. SonicWall also covers outbound email for spoofing and information compromise, whether intentional or accidental.

SonicWall calls its email security program user-friendly in both installation and configuration, with a well-organized, intuitive interface. While the opinions of some users differ with respect to the ease of use of the interface and the accessibility of logs, most users agreed SonicWall Hosted Email Security provides a high level of protection and security.

Features include the following:

  • machine learning and heuristics that stay on top of evolving threats;
  • sender reputation analysis and content scanning to identify known spammers and advanced phishing attempts;
  • zero-day malware and ransomware protection through multiengine sandboxing;
  • outbound email analysis to flag the presence of proprietary company information or sensitive customer data;
  • continuity of productivity and continuance of email delivery during server outages to cover both on-site email servers and cloud providers like Office 365 and G Suite;
  • the ability to enforce compliance to a corporation's data loss prevention policies; and
  • SonicWall Capture Threat Network for real-time threat intel, collecting information on evolving threats from millions of sources.

Sophos Email Appliance

Sophos Ltd.'s Email Appliance works like a gateway to a corporation's email by scanning for malware and spam before allowing messages to get through. On the information security front, Sophos' Secure PDF Exchange scans outbound email for potential data breaches and other information leaks before they leave the company. It also detects any outgoing viruses and spam from compromised internal addresses and employs encryption to keep legitimate email messages from being intercepted.

Special permissions in the management console allow admins to access the dashboard from external computers via a web browser. Usage of Sophos requires the installation of scanning software, which comes with default settings that companies can customize to match their needs.

Features include the following:

  • time-of-click analysis that identifies link-based malware the moment the user tries to access it, blocks malicious URLs and secures all URLs;
  • email quarantine activation on devices that receive infected or malicious messages, making it easier for your company to control potential virus outbreaks;
  • 90% spam block success rate through IP reputation filtering, with an antispam engine catching the remaining 10%, according to Sophos;
  • advanced multilingual detection methods that scrape incoming email and filter out threats;
  • automatic scans of email content and attachments to block sensitive data from leaving your company and falling into the wrong hands;
  • customizable reports with flow charts and graph displays; and
  • email encryption.

Editor's note: Using extensive research into the email security market, TechTarget editors focused on the vendors that lead in market share, plus those that offer traditional and advanced functionality. Our research included data from TechTarget surveys, as well as reports from other respected research firms, including Gartner and Forrester Research.

Symantec Messaging Gateway

Symantec Messaging Gateway secures your inbound and outbound email messages to prevent ransomware, malware, spear phishing and sensitive data breaches. Messaging Gateway comes in hardware and software applications that detect, block and quarantine messages deemed suspicious. The service uses Symantec's global database to keep up on evolving threats to spot malicious email when it is delivered to your company.

Users of both hardware and software applications reported Symantec Messaging Gateway works well at filtering out malware, blocking otherwise unwanted email and identifying spear phishing techniques. However, some users say the service is a bit lean on bonus features enjoyed by other email gateway products.

Features include the following:

  • integrated policy-based encryption that safeguards proprietary company data contained in email messages or attachments;
  • compatibility with Microsoft Office to scan and block suspicious URLs or malware contained in PDF attachments, remove malicious content and send a clean, restructured message to the intended recipient;
  • URL reputation monitoring and filtering through Symantec's global database;
  • heuristic capabilities that keep Symantec's reputation database constantly refreshed, offering up-to-date protection from malware and phishing attack schemes; and
  • customizable spam settings that Symantec says stops up to 90% of all spam and otherwise unwanted messages from reaching your company's network.
This was last published in August 2019

Dig Deeper on Threats and vulnerabilities

Networking
CIO
Enterprise Desktop
Cloud Computing
ComputerWeekly.com
Close