Clearswift Secure Email Gateway
Clearswift's SEG not only protects against spam, viruses, and advanced threats including phishing, ransomware, and spyware, but layers on the next-gen Cloud Sandbox from Sophos. This offers machine learning to provide an additional layer of security for content or communications deemed suspicious.
IT teams need to ensure that information being shared across email both inside and out of the organization is not only secure, but appropriate and compliant. Clearswift’s unparalleled level of inspection and granular policy controls apply the optimal security treatment to your emails in real time reducing the risk of data loss. This keeps your communications safe and flowing, without business disruptions.
- Managed or hosted in ISO-certified data centers
- Public cloud deployment on Microsoft, Azure, or Amazon Web Services
- Private cloud virtual environment running VMware/Hyper V
- Own or packaged hardware
Requirements for Deployment
A standard RHEL operating stack is required, which includes Microsoft Azure, Amazon’s AWS, or localized cloud providers. Clearswift will take care of the installation and upgrades across all platforms.
A Closer Look at Secure Email Gateway
What Is a Secure Email Gateway?
A secure email gateway (SEG) is an email security solution that monitors emails coming into and out of an organization before they reach an email inbox. As the name suggests, SEG is used as a gateway for emails to protect an organization’s internal email servers from malicious content such as spam, viruses, phishing, and malware.
How Does a Secure Email Gateway Work?
Working alone or alongside cloud-based email application, the SEG inspects emails for malicious content including spam, viruses, and phishing – a leading email threat. If the SEG determines the email to be safe, based on policies and the latest threat protection, the email is delivered to the intended recipient. If the SEG determines the email contains malicious content, the email can be blocked, quarantined, or sanitized and delivered based on the organization’s policy.
A SEG can provide organizations with anti-virus protection, zero-hour malware detection, sensitive data redaction, and email encryption, all critical features in keeping data safe and companies compliant and protected.
Key Features of the Secure Email Gateway
Clearswift's Secure Email Gateway is mail-system agnostic, scaling from SME to Enterprises, complementing cloud-based solutions such as Office 365 and Google Workspace, or for on-premise systems such Exchange.
Inbound threat protection
Using multiple Antivirus Engines, the Secure Email Gateway provides inbound threat protection using traditional signature, heuristic, and cloud assisted lookups to deliver protection against malware, ransomware, and spyware.
Augment the AV engines with Active Code detection and an Active Code removal option or a cloud-based Sandbox to detonate the file to ensure no Zero-day threats get through.
Malicious URLs in messages and attachments can be checked using several threat feeds, which can cause the message to be blocked, the URL to be sanitized, or the URL be rewritten so that if the link is clicked the URL will be processed by a Browser Isolation solution.
Spam and phishing emails are dealt with by a multi-engine, multi-layered spam filtration system, incorporating Signature Engines with machine learning, DMARC, DKIM, SPF, IP Reputation, Greylisting and URL analysis. This provides a highly accurate and flexible approach where messages can be blocked, held, or delivered with warnings — all based on policy.
Data Loss Prevention
Data Loss Prevention (DLP) is not just an outbound problem. Depending on your business, you might need to control the content of what’s being received by your employees.
It is imperative that a thorough understanding of the message is performed by the deep content inspection capabilities in order to understand the email body, subject lines, and attachments (such as PDFs, Word documents, and images). This way, they can be scanned for critical information like intellectual property, employee’s personal information, or forgotten content like metadata, revision history, or customer data.
Metadata can include document classification tags from Titus and Boldon James solutions which can signify whether the content is unclassified, classified, or even top secret.
The understanding of the content and the context is then applied into configured policies to determine if the message should be rejected, held, delivered, delivered encrypted, or sanitized in some way prior to delivery.
Sanitization can take the form of automatic redaction of text with message bodies and attachments including images (such as screen shots) using OCR technology, or document sanitization which can remove hidden metadata, revision information, and auto-saved data associated with documents and images.
The Secure Email Gateway enables compliance with regulations (GDPR, HIPAA, etc.) – detects, protects, and audits emails, and attachments to validate sensitive data. Then it applies the appropriate security remediation according to the specific regulation standards.
Encryption provides security and regulatory compliance needed to keep data secure. Multiple encryption options provide many ways to secure email content by verifying that messages cannot be read by the wrong recipients, and the message stays intact - not modified by anyone from sender to recipient.
The Secure Email Gateway encryption options allow policies to be based on sender, recipient, subject content, message body, attachment types, attachment content, message header or document metadata. Using encryption guarantees confidentiality, integrity, and availability of organizational data.
Clearswift with Cryoserver addresses archiving and compliance in one platform.
• Provides C-Level Executives with transparency
• Adheres to corporate governance and risk management
• Alleviates IT department storage concerns
• Offers a forensic archive and compliance system
• Retains full audited copies of all emails sent to, from, and within a business
• Preserves data as required by courts and legal practice
Get a personalized demo of the Secure Email Gateway
See these product features in action with a personalized demo.
Deep Content Inspection Engine
Far greater than any other structural level of verification on the market, Clearswift’s Deep Content Inspection Engine scans content in a multi-stage process:
- Identifies the file type by file signature
- Verifies the file structure conformity
- Extracts content that violates rules in zipped or compressed files, document body, headers, footers, or embedded objects
- Strips metadata from documents and image files
- Records what it removed
Providing a further inbound threat protection, Clearswift works with the following anti-virus software engines:
- Sophos Sandbox
Clearswift's Secure Email Gateway supports multiple encryption rules to allow companies to select the most appropriate methods for their different user communities, including:
- S/MIME / PGP
- Password Protected ZIP
- Web Pickup Portal (recipients receive a link to a message) `
- Echoworx – Hosted encryption portal
- Ciphermail – On-premises encryption portal
Secure Email Gateway for Office 365
As organizations move their email to the Cloud, deploying Clearswift alongside applications like Office 365 delivers a more comprehensive layer of protection against cyberthreats and data loss. Clearswift's Secure Email Gateway features deep content inspection that examines email headers, subject lines, body content, attachments, images, and even metadata within documents. As a result, the risk of targeted phishing attacks, embedded malware and leaks of confidential information that evade detection from Microsoft’s basic security controls are mitigated. Giving you more protection and control of internal emails lessening the risk of employees sending information not intended for all employees. Clearswift with Office 365 closes security threat gaps, protecting your organization.