Why choose Clearswift?

Table of Contents

The Clearswift Story
What Makes Clearswift Unique?
Clearswift Products
Top 10 Clearswift Features
1) Hygiene & Data Loss Prevention (DLP)
2) Same Policy, Different Actions
3) Content & Context
4) Inbound & Outbound
5) Encryption
6) Adaptive Redaction (AR)
7) Distributed Operations & AD/LDAP Integration
8) Information Track and Trace
9) Hosted Solution / Managed Services and Office 365 Support
10) Clearswift Support
Clearswift Culture
The Clearswift Route to Market
Clearswift Recognition and Awards


Clearswift can trace its history back to 1982 and a company called Net-Tel. Net-Tel launched the first email application for MS DOS before moving onto providing email solutions for both Windows and UNIX in 1990. The company then changed its direction to address the growing issue of malware in email, with an email content filtering solution. MIMEsweeper was the first solution of its type, coming to market in 1995 before being spun out into its own company. Content Technology was acquired by Baltimore Technologies in 2000, before changing hands once again to become Clearswift in 2002.

In 2006, the replacement to MIMEsweeper was released, the Clearswift SECURE Email Gateway. By this time, the company had diversified into providing filtering for the web as well as for email. While the business was primarily focused on industry sectors of finance, government and defense, a niche market had been developed for ultra-secure solutions. This division, DeepSecure, was subject to a management buyout in 2009 allowing Clearswift to concentrate on its commercial products moving forwards.

Lyceum Capital acquired Clearswift in 2011 and invested in new management and product development resources. 2013 saw the release of both new products as well as new functionality, Adaptive Redaction, in the Gateway solutions. Lyceum backed two acquisitions, to enable Clearswift to move from being an email / web hygiene vendor into a higher value-add Data Loss Prevention (DLP) solution provider. The investment resulted in an integrated endpoint (Windows) DLP solution and Information Governance solution.

At the end of 2016, it was announced that Clearswift had once again changed hands, with the deal being finalized in early 2017. RUAG, a Swiss defense company with a turnover of more than 2BN CHF and 8,500 employees, had acquired Clearswift with a view to building a new cyber-security division turning over 100M+ CHF by 2020. RUAG’s Cyber Security expertise was in consulting, from security architecture to hands-on cyber-attack simulation and training. Furthermore, it had a network based cyber security product, which was complementary to the Clearswift products. Moving forwards, the new division will be able to offer world class products alongside world class consulting to enable customers to have a complete solution including both cyber security products and services.

While Clearswift has changed hands several times over the past 20+ years, its core focus of providing email and web security for its customers remains. Investment in engineering has and continues to ensure that the solutions it creates remain both innovative and competitive in the market.


Clearswift has been an innovator and leader in cyber security throughout its history. The company’s success revolved around the creation of the Deep Content Inspection (DCI) engine, which was originally seen in MIMEsweeper more than 15 years ago. While the engine has changed, the principles remain the same; to take a document and decompose it until there is nothing left to decompose. The default number of levels is 50 (at which point there is the possibility to continue the decomposition, but the chances are that there is something ‘dangerous’ being hidden), this means that an email with a ZIP file attachment, containing a Word document with an embedded spreadsheet containing a PDF can be fully decomposed – and there are still another 45 levels to go.

This DCI technology is embedded at the core of all our products, which gives rise to our key features including: Same policy but with different actions and Adaptive Redaction – where we can remove the individual pieces of information which break policy, but reassemble the rest of the content, to continue its communication.


Within each group there are a number of different products, including:

SECURE Email Gateway

Flagship email security gateway product.

ARgon for Email

Augments non-Clearswift email security gateways without the need to rip and replace.

SECURE Exchange Gateway

Internal email security and Data Loss Prevention.

SECURE Web Gateway

Flagship web security gateway product.


Enables 3rd party web proxy engines to benefit from Clearswift advanced technology through an ICAP interface without the need to replace the existing proxy.

SECURE File Gateway

Shared file inspection and protection; security and DLP.

Critical Information Protection (CIP) for Data-In-Use

Data Loss Prevention for the endpoint, with full device and removable media control.

Critical Information Protection (CIP) for Data-At-Rest

Full scanning of local, network and cloud drives with policy based remediation actions based on the discovered content.

Information Governance Server

Cornerstone to an Information Governance and compliance strategy – tracking information (as well as files) across the organizational boundary.

The Clearswift products all come together to form the Aneesya Platform. An integrated platform for content security which can be deployed one element at a time or as an integrated suite.


1) Words and Phrases

Clearswift offers integrated solutions with both hygiene and Data Loss Prevention. Within hygiene there is the usual set of functionality including anti-virus (AV), antispam and URL filtering.

Customers can have dual AV as an option, which we have seen to increase detection by 5-15%.

In conjunction with our anti-spam functionality, there is a host of additional features to make email even more secure by integrating other functionality including DKIM signing, and reputation services. There are extensive anti-phishing and anti-spoofing technologies utilized to protect the customers’ users from the threats they face today.

Rather than relying on the IT department to deal with emails such as newsletters which the system has flagged, Clearswift offers a Personal Message Manager, whereby users can safely inspect email which has been flagged before releasing it to their actual email. Giving this functionality for the users to self-manage decreases the operational overhead and therefore costs for the organization

Clearswift integrates its Data Loss Prevention (DLP) technology into the Gateways, to reduce the number of products which need to be administered and provide a tight integration between both hygiene and DLP which is required by businesses today. The DLP functionality ranges from encryption through to traditional DLP (stop and block) through to Adaptive DLP with Adaptive Redaction. Enterprise strength traditional DLP is available for free to all Gateway customers.

2) Same Policy, Different Actions

Clearswift builds its products on the same core technology. This is at the heart of the Clearswift products and ensures consistency across the different communication channels. Delivering this consistency in policy avoids any gaps that could be used to exfiltrate sensitive information. For example an email may be blocked by the corporate email gateway because of the information it contains, but the information could still be exfiltrated through the web gateway. Clearswift products ‘peer’ together, so you can conjoin multiple email Gateways together to provide scalability and availability.

Furthermore, you can add in other Gateways, for example a Web Gateway, or multiple Web Gateways. Across all instances (servers or virtual machines), the policy is the same – however the action taken can differ. 

3) Content & Context

For effective DLP, it is not just content which is important, but also context. Who is sending the email, or uploading the file? Who is receiving the email or where is it being uploaded to? What is the communication channel being used? Email, web (Internet) or perhaps it is being copied to a USB stick.

The policy can be set based on this context as well as the content, with as much granularity as required. So, it might be something for the whole company, or a group or just one person. For example, the CEO may be offered more flexibility in what they are allowed to do than someone in engineering.

4) Inbound & Outbound

When people discuss DLP, they immediately think of the information travelling outside the organization, ‘outbound’, however there are also risks with ‘inbound’ information and Clearswift can apply the same levels of inspection and policy for this type of traffic as well.

New regulations, such as the EU General Data Protection Regulation (GDPR) require inbound information to be monitored (shared responsibility) and if it is sent in error to the business there is a need to stop / block it from their network. E.g. someone sends their credit card in, and the network isn’t PCI DSS compliant, this can create issues for the audit / compliance department to remove the information and prove that it has been removed.

It should be noted that this isn’t just applicable for GDPR, but can be used to reduce risk in other compliance scenarios as well.

Understanding information flows into and out of the business is good business practice – and can help spot issues early, especially in business processes. Clearswift products can be used to monitor the inbound and outbound information traffic before proactive actions to mitigate are applied.

5) Encryption

Encryption is a key part of any security architecture and when it comes to email, Clearswift offers multiple options. From Transport Layer Security (TLS), through to PGP / S/MIME certificate based encryption and ad-hoc ZIP encryption.

The most important piece of encryption is to make it as transparent as possible for both the sender and the recipient. From the sender’s perspective they need to do nothing as the Gateway will decide whether encryption is required (based on the content and context) and then what type of encryption is needed. If a password is required (for example using the ad-hoc ZIP based encryption), then the sender is informed of the password so they can communicate the password securely.

For those customers who need portal based encryption, either in the cloud or on-premise, we have partnerships which integrate with our Email Gateways to enable this functionality.

6) Adaptive Redaction (AR)

Clearswift developed Adaptive Redaction (AR) as a means to overcome the primary challenges which traditional DLP users face, namely the false positive. In essence, AR modifies content in ‘real time’ to remove only those pieces of information which break policy – while leaving the rest alone.

AR overcomes the false positive (where content and communication is blocked) by ensuring that the communication goes through and critical information is protected. Getting something, even if pieces have been redacted, is often better than nothing, allowing the organization to continue without the delay that is caused by traditional DLP quarantining all the communication and then waiting for someone to audit, amend and release it.

AR consists of three pieces:

I) Removing visible information (Data Redaction)… taking those bits from the document / email you can see.

II) Removing the invisible (Document Sanitization)… removing the pieces from behind the scenes, document properties (useful for phishing / hacking), revision history (embarrassing), fast save (stuff you didn’t know was there).

III) Removing active content (Structural Sanitization)… removing the active content from a document. Today, ransomware is most frequently delivered through active content embedded in an innocuous looking document. Remove the active content, remove the risk.

AR is not just for email, it can carry out this functionality on web traffic as well, both HTTP and HTTP/S. For example, removing active content from downloaded documents, or removing document properties from uploaded documents to reduce the risk from phishing.

AR is an option for Clearswift Gateways, all customers have ‘traditional’ DLP, fully integrated, for free by default.

7) Distributed Operations & AD/LDAP Integration

Clearswift’s comprehensive integration with Microsoft Active Directory (AD) or an LDAP service minimizes the operational cost of the solution to business. The operational cost is a concern to business of all sizes, from the small, who don’t have sufficient IT personnel to effectively run security solutions, to the large, where the number of potential (false positive) policy violations will impact the agility of the business. Integration with AD/LDAP provides an alternative to just notifying a specific individual or group, which is to notify the manager of the person whose actions created the policy violation.

This has the advantage of the manager understanding the context of what the employee was doing and so being able to respond much quicker. In the event that this was a ‘false positive’, i.e. the communication should go out, it is just a matter of the manager clicking a link in the email they received to release the original from quarantine.

This applies to communication which has been fully blocked as well as that which has been redacted or other AR functions applied. Full integration with AD/LDAP, means the organizational relationships are always up to date to address the that organizations and their structures are dynamic and ever-changing.

8) Information Track and Trace

Today it is all too easy to cut and paste information from one document to another, and in doing so potentially evade security solutions designed to look for classified documents. Clearswift has addressed this issue with functionality in its Information Governance Server (IGS) solution.

IGS analyses registered documents for their content, not just the file. Each snippet of information (both text and image) creates its own unique fingerprint which is then monitored for by the Gateways. Should the information be spotted, even if it has changed format, e.g. from a MS Word document to a PDF, or a spreadsheet to a presentation, the Gateways can detect and block the communication – and inform the original document owner.

Furthermore an information provenance report can be run to see just how the information has been communicated and who has seen it.

9) Hosted Solution / Managed Services and Office 365 Support

While many Clearswift customers deploy our products ‘on premise’ either as an appliance, a software install or a virtual machine, many are now moving various IT services to the cloud and that includes their security solutions.

Clearswift offers a hosted version of their products and supports both Azure and Amazon (AWS) clouds. It can be deployed on other cloud providers who use a standard RHEL (RedHat) software stack, and we can recommend a local hosting provider if required.

Clearswift offers managed services for their Gateway products, where the solution is fully managed on the hosting infrastructure and additional services include full monitoring and upgrades. The customer and their users remain in control of the day-to-day management of DLP policies, for example releasing newsletters which have been quarantined.

Clearswift supports Microsoft Office 365 (O365). For most customers, the security and management included with O365 is not sufficient for business. Clearswift can be deployed alongside the O365 install, in the cloud to offer enterprise strength information security and reporting as well as advanced features such as AR.

For those customers who are migrating from an on-premise solution to a cloud based one, Clearswift can help with the migration and the same policy which is used by the Gateways can be replicated to become the one used in the cloud.

10)Clearswift Support

Clearswift prides itself on creating products, which are easy to use, however the Clearswift team is always on hand should the need for technical support arise. Clearswift offers a 24x7 Support Service as standard to all its customers. Being a global organization, support in the local language is provided where there are Clearswift offices as well as most European languages.

Additional support packages are available which offer additional services, including having a named support person, proactive system monitoring and regular reviews of policies and configuration to ensure the solutions are optimized to the changing business environment.

Clearswift also offers a number of professional services to help with installation, configuration, policy design, including DLP and compliance, and training.



As a small company we pride ourselves on living our values rather than just being a set of words. Each quarter, employees are selected for recognition based on them demonstrating our values by going above and beyond their usual role.


One for all, all for one.

Take the time to get to know your colleagues in the Clearswift team and work collaboratively with them for everyone’s success. Share your wins and your failures with the team; learn from each other. Align your goals with company goals and support each other always


Be brave, be bold.

Continuously look for ways to improve and challenge the ordinary. Don’t be afraid to experiment and try new things to open new doors for yourself and for Clearswift. Strive to be the creative game changer


Love what you do, do what you love.

Be open and honest when interacting with your colleagues. Drive your own path; have fun and enjoy working at Clearswift. Take ownership of everything you do and do it with passion.


Deliver care and dedication – always.

Listen to your customer (whether internal or external) and respond to their needs. Be passionate and driven about your customers’ success – their success is our success. Build great relationships with your customers. Share your experiences and learnings with the Clearswift team.


Clearswift’s route to market depends on where in the world the customer is. The goal is that most sales will go through a partner (the channel), although in exceptional circumstances, Clearswift will fulfil directly. For those countries which have a Clearswift office (UK, Germany, Japan, Australia and the UK), there is a direct relationship with the partner, in other parts of the world Clearswift has distributors who in turn deal with partners.

Where possible, all customers with 1000 users or more will have contact from a Clearswift sales person as well as the partner.


Over the past five years Clearswift’s new products and technology have received numerous awards and analyst recognition.

Analyst Recognition

• Inclusion in the Gartner Enterprise DLP Magic Quadrant (niche player) (2017)

• Inclusion on the Bloor Content Security Market Map (2016)

• Inclusion on the Forrester Wave for DLP (strong performer) (2016)

• Inclusion on the Radicati Market Quadrant for Corporate Web Security (Trail Blazer) (2017)

• Inclusion in Frost and Sullivan and NATO reports on cyber security providers (2017)



Finance Monthly CEO Awards - Outstanding Strategy, Direction and Leadership

Softshell Vendor Report Gold Softshell Vendor Award - Professional and Reliable Information Security Software

CIO Bulletin – Top 10 Cyber Security Companies

Info Security Products Guide Global Execellence Gold Award – Data-centric Security, ‘Discover, Secure & Govern’ Silver Award – Support Department of the Year Bronze Award – Best Security Software


Softshell Vendor Report Silver Softshell Vendor Award 2017 – Professional and Reliable Information Security software

Silicon Review Magazine 10 Fastest Growing Cyber Security Companies 2017

APAC CIO Outlook Info Security Products Guide

Info Security Products Guide Gold – Clearswift Adaptive Data Loss Prevention Silver – Clearswift Secure Email Gateway for Office 365 Silver – Clearswift Advanced Threat Protection


Clearswift has more than 20 years’ experience in cyber security solutions. It continues to innovate to provide products which support today’s agile and collaborative work processes, ensuring information is secure from malicious threats as well as inadvertent mistakes.

A comprehensive suite of products backed up with world class engineering and support delivers peace of mind to our customers. Our solutions can be deployed in the manner which best suits and organization; one product at a time or as an integrated set, with deployment on-premise or in the cloud. Clearswift solutions can also be used to augment existing security environments, bringing advanced features without the need to rip and replace existing products.

Tags: Whitepapers, Data Loss Prevention