Shulou(Shulou.com)06/02 Report--

Email security gateways are used to monitor unwanted or malicious emails in inbound and outbound email communications. The core functions of these products are to block or isolate malware, phishing attacks, and spam, as well as data loss prevention (DLP) and / or encryption for outbound email.

Now there are many email security gateway products and services on the market, which can meet the needs of almost all enterprises. However, it is not easy to choose the most suitable product or service from so many products. In response, companies should develop a set of standards as part of email security gateway evaluation, such as a list of questions that can be answered through research, vendor discussions, product testing, and other methods for each evaluation product.

Some important standards are provided in this article to help enterprises evaluate email security gateways.

What are the basic security functions?

Every email security gateway should help businesses defend against "malicious" emails: messages that contain malware, phishing attacks, and spam.

What other security features does the email Security Gateway provide?

Some gateways provide only the basic security functions mentioned above. However, now more and more gateways begin to provide additional email-related security features, especially DLP and email encryption for outbound email.

For many enterprises, especially larger ones, these additional features are of little use because they already have enterprise-level DLP and email encryption capabilities. However, for enterprises that do not have these capabilities, adding DLP and email encryption capabilities to email security gateways (usually for an additional fee) can cost-effectively and simply add these capabilities to the enterprise.

In the field of email security, the prevention strategy can no longer meet the needs of people for email security, and email content security has been paid more and more attention by people, so that even if the user's email or account information is stolen, it can also keep the user's email information from being disclosed. In order to achieve these, first of all, the email content encryption technology, in addition to the need to attach some secondary authentication means. At present, there are simple encryption technologies, such as the use of PGP in email, but these are basically peer-to-peer use, and need to manage their own keys, and it is difficult to use them on a large scale. In addition, there are some paid services or the purchase of a complete set of service equipment, which are expensive and expensive for individual users and enterprises, but with the development of "email content encryption". Now there are some free public platforms, such as secret mail, where users do not have to manage their own keys and have high security. They exist in the form of "email encryption gateway" and use identity-based encryption methods. Enterprise users can also use it, and there is no need to modify the existing email architecture, which is a good experience for users.

What is the availability and customization of management functions?

Availability is an important factor in email security gateway management; the easier it is to manage the gateway on a daily basis, the more likely it is to be managed correctly, that is, the more efficient the gateway will be. However, the importance of customization can not be ignored. While companies may not want to spend much time customizing their email security gateways, they can improve detection capabilities and strengthen the management process itself by customizing administrator dashboards, gateway reports, and other aspects of gateways.

Different enterprises have different requirements for the availability and customization of gateway management. Some enterprises, especially small and medium-sized enterprises, often look for solutions that require little or no management, and they usually do not care about customization. Other high-risk companies may need to be highly customizable to maximize detection capabilities, even if this has a negative impact on availability.

Are email messages or attachments processed or stored in an external system?

Some email security gateways are cloud-based services, so for these products, it is clear that corporate email will pass through external systems. What is less obvious is that some internally deployed email security gateways (hardware and virtual appliances) may route suspicious messages to servers controlled by gateway vendors for further analysis.

For some enterprises, transferring e-mail to an external server for processing or storage may be an unacceptable risk, especially when internal e-mail is analyzed. This may cause sensitive data to be accessed by email security gateway vendors and unintentionally or intentionally cause data leakage incidents. Similarly, if the vendor's server is attacked, sensitive data will also be affected. As a result, companies with particularly high requirements for protecting the confidentiality of their unencrypted emails may choose internally deployed email security gateways rather than cloud-based services.

In the face of so many email security gateway products and services, it is not easy for enterprises to choose the right products. Defining basic criteria for evaluation is a helpful step when evaluating a product. There is no "one-size-fits-all" solution for all enterprises; each enterprise has its own security requirements, email infrastructure, and IT environment, and faces different threats.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.