Raj-Hindustani
SENIOR MEMBER
- Joined
- May 4, 2019
- Messages
- 5,208
- Reaction score
- -39
- Country
- Location
HI All,
I have got very short notice from one of the our customer to give final suggestion on Email security product. Their existing product license is already expired and want to migrate the security on a urgent basis.
I have done the analyst but still confuse with basically two products. (Forcepoint and Cisco)
Criterion No. 1: How advanced are basic security functions?
Example:
1. Sandboxing: Sandboxing is one of these techniques. Sandboxing uses an isolated environment to test a file to see how it behaves when opened, executed or otherwise accessed. Using a sandbox provides a safe way to identify malware by monitoring its behavior.
2. Threat intelligence: Threat intelligence is information about current threats -- such as IP addresses of hosts that have been attacking other hosts -- an organization can use to make better decisions about which activities to allow and which to block.
Criterion No. 2: What additional security features are offered?
The basic security functions that every email security gateway performs are fundamentally the same: antivirus, antimalware, antiphishing and antispam.
Example:
1. DLP
2. email encryption, etc
Criterion No. 3: How usable and customizable are the management features?
Customizability is most often noted in terms of dashboards, security policies and reporting.
Example: Mimecast is best.
I have suggested for Mimecast but due to high cost they are not ready to buy. Please suggest if one have experience on security tools.
Mimecast Email security(For reference)
1 Anti Spam
Spam detection - Mimecast does a great job of filtering spam and giving admins and users control over the sensitivity of the spam filter.
2 URL Protection
Mimecast filters and checks every URL which allows a double check for malicious links. Each link is re-directed through the Mimecast platform and if it is malicious the user is prohibited from accessing it. Occasionally it will ask the user to decide whether the link is clean or not to help train user awareness. I find this very helpful in reducing downtime from false links.
3 Email Attachment Protection
alongside filtering URLs Mimecast also checks all attachments for malicious code and other undesirable content. If it identifies something that doesn't look right it will hold the email and notify the user. If it is an expected email, it can be released to a sandbox to verify the contents. We have found this very useful in preventing phishing attacks through malicious code sent in word documents.
4 Bounced & Rejected mail
Mimecast employs a host of different filters and rules for mail traffic. Should mail meet certain criteria it either bounces or is rejected. This can be for many reasons. Impersonation is a classical and very useful filter which rejects phishing mail from people trying to impersonate individual users. Following implementation, we have seen a vast reduction in mail purporting to be from us sent to us.
5 Easy access to blocked/filtered messages
The Mimecast Outlook add-in makes checking your filtered and/or blocked messages a breeze, and also allows adding new entries to block lists to be done without needing to log in to the website.
6 Held mail
this is a form of junk mail filtering. When an email is identified by Mimecast as potential junk or spam it will hold the email in the queue and send a notification email to the user allowing them to block, allow, or release. If you release the email it will allow you to receive that specific email but hold all future emails from the sender until you select allow. This has helped to dramatically reduce spam and junk email entering our system
7 Disclaimer
Mimecast also applies an automatic disclaimer to all outbound email. There is a lot of functionality which allows for different disclaimers to be used for different domains or departments etc. This flexibility is very useful for us as it enables us to use one system for multiple domains and departments.
8 Policy Management
Easy Management
9 Whitelisting/Blacklisting
Easy Management
10 URL & rewrite
All URLs within emails are scanned and re-written so that when users click on links, they are first checked for security and blocked if the destination is malicious.
11 Data loss prevention
Mimecast does a good job of scanning outgoing email for sensitive content
I have got very short notice from one of the our customer to give final suggestion on Email security product. Their existing product license is already expired and want to migrate the security on a urgent basis.
I have done the analyst but still confuse with basically two products. (Forcepoint and Cisco)
Criterion No. 1: How advanced are basic security functions?
Example:
1. Sandboxing: Sandboxing is one of these techniques. Sandboxing uses an isolated environment to test a file to see how it behaves when opened, executed or otherwise accessed. Using a sandbox provides a safe way to identify malware by monitoring its behavior.
2. Threat intelligence: Threat intelligence is information about current threats -- such as IP addresses of hosts that have been attacking other hosts -- an organization can use to make better decisions about which activities to allow and which to block.
Criterion No. 2: What additional security features are offered?
The basic security functions that every email security gateway performs are fundamentally the same: antivirus, antimalware, antiphishing and antispam.
Example:
1. DLP
2. email encryption, etc
Criterion No. 3: How usable and customizable are the management features?
Customizability is most often noted in terms of dashboards, security policies and reporting.
Example: Mimecast is best.
I have suggested for Mimecast but due to high cost they are not ready to buy. Please suggest if one have experience on security tools.
Mimecast Email security(For reference)
1 Anti Spam
Spam detection - Mimecast does a great job of filtering spam and giving admins and users control over the sensitivity of the spam filter.
2 URL Protection
Mimecast filters and checks every URL which allows a double check for malicious links. Each link is re-directed through the Mimecast platform and if it is malicious the user is prohibited from accessing it. Occasionally it will ask the user to decide whether the link is clean or not to help train user awareness. I find this very helpful in reducing downtime from false links.
3 Email Attachment Protection
alongside filtering URLs Mimecast also checks all attachments for malicious code and other undesirable content. If it identifies something that doesn't look right it will hold the email and notify the user. If it is an expected email, it can be released to a sandbox to verify the contents. We have found this very useful in preventing phishing attacks through malicious code sent in word documents.
4 Bounced & Rejected mail
Mimecast employs a host of different filters and rules for mail traffic. Should mail meet certain criteria it either bounces or is rejected. This can be for many reasons. Impersonation is a classical and very useful filter which rejects phishing mail from people trying to impersonate individual users. Following implementation, we have seen a vast reduction in mail purporting to be from us sent to us.
5 Easy access to blocked/filtered messages
The Mimecast Outlook add-in makes checking your filtered and/or blocked messages a breeze, and also allows adding new entries to block lists to be done without needing to log in to the website.
6 Held mail
this is a form of junk mail filtering. When an email is identified by Mimecast as potential junk or spam it will hold the email in the queue and send a notification email to the user allowing them to block, allow, or release. If you release the email it will allow you to receive that specific email but hold all future emails from the sender until you select allow. This has helped to dramatically reduce spam and junk email entering our system
7 Disclaimer
Mimecast also applies an automatic disclaimer to all outbound email. There is a lot of functionality which allows for different disclaimers to be used for different domains or departments etc. This flexibility is very useful for us as it enables us to use one system for multiple domains and departments.
8 Policy Management
Easy Management
9 Whitelisting/Blacklisting
Easy Management
10 URL & rewrite
All URLs within emails are scanned and re-written so that when users click on links, they are first checked for security and blocked if the destination is malicious.
11 Data loss prevention
Mimecast does a good job of scanning outgoing email for sensitive content
