On-Premise Secure Email Gateway

Protect against inbound email cyberattacks and prevent outbound data loss with Fortra's Clearswift Email Security gateway appliance.

Block Prevalent Email Attacks with the Clearswift Secure Email Gateway

The Clearswift on-premise Secure Email Gateway (SEG) protects against spam, viruses, and prevalent threats including phishing, ransomware, and spam by leveraging a Deep Content Inspection Engine. This offers an additional layer of security for content or communications deemed suspicious.  IT teams need to ensure that information being shared across email both inside and out of the organization is not only secure, but appropriate and compliant. Clearswift’s unparalleled level of inspection and granular policy controls apply the optimal security treatment to your emails in real time reducing the risk of data loss. This keeps your communications safe and flowing, without business disruptions.

Key Features of the Clearswift Secure Email Gateway

The Clearswift SEG is mail system-agnostic, scalable from SMEs to enterprises and can complement either a cloud-based solution, such as Microsoft 365 and Google Workspace, or on-premise systems like Microsoft Exchange.

Inbound Threat Protection

Using multiple anti-virus engines, the SEG provides inbound threat protection using traditional signature, heuristic, and cloud assisted lookups to deliver protection against malware, ransomware, and spyware. Augment the AV engines with Active Code detection and an Active Code removal option or a cloud-based Sandbox from Sophos to detonate the file to ensure no zero-day attacks get through. Malicious URLs in messages and attachments can be checked using several threat feeds, which can cause the message to be blocked, the URL to be sanitized, or the URL be rewritten so that if the link is clicked the URL will be processed by a Browser Isolation solution.

Data Loss Prevention

Data Loss Prevention (DLP) is not just an outbound problem. Depending on your business, you might need to control the content of what’s being received by your employees. It is imperative that a thorough understanding of the message is performed by the deep content inspection capabilities in order to understand the email body, subject lines, and attachments (such as PDFs, Word documents, and images). This way, they can be scanned for critical information like intellectual property, employee’s personal information, or forgotten content like metadata, revision history, or customer data. Metadata can include document classification tags from Fortra's Data Classification solutions which can signify whether the content is unclassified, classified, or even top secret. The understanding of the content and the context is then applied into configured policies to determine if the message should be rejected, held, delivered, delivered encrypted, or sanitized in some way prior to delivery. The SEG enables compliance with regulations (GDPR, HIPAA, etc.) – detects, protects, and audits emails, and attachments to validate sensitive data. Then it applies the appropriate security remediation according to the specific regulation standards.

Safe Delivery

Encryption provides security and regulatory compliance needed to keep data secure. Multiple encryption options provide many ways to secure email content by verifying that messages cannot be read by the wrong recipients, and the message stays intact - not modified by anyone from sender to recipient. The SEG encryption options allow policies to be based on sender, recipient, subject content, message body, attachment types, attachment content, message header or document metadata. Using encryption guarantees confidentiality, integrity, and availability of organizational data.

Email Archiving

Clearswift with Cryoserver addresses archiving and compliance in one platform. 

• Provides C-Level Executives with transparency
• Adheres to corporate governance and risk management
• Alleviates IT department storage concerns
• Offers a forensic archive and compliance system
• Retains full audited copies of all emails sent to, from, and within a business
• Preserves data as required by courts and legal practice

Spam Protection

Spam and phishing emails are dealt with by a multi-engine, multi-layered spam filtration system, incorporating Signature Engines with machine learning, DMARC, DKIM, SPF, IP Reputation, Greylisting, and URL analysis. This provides a highly accurate and flexible approach where messages can be blocked, held, or delivered with warnings — all based on policy.

Sanitization and Redaction

Sanitization can take the form of automatic redaction of text with message bodies and attachments including images (such as screen shots) using OCR technology, or document sanitization which can remove hidden metadata, revision information, and autosaved data associated with documents and images. The Clearswift approach is to remove the information you can see. For example, the credit card number in an email and replace it with ‘zeros’ or asterisks. This functionality also removes information which has been hidden; for example, in a hidden column or row in a spreadsheet which contains PCI data. This method ensures data is not breached, saves time and therefore, saves money.