Data Loss Protection (DLP)
UserGate Mail Security has the Data Loss Protection (DLP) module preventing confidential information leaks or penetration of other unwanted information from external sources.
Depending on the system settings, DLP module can prevent data losses by blocking or holding messages, or inform the Security Engineer of suspicious message sending. UserGate Mail Security uses three types of filtering: Regular expressions (Regexp), Documents matching (Docmatch) and a Lemmatizer. Each of them uses a different search method to scan body, threads, attachments and other parts of messages, to monitor Email messages for certain key words or phrases and to compare the transferred data with confidential information patterns.
Antivirus and phishing protection
UserGate Mail Security uses three integrated antivirus modules: cloud-based Entensys Zero-Hour, Kaspersky and Panda antiviruses. A cloud-based antivirus enables proactive virus detection. Therefore, Entensys Zero-Hour begins fighting a new virus before it infects millions of computers.
Advantages of Cloud-Based Solution
Entensys Zero-Hour Antivirus does not require installing a large application that would take up most of your server’s resources to run properly. The performance of the cloud-based antivirus module integrated in UserGate Mail Security only depends on your Internet channel’s workload, in other words, the connection speed.
Early Virus Detection
Today, viruses, worms and Trojans are targeted for various vulnerabilities of antivirus solutions. The key constraint is the time required to create virus signatures or perform a heuristics analysis. Entensys partners with Commtouch, the company providing proven Internet security technology to more than 150 security companies and service providers. This technology guarantees the earliest detection of new massive virus attacks.
Commtouch monitors the Web continuously to detect mass virus epidemics immediately as they break out. By using hundreds of servers (honeypots) located all over the world, Commtouch is able to detect both spam and viruses. That's why our solution is not based just on virus signatures, as is common for many other antivirus solutions.
Commtouch enables proactive virus detection, allowing you to begin fighting a new virus before it infects millions of computers.
Cloud antispam filters messages based on their content and heuristics analysis. One of the main advantages of Entensys cloud antispam is a very low rate of false detections – less than one in 1.5 million messages, while its spam detection rate is over 97%.
Entensys Cloud Antispam Module filters messages based on their content assessment and heuristics analysis. Commtouch filtering technology used in the product allows the analysis of spam messages written in any language, as well as graphical messages. Commtouch Spam Detection Center is capable of detecting spam attacks coming from any location in the world.
Low False Response Level
One of the key merits of Entensys Cloud Antispam Module is a low false response level – less than one in 1.5 mln messages. At the same time, the spam detection rate is 97%. Traditional spam protection method based on IP and DNS black lists has a significantly higher occurrence of false response, while users that are not spammers are often added to black lists. This usually happens when a computer within a LAN is successfully attacked by spammers and later used to distribute spam messages.
Entensys Cloud Antispam Module sends to the cloud-based service a UID of a message, which helps define if the message contains spam, and further blocks this specific message or stops spam attack instead of blocking the IP address, domain or e-mail address. This feature of Entesys Antispam makes it useful for companies, where deletion of messages considered to be spam can cause loss of clients or other problems.
Additional methods of spam protection
When processed by UserGate Mail Security, messages go through several filtering stages, including connection filtering, sender filtering, recipient filtering and content filtering. In addition to cloud-based antispam requiring no user-specified settings, UserGate Mail Security supports the following additional filtering methods:
- based on DNS (DNSBL, RHSBL, Backscatter, MX, SPF, SURBL);
- based on a distributed antispam system (cloud antispam);
- based on statistical filtering (Bayesian filtering method designed by Entensys).
In addition, the solution supports SMTP monitoring (ensures the commands comply with RFC), allows to set the maximum message size, the maximum number of addressees, etc.
The Entensys solution features integration with an IMAP server for MS Exchange and Lotus Domino. Integration gives the opportunity to create a public IMAP folder on a remote mail server and process messages in these folders.
UserGate Mail Security allows you to backup incoming messages. The backup process is completed upstream of spam and virus filtering. You can specify the direction of messages to be backed up (incoming only, outgoing only or both) and list exception addresses in the Backup settings.
Monitoring and statistics
UserGate Mail Security provides information on all messages processed by the antispam solution server. UserGate Mail Security message monitoring allows filtering by date, processing status (delivered/blocked) or sender/recipient address, as well as push-sending messages blocked as spam, and creating exception lists.
UserGate Mail Security features antoreply and allows setting mail processing rules. The antispam solution gives the opportunity to change message processing priority, manage services from a web-console, and select a custom date range in the message history.
UserGate Mail Security supports a system of rules for processing message attachments. For example, you can prohibit the opening of executable files to protect the system from Trojans.