Description of Maldun Email Security Solution
Maldun Email Security Gateway (ESG) is a multi-featured mail gateway deployed in front of the mail server(s) to provide inbound email security, and after the mail servers before Internet for the outbound email security as well as other functions. Maldun ESG is powered by the next generation email security infrastructure and has the capability to filter out all sorts of email threats like spam, virus, phishing/scam, marketing/graymail. and other unwanted email messages. With the additional Maldun Advanced Threat Protection (ATP) integration, Maldun ESG is able to detect and block unknown and advanced threats.
Tier One: Connection Control and authentication
Block email threats at the connection phase to prevent threats and increase efficiency:
• Denial of Service (DoS) Protection
• SMTP Rate Limit
• Sender IP Reputation Analysis
• SMTP Transaction Check
• Sender authentication (SPF, DKIM, DMARC)
• Mail server authentication (TLS)
Tier Two: Adaptive Sender Reputation Filtering
More than an IP blacklist:
• Sender Reputation System based on multiple factors: Sender domain, Connecting IP, From address, To address, Sender/Recipient relations
• Intelligent and adaptive, it learns user behaviors and adjusts automatically
• Optimized algorithm guarantees flexibility, accuracy, and efficiency
Tier Three: Anti-Virus Filtering
A combination of ClamAV and/or other anti-virus engines and Maldun attachment pre-detector:
• Anti-Virus engine offers an extensive real time scanning and virus definition updates. Catch a variety of known virus and phishing patterns, spyware, Trojans, worms and malware threats.
• Maldun attachment pre-detector analyze abnormal attachment traffic and attachment file type to predict and block potential attachment threats
Tier Four: Anti-Spam Protection
Anti-spam methods eliminate more than 99% of spam with a range of deep anti-spam technologies including:
• Maldun heuristic Spam content rules
• Maldun Spam machine learning signatures
• Global Spam fingerprints database
• Sender Domain/IP blacklists
• URL blacklists
• Other Spam signatures
Tier Five: Graymail Detection
Flexible Graymail (Marketing/Advertisement) analysis with independent On/Off/Mark switch:
• Newsletter
• Campaigns
• Social network
• Advertisements
Tier Six: Advanced Threat Protection
To protect against the unknown, new advanced malware, Maldun ESG submits email attachment files and URLs to the Advanced Threat Protection appliance. Maldun APT will scan and block as follow:
• File/URL(domain, IP) reputation query
Global File/URL black/whitelist database for quick comparison and detection.
• Dynamic Sandbox Scanning
Suspicious email attachments will be sent as encrypted packages to the powerful APT appliance to run dynamic sandbox scanning.
• Optional Threat Analysis Cloud Analysis
Maldun ESG supports API submission of Email attachments and URLs to the Maldun Threat Analysis Cloud.
• Threat Scores and Malware family
Threat Level Analysis that commands Maldun ESG to either block or release certain mails.
• Professional Analysis Report
Analysis report includes malicious file meta data, static analysis, behavior analysis, network activities and registry summary, etc
Tier Seven: Anomaly Detection
Maldun Anomaly Detection module detects anomalies and abnormal behaviors of Email Sender and Email Recipients. With pre-defined anomaly rules, the admin will always be warned about the email aromalies that require attention.
Together with the Sender Reputation and customized VIP mailbox rules, Maldun Anomaly Detection effectively detects BEC and other email frauds.
Tier Eight: Content Filters
The Content Filters allows organizations to compile customized content signatures to detect text patterns or image patterns in the email body and/or attachments, and set up email processing strategies against the content violations.
The Content Filters module can effectively work as sensitive content detection, content violation detection, and data leak protection for companies and organization to comply with regulations and policies.
Hide