An email gateway is a type of email server that protects an organizations or users internal email servers. This server acts as a gateway through which every incoming and outgoing email passes through. A Secure Email Gateway (SEG) is a device or software used to monitor emails that are being sent and received. An SEG is designed to prevent unwanted email and deliver good email. Messages that are unwanted include spam, phishing attacks, malware or fraudulent content. Outgoing messages can be analyzed to prevent sensitive data from leaving the organization or to automatically encrypt emails that contain sensitive information. SEG functionality can be deployed as a cloud service, or as an on-premises appliance, depending on requirements.
The Dangers of Open Source and Free Security
While it may seem cost-effective to use secure email gateways that are free or to use publicly available software, there are downsides. This practice will likely result in unwanted or malicious emails making their way to user inboxes.
Free security software and services are often not updated fast enough to stop new threats. Attackers and spammers change their tactics quickly, so email security software that cannot keep up will be ineffective. Also, using software that is easy to obtain often means that attackers who want to get malicious emails to their victims will test their emails to make sure that they are not detected.
Saving money by implementing free email security could be costly if an attack against an organization is successful.
Cloud Vs. On-Premises
Organizations may choose to deploy an SEG on premises—using either an appliance or a virtual appliance—or in the cloud. The choice will depend on whether the company is using a cloud-based email service, such as Microsoft Office 365 or an on-premises email server, such as Exchange. It also depends on whether an organization wants to migrate services to the cloud and its comfort level with services and data existing outside the boundary of its own network.
Organizations that deploy on-premises appliances or software to protect email are responsible for purchasing and maintaining their hardware. They are also responsible for updating the software and for connectivity to the email servers. Companies that deploy a secure email gateway as a cloud service do not have to be responsible for any of those. Instead, the security vendor has to maintain service availability.
Another benefit of utilizing a cloud service to deploy a secure email gateway is scalability. If there are spikes in email traffic or an increase in the number of users, a cloud service can quickly scale to maintain performance.
Email Security Gateway Comparison
Many email security gateways might sound like they have the same or similar capabilities, but that is not necessarily true. Email security solutions have different functionality, so it is important to choose one that matches requirements.
Things to consider when selecting a secure email gateway are:
- Deployment Options—Whether an organization wants to deploy email security as a cloud service or on-premises can be a major factor in choosing the right solution.
- Spam Effectiveness—As one of the main features of a secure email gateway, organizations should review email archiving solution comparisons of vendors using real-world email traffic.
- Malware Effectiveness—Another core ability of an email security solution is the ability to quickly and accurately detect and block malware using active analysis or URLs and attachments.
- Threat Intelligence—Tied to the ability to detect and block malware, threat intelligence can help administrators understand how they are being attacked, what tactics are being used and even which group is targeting them. It can also uncover which users are being attacked the most.
- Outbound Content Control—Analyzing email leaving an organization to prevent sensitive data from leaving or automatically using encryption to enforce security policy.
- Response Capabilities—If an email makes it to a user inbox and is subsequently found to be malicious, the ability to automatically locate and remove those emails will prevent subsequent infection.