Detecting threats to your email system requires more than just spam blocking. Threat vectors are launched from several angles at once these days. Hackers have developed packages of malware, each performing a specialized task to contribute towards the corruption of your system or the theft of your data.
If you are here for the tools and haven’t got time to read the whole post, here is our list of the ten best email protection solutions:
- SolarWinds MSP Mail Assure (FREE TRIAL) Cloud-based threat protection system for email servers.
- Avanan Account Takeover Protection This module is bundled with all Avanan email protection packages.
- FortiMail An email server protection system from a leading network security provider.
- Symantec Email Security.cloud Threat protection for cloud-based corporate mail servers.
- SolarWinds Spam Experts An email protection system aimed at web hosts and ISPs.
- Trend Micro Hosted Email Security Email security delivered from the clouds in Standard and Advanced editions.
- Sophos Email Security Available as an appliance, a virtual machine or a cloud service, this product provides comprehensive protection for all email traffic.
- AVG Email Server Security Protection system specifically tailored to Microsoft Exchange.
- F-Secure Email and Server Security Protects Microsoft Exchange Server and other general servers.
- Kaspersky Security for Mail Server Spam blocker and anti-malware system to prevent damage to email servers.
Emails are a key source of information and they can also be used by malware to mail out stolen data. Blocking those multifaceted attacks requires multiple defense strategies. The protection of your email system is a complicated task and very few security products on the market can fulfill all requirements adequately.
Fortunately, there are a few excellent email protection systems out there and we have tracked them down. Businesses are not identical and with many different email deployment options these days, even the requirements to protect an email server can’t be delivered by a one-size-fits-all strategy. So, we have compiled a list of ten email protection solutions, each of which caters to a specific business model and email server configuration.
The best email protection solutions
This list of options includes specialist protection for cloud-based mail servers, solutions suitable for MSPs, web hosts, systems that operate as an appliance, managed protection services, cloud-based solutions, and on-premises software. Reading through the detailed descriptions of each of these solutions should help you to work out which protection system is suitable for your business. The next sections explain each email protection solution in detail.
The Mail Assure system is a product of the SolarWinds MSP division and it is marketed for purchase by MSPs so that they can offer email protection as an extra service to their clients. However, the system could just as easily be bought and operated by an in-house IT department. It is a standalone product and doesn’t need the SolarWinds MSP software in order to operate.
Mail Assure offers advanced threat detection for both inbound and outbound email. The inbound email protection includes the services of a threat intelligence database compiled by SolarWinds from the attacks encountered on all of their clients around the world. The email protection system uses a variety of techniques including signature detection and checks against a blacklist.
The inbound email protection detects spam, malware, address spoofing, impersonation, and phishing attempts. Other services included in the package are email archiving on a cloud storage server and a continuity service to provide a stand-in email server should your own go down.
The archiving service stores all emails in an encrypted format and these can be restored on command through the system console.
The email server protection system is able to guard Office 365 cloud mail servers as well as your on-premises servers. This is a cloud-based service that is charged for by subscription. SolarWinds offers a 30-day free trial of Mail Assure.
Avanan offers a series of email protection packages and the Account Takeover Protection system is a module in all of them. The Avanan editions are Advanced Anti-Phishing, Complete Malware, and Enterprise Cloud Security. These three packages are all intended for the protection of cloud-based mail servers, particularly the G-Suite Gmail server and the Office 365 mail server.
Other modules available with Avanan are Anti-Phishing Protection, Malware and Ransomware Protection, and Data Loss Prevention and Compliance.
The Account Takeover Protection module performs an essential email server administration task that is often overlooked. That is, to remove abandoned or compromised accounts. This is the second line of defense if intrusion prevention and phishing protection fail. When an authorized account is compromised it is very difficult to spot malicious activity. Analysis performed by this module identifies typical behavior performed by hackers that manage to hijack a valid email account. It alerts an administrator to the presence of this activity and shuts down the account.
Together with the other modules in Avanan, the Account Takeover Protection system provides a very effective defense against intruders. This is a cloud-based service and each edition is paid for by subscription, priced per user per month. The Advanced anti-Phishing and complete Malware editions are both available on 14-day free trials.
Fortinet is a leading system security provider and FortiMail is its email protection product. FortiMail is a secure email gateway. The system is available as a cloud-based edge service. All of your incoming and outgoing emails get diverted through the Fortinet server. Incoming emails are examined for malware, phishing attempts, impostor emails, and spam, and outbound mail is analyzed for data loss events.
The service helps your organization meet the requirements of HIPAA, PCI DSS, and GDPR for data protection. The FortiMail system is part of what Fortinet calls its “security fabric.” This is a ‘security information and event management’ system (SIEM).
As well as the hosted version, Fortinet offers FortiMail in a number of other formats. One option is to take the solution in the form of an appliance that can be plugged into your network. It is also available as a virtual machine to be run on one of your servers. FortiMail can also be installed on a rented virtual server on AWS or Azure.
Symantec is a well-known brand in the business anti-malware sector. Over recent years, the company has transformed its main security system into AI-based endpoint protection systems. The company produces on-premises email protection software, called Symantec Messaging Gateway. However, it is the hosted SaaS version, Email Security.cloud that has grabbed everyone’s attention.
Symantec’s move into the cloud with its email protection service is typical of the industry. These “edge services” remove a lot of the load of the client company’s network and servers, freeing up resources for other activities. As one of the tasks of this software is to filter out spam, it greatly reduces the amount of email traffic that arrives on the network.
Other functions performed by this email protection solution are blocks on phishing attempts and the display of web pages led to by links in emails so that they are read-only. That measure prevents employees from being tricked into entering sensitive data or network credentials into fake websites. The tool also blocks malware, spyware, and ransomware contained in emails and their attachments. It investigates the senders of emails to root out impersonators and uses a global threat intelligence database to enforce its fraud prevention.
The Email Security.cloud system will protect on-premises email servers or cloud-based servers. This is a multi-channel email protection solution from a brand that has an excellent reputation.
This second email protection system from SolarWinds is aimed at a different market to that catered to by Mail Assure. Spam Experts is of interest to web hosts and internet service providers. The package includes inbound and outbound mail filtering and an archive facility.
The protection system deploys a range of tactics. The first of these occurs within the mail filtering environment. It is an AI-based machine learning process that looks for regular traffic patterns and acceptable content. Anomalies get blocked, but the learning process manages to reduce false positives by adapting the baseline of acceptable traffic to the norms encountered during operations.
The second line of defense relies on centralized sources of information. SolarWinds compiles a threat intelligence database from each attack encountered by all of its clients. Thus, a new attack discovered at one site automatically provides warnings to other sites running Spam Experts. This threat intelligence system extends to blacklists of known sources of malicious emails.
Outbound filtering helps provide data loss prevention and information about the usage of email within each client organization.
This is a cloud-based system and is a multi-tenant system. So the service operator can give each of its customers access to a console to see the protection measures that Spam Experts carried out just for the email system of that business.
The deal includes email archiving. Each email store is encrypted for confidentiality. Stored emails can be restored individually or in bulk in case of a disaster on the main email server.
SolarWinds offers a 30-day free trial of Spam Experts.
The Hosted Email security service from Trend Micro is a cloud-based edge service that deploys a range of techniques to protect corporate email systems. Among the many strategies included in this bundle is an AI-based machine learning monitor that establishes a baseline of normal email behavior and then blocks any anomalies. This methodology recognizes that not all businesses are the same. It reduces the inconvenience of an over-active spam filter blocking out genuine customer emails.
As well as spam blocking, this system filters out emails containing malware. It also uses AI methods to identify impersonators and phishing scams. Outbound emails can be scanned as a data loss prevention strategy and mails containing sensitive data can be encrypted by the tool. Suspicious URLs in emails are blocked by the system through reference to a global threat intelligence database.
There are two versions of this service: Standard and Advanced. The Advanced edition includes a continuity service to cover when your email servers go down. The higher version also includes sender authentication. Trend Micro offers Hosted Email Security on a 30-day free trial.
Sophos Email Security is available as a cloud service, an appliance, or a virtual machine. The service examines both inbound and outbound emails. Inbound traffic monitoring blocks spam emails, phishing attempts, and malware delivery attempts and outbound email checks implement data loss prevention. Optionally, users can have all emails and/or their attachments encrypted by the tool for transmission security.
The scope of the appliance-based solution is limited to protecting your on-premises email server. The cloud-based service can protect your on-premises email servers and also cloud-based servers, such as Office 365.
Sophos Email Security is available on a 30-day free trial.
AVG Email Server Security protects Microsoft Exchange Server and Kerio MailServer. This is on-premises software, accessed by buying a license for 1, 2, or 3 years. This is a much simpler system than the others on this list and it is suitable for small enterprises. Email server Security scans all incoming email and blocks emails that contain suspicious content, viruses, or malicious code.
The tool is also available as part of the AVG Internet Security Business Edition bundle. AVG offers Email Server Security on a 30-day free trial.
F-Secure Email and Server Security protects Microsoft Exchange Server, Microsoft SharePoint Server, and also physical servers running Windows, Linux, or Citrix virtualizations. This is on-premises software.
This software forms a gateway, examining all incoming mail for malware. It uses machine learning to spot anomalous emails rather than simply scanning for patterns. These procedures catch spam, block phishing attempts and spot impersonator attempts.
Another thread of the protection system reaches out to the cloud, where F-Secure threat intelligence provides sender and content blacklists.
A related module in the Email and Server Security package analyzes all websites that users try to access in order to weed out infected and fake sites. As there is already a system-wide web guard, there is no need for additional URL examination within emails.
The tool also examines internal and outgoing emails for suspicious activity. F-Secure also produces additional network-wider and endpoint protection systems that can all be managed from a single console. However, it is also possible to run the Email and Server Security package as a standalone system. F-Secure offers email and Server Security on a free trial.
Kaspersky Security for Mail Server is another on-premises solution. However, the software can also be installed on Microsoft Azure servers. None the less, this is not a cloud-based service. The software acts as a gateway, standing in front of the mail server, receiving all mail first, filtering out the bad mails and passing on the rest to the email server for regular processing.
The Kaspersky Labs threat intelligence database is an input to the on-site processes. The gateway specifically searches for spam emails and emails containing malware either in the body or in attachments.
This software will cover Microsoft Exchange and Linux-based mail server systems. Kaspersky offers Security for Mail Server on a 30-day free trial.
Choosing an email protection solution
Reading through the descriptions of each of these options you will very quickly narrow down your choice to just two or three of the systems that we recommend here. For example, if you prefer on-premises software, or if you want a solution that is delivered as an appliance, your options will rapidly diminish. Many of the systems in this list offer free trials, so once you have narrowed down your candidates to just a couple of solutions, you can put each through its paces.
Whichever system you choose, it is important to recognize the weakness that email systems represent. They are a fast-track into the heart of your organizations, allowing hackers to ride in, corrupt your software, hijack your resources, and steal your data. Email security is an essential part of your system defenses.
Do you already use an email protection solution? Do you use any of the systems in our list of recommendations? Leave a message in the Comments section below and share your experiences with the community.