MESSAGING
SECURITY GATEWAY
Solution overview
April 2017
CONTENTS
Executive Summary..........................................................3
Email encryption and protection.................................................. 8
The case for email protection and privacy............................. 3
Deployment ......................................................................................... 8
Privacy in email communication............................................. 3
Virus protection...................................................................... 9
LinkedIn Phishing Sample.......................................................4
Spam protection..................................................................... 9
Messaging Security Gateway in a nutshell ............................... 5
Automatic reporting............................................................... 9
Key features............................................................................ 5
Best protection technology...........................................................10
Benefits................................................................................... 5
World-class technologies from a proven
Complete protection with a single solution ............................. 5
cyber security company..................................................................11
Features included in the solution.................................................. 6
Manage the complete protection for email
communication in the web portal ............................................... 6
Messaging Security Gateway — End-to-end confidentiality
wherever you need it ........................................................................ 7
Disclaimer
This document gives a high-level overview of the key security components in Messaging Security Gateway.
F-Secure is constantly improving its services. F-Secure reserves the right to modify features or functionality of the Software
in accordance to its product life cycle practices.
2
F-Secure / Messaging Security Gateway
EXECUTIVE SUMMARY
Attacks targeting personal data are getting more and more
common. With the upcoming Network and Information
Security (NIS) and General Data Protection Regulation (GDPR),
organizations face additional pressure to protect the privacy of
their customers. Additionally, consumers themselves are more
and more conscious of their right to their own private data and
are prone to leave companies who violate that right.
The F-Secure Messaging Security Gateway delivers the industry’s
most complete and effective security for email. It puts an end to
threats coming from Internet but also can protect companies
from sending information to third parties which contains internal
or confidential information.
Messaging Security Gateway is suited for companies with
the resources and need for enterprise level email protection
including data loss prevention, email encryption and best-ofbreed malware scanning and spam filtering.
The case for email protection and privacy
Email is still the most common means of communications within
and between companies. Its everyday use makes it an essential
part of any company’s basic functions.
Phishing messages are often designed to steal sensitive and
confidential data. Unlike traditional spam, they attempt to hijack
company data by imitating legitimate email messages to appear
3
trustworthy. Today, phishing messages are sent with low volumes
and are often not detected by traditional spam scanning.
Phishing messages may often only contain a URL for further
information, meaning that they can easily slip through spam
filters and reach the end-user’s inbox.
It is important to understand the new forms of malicious emails,
because ordinary spam definition updates are too slow and
usually do not protect you from new types of exploits. This makes
real-time URL reputation checking a necessity.
Privacy in email communication
Another critical issue is the privacy of confidential information.
You must ask yourself (and all your employees) three critical
questions:
1. Have you ever sent an email to the wrong address?
2. Do you know that sending a message without email
encryption is similar to dropping a postcard?
3. Do you know what information must be encrypted?
It is very easy to avoid human errors and mistakes with the right
tool that automatically encrypts mails containing any information
that can be considered private or confidential.
F-Secure / Messaging Security Gateway
LinkedIn Phishing Sample
In our example, we challenge you to test your phishing detection skills by looking for clues in the email below.
Take one last look and then scroll down to see the answers.
Answers
In this sample, we are highlighting just five of the more obvious omissions. You may have found more.
1. The email subject has a call-to-action, normal account
lock out email will have a more benign subject such as
“Account Notification”.
3. There are formatting mistakes in the email.
2. The email is being delivered from a domain called “eulinkedin.com”, which is not owned by the genuine LinkedIn.
5. There is an inconsistency in the intended recipient.
4. There is poor grammar and mistakes in the text of the email.
How did you do? or more importantly, how well would your organisations average user do?
4
F-Secure / Messaging Security Gateway
MESSAGING SECURITY GATEWAY IN A NUTSHELL
Key features
Benefits
• Virus protection and
• Complete defense against email threats with 99%+
anti-spam accuracy and 100% anti-virus protection.
• spam detection help protect your company’s
computers and data against external threats.
• Email encryption allows you to make sure that private
information stays private.
• Reduces the load on mail servers and the company
network, minimizing the need for hardware
investments.
• Email encryption prevents accidental leaks of
confidential data
• Total control and flexibility for
email security.
COMPLETE PROTECTION WITH A
SINGLE SOLUTION
Malware
protection
Signature-based
Zero-hour threat detection
Parallel message analysis
Dynamic updates
5
EMAIL ENCR
YPT
IO
N
RE PROTECT
LWA
ION
A
M
Company
DATA
ECTION
DET
AM
SP
Email
encryption
Policy-based encryption
Trusted partners
TLS encryption
Data Loss Prevention
Spam
detection
Categorization
URL protection
Self learning
Global reputation check
F-Secure / Messaging Security Gateway
FEATURES INCLUDED IN THE SOLUTION
Global features
Host Firewall
Quarantine Management
Alert Monitoring
Policy Route Management
Branding Templates
User / Group Management
Email Firewall
End User Management
Data Loss Prevention
SMTP Rate Control
LDAP Integration
Digital Asset
Recipient Verification
Smart Send
Regulatory Compliance
Sender Policy Framework
End User Digests
Smart Identifiers
Bounce Management
End User Portal
Dictionaries
Domain Keys Identified Mail
Reporting
Business Partners
MANAGE THE COMPLETE PROTECTION FOR
EMAIL COMMUNICATION IN THE WEB PORTAL
The protection functions of Messaging Security Gateway are easy
to manage through a web-based administration portal. Powerful
end-user controls allow the administrator to easily manage the
entire email environment.
Administrators can setup Sub-organizations (“Sub-Orgs”) with
the Delegated Administration feature. Sub-Orgs are logical
groups of users based on business units, geographical regions,
roles, functions, organizational hierarchy, or a combination of
these criteria.
Additionally, the administrator can delegate administration of
select controls and settings under each Sub-Org. Delegated
Administrators can only view and manage the Sub-Org to which
he or she has been given access by the root administrator.
Sub-Orgs belong to the Organization, and will inherit filtering
attributes from the Organization unless overridden by unique
attributes for the Sub-Org. Spam policies, safe and block lists,
digest attributes, and email encryption attributes can be changed
at the Sub-Org level to gain the right level of mail filtering.
The email encryption included in Messaging Security Gateway
works without downloading or installing additional client
software. The solution stores only the encryption keys and not
the actual encrypted message. It offers advanced detection of
private and confidential information in both structured and
unstructured data. The encryption works with any email client.
Thanks to the new Sub-Orgs structure, user administration
can be based on geographical regions, administrator roles, or
administrator functions. Administrators can create a hierarchy of
users that best represents the organizational structure by adding
or deleting Groups that belong to a Sub-Org.
6
F-Secure / Messaging Security Gateway
MESSAGING SECURITY GATEWAY - END-TO-END
CONFIDENTIALITY WHEREVER YOU NEED IT
Messaging Security Gateway is an all-in-one solution for your antispam, anti-malware and encryption needs. It helps you detect and
stop attacks even before they enter your network. It is an easy-touse tool – just install it and forget all about it. It offers you automatic
control of confidential information.
Reject
No more
processing
The solution is easy to implement and rebrand for your company
needs. It comes with enterprise-class availability and scalability and
is simple to administer with no loss of control.
Email Firewall Module
Deliver now
No more
processing
Messaging Security Gateway
F-Secure Virus Protection
Module
Spam Detection Module
Digital Assets
Regulatory Compliance Module
Judgement
URL Defense
Judgement
Judgement
Quarantine
7
Reject
Deliver
Discard
Retry
Re-route
F-Secure / Messaging Security Gateway
EMAIL ENCRYPTION AND PROTECTION
• Unbeatable email encryption and data loss prevention
• Simplified encryption key management
• Native, integrated, and strong encryption technology (AES
256-bit message encryption: and ECDSA 256-bit digital
signature)
• Automatically applies encryption based on your
organization’s policies
• Covers privacy and data security regulations including
HIPAA, GLBA, PCI, SEC rules, and many more.
• One-step encrypted email delivery for mobile, laptop, and
desktop users
SMTP SERVER
(e.g. Exchange)
AES-256/DSA
HOSTED KEY
SERVICE
F-SECURE
MESSAGING SECURITY
GATEWAY
SENDER
RECIPIENT
DEPLOYMENT
The F-Secure Messaging Security Gateway is designed as a gateway product to protect the email environment inside your
network. The solution supports hardware, virtual or hybrid deployment. The solution is easy and quick to implement in your
current network environment.
INTERNAL NETWORK
EMAIL
SERVER
F-SECURE
MESSAGING SECURITY
GATEWAY
LOCAL HOSTS
8
F-Secure / Messaging Security Gateway
Virus protection
Spam protection
• Zero-hour threat detection
• Ultimate protection against the latest emails threats.
Real-time reputation check for spam and URLs guarantees
highly accurate spam detection
• Multi-layered threat protection
• Bidirectional filtering
• Advanced machine learning technology for unrivalled
anti-spam effectiveness
• Best-in-class inbound and outbound email security
Automatic reporting
With the automatic reporting tool, you get an overview of the attempted and blocked attacks and can verify what
emails are being filtered. You can also get an overview of the overall status of email traffic in the company.
You can select what type of information you need to get.
• More than 60 ready-made reporting templates and
scheduled reports
• Multiple ways to publish reports
9
• Customized reporting for each customer
• Branded reports according to your company’s
visual guidelines
F-Secure / Messaging Security Gateway
BEST PROTECTION TECHNOLOGY
To be able to response to the current more advanced threat
landscape, you need to use also more advanced technology.
F-Secure is constantly developing and improving the tools and
techniques to be at least one step ahead of the attackers.
10
By using advanced machine learning in combination with an
intelligent firewall, we are protecting against spam, latest email
threats including zero-hour threats.
Advanced machine learning
technology for unrivalled
antispam effectiveness
Unbeatable E-mail Encryption
and Data Loss Prevention
Ultimate protection against
latest emails threats.
Real-time reputation check for
the Spam and URL’s
Zero-Hour Threat
Detection
Email Firewall blocks senders
with bad reputation
Award winning Antivirus
engine with multilayer
protection
F-Secure / Messaging Security Gateway
WORLD-CLASS TECHNOLOGIES FROM A
PROVEN CYBER SECURITY COMPANY
F-Secure is a European cyber security company with decades
of experience in defending enterprises against everything from
opportunistic ransomware infections to advanced cyber-attacks.
Our comprehensive set of services and award-winning products
use F-Secure’s patented security innovations and sophisticated
threat intelligence to protect tens of thousands of companies and
millions of people.
F-Secure’s security experts have participated in more European
cybercrime scene investigations than any other company in the
market, and our products are sold all over the world by thousands
of resellers and hundreds of operators.
There’s no going around it – business security is something that
needs to be at its best at all times, day to day, month to month,
and year to year. And we can proudly proclaim that F-Secure is the
only company that has been able to take home the Best Protection
award from AV-Test Institute five times. No other company even
comes close to this accomplishment during the six-year history of
the awards.
Ransomware: How to prevent, predict, detect & respond
https://www.f-secure.com/documents/996508/1030745/Ransomware_how_to_ppdr.pdf
11
F-Secure / Messaging Security Gateway
F-SECURE
MESSAGING SECURITY GATEWAY
IN THE INTERNET
www.f-secure.com/msg
www.f-secure.com
www.twitter.com/fsecure
www.facebook.com/f-secure