Secure Mail: Gateways for email protection

by: Herry Willson

Hardware solutions to protect corporate email are now a fully mature segment with increasingly similar products as their standard functions of anti-spam and antivirus is concerned. However, these gateways still show many differences that will need to know and evaluate to find the best option in each case.

Gateways security email security down at the end of the corporate network and act as the first barrier between the Internet and messaging system of the company. Although there is considerable variation in their characteristics and architectures, most of these devices are installed in front of the Internet to receive messages directly from the outside world.

As a first step, in general, filter incoming mail by the criteria of reputation and, if the messages get through this control, scan for viruses and spam, then apply additional controls and filters, once clean, the mail is passed corporate email system. These same gateways can also be used for outgoing messages, controls applied in this case slightly different, usually, filtering, archiving and antivirus.

In its current state, messaging security gateways are an updated and refined version of traditional e-mail gateways that are deployed in networks to make Internet messaging formats (SMTP and MIME) formats and proprietary addressing schemes (such as MS Mail, cc: Mail or GroupWise).

This new batch of gateways, arising out of the need for functionality anti-spam/antivirus in the network edge, has lost some of the features and characteristics of their older brothers, but, instead, take the form of appliances, which provide a much improved performance by focusing on only a few specific functions.

Although it is possible to scan for viruses and spam at any point in the flow of messages, for example, on the same servers, security gateways are more effective messaging. By separating and filtering spam and virus localization of the basic function of the mail servers, you will get better performance levels, also allowing worry of problems related to interoperability and software integration.

Moreover, the nature of appliance most gateways for easy upgrade or replacement by larger models without impacting production message flows.

However, although the gateways are quite independent of the central mail systems, always require some degree of integration to improve your trading. For example, the device must be linked to corporate directory via LDAP, usually, "to recognize incoming mail, refusing to know which messages and route mail within the corporate network (especially if there are several internal email systems).

Some manufacturers in this segment (Symantec among them) are experimenting with the division of the gateway into two parts: a piece designed specifically for the control and reputation-mail filtering and a second dedicated to addressing the functions of filtering, archiving and scanning.

The idea is that by implementing these two functions separately, achieving higher scalability when dealing large volumes of messages (one million emails to the time it was the starting point).

Although anti-spam and antivirus scanning are the most common benefits of all manufacturers gateways also offer a wide variety of other messaging features. Content filtering, searching phrases or specific words, is a common feature, as is the message file (the ability to copy the incoming or outgoing messages on a dedicated server).

Also as part of the anti-spam functionality, some devices incorporate their own servers for viruses or spam quarantine. They also appear frequently encryption services, from transport-based encryption (TLS encryption as a reinforcement of certain business associates) to the application layer (such as signing and encrypting messages so that only the designated user can read). There are even manufacturers to differentiate in a market increasingly "commoditized", extending its benefits to instant messaging (IM).