Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1791
Views
0
Helpful
5
Replies

Email Security requirement

Go to solution
adamgibs7
Level 6
Level 6

‎09-22-2018 08:40 AM

Dears,

I have a general query, why I need a email security in the Enterprise network , when I have a UTM firewall which does url filtering, application filtering, ssl inspection, Intrusion prevention, Antivirus, AMP,

when an email is passing through the firewall it will be scanned by all these then why we need a email security ??

 

thanks

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Ken Stieers
VIP
VIP
In response to adamgibs7

‎09-23-2018 02:11 PM

He's talking about when you access your email from somewhere else, ie, via a browser, or mail client but NOT behind your UTM filewall, at which point the web filter/AMP won't be applied to the nasty link that your user just clicked on or the traffic that click generated.


You mention your UTM has AMP, so I assume you're using a Cisco product...

Neither ASA nor FTD filter email content. The ASA SMTP stuff will make sure that the SMTP conversation follows SMTP protocols, but it doesn't look at the content of the email.


You really do need a solution for email security....

ESA on prem, Cloud ESA, Mimesweeper (cloud), Proofpoint (cloud) are all good solutions and will keep your email clean...

I'm an ESA guy, but I hear good things about the others, though I hear Proofpoint is EXPENSIVE

I also hear ok things about Forcepoint...

View solution in original post

0 Helpful

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni
In response to adamgibs7

‎09-24-2018 12:17 AM

Hi,


An Intrusion Prevention System (IPS) is a network security/threat prevention technology that examines network traffic flows to detect and prevent vulnerability exploits. Vulnerability exploits usually come in the form of malicious inputs to a target application or service that attackers use to interrupt and gain control of an application or machine. Following a successful exploit, the attacker can disable the target application (resulting in a denial-of-service state), or can potentially access to all the rights and permissions available to the compromised application.

 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni

‎09-22-2018 09:56 AM

Hi,

Yes, You need a email security too. Your UTM is the best solution for the network not for the Email. It will not protect you from spam, phishing etc and it will protect you only if you in the protected network. What happens when will you access from home or somewhere else?

UTM will not block any Realtime blocklist, Authentication failures, Phishing, SPAMS, bulk mail, Advanced threat etc. Your inbox must be protected from these type of threats. But UTM can block only your network, not to your inbox.

 

More information:

https://www.cisco.com/c/en/us/products/security/email-security/index.html

 

Regards,

Deepak Kumar

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

Go to solution
adamgibs7
Level 6
Level 6
In response to Deepak Kumar

‎09-23-2018 02:02 PM

Dear Deepak,

 

What do u mean by

What happens when will you access from home or somewhere else ???

 

 

0 Helpful

Go to solution
Ken Stieers
VIP
VIP
In response to adamgibs7

‎09-23-2018 02:11 PM

He's talking about when you access your email from somewhere else, ie, via a browser, or mail client but NOT behind your UTM filewall, at which point the web filter/AMP won't be applied to the nasty link that your user just clicked on or the traffic that click generated.


You mention your UTM has AMP, so I assume you're using a Cisco product...

Neither ASA nor FTD filter email content. The ASA SMTP stuff will make sure that the SMTP conversation follows SMTP protocols, but it doesn't look at the content of the email.


You really do need a solution for email security....

ESA on prem, Cloud ESA, Mimesweeper (cloud), Proofpoint (cloud) are all good solutions and will keep your email clean...

I'm an ESA guy, but I hear good things about the others, though I hear Proofpoint is EXPENSIVE

I also hear ok things about Forcepoint...

0 Helpful

Go to solution
adamgibs7
Level 6
Level 6
In response to Ken Stieers

‎09-23-2018 10:07 PM

Dears,

 

what is the use of IPS in the network ??? what I understand is IPS scan  each and every packet , and email is also a packet which will be scanned by the IPS.

 

I though understand vendors has created email security products specifically to protect emails they are not fool, instead I m not catching the concept of securities in different packets, so I need to understand properly

 

 

thanks

0 Helpful

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni
In response to adamgibs7

‎09-24-2018 12:17 AM

Hi,


An Intrusion Prevention System (IPS) is a network security/threat prevention technology that examines network traffic flows to detect and prevent vulnerability exploits. Vulnerability exploits usually come in the form of malicious inputs to a target application or service that attackers use to interrupt and gain control of an application or machine. Following a successful exploit, the attacker can disable the target application (resulting in a denial-of-service state), or can potentially access to all the rights and permissions available to the compromised application.

 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful
Customers Also Viewed These Support Documents