Disarm Advanced Persistent Threats with Symantec Messaging Gateway

Most people today rely on email as their method for business communication – sending and receiving hundreds of emails every day. This dependence on email can create a weak link in securing corporate information and expose a company to attacks. While hackers still use general spam emails and social engineering (or phishing) attacks against organizations, they are now increasingly pursuing sophisticated and targeted attacks that are far more difficult to differentiate from the emails we typically receive. In fact, Symantec’s 2013 Internet Security Threat Report found a 42 percent increase in targeted attacks in 2012.  

Most spam emails are relatively easy to identify and quarantine, but targeted attacks are customized for their recipients, making them harder to spot. For example, a company’s HR department could receive an email that requests that they click on a link to check out potential candidates for positions for which they are recruiting. This email, which contains hidden malware, appears trustworthy and traditional filters are less likely to identify and remove the malware in the email.  It’s with this type of attack in mind that the new Symantec Messaging Gateway 10.5 offers a suite of advanced protective technologies that enable IT to effectively protect their systems from evolving email threats in real time.

Best protection with superior effectiveness and advanced threat detection

To help protect customers, Messaging Gateway 10.5 now includes Disarm – a new, patent-pending, innovative technology invented by Symantec Research Labs to prevent targeted, never-before-seen email threats. This technology, which is unique to the industry, inspects all emails for Microsoft Office and Adobe PDF attachments, and creates reconstructed versions of the attachments with any exploitable active content removed before the email and new attachments are delivered to the recipient in real time. Without Disarm, this active content, including javascript, macros and embedded Flash, can be used to silently deliver malicious files to a user. In fact, in tests conducted by Symantec, it was found that Disarm would have blocked 98 percent of attacks that exploit zero-day vulnerabilities thus far in 2013. Learn more about how Disarm helps in protecting against targeted attacks here.

Symantec Messaging Gateway also features the Brightmail antispam filtering engine to identify email-borne threats at both the global and local levels, via Symantec’s Global Intelligence Network. Symantec’s portfolio of messaging security solutions draws on this real-time intelligence from more than five million decoy accounts and over three billion messages processed daily to identify new threats, based on reputation and message content, before they wreak havoc on unsuspecting victims and organizations. This enables Messaging Gateway to block more than 99 percent of spam with less than one in one million false positives.

Greater control with data loss prevention and email encryption

There are human elements to data protection just as there are technological elements. Messaging Gateway provides advanced content filtering and data loss prevention (DLP) technologies that make it easier to secure and control sensitive data. Administrators can easily build effective and flexible policies that enforce regulatory compliance and protect against data loss. Messaging Gateway appliances also leverage integration with Symantec Data Loss Prevention, to simplify the management of day-to-day DLP incidents.

With the increase in regulations that require private information be encrypted, Messaging Gateway offers premium encryption options that can meet a customer’s unique needs as a hosted service or on-premise. Used as a policy enforcement point, Messaging Gateway evaluates messages against customer-specified criteria, and if it is determined encryption is necessary, sends them to be encrypted.

Unified management and administration

Messaging Gateway includes a powerful control center for unified management and administration of a company’s entire messaging infrastructure. From a single Web-based console, administrators can easily manage multiple Messaging Gateway appliances to view trends, attack statistics and non-compliance incidents. By removing the complexity of multiple consoles, disparate policies, and incompatible logging and reporting procedures, Messaging Gateway significantly reduces the total cost of ownership of messaging security infrastructure. Messaging Gateway also supports a full set of reporting options, including a dashboard and executive summaries that highlight system efficacy and impact. Reporting helps administrators proactively identify data loss trends and demonstrate compliance.

Messaging Gateway integrates a unique set of technologies that deliver robust protection, while enabling IT greater control and ease of use so it can focus on system architecture and helping drive the business, instead of responding to spam complaints and malware attacks.  For more information on supported platforms, system requirements and securing your email system, please visit http://www.symantec.com/messaging-gateway.

Additional Resources

VIDEO: Protect Against Spear Phishing and Advanced Targeted Attacks

Symantec Messaging Gateway

Data Sheet: Symantec Messaging Gateway 10.5

Symantec Data Loss Prevention

Gartner 2013 Magic Quadrant for Secure Email Gateways

Leave a Reply