Blue Coat Mail Threat Defense
Secure Email Against Targeted Phishing Attacks
More pricing below, click here!
Overview:
Secure email against targeted phishing attacks. Blue Coat Mail Threat Defense protects against email-borne malware in links and attachments that are activated by unsuspecting end users. Deployed inline as a cloud-based service or a premise-based appliance, the solution extracts malicious content prior to delivery and without disrupting the existing message flow, while enforcing enterprise security policies. It integrates seamlessly with the Blue Coat Advanced Threat Detection ecosystem and supplements existing email security tools.
Protect Office 365 Mail Embeds, Attachments
Mail Threat Defense protects against targeted attacks and phishing for enterprises migrating to Office 365. By deeply scanning embedded URLs and file attachments in email messages prior to delivery at the cloud mail server, then taking policy-based actions to sanitize the messages based on the risk scores received, enterprises vastly reduce the opportunity for end users to inadvertently introduce a devastating malware breach into the organization launched from an errant click.
Expose More Email Threats
Mail Threat Defense blocks all known email-based threats and automatically delivers never-before-seen, unique, and zero-day malware for sandbox detonation, comprehensive analysis, and targeted risk scoring to block unknown threats. It scans embedded file attachments and URL links for malware, then takes actions based on corporate security policy.
Positioned inline after the SPAM filter, Mail Threat Defense integrates with other email security solutions, preserving and enhancing the value of prior electronic mail security investments.
Pre-Filters and Rejects the Knowns
Mail Threat Defense applies a variety of sophisticated techniques to quickly pre-filter and reject both known good and known bad files and URLs:
- URL Filtering
- File Hash Reputation
- Anti-Virus Detection
- Static Code Analysis
Safe messages proceed to end users.
Analyzes the Unknowns
Unknown files and URLs are extracted and sent to the Blue Coat Malware Analysis Appliance, an advanced multi-stage sandbox, for identification and risk scoring in precisely tailored gold-image detonation chambers. It performs recursive analysis on the primary file or URL plus any subsequent “dropped” files and callback URLs:
- Static Code Analysis
- Dynamic / Behavioral Analysis
- Reputational Analysis
- YARA Rules Analysis
Configurable Security Policies
Security policies allow enterprises to balance message delivery speed, user preference, and business security needs. Based on risk scores, policies can:
- Remove malicious attachments
- Remove/replace malicious links
- Add malicious content warnings
- Quarantine malicious messages
Who Benefits?
| Email End User (Employee) | Fast, accurate receipt of legitimate business (and some personal) messages with all links and attachments intact |
| Message Infrastructure Engineer | Rapid delivery of safe messages scanned for malicious links and attachments |
| Mail Security Analyst | Minimization of the email attack vector in circumventing enterprise defenses |
| Security Auditor | Easy access and retention to logging of all events |
| Desktop Support Engineer | Reduced trouble tickets; reduced downtime for desktop and remote users |
| Executive (CISO, CTO, IS Director) | Comprehensive multi-vector threat protection; fortification against the end-user weakest link in the security chain. Proof of ROI. |
Email is one of the most common attack vectors used by hackers to get into your corporate network. Attackers will send targeted communications “phishing” for information they can use to perpetrate other attacks and establish a foothold in your organization they can use to spread. They may try to trick your users into providing sensitive data – such as usernames and passwords, financial records, etc. – or get them to click on a link or open a file that contains malicious code that automatically infects the endpoint. To protect against these types of attacks, you need a solution that is capable of identifying and preventing the varied phishing methods attackers deploy – you need Blue Coat Mail Threat Defense.
Blue Coat Mail Threat Defense protects against email-borne malware in links and attachments that are activated by unsuspecting end users. The solution can identify and extract malicious content from an email before it is delivered to the user to neutralize the attack. As a result, you can effectively enforce corporate security policies and keep your resources safe, without impacting the user’s experience.
Features & Benefits:
Blue Coat Defeats Targeted Attacks
Mail Threat Defense inspects and analyzes all email messages for malicious content before they arrive in the targeted user’s in-box. If there is malware contained within embedded URL links or file attachments, Mail Threat Defense will identify it and actively block, alter, or quarantine the message, based on the severity of the threat and your corporate security policy. The solution has no impact on the user experience, beyond ensuring they only receive sanitized, safe messages in their inbox.
Eliminates Known Attacks
Mail Threat Defense scans embedded file attachments and URL links to identify known malware and takes action based on your corporate security policy. The solution also identifies files and URLs that are known to be good and sends those safe messages on to the user. Mail Threat Defense applies a variety of sophisticated techniques to quickly identify both known bad and good files and URLs, including:
- URL Filtering
- File Hash Reputation
- Anti-Virus Detection
- Static Code Analysis
The solution leverages Blue Coat’s Global Intelligence Network, which is monitoring and codifying the threats encountered by users worldwide, to constantly update and improve these techniques.
Uncovers New Attacks
Mail Threat Defense can identify never-beforeseen, unique and zero-day malware It extracts any unknown files and URLs it detects and sends them to the Blue Coat Malware Analysis Appliance for identification and risk scoring. The Blue Coat Malware Analysis Appliance is an advanced, multi-stage sandbox that uses precisely tailored, gold-image detonation chambers to perform recursive analysis on any primary files or URLs, plus any subsequent “dropped” files and callback URLs. It uses:
- Static Code Analysis
- Dynamic/Behavioral Analysis
- Reputational Analysis
- YARA Rules Analysis
The solution will then provide a targeted risk score for the malware it has discovered, so you can effectively address and mitigate the risk posed by this previously unknown threat.
Provides Configurable Security Policies
The security policies of Mail Threat Defense enable you to balance message delivery speed, user autonomy desires and business security needs. Based on the verdicts and malicious risk scores determined by the solution, you can enact policies that block, alter, quarantine or detect / alert on the malware. As a result, you can:
- Remove malicious attachments
- Remove / Replace malicious links
- Add malicious content warnings
- Quarantine malicious messages
Deployment Modes
The solution can be deployed inline, as a cloud-based service or an on-premises appliance. It is typically positioned behind the firewall, after the SPAM filter, to ensure it can inspect all mail before it is delivered to the user. Note, the solution can also be deployed passively, alerting you as soon as email malware is detected. It seamlessly integrates with any other email security solutions you have to preserve and enhance the value of your investments.
At a Glance
Defeats Targeted Attacks
- Ability to identify attacks in embedded file attachments and URL links
- Delivers screened and sanitized email messages to end users
Eliminates Known Attacks
- Uses sophisticated techniques to quickly identify both known bad and good files and URLs
- Leverages the global intelligence network to stay up-to-date on the latest threats
Uncovers New Attacks
- Uses precise detonation chambers to uncover new, zero-day attacks. Understands the risk level of new attacks with targeted malicious risk scoring
Provides Configurable Security Policies
- Supports the unique security enforcement need of the organization
- Balances message delivery speed, user autonomy desires and business needs
Specifications:
| Mail Threat Defense Appliance Malware Analysis Appliance |
MTD S400-10 MAA S400-10 |
MTD S400-20 MAA S400-10 |
|---|---|---|
| Performance | ||
| Advanced Mail Analysis | Up to 300,000 emails / day | Up to 500,000 emails / day |
| System | ||
| Disk Drivers | 3 x 1 TB | 6 x 1 TB |
| RAM | 24 GB | 48 GB |
| Onboard Ports |
|
|
| Optional NICS | 2x10Gb Base-T Copper | 2x10Gb Base-T Copper |
| Physical Properties | MTD S400, MAA S400 |
|---|---|
| Dimensions and Weight | |
| Dimensions | 572mm x 432.5mm x 42.9mm ( 22.5in X 17.03in X 1.69in) (chassis only) 643mm x 485.4mm x 42.9mm (25.3in x 19.11in x 1.69in) (chassis with extensions 1 RU height |
| Weight (Maximum) | Approx. 12.8 kg (28 lbs) +/- 5% |
| Operating Environment | |
| Power | Dual redundant and hot swappable power supplies, AC power 100-240V, 50-60Hz, 4A (DC power available) |
| Maximum Power | 450 Watts |
| Thermal Rating | Typical: 1086 BTU/hr, Max: 1381 BTU/hr |
| Temperature | 5°C to 40°C (41°F to 104°F) at sea level |
| Humidity | 20 to 80% relative humidity, non-condensing |
| Altitude | Up to 3048m (10,000ft) |
| Mail Threat Defense Appliances | ||
|---|---|---|
| Regulations | Safety | Electromagnetic Compliance (EMC) |
| International | CB – IEC60950-1, Second Edition | CISPR22, Class A; CISPR24 |
| USA | NRTL – UL60950-1, Second Edition | FCC part 15, Class A |
| Canada | SCC – CSA-22.2, No.60950-1, Second Edition | ICES-003, Class A |
| European Union (CE) | CE – EN60950-1, Second Edition | EN55022, Class A; EN55024; EN61000-3-2; EN61000-3-3 |
| Japan | --- | VCCI V-3, Class A |
| Mexico | NOM-019-SCFI by NRTL Declaration | --- |
| Argentina | S Mark – IEC 60950-1 | --- |
| Taiwan | BSMI – CNS-14336-1 | BSMI – CNS13438, Class A |
| China | CCC – GB4943.1 | CCC – GB9254; GB17625 |
| Australia/New Zealand | AS/NZS 60950-1, Second Edition | AS/ZNS-CISPR22 |
| Korea | KC – RRA, Class A | |
| Russia | CU – IEC 60950-1 | GOST-R 51318.22, Class A; 51318.24; 51317.3.2; 51317.3.3 |
| Environmental | RoHS-Directive 2011/65/EU, REACH-Regulation No 1907/2006 | |
| Product Warranty | Limited, non-transferable hardware warranty for a period of one (1) year from date of shipment. BlueTouch Support contracts available for 24/7 software support with options for hardware support. |
|
Documentation:
Download the Blue Coat Mail Threat Defense Datasheet (PDF).
Pricing Notes:
- Pricing and product availability subject to change without notice.