An evolution of the legacy secure email gateway, the next-generation Secure Email Cloud is purposefully built for the cloud-first world and differs in several remarkable ways. Because it’s a cloud-native SaaS application and compliments the built-in security features of Microsoft Office 365, it offers several key enhancements.
Many of the legacy features of the SEG are already pre-built into Microsoft Office 365 via Exchange Online Protection (EOP) and the optional Advanced Threat Protection (ATP). In fact, Office 365 provides support for all areas that have been traditionally protected by the SEG: pre-content filter based control, integrated antispam, integrated antivirus, attachment sandboxing, URL analysis, and data loss prevention.
Designed to assess incoming emails by analyzing content and infrastructure reputation, these platform-native controls are proving essential to ferreting out spam, malicious URLs and malware, certain keywords, or a high volume of attacks from a single IP. In fact, according to a recent Gartner report, anti-malware and anti-spam features built into Office 365 are now being recognized as best in class.9
For those areas not fully protected by native functionality, the Microsoft Office 365 architecture offers APIs such as the Microsoft Security Graph that enable complementary security solutions to integrate seamlessly. This is where many organizations enable the secure email gateway, but because SEGs were designed two decades ago, their architecture nearly always requires that it be inline in the mail flow, slowing down mail delivery and introducing a point of failure. Beyond the mail deliverability and increased risk of downtime, inline SEG architecture actually hinders the effectiveness of the Microsoft Office 365 security by modifying header data before it reaches Exchange Online Protection or Advanced Threat Protection.
Unfortunately, cybercriminals rely on finding new and innovative ways to bypass the filters organizations put into place to protect against them, which is why they have recently turned to identity-based deception. Different from traditional email attacks, this next- generation of email attacks rely on impersonation and plain-text emails to bypass the filters set against the attacks of the past.
This is where the Secure Email Cloud augments the controls set by Exchange Online Protection to prevent advanced attacks on Microsoft Office 365 environments. Designed specifically to identify when a message is malicious based on identity and models of trusted behavior rather than content, Agari prevents the most dangerous types of attacks from ever reaching user inboxes. And for those emails that evade initial detection or weaponize after delivery, Agari provides options to automatically remove emails from user inboxes, effectively preventing users from opening the email or clicking on malicious links.
9. Gartner Solutions Comparison for Nine Secure Email Gateways, 18 January 2019