IronMail: Unified Email Policy & Enforcement

Key Features

CipherTrust's anti-spam solution provides unparalleled detection and policy enforcement capabilities, while mitigating the challenges of managing a daily outpouring of spam and unwanted messages. Integral to IronMail's success have been its best-of-breed tools, gateway-based architecture and multi-faceted approach to spam detection and management. Using IronMail, businesses benefit from enterprise-wide spam management designed to improve detection rates, enhance network manageability, and eliminate blocking legitimate mail (false positives). Key tools in IronMail's arsenal are the Enterprise Spam Profiler (ESP) system, User Quarantine system, and the CipherTrust Research team.

Enterprise Spam Profiler

IronMail employs the broadest array of detection tools available to analyze email messages for spam. IronMail then uses the Enterprise Spam Profiler to aggregate the results of these multiple tools to calculate the probability that a message is spam. The result is improved detection rates and extremely high accuracy.

User Quarantine

Even the slightest risk of false positives is a concern for most organizations. User concern over this issue can lead to time-consuming requests to administrators to review spam queues and confirm that no legitimate email has been detained. With the User Quarantine feature, users can review their personal quarantine queue, to ensure that no legitimate mail has been captured, and to provide feedback on captured mail.

Administrators are relieved of the responsibility of reviewing queues for possible lost mail and constructing rules and policies in response to user feedback. They can choose which users or groups of users need access to the User Quarantine and which do not, providing the customization that large enterprises need to conduct their business. And, all of this is accomplished without actually allowing suspect email to pass through the gateway until it has been released by the user. Our User Quarantine feature allows IronMail to maintain the highest detection rates in the industry, while delivering zero false positives and zero administration.

CipherTrust Research

CipherTrust's commitment to leadership in email security is reflected in our CipherTrust Research team. Constantly analyzing email traffic for new threats and new defenses against existing threats, the research team provides real-time updates on customizable policies and signatures to IronMail units in the field, anytime anywhere.

IronMail anti-spam detection tools:
• User whitelists
• Spam whitelists
• Realtime BlackholeLists
• Content Filtering
• Mail monitoring
• Statical Lokup Service
• Domain blocking lists
• Heuristics-based anomaly detection
• Rules-based header analysis
• Reverse DNS lookup
• User Reported Spam
• User Quarantine

IronMail Advantages
• Multiple layers of protection against all email threats managed through a single interface
• Tools to stop, quarantine, alter or delete known or suspected spam at the gateway
• Industry leading detection rates with an array of detection tools and the Enterprise Spam Profiler
• Zero false positives and zero administration with User Quarantine
• Compatibility with any email system or server ensured through standards-based design
• Real-time monitoring and reporting of message volume, size and content to minimize the burden on mail relays, SMTP gateways and internal mail servers
• Easy to use and administer through a single and secure, browser-based interface
• Secure appliance platform that provides a hard face to the Internet and protects the entire email system

IronMail's Policy Manager provides extensive control over enterprise email traffic. IronMail tools allow administrators to define and enforce spam filtering, virus scanning, content filtering, encryption and digital signature policies to secure and manage communication at the gateway. On the front end, the appliance offers an intuitive graphical interface for administrators to create email policies. To manage threats before they enter or leave the network, IronMail provides a robust queue architecture that allows every message to be examined for content.

What This Solution Can Do For You

Policy Manager has proven to be a highly effective tool for defending enterprises against unauthorized access to confidential data and government-regulated information. Enterprises that neglect to ensure the security and privacy of online communications could find themselves at risk for:

Loss of intellectual property
• Source code
• Trade secrets
• Mail to/from competitors

Control use of encrypted email
• Regulatory requirements
  • HIPAA
  • GLBA

Inappropriate/offensive content
• Ingoing
• Outgoing

Lost productivitiy
• Resumes
• MP3s
• Chain letters

Features That Deliver These Benefits

Policy Manager provides powerful tools for controlling what messages are allowed into and out of an enterprise. IronMail users create dictionaries populated with lexicons, including words, phrases, weighted word lists and text patterns for use in content filtering. For administrators, building a content filtering rule is as easy as selecting a dictionary that is used in searching and scanning each message for keywords, text strings and ASC II text file attachments. Users can also filter messages based on priority, send date, message size, senders (users, group or domain) and recipients (user or domain).

Policy Manager gives users complete control over email attachments. Its functions create policies to govern which file attachments can be accepted or delivered to recipients. With Policy Manager, companies can block, quarantine, re-route or drop messages coming from competitor domains or associated with viruses. Appliance filters allow users to create groups of files and file extensions based on sorting criteria. IronMail users can choose how their email systems respond when attachments arrive at specified file groupings.

IronMail's Policy Manager enables administrators to seamlessly enforce encryption rules at the gateway to ensure content control and compliance. Encrypted message filtering rules are defined by sender (users, group or domain), recipients (user or domain) and OpenPGP and S/MIME standards. These rules help ensure that messages which violate IronMail policies are blocked or returned to the sender while others are encrypted for secure delivery to customers, suppliers and business partners.

Using lexical analysis, Policy Manager inspects all inbound and outbound messages. A powerful policy engine enables IronMail users to execute a range of actions based on message sender, receiver or subject line. Using these criteria, administrators can establish policies that block or encrypt messages matching defined rules. Other possible email policy applications include blind copying the message to an administrator, re-writing the subject line with alternate text, or quarantining the message for future review. Whatever the action, leveraging this IronMail capability helps administrators ensure compliance with key regulations and corporate policy.

IronMail provides powerful tools to help administrators fight spam and define rules for messages passing through e-mail gateways. Policy Manager gives users the option of customizing spam filters by message size, subject line, sender, time of receipt, or attachment type. Another spam filtering feature of the IronMail appliance is its ready-made dictionary containing hundreds of words and phrases commonly used in spam email.

For every outgoing plain text email, IronMail can stamp or insert a message footer to ensure its secure delivery. IronMail provides another layer of protection by enabling users to create individual rules that associate messages with domains. Administrators gain flexibility in applying message stamping rules to individuals and groups.

IronMail: Anti-Virus

IronMail offers a comprehensive anti-virus solution to protect against viruses, worms and Trojan horses at the email gateway before they can enter the email environment. With IronMail, administrators have the option of using Sophos' and/or McAfee's virus detection and removal products. IronMail's anti-virus solution also includes emergency notification of new viruses and anti-virus software definition updates through its policy management and anomaly detection rules.

Anti-Virus Enterprise Protection Features

IronMail enables administrators to implement anti-virus identity files (IDE) to detect and stop the latest viruses and malicious code. With IronMail, administrators can install updated IDE files manually or subscribe to automatic query updates.

The appliance's Sophos and/or McAfee anti-virus engines scan emails for known viruses and clean infected files automatically once a virus or virus variant is detected.

A quick check of its current anti-virus information confirms if IronMail users have an updated IDE for circulating viruses. If an IDE hasn't been created for a specific virus, an administrator can instruct IronMail to quarantine suspect email until virus definitions have been installed for it.

IronMail's preventive filtering engine detects and quarantines messages containing text strings related to specific viruses. Directing suspect messages to the quarantine queue while an IDE file is installed allows IronMail users to pre-empt any damage to their email system.

Its attachment filtering engine adds another layer of protection by detecting user-specified attachments and deleting or quarantining them, based on file attachment rules.

By detecting patterns in email traffic, IronMail's Anomaly Detection Engine identifies when viruses and worms access the network. Within minutes, administrators are alerted and can begin blocking similar emails.

IronMail Advantages
• Comprehensive anti-virus protection for gateways, servers, URL filter servers, firewalls
• Leading-edge anti-virus scanning and removal technologies provided by Sophos and/or McAfee
• File quarantine capabilities used to isolate and neutralize suspect messages
• Real-time policies and updates delivered by CipherTrust FirstAct™ service to address threat of rapidly spreading viruses and worms
• Advanced heuristics analysis to detect and stop unknown viruses