A secure email gateway (SEG) is a hardware or software solution that organizations use to protect their email infrastructure from spam, malware, and other threats. SEGs act as an intermediary between an organization’s email system and the wider internet, filtering incoming and outgoing email to block unwanted or dangerous messages.
How do secure email gateways work?
SEGs use a variety of techniques to filter email traffic:
- Spam filters – SEGs utilize advanced spam filtering to detect and block unwanted commercial emails based on content, keywords, sender reputation, and more.
- Anti-malware scanning – Emails and attachments are scanned for viruses, ransomware, and other malicious payloads.
- URL analysis – Links in emails are checked against databases of known malicious websites.
- Attachment blocking – Dangerous file types like executables can be automatically stripped or blocked.
- Email authentication – Technologies like SPF, DKIM, and DMARC verify the sender’s identity.
- Sandboxing – Suspicious content may be opened in a safe, virtual environment to analyze behavior.
- Machine learning – Advanced algorithms learn and adapt to new spam and malware techniques.
By combining these techniques, SEGs aim to block threats while still allowing business-critical communication through. Administrators typically have granular control over filtering policies and rules.
What are the benefits of secure email gateways?
SEGs offer organizations several key advantages:
- Protection from spam – SEGs dramatically reduce the amount of unwanted spam messages like marketing emails, phishing scams, and other unsolicited traffic.
- Malware blocking – Dangerous malware attachments and infected links are automatically removed before reaching the email server.
- Policy enforcement – Organizations can easily apply and enforce acceptable use policies for email.
- Scalability – Cloud-based SEGs easily scale to handle large volumes of email traffic.
- Compliance – Email filtering helps organizations meet regulatory compliance requirements.
- Visibility – Detailed reporting provides insights into email threats and security trends.
By keeping organizations’ inboxes clear of threats and unwanted content, SEGs both improve productivity and strengthen overall email security posture.
What features should you look for in a secure email gateway?
When evaluating secure email gateway solutions, key features to look for include:
- Accurate threat detection – The SEG should use current techniques like machine learning to identify new and emerging spam/malware campaigns.
- Low latency – Email delivery should not be significantly slowed or impacted.
- Easy policy customization – Granular policy controls allow admins to fine-tune filtering as needed.
- Email encryption – Built-in email encryption protects sensitive communications.
- Sandboxing – The ability to analyze suspicious attachments/content in a safe sandbox environment.
- Cloud-based options – Cloud SEGs simplify deployment and maintenance with minimal hardware.
- End-user controls – Self-service portals allow end-users to manage quarantined messages.
Leading solutions will offer a rich set of features to handle today’s complex email threats while providing IT teams with easy administration and configuration.
How do secure email gateways differ from email filters?
While simple email spam filters are designed to block unwanted commercial email, SEGs are full-fledged security solutions built to handle a broad range of modern threats like spear phishing, ransomware, business email compromise (BEC) fraud, and more. Key differences include:
Secure Email Gateways | Email Filters |
---|---|
Block a wide array of threats including spam, malware, phishing, and more | Primarily block spam/marketing emails only |
Can scan inbound and outbound email traffic | Mostly filter inbound email only |
Offer advanced threat detection capabilities like sandboxing | Use more basic allow/block lists and content filters |
Provide detailed reporting and forensics on threats | Limited insights into blocked emails |
Granular policy control and end-user management | Limited policy configuration options |
While email filters offer a baseline level of protection, SEGs are purpose-built to handle today’s more sophisticated threats that often bypass basic filters.
Should you use secure email gateways for inbound or outbound email?
SEGs are highly effective at filtering both inbound and outbound email in an organization:
- Inbound email filtering – Blocks threats like spam, phishing scams, malware, and more from reaching users.
- Outbound email filtering – Stops users from inadvertently sending sensitive data and enforces security policy.
Key outbound email filtering capabilities include:
- Data loss prevention – Blocks accidental sends of sensitive information like credit card numbers, personal health information (PHI), and other confidential data.
- Email encryption – Automatically encrypts outbound messages containing sensitive data.
- Attachment control – Restricts users from emailing prohibited file types.
- Policy enforcement – Applies acceptable use policies to employee emails.
Using SEGs to filter both inbound and outbound traffic provides protection against a wide range of email-based threats while also enabling organizations to control their users’ email activity.
Should my business use an on-premises or cloud-based secure email gateway?
Organizations have two main deployment options for secure email gateways:
- On-premises SEGs – Hardware or virtual appliances installed at an organization’s location to filter email before it reaches on-premises mail servers.
- Cloud-based SEGs – Filtering is handled remotely through a hosted security service.
Factors to consider when deciding between on-premises vs cloud-based SEGs include:
On-Premises SEGs | Cloud-Based SEGs |
---|---|
|
|
For most modern organizations, the benefits of a cloud-based SEG like rapid deployment, lower overhead, and automatic scaling make them an attractive option over managing on-premises appliances.
What are the leading secure email gateway vendors?
Some of the top secure email gateway providers include:
- Cisco (IronPort)
- Mimecast
- Proofpoint
- SolarWinds
- Barracuda
- Sophos
- Symantec
- Trend Micro
These vendors offer a range of SEG solutions tailored to organizations of different sizes and needs. When evaluating options, be sure to consider factors like threat detection accuracy, ease of use, available features, and overall value and pricing.
How much do secure email gateways cost?
SEG costs vary between vendors and depend on the number of users, features, and deployment model:
- On-premises hardware appliances – One-time cost of $1,000+ per device plus ongoing licensing/support fees
- Virtual appliances – Annual license typically $50-$100 per user
- Cloud-based services – Ranges from $1-$5 per user per month for basic plans and increases for premium features
Volume discounts are common for larger organizations. While cloud SEGs require an ongoing subscription, they avoid large upfront hardware costs and provide the most flexibility to scale as needs change.
What are the limitations of secure email gateways?
While SEGs are highly effective at filtering email threats, limitations include:
- Encryption can bypass filtering – Messages encrypted end-to-end may bypass SEG inspection.
- Targeted/stealthy attacks – Advanced threats like spear phishing could evade filters.
- Resource-intensive – On-premises options require IT resources to manage and maintain hardware/software.
- Email delivery delays – Stringent filtering can slightly delay email flow.
- Gap in mobile protection – SEGs focus on corporate email only and don’t protect personal mobile devices.
Organizations should layer SEGs with other defenses like email encryption, end-user security training, and mobile device protections for comprehensive coverage.
Conclusion
Secure email gateways provide a critical layer of protection against email-borne threats. By filtering inbound and outbound traffic for spam, malware, phishing scams, and other attacks, SEGs help organizations keep their inboxes secure and prevent data loss. Cloud-based SEG services enable fast deployment and simplified management with powerful AI-driven threat detection capabilities. While limitations exist, using SEGs alongside other email security tools as part of a defense-in-depth strategy allows organizations to substantially strengthen their email infrastructure against constantly evolving threats.