Cloud Email Security Datasheet

Cloud-based platform that identifies, analyzes and blocks email attacks

Organizations face an ever-increasing number of threats from email-based spam, viruses and advanced threats. Email-based attacks, in particular spear phishing, remain one of the primary methods used to initiate an advanced persistent threat (APT) attack because of the complexity involved in detecting them.

The FireEye Email Threat Prevention (ETP) is a cloud email security offering that combats today’s advanced email attacks and provides anti-spam and antivirus software protection. It offers complete email security for cloud mailboxes.

To protect against malicious emails, organizations simply route messages to the ETP Cloud. ETP analyzes the emails for spam and known viruses first. It then uses the signature-less FireEye Multi-Vector Virtual Execution (MVX) engine to analyze every attachment and URL to detect threats and stop APT attacks in real time.

FireEye Email Threat Protection (ETP)

Watch a quick overview of our cloud email security product offering, including a walkthrough of the ETP portal.
(5:14 min)


  • Offers complete email security against advanced attacks, and provides anti-spam, anti-virus protection
  • Deploys as a cloud-based solution with no hardware or software to install
  • Delivers actionable contextual intelligence with each validated alert 
  • Enables operational efficiencies through consolidation
  • Integrates with the FireEye NX platform to stop blended attacks across multiple threat vectors
  • Analyzes emails for threats, such as zero-day exploits, attacks hidden in ZIP/ RAR/TNEF archives, and malicious URLs


  • Provides true file type analysis for all attachment types: EXE, DLL, PDF, SWF, DOC/DOCX, XLS/XLSX,PPT/PPTX, JPG, PNG, MP3, MP4, and many more
  • Deploys in active protection mode as a mail exchanger (MX) destination, or monitormode (via BCC)
  • In active protection-mode, quarantines malicious emails with optional user notifications
  • SOC 2 Type II certification for Security and Confidentiality

Easy deployment and cross-enterprise protection

With no hardware or software to install, the Email Threat Prevention Cloud is a particularly good fit for organizations seeking to move their infrastructure into the cloud. This eliminates the complexity of procuring, installing, and managing a physical infrastructure.

Email Threat Prevention Cloud is integrated with Advanced Threat Intelligence (ATI), which gathers data from the entire FireEye global footprint of sensors, incident responders and event analytics for real-time threat intelligence sharing. ATI uniquely provides actionable and contextual intelligence to:

  • Identify specific capabilities and features of detected malware and malicious attachments
  • Determine the probable identity and motives of a threat actor to track their activities in your system
  • Identify previous targets of spear-phishing emails
  • Locate copies of malicious email in target inboxes
  • Find out if dangerous messages are being forwarded to new targets
  • Highlight URLs that become malicious after message delivery

Operational effectiveness

Email Threat Prevention Cloud consolidates advanced threat prevention with traditional security to optimize spending, reduce false positives, and enable operational efficiencies through consolidation.

Deploy in active protection-mode or monitor only

FireEye Email Threat Prevention Cloud can analyze emails and quarantine threats for active protection. Organizations simply update their MX records to route messages to FireEye. For monitor-only deployments, organizations just need to setup a transparent BCC rule to send copies of emails to FireEye for MVX analysis.

Real-time quarantine of malicious emails

To block spear phishing emails, Email Threat Prevention Cloud analyzes every attachment using the MVX engine to accurately identify today’s advanced attacks. When an attack is confirmed, Email Threat Prevention quarantines the malicious emails for further analysis or deletion by administrators.

Multi-vector virtual execution in the cloud

Email Threat Prevention Cloud uses the MVX engine in the cloud to detonate email attachments against a cross-matrix of operating systems and applications, including multiple web browsers and plug-ins like Adobe Reader and Flash. Like the on-premise EX series platforms, the cloud-based FireEye MVX engine does not use signatures to stop advanced attacks exploiting unknown OS, browser, and application vulnerabilities as well as malicious code embedded in file and multimedia content.

Security across email and web threat vectors

Today’s advanced attacks use email as a primary delivery mechanism for malicious content. While some attacks use an attachment with embedded malicious code, it is common for cybercriminals to use a malicious link thereby blending attack tactics in the hopes of bypassing today’s traditional defense silos. FireEye Email Threat Prevention Cloud integrates with onpremise FireEye NX platforms to coordinate real-time protections against multi-vector, blended attacks.

Easy-to-use management portal

Organizations have access to the FireEye Email Threat Prevention portal to view real-time alerts and generate reports.


"With FireEye Email Threat Protection (ETP), less is more. We receive fewer spam and dangerous emails, and we spend less time analyzing suspect messages. Overall, it represents less risk for all."

- Roberto Rubbi, System Administrator, ASCOT CERAMICHE S.P.A.

Ready to get started?

Ask about FireEye solutions, implementation or anything else. Our security experts are standing by, ready to answer your questions.

+1 888-227-2721 +61 281034308 +1 877-347-3393 +358 942451151 +33 170612726 +49 35185034500 +852 69630370 +39 0294750535 +81 345888169 +03 77248276 +52 5585268207 +64 32880234 +48 223072296 +7 4954658084 +65 31585101 +27 105008408 +82 7076860238 +34 932203202 +94 788155851 +028 7933558 +27873392 +44 2036087538