Cloud Email Security Datasheet
Cloud-based platform that identifies, analyzes and blocks email attacks
Organizations face an ever-increasing number of threats from
email-based spam, viruses and advanced threats. Email-based attacks,
in particular spear phishing, remain one of the primary methods used
to initiate an advanced persistent threat (APT) attack because of the
complexity involved in detecting them.
The FireEye Email Threat Prevention (ETP) is a cloud email security offering that combats today’s advanced email attacks and provides anti-spam and antivirus software protection. It offers complete email security for cloud mailboxes.
To protect against malicious emails, organizations simply route messages to the ETP Cloud. ETP analyzes the emails for spam and known viruses first. It then uses the signature-less FireEye Multi-Vector Virtual Execution (MVX) engine to analyze every attachment and URL to detect threats and stop APT attacks in real time.
Watch a quick overview of our cloud email security product offering, including a walkthrough of the ETP portal (5:14 min)
Cloud email security highlights
- Offers complete email security against advanced attacks, and provides anti-spam, anti-virus protection
- Deploys as a cloud-based solution with no hardware or software to install
- Delivers actionable contextual intelligence with each validated alert
- Enables operational efficiencies through consolidation
- Integrates with the FireEye NX platform to stop blended attacks across multiple threat vectors
- Analyzes emails for threats, such as zero-day exploits, attacks hidden in ZIP/ RAR/TNEF archives, and malicious URLs
- Provides true file type analysis for all attachment types: EXE, DLL, PDF, SWF, DOC/DOCX, XLS/XLSX,PPT/PPTX, JPG, PNG, MP3, MP4, and many more
- Deploys in active protection mode as a mail exchanger (MX) destination, or monitormode (via BCC)
- In active protection-mode, quarantines malicious emails with optional user notifications
- SOC 2 Type II certification for Security and Confidentiality
Easy deployment and cross-enterprise protection
With no hardware or software to install, the Email Threat Prevention Cloud is a particularly good fit for organizations seeking to move their infrastructure into the cloud. This eliminates the complexity of procuring, installing, and managing a physical infrastructure.
Email Threat Prevention Cloud is integrated with Advanced Threat Intelligence (ATI), which gathers data from the entire FireEye global footprint of sensors, incident responders and event analytics for real-time threat intelligence sharing. ATI uniquely provides actionable and contextual intelligence to:
- Identify specific capabilities and features of detected malware and malicious attachments
- Determine the probable identity and motives of a threat actor to track their activities in your system
- Identify previous targets of spear-phishing emails
- Locate copies of malicious email in target inboxes
- Find out if dangerous messages are being forwarded to new targets
- Highlight URLs that become malicious after message delivery
Email Threat Prevention Cloud consolidates advanced threat prevention with traditional security to optimize spending, reduce false positives, and enable operational efficiencies through consolidation.
Deploy in active protection-mode or monitor only
FireEye Email Threat Prevention Cloud can analyze emails and quarantine threats for active protection. Organizations simply update their MX records to route messages to FireEye. For monitor-only deployments, organizations just need to setup a transparent BCC rule to send copies of emails to FireEye for MVX analysis.
Real-time quarantine of malicious emails
To block spear phishing emails, Email Threat Prevention Cloud analyzes every attachment using the MVX engine to accurately identify today’s advanced attacks. When an attack is confirmed, Email Threat Prevention quarantines the malicious emails for further analysis or deletion by administrators.
Multi-vector virtual execution in the cloud
Email Threat Prevention Cloud uses the MVX engine in the cloud to detonate email attachments against a cross-matrix of operating systems and applications, including multiple web browsers and plug-ins like Adobe Reader and Flash. Like the on-premise EX series platforms, the cloud-based FireEye MVX engine does not use signatures to stop advanced attacks exploiting unknown OS, browser, and application vulnerabilities as well as malicious code embedded in file and multimedia content.
Security across email and web threat vectors
Today’s advanced attacks use email as a primary delivery mechanism for malicious content. While some attacks use an attachment with embedded malicious code, it is common for cybercriminals to use a malicious link thereby blending attack tactics in the hopes of bypassing today’s traditional defense silos. FireEye Email Threat Prevention Cloud integrates with onpremise FireEye NX platforms to coordinate real-time protections against multi-vector, blended attacks.
Easy-to-use management portal
Organizations have access to the FireEye Email Threat Prevention portal to view real-time alerts and generate reports.
Expertise. Technology. Intelligence.
FireEye provides a combination of expertise, technology, and targeted, relevant intelligence that is unmatched in the security industry. FireEye security professionals partner with each client to understand and resolve their specific security challenges, providing rapid response from the top experts in the field. The FireEye threat protection platform provides FireEye with unique insight into the world of advanced persistent threats, targeted attacks, and cybercrime, allowing FireEye to provide clients with industry-specific dynamic threat intelligence. FireEye provides the expertise and intelligence organizations need to protect their businesses from today’s threats.