McAfee Email Protection
Strengths: ClickProtect and Threat Detection features are great additions to an already full-featured email security platform.
Weaknesses: None noted.
Verdict: Flexible and easy to use with a lot of predefined content. It has all the features one will need to secure email communications.
McAfee Email Gateway protects networks from viruses, undesirable content, spam and other threats. Email Protection scans inbound and outbound email messages, including 300-plus file types. Multiple anti-virus engines help address anti-virus, anti-spam and compliance requirements. McAfee Global Threat Intelligence correlates billions of data points from network, endpoint, web and email threat vectors, going beyond network IP and sender reputation to include URL, message and file reputation.
The McAfee Email Protection solution can be delivered as a virtual appliance, hardware appliance, blade server, SaaS or an integrated combination of the above. It is typically installed in one of three deployment types: appliance (virtual or hardware) on the network edge (for inbound and outbound mail protection), SaaS solution in the cloud (for inbound and outbound), or an integrated hybrid with SaaS solution in the cloud for inbound protection, appliance (virtual or hardware) for local granular policy enforcement and outbound content/compliance scanning. The appliances also support clustering for high availability and scalability. We were provided an appliance but due to some issues with the credentials, we were never able to access the box. We were given a virtual tour of the technology. From the documentation, initial setup is through a web interface and appears to be fairly straightforward. It took us about 30 minutes to get up and running. Regardless of the configuration deployed, McAfee's integrated hybrid approach centralizes management and reporting from a single control point.
Features include built-in data loss prevention (DLP) technology, including a rather large pre-built compliance dictionary, document fingerprinting and validation tools to identify sensitive email content. A full-featured MTA enables sophisticated routing to notify, block and sideline emails as required, with role-based quarantine queues. TLS encryption is available to protect sensitive content while S/MIME and PGP allows for digital signatures. The encryption options were strong.
A new feature to this release is the ability to mask true links in email messages. We found ClickProtect to be a real differentiator. To protect against malicious content behind web links in email, ClickProtect provides real-time emulation defenses, evaluating links both at scan-time and click-time. In-depth static code and dynamic malware analysis, sandboxing, is delivered via tight integration with McAfee Advanced Threat Defense. These technologies work together to deliver predictive, real-time threat protection and eliminate targeted phishing, gray/bulk mail, spam and any other email-based threats.
Dashboarding and reporting features are both well done. The visualization tools are good. There are only a few canned reports but a report tool makes it easy for admins to create and generate whatever reports are required. Alerting via email is available for certain event types.
Phone and email support is included 24/7 in the subscription fee. No other support options were listed. The documentation set came with a quick-start guide and the implementation manual. All remaining documents were available on the website.