Email Protection
When a user shares an email or file through the SaaS application, Avanan gets notified through API. The security engine then scans the data for threats and malicious content, and determines if it is necessary to quarantine, clean, remove, and more.
To scan the data for threats, Avanan uses a full-blown Check Point security stack. This includes zero-day threats protection and malware prevention, data leak prevention, and the ability to reveal shadow IT scenarios. Avanan is designed to protect from real SaaS threats.
Overview
Avanan offers the industry’s most complete cloud security solution with defense-in-depth capabilities to make your SaaS and IaaS safe and compliant. It protects your users and files in any cloud environment, from Office 365 to Gmail, Amazon Web Services to Azure.
Avanan offers three modes of protection for email outlined below:
-
Monitor only
-
Detect and Remediate
-
Protect (Inline)
Monitor only mode provides visibility into the cloud-hosted email leveraging publicly available API’s and a journal entry from the SaaS email provider. Scan results are provided from 60+ best of breed security tools. In this mode, manual and automated query based quarantines are available after delivery to the user mailbox.
-
Incoming email passes through email provider’s spam filter. Emails are sorted accordingly,
-
Rejected
-
Accepted, Moved to Junk
-
Accepted, Moved to Inbox
-
Manual and automated query based quarantines are available after delivery to the user mailbox.
Detect and Remediate mode provides an increased level of protection that scans email via journaling leveraging the same SaaS email provider API’s. This mode adds an automated policy action to quarantine malware, phishing attacks etc. based on the results of the best of breed security stack. In this mode user notifications and release workflows are available.
-
Incoming email arrives in respective mailbox folder.
-
Avanan detects new emails and scans (10 seconds - 5 minutes).
-
If malicious, Avanan takes automatic action, otherwise, leaves the email alone.
-
Optional user notifications and release workflows are available.
Protect (Inline) mode provides the highest level of protection and scans emails prior to delivery to the end user’s mailbox. Leveraging the same SaaS email provider API’s and implementing mail flow rules Avanan can scan email with a best of breed security stack to protect end users from malware, data leaks, phishing attacks and more. Scanning and quarantining takes place before email is delivered to the user’s mailbox. This mode insures that threats are detected and remediated before the user has access to the email.
-
Incoming email heads to the mail flow.
-
Avanan redirects the mail for scanning (10 seconds - 5 minutes).
-
If malicious, Avanan takes action, otherwise, returns email to the mail flow.
-
User notifications and release workflows are defined in policy.