Cloud based management portal
Securely manage your web filtering policy wherever you are without need for any desktop management software
Designed to blend-in with the Windows Server platform for that instant familiarity, the portal gives you access to all the features of Mailwall Remote. This is where you configure your policies, check quarantine and run reports. You can also configure security permissions to give various levels of access to different administrators. End users can also be granted limited access (for example to personal quarantine).
Real time traffic and blocking statistics
The reporting dashboard shows you all the vital stats – legitimate mail and threats with the option to instantly review any time period.
The reports section centralises inbound and outbound mail filtering statistics, breaking them by domain.
You can use it to review how many emails were screened in total, what proportion was legitimate and how many viruses and spam were blocked. You can instantly summarise these stats – by day, month – and even from the beginning of your subscription.
On-demand scheduled reports
The e-mail filtering management information you need delivered to your inbox on regular basis
You can schedule regular management reports – delivered to you in PDF format. They not only show live stats but also present you with useful summaries showing which users are sending and receiving most email, what are the types of spam we block the most on your account and so on.
A copy of each management report is retained, so whenever needed, you can recall past reports from the portal.
Get answers quickly - centralised message search tool allows you to query Mailwall for details of any message that it checked
When and important email doesn't arrive for whatever reason, you need answers straight away. Use the portal message tracking facility to search messages by date, sender, recipient or subject criteria.
Quarantine access log
A security audit log keeps a track of messages opened within the web interface
Many emails are confidential –Mailwall Remote creates audit log entry even when your own users preview messages in quarantine or in the Email Contingency and Recovery (ECRS) tracking window.
So whenever you need to find out who looked at what and when (or even released a message) – it is ready to find.
Full control over domains
You can add, remove domains and change their IP destinations without having to contact us
There is no additional charge for adding/removing domains on your Mailwall Remote account.
This portal section also allows you to specify which IP addresses are authorised to send outbound mail through the service.
Automated checks performed on your mail server every 24 hours ensure you are running optimal setup - and if not, we will let you know
Even when using a managed service to protect yourself from email threats, issues with your mail server or firewall configuration may prevent you from getting the optimal protection.
This is why – based on our technical support experience of having opened thousands of service accounts - we regularly perform some basic checks on your mail server, so that we can spot common configuration issues such as relay permissions, firewall settings, catch-all accounts and so on.
If any issue is spotted, a warning will be shown when you log on – it will be cleared automatically when you address the issue.
Flexible rule management
Powerful policy editor allows you to configure virtually any desirable aspect of e-mail security policy
The policy editor is the key component of the Mailwall Remote solution – this is where you configure all elements of your e-mail security policy.
The editor simplifies complex rule management by applying 3-stage logic when checking every email:
- which messages to check (inbound, outbound etc)
- what to check for (spam, virus, content etc)
- what to do when found (quarantine, forward etc)
Rules are executed from 1st to last according to their priority in the list – similar to rules in a firewall.
Mail traffic control
Rules can be applied to inbound/outbound mail , with support for exclusion lists and AD integration
While most e-mail traffic rules are applied to inbound and outbound mail, sometimes you need to specify custom domains or recipients. The policy editor allows you to change this at any time. You could likewise want to exclude specific senders or recipients from certain rules – and this also is configured here.
You can also link rules to AD memberships – for example execute a rule on messages to or from specific Security Group or Organisational Unit – useful for example if you wanted to configure different e-mail disclaimers based on user's department.
Rules can be also active only during specific time windows.
Scan any message for any content and take required action
Any element of a message can be scanned for specific content – and custom action taken if found.
Please check the dedicated section on Data Loss Prevention to learn more about existing features in Mailwall that help you secure your data.
Add text, HTML and images as disclaimers
One of the key configuration requirements for any organisation is addition of disclaimers to outbound mail. Mailwall Remote can add them in text, HTML and image form, and you can also customise disclaimers based on the user's Active Directory membership.
Custom rule actions
Over 12 actions – including the basics such as Quarantine, forward, delete, alert, reply– everything you need to handle your messages
The action rule setting decides what will happen to a message that is being auctioned by the current rule.
The Initial action is what being invoked first and can include any combination of the following:
- modify subject
- forward a copy of the message to a recipient
- reply with custom text (and HTML)
- send alert to dedicated address
- insert text or HTML into the message body (useful for disclaimers)
- insert image
- remove headers
the Final action lets you decide what will happen to the message:
- send to Trashcan
- delay until off-peak time
- allow through
Antivirus and malware protection
4 concurrent antivirus engines perform deep message inspection
It is generally recognised that multiple antivirus engines can offer greater level of protection from email threats than a single product. This is one of key benefits of Mailwall Remote – with extensive data centre hardware infrastructure at our disposal; we can perform more scanning than normally feasible onsite.
We have partnered with several well known antivirus vendors to deliver high level of protection through OEM agreements. Our selection criteria are tough - some antivirus vendors improve their overall performance over time, others not – this is why we periodically review performance of our partners and replace the lowest performing antivirus engine with a new one.
Omniquad Intercept engine
Omniquad Intercept – a bespoke Zero Day early detection of new threat outbreaks
Since we aggregate e-mail traffic, we are in a unique position to be first in line to spot emerging new types of threats – whether it is virus, spam or an unknown type of threat not seen before. We can therefore take a pre-emptive action early – often we supply samples to the antivirus companies which then produce signature updates.
State of the art spam filtering with 99% guaranteed SLA
Mailwall Remote spam filtering balances all major anti-spam technologies available today to deliver high level SLA (Service Level Agreement)
Snowshoe spam protection
Real-time Sender Reputation filtering
Protects you from floods of bounce notifications for messages you never sent
Spammers frequently spoof sender addresses - this in turns may cause you to receive unwanted flood of bounce notifications when the recipient's mail server will not (for whatever reason) deliver this mail.
Mailwall Remote solves this problem by keeping a track log of outbound mail, and cross-referencing bounces against this log.
Antifraud database check
Constantly updated protection from common types of fraudulent attacks
We have built up one of the web's largest databases documenting various types of email fraud: from 419 lottery winner, employment and investment to dating.
Content of email scanned by Mailwall Remote is compared lexically against this database to protect you from this type of threat.
Crossover threat filtering
Uses intelligence from web filtering threats in email filtering and vice versa.
When we learn about a new web threat, it is not only the Surfwall Remote users who are protected - we pre-emptively ensure that our email customers are protected at the same time.
For example, each hyperlink in every email is opened against known malware and spyware database, and this happens other way too (when we learn about a new malware site distributed by email, we protect our Surfwall Remote customers who may not be using Mailwall Remote)
Centralised location to review all messages stored for whatever reason
The quarantine is one of the key components of Mailwall Remote – this is where you go to review what has been blocked, so you need answer quickly and it needs to be easy to filter and understand.
The default view will show messages blocked due to content and attachments rules at the top (since these are most likely messages you will want to release), followed by spam – sorted by spam score in ascending order.
You can search quarantine by sender, recipient, subject, date as well as particular reason why it has been stopped or even by specific rule.
Simultaneous release and white list
Add addresses to white list while releasing them from quarantine
When you release a message from quarantine, you often may want to exclude the sender from the specific rule.
Rather than having to go to the policy editor every time, Mailwall Remote allows you to just exclude the sender from the particular rule at the same time as releasing the message itself.
Individual quarantine logins
Give every user permissions to view his or her own quarantine area
Every end user can be given permission to review messages quarantined just for him or her. You may of course restrict this functionality so that they can only view messages quarantined due to spam, and not viruses or other threats.
While the personal access to quarantine is a powerful feature for those who need it, we suggest that normally it is enough to enable spam digest (explained separately)
Spam Digest for end users
A daily report to each user who received spam
Saving administrator's time is one of key reasons for choosing Mailwall Remote.
But frequently end users need the visibility on what has been blocked for them, which means open support tickets when the end user expects something but hasn't received it yet. Spam Digest is a useful feature that sends a daily (or more frequent if required) report to every end user for whom spam was blocked, giving everyone peace of mind and full transparency over blocked mail.
Spam Digest management
Full customisation over spam digest frequency and contents
For the ultimate power and flexibility when you need it, Spam Digest offers up to 30 different configuration options – choose how often messages are delivered, and what kind of spam is reported in them. You would probably like to show bulk mail blocked, but you probably wouldn't want to show each users what viruses were blocked for them.
Spam Digest can be also optionally configured to allow end users to release messages from quarantine themselves and add senders to end user's personal white list.
Detects common types of data
Advanced engine protecting confidential and personal data
Mailwall content parser analyses message body and attachments to detect patterns representing confidential or personal data.
This data can include Credit Card numbers, Social Security Numbers, lists of names, addresses and much more
Smart data quantity thresholds
HD DLP Engine understands differences in data quantity
The unique functionality within the HD DLP engine is that it can see the difference between for example one name, and a list of 1000 names. Virtually every email has a name in it – and that normally bears no significance. But an email with 1000 names is likely to include data that needs to be protected.
Custom regular expressions
Customer can specify their regular expressions
If you need to go beyond the supplied data type defaults, you can configure your own data types and also set volume detection thresholds. If you don't need to detect data by thresholds, simply use the standard text detection field which is fully regular expression compliant.
Take different actions based on individual DLP policies
A choice of 12 actions gives you flexibility to act on a potential data breach in the way you need to
Alert Administrator, Notify Sender, Reply to Recipient, Delete, Quarantine, Secure Mail Portal – these are just some of the actions you could take if a message violates your DLP rules.
DLP policy integration with Active Directory
Different DLP policies can be applied to different users based on their Active Directory memberships
You may want to authorise individual employees or departments to send out specific type of personal data – this can be easily achieved by invoking specific DLP policies only for members of specific Security Groups or Organisational Units.
DLP exclusions by partner organisation
Exclude existing partners from specific DLP policies
Just as you may need to exclude specific users within your organisation from specific DLP policies, there may be organisations that have genuine need to receive specific DLP-controlled data on regular basis. You can achieve this by excluding their domains from your Outbound policy checks.
Automatic document OCR
Mailwall HD DLP covers scanned documents
Many documents sent between end users today are scans of documents rather than original files themselves. This represents a major risk because the content of images is not scanned, but in fact could contain sensitive information. The HD DLP engine in Mailwall uses industry leading OCR engine to extract text from images so that it can be analysed.
Doppelganger attack protection
Prevent data loss due to miss-spelled domain names
Mailwall draws on the research into Doppelganger attacks published Godai Group. In a nutshell, unauthorised 3rd parties may register miss-spelled forms of popular domains (for example twitwer.com,ohtmail.com), thus spreading a wide net waiting for anyone to send message to such address by mistake. The Attacker may even try to become a man-in-the-middle, getting access to content of messages while he's relaying them from and to unsuspected party.
Mailwall looks for common spelling issues with domains that could be exploited this way, and it alerts you when appropriate.