Hosted Email Security
Email Filtering - Key Features of Omniquad Mailwall Remote

Enlist a complete Email Security solution in your defence
against virus, spam, email fraud, malware, phishing attacks,
email scams, Trojans, and more...

Omniquad Mailwall Remote Features Tour

  • View Features Tour as Screenshot Gallery
  • Download Features Tour
  • Video Feature Tour

Cloud based management portal

Cloud based management portal

Securely manage your web filtering policy wherever you are without need for any desktop management software

Designed to blend-in with the Windows Server platform for that instant familiarity, the portal gives you access to all the features of Mailwall Remote. This is where you configure your policies, check quarantine and run reports. You can also configure security permissions to give various levels of access to different administrators. End users can also be granted limited access (for example to personal quarantine).

Real time traffic and blocking statistics

Real time traffic and blocking statistics

The reporting dashboard shows you all the vital stats – legitimate mail and threats with the option to instantly review any time period.

The reports section centralises inbound and outbound mail filtering statistics, breaking them by domain.

You can use it to review how many emails were screened in total, what proportion was legitimate and how many viruses and spam were blocked. You can instantly summarise these stats – by day, month – and even from the beginning of your subscription.

On-demand scheduled reports

On-demand scheduled reports

The e-mail filtering management information you need delivered to your inbox on regular basis

You can schedule regular management reports – delivered to you in PDF format. They not only show live stats but also present you with useful summaries showing which users are sending and receiving most email, what are the types of spam we block the most on your account and so on.

A copy of each management report is retained, so whenever needed, you can recall past reports from the portal.

Message tracking

Message tracking

Get answers quickly - centralised message search tool allows you to query Mailwall for details of any message that it checked

When and important email doesn't arrive for whatever reason, you need answers straight away. Use the portal message tracking facility to search messages by date, sender, recipient or subject criteria.

Quarantine access log

Quarantine access log

A security audit log keeps a track of messages opened within the web interface

Many emails are confidential –Mailwall Remote creates audit log entry even when your own users preview messages in quarantine or in the Email Contingency and Recovery (ECRS) tracking window.

So whenever you need to find out who looked at what and when (or even released a message) – it is ready to find.

Login permissions

Login permissions

Each login can be given granular control over the service functionality

You can grant your technical support staff limited access to the portal and give them limited rights to view selected user's or team's quarantine and white list or make limited policy changes.

Full control over domains

Full control over domains

You can add, remove domains and change their IP destinations without having to contact us

There is no additional charge for adding/removing domains on your Mailwall Remote account.

This portal section also allows you to specify which IP addresses are authorised to send outbound mail through the service.

Setup Advisor

Setup Advisor

Automated checks performed on your mail server every 24 hours ensure you are running optimal setup - and if not, we will let you know

Even when using a managed service to protect yourself from email threats, issues with your mail server or firewall configuration may prevent you from getting the optimal protection.

This is why – based on our technical support experience of having opened thousands of service accounts - we regularly perform some basic checks on your mail server, so that we can spot common configuration issues such as relay permissions, firewall settings, catch-all accounts and so on.

If any issue is spotted, a warning will be shown when you log on – it will be cleared automatically when you address the issue.

Flexible rule management

Flexible rule management

Powerful policy editor allows you to configure virtually any desirable aspect of e-mail security policy

The policy editor is the key component of the Mailwall Remote solution – this is where you configure all elements of your e-mail security policy.

The editor simplifies complex rule management by applying 3-stage logic when checking every email:

  • which messages to check (inbound, outbound etc)
  • what to check for (spam, virus, content etc)
  • what to do when found (quarantine, forward etc)

Rules are executed from 1st to last according to their priority in the list – similar to rules in a firewall.

Mail traffic control

Mail traffic control

Rules can be applied to inbound/outbound mail , with support for exclusion lists and AD integration

While most e-mail traffic rules are applied to inbound and outbound mail, sometimes you need to specify custom domains or recipients. The policy editor allows you to change this at any time. You could likewise want to exclude specific senders or recipients from certain rules – and this also is configured here.

You can also link rules to AD memberships – for example execute a rule on messages to or from specific Security Group or Organisational Unit – useful for example if you wanted to configure different e-mail disclaimers based on user's department.

Rules can be also active only during specific time windows.

Content control

Content control

Scan any message for any content and take required action

Any element of a message can be scanned for specific content – and custom action taken if found.

Please check the dedicated section on Data Loss Prevention to learn more about existing features in Mailwall that help you secure your data.

Attachment control

Attachment control

Full control over e-mail attachments

Mailwall Remote rules can detect attachments by name, mime type, extension, size, compression and encryption.

Advanced disclaimers

Advanced disclaimers

Add text, HTML and images as disclaimers

One of the key configuration requirements for any organisation is addition of disclaimers to outbound mail. Mailwall Remote can add them in text, HTML and image form, and you can also customise disclaimers based on the user's Active Directory membership.

Custom rule actions

Custom rule actions

Over 12 actions – including the basics such as Quarantine, forward, delete, alert, reply– everything you need to handle your messages

The action rule setting decides what will happen to a message that is being auctioned by the current rule.

The Initial action is what being invoked first and can include any combination of the following:

  • modify subject
  • forward a copy of the message to a recipient
  • reply with custom text (and HTML)
  • send alert to dedicated address
  • insert text or HTML into the message body (useful for disclaimers)
  • insert image
  • remove headers

the Final action lets you decide what will happen to the message:

  • send to Trashcan
  • quarantine
  • delete
  • delay until off-peak time
  • allow through

Antivirus and malware protection

Antivirus and malware protection

4 concurrent antivirus engines perform deep message inspection

It is generally recognised that multiple antivirus engines can offer greater level of protection from email threats than a single product. This is one of key benefits of Mailwall Remote – with extensive data centre hardware infrastructure at our disposal; we can perform more scanning than normally feasible onsite.

We have partnered with several well known antivirus vendors to deliver high level of protection through OEM agreements. Our selection criteria are tough - some antivirus vendors improve their overall performance over time, others not – this is why we periodically review performance of our partners and replace the lowest performing antivirus engine with a new one.

Omniquad Intercept engine

Omniquad Intercept engine

Omniquad Intercept – a bespoke Zero Day early detection of new threat outbreaks

Since we aggregate e-mail traffic, we are in a unique position to be first in line to spot emerging new types of threats – whether it is virus, spam or an unknown type of threat not seen before. We can therefore take a pre-emptive action early – often we supply samples to the antivirus companies which then produce signature updates.

Spam protection

Spam protection

State of the art spam filtering with 99% guaranteed SLA

Mailwall Remote spam filtering balances all major anti-spam technologies available today to deliver high level SLA (Service Level Agreement)

IP Blacklists

Domain filtering

Snowshoe spam protection

Real-time Sender Reputation filtering

Keyword weighting

Link analysis

Block backscatter

Block backscatter

Protects you from floods of bounce notifications for messages you never sent

Spammers frequently spoof sender addresses - this in turns may cause you to receive unwanted flood of bounce notifications when the recipient's mail server will not (for whatever reason) deliver this mail.

Mailwall Remote solves this problem by keeping a track log of outbound mail, and cross-referencing bounces against this log.

Antifraud database check

Antifraud database check

Constantly updated protection from common types of fraudulent attacks

We have built up one of the web's largest databases documenting various types of email fraud: from 419 lottery winner, employment and investment to dating.

Content of email scanned by Mailwall Remote is compared lexically against this database to protect you from this type of threat.

Crossover threat filtering

Crossover threat filtering

Uses intelligence from web filtering threats in email filtering and vice versa.

When we learn about a new web threat, it is not only the Surfwall Remote users who are protected - we pre-emptively ensure that our email customers are protected at the same time.

For example, each hyperlink in every email is opened against known malware and spyware database, and this happens other way too (when we learn about a new malware site distributed by email, we protect our Surfwall Remote customers who may not be using Mailwall Remote)

Email Quarantine

Email Quarantine

Centralised location to review all messages stored for whatever reason

The quarantine is one of the key components of Mailwall Remote – this is where you go to review what has been blocked, so you need answer quickly and it needs to be easy to filter and understand.

The default view will show messages blocked due to content and attachments rules at the top (since these are most likely messages you will want to release), followed by spam – sorted by spam score in ascending order.

You can search quarantine by sender, recipient, subject, date as well as particular reason why it has been stopped or even by specific rule.

Simultaneous release and white list

Simultaneous release and white list

Add addresses to white list while releasing them from quarantine

When you release a message from quarantine, you often may want to exclude the sender from the specific rule.

Rather than having to go to the policy editor every time, Mailwall Remote allows you to just exclude the sender from the particular rule at the same time as releasing the message itself.

Individual quarantine logins

Individual quarantine logins

Give every user permissions to view his or her own quarantine area

Every end user can be given permission to review messages quarantined just for him or her. You may of course restrict this functionality so that they can only view messages quarantined due to spam, and not viruses or other threats.

While the personal access to quarantine is a powerful feature for those who need it, we suggest that normally it is enough to enable spam digest (explained separately)

Spam Digest for end users

Spam Digest for end users

A daily report to each user who received spam

Saving administrator's time is one of key reasons for choosing Mailwall Remote.

But frequently end users need the visibility on what has been blocked for them, which means open support tickets when the end user expects something but hasn't received it yet. Spam Digest is a useful feature that sends a daily (or more frequent if required) report to every end user for whom spam was blocked, giving everyone peace of mind and full transparency over blocked mail.

Spam Digest management

Spam Digest management

Full customisation over spam digest frequency and contents

For the ultimate power and flexibility when you need it, Spam Digest offers up to 30 different configuration options – choose how often messages are delivered, and what kind of spam is reported in them. You would probably like to show bulk mail blocked, but you probably wouldn't want to show each users what viruses were blocked for them.

Spam Digest can be also optionally configured to allow end users to release messages from quarantine themselves and add senders to end user's personal white list.

Detects common types of data

Detects common types of data

Advanced engine protecting confidential and personal data

Mailwall content parser analyses message body and attachments to detect patterns representing confidential or personal data.

This data can include Credit Card numbers, Social Security Numbers, lists of names, addresses and much more

Intelligent Credit Card detection

Intelligent Credit Card detection

Identifies Credit Cards based on card vendor number algorithms

Rather than just checking for 16 digit sequences, we have incorporated number checks for all major Credit Card vendors – virtually eliminating false positives in Credit Card detection.

Smart data quantity thresholds

Smart data quantity thresholds

HD DLP Engine understands differences in data quantity

The unique functionality within the HD DLP engine is that it can see the difference between for example one name, and a list of 1000 names. Virtually every email has a name in it – and that normally bears no significance. But an email with 1000 names is likely to include data that needs to be protected.

Custom regular expressions

Custom regular expressions

Customer can specify their regular expressions

If you need to go beyond the supplied data type defaults, you can configure your own data types and also set volume detection thresholds. If you don't need to detect data by thresholds, simply use the standard text detection field which is fully regular expression compliant.

Take different actions based on individual DLP policies

Take different actions based on individual DLP policies

A choice of 12 actions gives you flexibility to act on a potential data breach in the way you need to

Alert Administrator, Notify Sender, Reply to Recipient, Delete, Quarantine, Secure Mail Portal – these are just some of the actions you could take if a message violates your DLP rules.

DLP policy integration with Active Directory

DLP policy integration with Active Directory

Different DLP policies can be applied to different users based on their Active Directory memberships

You may want to authorise individual employees or departments to send out specific type of personal data – this can be easily achieved by invoking specific DLP policies only for members of specific Security Groups or Organisational Units.

DLP exclusions by partner organisationdata

DLP exclusions by partner organisation

Exclude existing partners from specific DLP policies

Just as you may need to exclude specific users within your organisation from specific DLP policies, there may be organisations that have genuine need to receive specific DLP-controlled data on regular basis. You can achieve this by excluding their domains from your Outbound policy checks.

Automatic document OCR

Automatic document OCR

Mailwall HD DLP covers scanned documents

Many documents sent between end users today are scans of documents rather than original files themselves. This represents a major risk because the content of images is not scanned, but in fact could contain sensitive information. The HD DLP engine in Mailwall uses industry leading OCR engine to extract text from images so that it can be analysed.

Doppelganger attack protection

Doppelganger attack protection

Prevent data loss due to miss-spelled domain names

Mailwall draws on the research into Doppelganger attacks published Godai Group. In a nutshell, unauthorised 3rd parties may register miss-spelled forms of popular domains (for example twitwer.com,ohtmail.com), thus spreading a wide net waiting for anyone to send message to such address by mistake. The Attacker may even try to become a man-in-the-middle, getting access to content of messages while he's relaying them from and to unsuspected party.

Mailwall looks for common spelling issues with domains that could be exploited this way, and it alerts you when appropriate.

Thumb

DLP for mobile devices (Q1 2012)