MetaDefender Email Gateway Security 5.0 - OPSWAT Email... · Install, configure, and manage...
Transcript of MetaDefender Email Gateway Security 5.0 - OPSWAT Email... · Install, configure, and manage...
© 2020 OPSWAT, Inc. All rights reserved. OPSWAT®, MetadefenderTM and the OPSWAT logo are trademarks of OPSWAT, Inc.All other trademarks, trade names, service marks, service names, and images mentioned and/or used herein belong to their respective owners.
MetaDefender Email Gateway Security 5.0.0
Table of Contents
About MetaDefender Email Gateway Security 5
Second Layer of Defense for Your Email Security Gateway 5
About this guide 6
7. Legal 7
Copyright 7DISCLAIMER OF WARRANTY 7COPYRIGHT NOTICE 7
MetaDefender Export Classification 7
8. Knowledge Base Articles 9
Emails released or forwarded from Quarantine and retried from Failed emails, fail permanently on Exchange Server 9
How do I perform a clean re-install of MetaDefender Email Security v4? 9Overview 10Details 10
How long is the support life cycle for a specific version/release of MetaDefender Email Security v4? 15
Manually registering MetaDefender Email Security in Exchange server 17
What is the difference between MetaDefender Email Security 3.X vs 4.X? 21
Configuration 31
Policy 31
Settings 31
Users 31
Evaluation 32
Deployment modes 32
SPAN/TAP support 32
Simple PoC environment 32Prerequisites 33Architecture 33Setup 33
Licensing 34
Feature plans 34
License activation 34
User counting 36Licensed users 37
Onboarding 39
Insertion 39
Installation 39
Migration 39
Prerequisites 39Operating system 39
Wizard 39
Operation 40
Bypassing 40
Dashboard 40
Email History 40
Quarantine 40
Releases 41
What's cooking for Email Gateway Security v5? 42
Failsafe 43Bundled Core and engines 43Core fail-over option 43Active Directory-based license counting 43
Packaging 44Evaluation 44Licensing 45Separated re-scan page 45
Usability 45New UI & UX 45Disclaimer editor 51
Active Directory integration 52AD-based policy enforcement 52
Vault integration 53
5.0.0 5
About MetaDefender Email Gateway Security
Second Layer of Defense for Your Email Security Gateway
Email security gateways, although offering tremendous protection, are not perfect.
MetaDefender Email Gateway Security enhances existing email security gateways by offering:
Proactive Phishing Prevention using or the MetaDefender Cloud Deep Content Disarm technology;and Reconstruction
Zero-Day Malware Prevention with OPSWAT’s Deep Content Disarm and Reconstructiontechnology;
Disarm Password-Protected Attachments giving the opportunity to recipients to decrypt the files;
Prevent Sensitive Data Loss while still delivering emails with our Proactive Data Loss technology;Prevention
Advanced Threat Prevention with (leveraging both more than 30 anti-malware enginesheuristics and signature-based detection);
Intelligent Threat Prevention with machine learning anti-malware techniques;
Secure Retrieval of Attachments for Outbreak Prevention when integrated to .MetaDefender Valut
5.0.0 6
About this guide
This guide is not exhaustive
This guide does not cover all aspects of the product: not all configuration options and functional capabilities are detailed here.
The user interface was built to be intuitive enough to make proper operation of the product possible in all cases.
This guide is intended to provide the information you need to:
Install, configure, and manage MetaDefender Email Gateway Security v5;
Learn about new and updated features, and bug fixes on each release;
Learn about concepts through our library of knowledge base articles.
Optimized for viewing in browser
While we offer the option to download this guide to a PDF file, it is optimized for online browser viewing.
Update frequency
OPSWAT updates the online version of this guide regularly on an basis. By as neededviewing this document online, you are assured that you are always seeing the most recent and most comprehensive version of the guide.
5.0.0 7
7. Legal
Copyright
MetaDefender Export Classification
Copyright
DISCLAIMER OF WARRANTY
OPSWAT Inc. makes no representation or warranties, either express or implied by or with respect to anything in this document, and shall not be liable for any implied warranties of merchantability or fitness for a particular purpose or for any indirect special or consequential damages.
COPYRIGHT NOTICE
OPSWAT, OESIS, Metascan, Metadefender, AppRemover and the OPSWAT logo are trademarks and registered trademarks of OPSWAT, Inc. All other trademarks, trade names and images mentioned and/or used herein belong to their respective owners.
No part of this publication may be reproduced, stored in a retrieval system or transmitted, in any form or by any means (photocopying, recording or otherwise) without prior written consent of OPSWAT Inc. No patent liability is assumed with respect to the use of the information contained herein. While every precaution has been taken in the preparation of this publication, OPSWAT Inc. assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.
MetaDefender Export Classification
MetaDefender United States Export Classification Number (ECCN) is 5D002, subparagraph c.1
Exports and re-exports of MetaDefender are subject to U.S. export controls and sanctions administered by the Commerce Department’s Bureau of Industry and Security (BIS) under the U.S. Export Administration Regulations (EAR).
This page provides export control information on MetaDefender. MetaDefender provides encryption features that are subject to the EAR and other U.S. laws. These features have been approved for export from the United States, subject to certain requirements and limitations. You may find the information on this page useful for determining exportability to particular countries or parties, and for completing export or shipping documentation, recordkeeping, or post-shipment reporting.
5.0.0 8
Although we provide the information on this page, you remain responsible for exporting or re-exporting MetaDefender in accordance with U.S. law. We encourage you to seek appropriate legal advice and/or consult the EAR and the BIS Information Technology Controls Division before exporting, re-exporting, or distributing MetaDefender. The information provided here is subject to change without notice.
5.0.0 9
8. Knowledge Base Articles
Page:Emails released or forwarded from Quarantine and retried from Failed emails, fail permanently on Exchange Server
Page:How do I perform a clean re-install of MetaDefender Email Security v4?
Page:How long is the support life cycle for a specific version/release of MetaDefender Email Security v4?
Page:Manually registering MetaDefender Email Security in Exchange server
Page:What is the difference between MetaDefender Email Security 3.X vs 4.X?
Emails released or forwarded from Quarantine and retried from Failed emails, fail permanently on Exchange Server
parameterThe " MessageExpirationTimeout" of Microsoft Exchange Server specifies the If a message remains in the maximum time that a particular message can remain in the queue.
queue for longer than the value defined in " , the message will be MessageExpirationTimeout"returned to the sender as a permanent failure.
This parameter is likely to affect the delivery of emails released or forwarded from Quarantine (see 4.3 Quarantine ) or emails retried from Audit > Email History (see 4.4 Email history ).
The default value of " is 2 days. This means that if an email spends MessageExpirationTimeout"more than 2 days in or in then releasing or forwarding and Quarantine Audit > Email Historyretrying (accordingly) after 2 days will fail.
The maximum value that " can be extended to is 90 days.MessageExpirationTimeout"
For further details see .3.10 Onsite Microsoft Exchange deployment
This article pertains to Email Security v4.0.0 or aboveMetaDefender This article was last updated on 2019-10-09VM
How do I perform a clean re-install of MetaDefender Email Security v4?
Overview
5.0.0 10
1.
2.
3.
4.
Details
Uninstall the previous version
Delete installation directory
Clean-up Windows registry
Install the current version
Overview
In certain cases (e.g: upgrading to a newer release candidate, or downgrading to a previous version) a clean install of the product is required.
In case of a clean reinstall, data from the previous installation will be lost.
For a clean re-installation:
Uninstall the previous version.
Delete installation directory.
Clean-up Windows registry.
Install the current version.
Details
Uninstall the previous version
Step Description Details
5.0.0 11
Step Description Details
1 > Control Panel > Programs > Uninstall a program
2 In Programs and Features, find MetaDefender Email Security.Right click and select
.Uninstall
3 Follow the steps of the installer
Delete installation directory
Step Description Details
1 Delete the directory and its contents where
Email MetaDefender Security is installed.
The default is C:\Program .Files\OPSWAT\MetaDefender Email Security
5.0.0 12
Deleting the installation directory may be blocked by running applications that hold or use files that are included in the installation directory.
A common example of this issue is , which is not stopped by the emailrelay.exe
uninstallation process.
Please lookup in the task manager and stop it manually. After this, emailrelay.exe
try deleting the folder again.
Clean-up Windows registry
Step Description Details
1 Start Registry Editor:
> regedit
5.0.0 13
Step Description Details
2 Navigate to the following key:HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\MetaDefender
Email Security
5.0.0 14
Step Description Details
3 Delete the key and all of its MetaDefender Email Securitysubkeys
4 Confirm deletion
Install the current version
Follow the instructions in to install the new version of the product.1.1 Installation
This article pertains to Email Security v4.0.0 or aboveMetaDefender This article was last updated on 2019-10-09VM
5.0.0 15
How long is the support life cycle for a specific version/release of MetaDefender Email Security v4?
OPSWAT provides support on each release of MetaDefender Email Security v4 for 18 monthsafter the publication of the next release of the product (i.e. once a new release is published, you have 18 more months of support on the previous release). However, bug fixes and enhancements are applied only to the next release of a product, not to the current release or historical releases, even when those releases are still under support. In some cases, hot-fixes can be provided for the current release of the product and then incorporated as a regular fix in the next release.
OPSWAT strongly encourages customers to upgrade to the latest release on a regular basis and not to wait until the end of a release supported life-cycle.
Release number Release date End-of-life date
4.7.9 20 Feb 2020
4.7.8 28 Jan 2020 20 Aug 2021
4.7.7 19 Dec 2019 28 Jul 2021
4.7.6 27 Nov 2019 19 Jun 2021
4.7.5 12 Nov 2019 27 May 2021
4.7.4 23 Oct 2019 12 May 2021
4.7.3 30 Sep 2019 23 Apr 2021
4.7.2 22 Aug 2019 30 Mar 2021
4.7.1 01 Jul 2019 22 Feb 2021
4.7.0 31 May 2019 01 Jan 2021
4.6.2 07 May 2019 30 Nov 2020
4.6.1 15 Apr 2019 07 Nov 2020
5.0.0 16
4.6.0 12 Mar 2019 15 Oct 2020
4.5.3 16 Jan 2019 12 Sep 2020
4.5.2 19 Dec 2018 16 Jul 2020
4.5.1 27 Nov 2018 19 Jun 2020
4.5.0 11 Oct 2018 27 May 2020
4.4.1 19 Sep 2018 11 Apr 2020
4.4.0 03 Sep 2018 19 Mar 2020
4.3.3 15 Aug 2018 03 Mar 2020
4.3.2 31 Jul 2018 15 Feb 2020
4.3.1 18 Jul 2018 31 Jan 2020
4.3.0 06 Jun 2018 18 Jan 2020
4.2.1 21 May 2018 06 Dec 2019
4.2.0 11 Apr 2018 21 Nov 2019
4.1.3 12 Mar 2018 11 Oct 2019
4.1.2 19 Jan 2018 12 Sep 2019
4.1.1 08 Dec 2017 19 Jul 2019
4.1.0 01 Dec 2017 08 Jun 2019
4.0.0 10 Jul 2017 01 Jun 2019
This article pertains to all supported releases of MetaDefender Email Security v4 This article was last updated on 2020-02-24
VM
5.0.0 17
1.
2.
3.
Manually registering MetaDefender Email Security in Exchange server
In case MetaDefender Email Security Transport Agents registrations are missing or failed to register at installation time this step can also be performed manually as described below.
Open an Exchange Management Shell.
Check which transport agents are registered by typing:
Get-TransportAgent
If the following transport agent registrations are present, MetaDefender Email Security is already registered. Otherwise, proceed to next step to start registration.
Identity Enabled Priority-------- ------- --------...Metadefender Email Security Smtp Agent True [n]Metadefender Email Security Routing Agent True [n]...
5.0.0 18
4.
a.
b.
c.
5.
Register the MetaDefender Email Security Smtp Agent by typing:
Install-TransportAgent
Provide the path to the Metadefender.Email.Exchange.dll file (adjust the path as required):
AssemblyPath: C:\Program Files\OPSWAT\Metadefender Email Security\mailagenthost\Metadefender.Email.Exchange.dll
Provide the transport agent name:
Name: Metadefender Email Security Smtp Agent
Specify the transport agent factory as below:
TransportAgentFactory: Metadefender.Email.Exchange.ReceiverAgentFactory
If the transport agent registration is successful, the following information is displayed:
Identity Enabled Priority-------- ------- --------Metadefender Email Security Smtp Agent False [n]WARNING: Please exit Windows PowerShell to complete the installation.WARNING: The following service restart is required for the change(s) to take effect : MSExchangeTransport
5.0.0 19
6.
a.
7.
a.
b.
c.
Enable the newly created transport agent by typing:
Enable-TransportAgent
Specify the transport agent identity as below:
Identity: Metadefender Email Security Smtp Agent
Continue to register the MetaDefender Email Security Routing Agent by typing:
Install-TransportAgent
Provide the path to the Metadefender.Email.Exchange.dll file (adjust the path as required):
AssemblyPath: C:\Program Files\OPSWAT\Metadefender Email Security\mailagenthost\Metadefender.Email.Exchange.dll
Provide the transport agent name:
Name: Metadefender Email Security Routing Agent
Specify the transport agent factory as below:
TransportAgentFactory: Metadefender.Email.Exchange.RoutingAgentFactory
5.0.0 20
8.
9.
a.
10.
a.
b.
If the transport agent registration is successful, the following information is displayed:
Identity Enabled Priority-------- ------- --------Metadefender Email Security Routing Agent False nWARNING: Please exit Windows PowerShell to complete the installation.WARNING: The following service restart is required for the change(s) to take effect : MSExchangeTransport
Enable the transport agent by typing:
Enable-TransportAgent
Specify the transport agent identity as below:
Identity: Metadefender Email Security Routing Agent
Complete the transport agent installation by restarting the Microsoft Exchange Transport service.
Stop the service by typing:
net stop MSExchangeTransport
Re-start the service by typing:
net start MSExchangeTransport
Transport agent registration is now complete.
This article pertains to Email Security v4.0.0 or aboveMetaDefender This article was last updated on 2019-10-09VM
5.0.0 21
What is the difference between MetaDefender Email Security 3.X vs 4.X?
If you are running a previous version of Email Security, OPSWAT recommends MetaDefender upgrading to the latest released version whenever it is practically possible. For users who may be using Email Security 3.X, there are significant architectural differences when MetaDefender upgrading to the latest version. To help with the upgrade, the table below compares the functionality between the two generations of the product and provides links to any relevant documentation.
Feature MetaDefender Email 3.X
MetaDefender Email Security 4.X
3.X Documentation 4.X Documentation
MetaDefender Core compatibility
CORE V3 CORE V4.7.0+ 2.1.2 System requirements
Licensing BUNDLED INTO CORE
STANDALONE 2.4 MetaDefender Email Security licensing
Based on count of recipient email addresses
NO YES 2.4.3 Maximum number of email addresses
Security
Accountability SINGLE ACCOUNT
PER USER ACCOUNT
3.3 User management
Human Authentication
GROUP PASSWORD
PER USER PASSWORD
3.3 User management
API KEY API KEY 3.3 User management
5.0.0 22
Feature MetaDefender Email 3.X
MetaDefender Email Security 4.X
3.X Documentation 4.X Documentation
Machine Authentication
Inbound SMTP TLS version negotiation
TLS 1.0 ONLY NEGOTIABLE
TLS version customization
NO YES Via OS configuration (Use https://www.nartac.com
) to easily /Products/IISCryptoconfigure
TLS cipher customization
NO YES Via OS configuration (Use https://www.nartac.com
) to easily /Products/IISCryptoconfigure
Inbound SMTP over TLS
NO YES
Access control
EXPLICIT RBAC 3.3 User management
Role based access control
NO YES
User management
NO YES
Active Directory integration
NO YES
5.0.0 23
User interface BUNDLED INTO CORE
STANDALONE
Dashboard BUNDLED INTO CORE
OWN 4.1 Dashboard
Dashboard auto-refresh
NO CONFIGURABLE Dashboard
Email history YES YES Email History 4.4 Email history
Scan details in email history
NO YES 4.4 Email history (Email details)
Email history cleanup
NO YES Audit > Email History / CLEANUP
Configuration history
NO YES 4.11 Config history
Configuration diffs
NO YES 4.11 Config history
History auto cleanup
YES YES Configuration From Config File (MetaDefender.Engine.History.dll.config> HistoryEntryExpireSpan)
3.4 General settings (Data retention)
NO YES Audit > Email History
5.0.0 24
Feature MetaDefender Email 3.X
MetaDefender Email Security 4.X
3.X Documentation 4.X Documentation
History custom date filtering
Audit > Refused Emails
Audit > Config History / FILTER BY DATE
Search keys NAME MULTIPLE Not documented 4.10 Search.html
Full-text search
NO YES 4.10 Search.html
Policy PARTIAL YES Single workflow 4.2 Security rules
Inventory NO YES 3.7 Server profiles
Web-based configuration settings
PARTIAL YES Some global settings configurable via UI or REST API, others via config files
3.4 General settings
Batch operations
PARTIAL YES
Resource management
5.0.0 25
Feature MetaDefender Email 3.X
MetaDefender Email Security 4.X
3.X Documentation 4.X Documentation
Core load balancing
YES YES Configuration From Config File (MetaDefender.Scanner.dll.config)
3.7 Server profiles
3.7.1 MetaDefender Core specific inventory properties
Core high availability
YES YES Configuration From Config File (MetaDefender.Scanner.dll.config)
3.7 Server profiles
3.7.1 MetaDefender Core specific inventory properties
SMTP relay load balancing
NO YES 3.7 Server profiles
SMTP relay high availability
YES YES Configuration From Config File (MetaDefender.Email.Engine.Generic.Agent.dll.config > EmailRelayOutHosts)
3.7 Server profiles
Workflow
Security rules IMPLICIT YES 4.2 Security rules
Workflow SINGLE PER RULE Email Processing Workflow (MetaDefender Core)
4.2 Security rules
Email filtering NO PER RULE 4.2 Security rules
Email routing SINGLE PER RULE 4.2 Security rules
NO PER RULE 4.2 Security rules
5.0.0 26
Feature MetaDefender Email 3.X
MetaDefender Email Security 4.X
3.X Documentation 4.X Documentation
Override Core results
Bypass Core NO PER RULE 4.2 Security rules (Advanced scan settings)
Core rule selection
SINGLE PER RULE 4.2 Security rules
Email processing
Scan emails and attachments
YES YES Email Processing Workflow (MetaDefender Core)
4.2 Security rules
Sanitize emails and attachments
YES YES
Block emails and attachments
ATTACHMENTS ONLY
YES
Disclaimers SINGLE PER RULE Customizing Disclaimers
Infection Email Notification
Sanitized Email Notifications
4.2 Security rules
Merge fields PARTIAL YES (LIMITED) Infection Email Notification
5.0.0 27
Feature MetaDefender Email 3.X
MetaDefender Email Security 4.X
3.X Documentation 4.X Documentation
Sanitized Email Notifications
Subject rewriting
PARTIAL PLANNED Infection Email Notification
Sanitized Email Notifications
Custom email headers
SINGLE PER RULE Custom Email Headers 4.2 Security rules
Scan information headers
YES YES Custom Email Headers
Retry mechanism
YES YES Requires manual monitoring of notifications and folders
3.4 General settings (Retry settings)
Handling permanent failures
MANUAL YES Manual reprocessing of failed items
4.4 Email history (Failed emails)
Handling refused emails
NO YES
Support for password-protected attachments
NO YES
Quarantine
5.0.0 28
Feature MetaDefender Email 3.X
MetaDefender Email Security 4.X
3.X Documentation 4.X Documentation
Quarantine location
BUNDLED INTO CORE
OWN 4.3 Quarantine
Quarantine original copy
GLOBAL PER RULE Quarantine Email 4.2 Security rules
Email details YES YES
Operations (Download, Release, Forward, Delete)
PARTIAL YES Not documented 4.3 Quarantine
Batch operations
GENERAL YES 2.6. Quarantine Management
External quarantine
YES YES Quarantine Email On Another Mail Server
3.6.1 Quarantine emails on another mail server
Quarantine reports
YES YES Quarantine Reports 3.6 Quarantine configuration
Quarantine report contents
GENERAL SPECIFIC 3.6 Quarantine configuration (Quarantine reports)
Custom quarantine report schedule
NO NO
5.0.0 29
Feature MetaDefender Email 3.X
MetaDefender Email Security 4.X
3.X Documentation 4.X Documentation
Notification emails
Email threat alerts
YES YES Infection Email Notification
4.2 Security rules (Actions for emails with blocked contents)
Service status alerts
YES YES Error Email Notification 3.5.1 Configuration
SMTP relay BUNDLED INTO CORE
STANDALONE
Email flow direction (per deployment)
ONE-WAY BIDIRECTIONAL Configuring Incoming Threat Protection
Configuring Outgoing Threat Protection
4.2 Security rules
TLS configuration
EXTERNAL TOOL BUILT-IN TLS support (Incoming/Outgoing emails)
3.2 Configuring TLS
SPF lookups YES YES Enable Sender Policy Framework (SPF) Lookup
3.4 General settings (Sender Policy Framework lookup)
HELO/EHLO domain customization
NO YES 3.1.2 Windows Registry configuration
Integration
YES YES 4. Onsite Microsoft Exchange Deployment
3.10 Onsite Microsoft Exchange deployment
5.0.0 30
Feature MetaDefender Email 3.X
MetaDefender Email Security 4.X
3.X Documentation 4.X Documentation
Microsoft Exchange plugin
Cloud (AppRiver, Google Apps, Office 365)
YES YES 3. Cloud Deployment 3.9 Cloud deployment configuration
Operation
Monitoring LIMITED ADVANCED Dashboard / Mail Agent 4.1 Dashboard
General audit logs
YES YES Email Event Log
Configuration audit logs
NO INTEGRATED 4.11 Config history
Syslog integration
LIMITED YES Logging Configuration 3.5.1 Configuration
Multiple log destinations
YES YES Apache log4net 3.5.1 Configuration
Unique message ID
NO YES
This article pertains to Email Security v4.0.0 or aboveMetaDefender This article was last updated on 2019-10-09VM
5.0.0 31
Configuration
Policy
Settings
Users
5.0.0 32
1.
2.
Evaluation
Deployment modes
SPAN/TAP support
Simple PoC environment
Prerequisites
Hardware
Software
Architecture
Setup
Email Gateway Security is evaluation friendly. With its straightforward onboarding and intuitive user interface, PoC-ing the product is simpler than ever before.
Deployment modes
Besides –that is to protect production environments, Email Gateway Security protection modesupports the following monitoring modes for evaluation purposes:
Out-of-band monitoring modeTODO: image
Inline monitoring modeTODO: image
SPAN/TAP support
Email Gateway Security can extract and process emails from SPAN mirrored or TAP monitored network traffic. Using this setup it is possible to evaluate the product under real production conditions but without affecting production performance or employee productivity.
TODO: image
Simple PoC environment
It is simply possible to set up an evaluation environment on a standalone machine.
5.0.0 33
Limitations
A simple PoC environment is unable provide the performance and response times that a real production environment can.
Prerequisites
Hardware
For a simple PoC environment any modern personal computer hardware should be adequate.
Virtualization
It is also possible to implement the simple PoC environment in a virtual machine.
The is that the host operating system will be unchanged.benefit
The may be that the performance and response times will be even more drawback poor.
Software
Operating system See the operating system prerequisites
Mail server hMailServer
Email client Mozilla Thunderbird
Architecture
Error rendering macro 'drawio' : null
Setup
5.0.0 341.
Licensing
Feature plans
License activation
User counting
Licensed users
Feature plans
MetaDefender Email Gateway Security is available in the following feature plans:
Feature plans
Benefits CDR Basic Standard Advanced
Zero-Day Malware Prevention
Proactive Anti-Phishing
Advanced Threat Prevention 1 engine 4 engines 8 engines 20 engines
Disarm Password-Protected Attachments
Prevent Sensitive Data Loss
License activation
The license must be activated so that Email Gateway Security can be used to process emails.
To activate the product:
5.0.0 35
1.
2.
3.
Go to the page and click ACTIVATE License
Select your activation method
5.0.0 36
3. Follow the on-screen instructions to complete activation. For online activation provide your activation key and an optional description of the deployment.
User counting
The product can be licensed by the number of users, and licensed users are counted by MetaDefender Email Gateway Security.
5.0.0 37
1.
2.
User limit exceeded
When the license limit is exceeded then the emails of the exceeding users will be .bypassed
Emails of licensed users will be processed normally.
Licensed users
Licensed users may be added manually or discovered by machine learning techniques.
To add a user manually:
Go to the page and click License +
5.0.0 38
2. Provide the display name and user name of the user to add
User name
The user name is the of the user’s email address.local part
5.0.0 39
Onboarding
Insertion
Installation
Migration
Prerequisites
Operating system
Wizard
5.0.0 40
Operation
Bypassing
Dashboard
Email History
Quarantine
5.0.0 41
Releases
5.0.0 42
What's cooking for Email Gateway Security v5?
This page is under construction.
Failsafe
Bundled Core and engines
Core fail-over option
Active Directory-based license counting
Packaging
Evaluation
Bundled OPSWAT technologies
Evaluation with a single virtual machine
SPAN/TAP monitoring
Licensing
Feature plans to better fit needs
Real-user verification
Separated re-scan page
Usability
New UI & UX
User-based settings
Customizable dashboard
Statistics
Compact Email History
Processing timeline
Advanced filtering
Disclaimer editor
Active Directory integration
AD-based policy enforcement
Vault integration
5.0.0 43
Failsafe
Email Gateway Security v5 will do its best to have an email processed. If processing fails finally for any reason within a reasonable time, then it will let the email go, not affecting the email flow.
Bundled Core and engines
Email Gateway Security v5 is available now as a bundle of the MetaDefender Core and engines package. Core, Deep CDR, Proactive DLP, and other utility engines are locked to their well known and tested versions thus not will be updated automatically.
Still, anti-malware engines and their databases will be updated and kept on their latest versions.
Core fail-over option
Email Gateway Security v5 includes Core and engines, it is, however, still possible to connect additional Core instances. All further Core instances can serve as fail-over spares (i.e.: HA) or load-balancing pairs to the bundled Core.
Active Directory-based license counting
Email Gateway Security v5 has comprehensive integration capabilities to Active Directory. Users are counted for licensing purposes and verified from the Active Directory. As a result, the license will be counted for real users only, who are present in the domain.
5.0.0 44
Packaging
Evaluation
Email Gateway Security v5 is evaluation friendly. With its straightforward onboarding and intuitive user interface, PoC-ing the product is simpler than ever before.
Bundled OPSWAT technologies
All relevant OPSWAT technologies: Advanced Threat Prevention, Zero-Day Malware Prevention, Sensitive Data Loss Prevention, and Proactive Phishing Prevention are bundled into Email Gateway Security v5. From now on, users do not need to understand OPSWAT’s architecture and technology, because all necessary components are compiled into a single package.
Evaluation with a single virtual machine
A ready-made virtual machine is available to offer the easiest evaluation process (PoC) with Email Gateway Security v5. It only needs to be deployed to VirtualBox or VMWare, and the exploration shall begin.
5.0.0 45
SPAN/TAP monitoring
Email Gateway Security v5 can extract and process emails from SPAN mirrored or TAP monitored network traffic. On the customer side, the configuration of the network requires a maximum of 10 min. Using this setup it is possible to evaluate the product under real production conditions without affecting production performance or employee productivity.
Licensing
Feature plans to better fit needs
Email Gateway Security v5 is licensed in separate feature plans. The higher packages the customer will choose, the more features will be available. Since there will be no limitation on the maximum number of users in different plans, customers are going to pay for features only that they intend to use.
Real-user verification
Email Gateway Security v5 has a user-based licensing model, instead of the previous “instance-based” model. Users are and verified, to count real users matched against Active Directoryonly. This restriction will not allow customers to use more licenses than what was purchased, also helps them not to pay for email addresses which don't exist.
Licensed users can be added manually or discovered by machine learning automatically.
Separated re-scan page
Email Gateway Security v5 provides a separate port where the re-scan page will be hosted. This separate port is intended to be available on the internet for business users to initiate their re-scans, while the web management console port is still restricted to internal network access only.
Usability
New UI & UX
Email Gateway Security v5 has a new user interface and new user experience: the UI is more intuitive, the user journey is more clear and simple.
5.0.0 46
User-based settings
Users can have their own settings in Email Gateway Security v5. These settings are restored every time the user logs in to the system.
For example, users can easily change language and time zone depending on their location. It's a very useful feature to search Email History regardless of the administrator’s time zone. An example of Email History entry when the time zone is set to CET:
5.0.0 47
The same entry when the time zone is set to PST:
5.0.0 48
The time zone setting for the user won’t affect timestamps in logs.
Customizable dashboard
The dashboard is customizable in Email Gateway Security v5. Each user can configure the displayed widgets and their size.
The customized dashboard account.settings are also stored for that specific user
5.0.0 49
Statistics
For certain widgets detailed information is available in the Dashboard of Email Gateway Security v5. Depending on the widget, the view shows statistics or other additional data Details that help interpreting the information provided by the widget.
5.0.0 50
Compact Email History
Email History has been further optimized for enhanced user experience in Email Gateway Security v5. New colors and better utilization of the available space has been applied. Thanks to the new layout, administrators will have a more convenient overview of each history entry in their systems.
Processing timeline
For each entry in the Email History, Email Gateway Security v5 provides a compact processing history that serves as a log for the specific email showing all relevant events.
This new feature makes investigations and forensics much simpler in Email Gateway Security v5.
Advanced filtering
Filtering has improved in Email Gateway Security v5. The list of emails can be filtered by the date, sender, recipient, subject or by whether they have attachments or not. For the status even multiple values can be specified.
5.0.0 51
Disclaimer editor
From now, it is no more needed to write HTML markup for disclaimers in Email Gateway Security v5. The new what-you-see-is-what-you-get disclaimer editor has all needed functionality built-in. For example, it has support for text styles, links and lists.
5.0.0 52
Active Directory integration
Active Directory can be integrated to Email Gateway Security v5 via server profiles.
AD-based policy enforcement
An Active Directory type server profile can be used in security rule filters to enforce a security rule on emails sent to or from members of Active Directory groups.
5.0.0 53
Vault integration
Email Gateway Security v5 provides smooth integration with Vault. After Vault has been added, all attachments will be uploaded automatically to Vault storage for outbreak prevention. Until released upon supervisor approval continuous malware scanning is processed.
5.0.0 54
Below, part of the configuration of Vault integration in the of Email Gateway security rulesSecurity v5.
Example of Vault integrated architecture: