About TippingPoint Advanced Threat Protection for Email Parent topic

TippingPoint Advanced Threat Protection for Email stops sophisticated targeted attacks and cyber threats by scanning, simulating, and analyzing suspicious links and attachments in email messages before they can threaten your network. Designed to integrate into your existing anti-spam/antivirus network topology, TippingPoint Advanced Threat Protection for Email can act as a Mail Transfer Agent in the mail traffic flow or as an out-of-band appliance silently monitoring your network for cyber threats.
Related information

What's New Parent topic

New Features in ATP Email 2.6

Feature
Description
Auxiliary product integration
TippingPoint Advanced Threat Protection for Email integrates with the following products to provide effective detection and blocking at the perimeter:
  • Check Point Open Platform for Security (OPSEC)
  • TippingPoint Security Management System (SMS)
  • IBM Security Network Protection (XGS)
  • Palo Alto Panorama and Firewalls
Threat intelligence sharing
TippingPoint Advanced Threat Protection for Email can share suspicious object information with third-party products (such as Blue Coat ProxySG) through HTTP/HTTPS web services.
Microsoft Active Directory integration
TippingPoint Advanced Threat Protection for Email integrates with Microsoft Active Directory to allow web console logon using Active Directory credentials.
New components
TippingPoint Advanced Threat Protection for Email integrates the following components:
  • Network Content Inspection Engine (NCIE)
  • Network Content Inspection Pattern (NCIP)
  • Deep Discovery Trusted Certificate Authorities
  • Virtual Analyzer Configuration Pattern
Enhanced component management
TippingPoint Advanced Threat Protection for Email improves component management by providing the option to roll back component versions.
YARA rule support
TippingPoint Advanced Threat Protection for Email uses YARA rules to identify malware. YARA rules are malware detection patterns that are fully customizable to identify targeted attacks and security threats specific to your environment.
Exception list management
TippingPoint Advanced Threat Protection for Email can import or export exception lists through HTTPS web service.
Enhanced Virtual Analyzer
The internal Virtual Analyzer has been enhanced to include proxy configuration.
Improved detection capability
TippingPoint Advanced Threat Protection for Email provides increased protection by improving its detection capabilities. This release supports the following:
  • Deployment of sandbox images running Windows 10 Threshold 2 (B1511), Windows Server 2012, and Windows Server 2012 R2 operating systems
  • Support Microsoft Office 2016 application for Office file analysis in sandbox images
  • New file types (Microsoft Publisher 2016, Microsoft Windows Command Script file, Microsoft Windows Batch file, and Scalable Vector Graphics) for file submission filters
  • File SHA-256 and vulnerability information in analysis reports
  • Decrypt password-protected PDF and Microsoft Office files in archive files
  • Extract files in archive files with multiple compression layers
SFTP upload for detection logs
TippingPoint Advanced Threat Protection for Email can upload Virtual Analyzer detection logs to a secure FTP (SFTP) server.
Enhanced SMTP notifications
The enhanced SMTP notifications feature includes the following features:
  • Support for SMTP server authentication
  • Option to test connection to SMTP server
High memory usage alert
TippingPoint Advanced Threat Protection for Email can send alert notifications when the high memory usage threshold is reached.
Management console enhancements
Administrators can view the following information on the management console:
  • System information (system time, appliance IP address, and network throughput) in the top banner
  • Additional email header information in detected messages
Enhanced credential management
TippingPoint Advanced Threat Protection for Email implements stricter system access credential checks to strengthen product security.